Welcome to Ambience!

This is a public alpha version. Some features may not be fully functional and heavy changes can be expected

Ambience is a solution for auditing the Python software supply chain. Our aim is to continually scan published python packages and to provide all the collected data publicly for free.

This server can also be used as a PyPI mirror to automatically block known malicious or vulnerable packages:

  • pip install --index-url https://ambience.sourcecode.ai/repository/blacklist/ package1 package2 ...
  • easy_install --index-url https://ambience.sourcecode.ai/repository/blacklist/ package1 package2 ...
Aura logo
Powered by Aura @ SourceCode.AI

Auditing and scanning in Ambience is done by the engine called Aura. Developed at SourceCode.AI, this SAST scanner has been designed to audit the whole PyPI package repository and other Python source code on a large scale.

Homepage GitHub