Arch Linux Security Tracker
Python HTML CSS Other

Arch Linux Security Tracker Build Status License

The Arch Linux Security Tracker is a lightweight flask based panel for tracking vulnerabilities in Arch Linux packages, displaying vulnerability details and generating security advisories.


  • Issue tracking
  • Issue grouping
  • libalpm support
  • Todo lists
  • Advisory scheduling
  • Advisory generation



  • python >= 3.4
  • python-sqlalchemy
  • python-flask
  • python-flask-sqlalchemy
  • python-flask-wtf
  • python-flask-login
  • python-requests
  • python-scrypt
  • pyalpm
  • sqlite
  • expac


  • python-pytest


Python dependencies can be installed in a virtual environment (virtualenv), by running:

virtualenv .virtualenv
. .virtualenv/bin/activate
pip install -r requirements.txt

For running tests:

pip install -r test-requirements.txt



run debug mode:


adding a new user:

./update --create-user

run tests:

make test

For production run it through uwsgi


The configurations are all placed into the config directory and applied as a sorted cascade.

The default values in the 00-default.conf file should not be altered for customization. If some tweaking is required, simply create a new configuration file with a .local.conf suffix and some non zero prefix like 20-user.local.conf. Files using this suffix are on the .gitignore and not handled as untracked or dirty.