Open Source

IT Security

Static Code Scan

Your SDV Enterprise package has been tested for security vulnerabilities. We follow the OWASP Top Ten industry standard, using the Bandit library. We scan all the SDV-related libraries and address any issues identified as high severity before the release.

save_code_scan

Security scan results are available for each SDV Enterprise package. Use this function to easily access the results and save them to a location of your choosing. Note that this function does not perform a new scan; it copies the original scan's results into your local folder.

Parameters

  • (required) folder: A string with the path to a local folder where you'd like to save the file

Output (None) The code scan is saved as a new file called static_code_analysis.md within the folder you provide

from sdv.utils import save_code_scan

save_code_scan(folder='/users/myusername/Downloads/')

You can open the resulting file in any text editor. The file includes results for your current version of SDV Enterprise, as well as the SDV-related dependencies.

Click to see example

This example shows the scan results for SDV Enterprise 0.19.0 and its SDV-related dependencies.

Per library results

Library: SDV Enterprise version 0.19.0

Code scanned:

Total lines of code: 6179
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Library: SDV version 1.17.1

Code scanned:

Total lines of code: 12412
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Library: RDT version 1.13.0

Code scanned:

Total lines of code: 5517
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Library: Copulas version 0.11.1

Code scanned:

Total lines of code: 3749
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Library: CTGAN version 0.10.1

Code scanned:

Total lines of code: 1249
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Library: DEEPECHO version 0.6.0

Code scanned:

Total lines of code: 1354
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Library: SDMETRICS version 0.16.0

Code scanned:

Total lines of code: 9115
Total lines skipped (#nosec): 0
Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0
Run metrics:

No issues with severity as HIGH were found
Files skipped (0):

Need help? This feature is available starting from SDV Enterprise v0.19.0. If you are on an older version of SDV Enterprise, code scan results are still available upon request. We are also happy to explain any of the results you see, and provide more details. To reach out, please see the Contact Us page.

Expiry Date

Every SDV Enterprise package is set to expire at a predetermined date. Check your current package's expiry date using the commands below. Please note that this is meant to be a read-only attribute that prints out the expiry date; modifying the attribute will not affect the package's actual expiry.

>>> import sdv
>>> print(sdv.expiry.date)
'March 9, 2026'

Why is there an expiry date? SDV Enterprise packages expire for two reasons. First, this practice encourages users to frequently update to newer versions of SDV Enterprise. This allows you to always get the most up-to-date features, bug fixes, and security enhancements. Second, it is a way for us to enforce that only actively-licensed users are able to access and use SDV Enterprise.

What do I do after my package expires? After your current SDV Enterprise package expires, you can always upgrade to the most recent release of SDV Enterprise, which will have a later expiry date. As you upgrade, you will be asked to resend your username/license key credentials to our server to ensure that your license is still active. (For more information, see the Installation guide).

Note that the SDV Enterprise software is backwards compatible, so your old code and synthesizers should continue to work on the updated SDV Enterprise version.

Is there a way to extend the expiry date for a package? We do not currently provide a way to extend the expiry date on a package that you've already installed. If your project requires an extended expiry, please email us with your requirements.

PreviousTroubleshootingNextRelease Notes

Last updated