Checking Python apps Common Vulnerabilities and Exposures with Blackfire
Blackfire now supports CVE checks on Python apps.
Blackfire Profiler has the unique ability to detect common flaws in the profiled code. Better than that, it recommends fixes when such flaws are detected.
Profiling, Beyond Performance Optimization
While the primary usage of a profiler is often for performance optimization, the metrics it collects can serve much broader debugging purposes. The whole point of a profiler is to capture and render metrics that expose the code’s behavior. Even further, Blackfire enables to verify some key machine and language configurations.
Blackfire can now:
- proactively warn you if your Python version contains Common Vulnerabilities and Exposures, based on the list from https://cve.mitre.org/
- detect if the profiled code runs on an EOL/EOM version of Python.
Going Even Further With Testing Your Code
Blackfire recommendations constitute a very powerful tool to find root causes of issues in your code. They however stick to common ones.
Technically, they rely on tests. Blackfire tests enable developers to assert their code’s behavior and set performance budgets. When profiling (on-demand or automatically), if the application does not pass the assertions, developers get actionable insights to fix issues.