# Example:API functions usage

Using the Python Code Audit APIs is simple and straightforward!

If you have any questions, feel free to [get in touch!](../CONTRIBUTE)

To use the Python Code Audit functions, simply import the desired function into your notebook or Python script.


To use the **Python Code Audit** functions import the function you want to use in a notebook or in a Python file.

## Platform information

The `platform_info()` function provides detailed information about the runtime environment.

This information is essential for both security purposes and handling edge cases that may affect the behavior of the APIs.


In [25]:
from codeaudit.api_interfaces import platform_info

In [26]:
platform_info()

{'python_version': '3.13.7', 'python_implementation': 'CPython'}

## Python Code Audit version information

Good security validation starts with knowing which tools — and which versions — you have used.

When you build your own APIs using this framework, all critical scanning API calls automatically include a version identifier.

However, if you need to **retrieve the version information**  using a script (for example, when creating CI/CD scripts), you can easily do so using the following command:


In [30]:
from codeaudit.api_interfaces import version

In [31]:
version()

{'name': 'Python_Code_Audit', 'version': '1.1.0'}

## Overview of vulnerability of a module

In [27]:
from codeaudit.api_interfaces import get_module_vulnerability_info

In [28]:
vulnerability_info = get_module_vulnerability_info("pandas")  #now the vulnerabilty information , if available, is retrieved 

In [29]:
vulnerability_info  #shows retrieved vulnerability information for external modules.

{'name': 'Python_Code_Audit',
 'version': '1.1.0',
 'generated_on': '2025-10-10 19:13',
 'pandas_vulnerability_info': [{'id': 'PYSEC-2020-73',
   'summary': '',
   'details': "** DISPUTED ** pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the read_pickle() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner.",
   'aliases': ['CVE-2020-13091'],
   'severity': []}]}

## Overview of implemented security checks

In [1]:
from codeaudit.api_interfaces import get_default_validations

In [2]:
get_default_validations()

{'name': 'Python_Code_Audit',
 'version': '1.4.1',
 'generated_on': '2026-01-06 17:16',
 'validations': [{'name': 'Assertions',
   'construct': 'assert',
   'severity': 'Low',
   'info': 'Assertions are for debugging and development. Assertions can be disabled during runtime. Use in production can introduce vulnerabilities.'},
  {'name': 'Insecure Network Binding',
   'construct': 's.bind',
   'severity': 'Medium',
   'info': 'Binding to all interfaces can expose the service to a wider network attack surface.'},
  {'name': 'OS File Permissions',
   'construct': 'os.chmod',
   'severity': 'High',
   'info': 'Changing permissions carelessly can expose sensitive files.'},
  {'name': 'Directory Creation',
   'construct': 'os.makedirs',
   'severity': 'Low',
   'info': 'Direct file system calls require careful input validation to prevent vulnerabilities.'},
  {'name': 'Directory Creation',
   'construct': 'os.mkdir',
   'severity': 'Low',
   'info': 'Direct file system calls require careful