Product
Introducing Reports: An Extensible Reporting Framework for Socket Data
Explore exportable charts for vulnerabilities, dependencies, and usage with Reports, Socket’s new extensible reporting framework.
By André Staltz - Apr 21, 2026
Launch Week Day 1: Socket for Jira Is Now Available.Learn More →
font-analyzer
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 0.0.6
- Maintainers
- 1
🎨 Font Analyzer
Automated font discovery, analysis, and compliance validation from websites and local files.
Features
- 🌐 Discover fonts from websites
- 📁 Analyze local font files
- ✅ Validate against custom whitelist policies
- 📊 Generate compliance reports
- 🔧 Support for TTF, OTF, WOFF, WOFF2 formats
Installation
pip install font-analyzer
Quick Start
Analyze Website Fonts
font-analyzer --url "https://github.com" --allowed_fonts "Roboto" "Arial" "Open Sans"
Analyze Local Font File
font-analyzer --font_path "./fonts/my-font.ttf" --allowed_fonts "Roboto" "Arial"
Usage Examples
Basic Commands
# Website analysis
font-analyzer --url "https://github.com"
# Local file analysis
font-analyzer --font_path "/path/to/font.ttf"
# With whitelist validation
font-analyzer --url "https://github.com" --allowed_fonts "Roboto" ".*Arial.*"
# Verbose output for detailed analysis
font-analyzer --url "https://github.com" --verbose
# or use short form
font-analyzer --url "https://github.com" -v
# Get help and see all options
font-analyzer --help
Environment Variables
# Set environment variables
export URL="https://github.com"
export ALLOWED_FONTS="Roboto,Open Sans,.*Arial.*"
font-analyzer
# Windows
set ALLOWED_FONTS=Roboto,Open Sans,.*Arial.*
font-analyzer
Configuration
| Variable | Description | Example |
|---|---|---|
URL | Website URL to analyze | https://github.com |
FONT_PATH | Path to font file | ./fonts/font.ttf |
ALLOWED_FONTS | Comma-separated font patterns | Roboto,Arial,.*Sans.* |
📄 License
MIT License
🔗 Links
Keywords
FAQs
A tool for detecting and analyzing font metadata from websites and files
We found that font-analyzer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket for Jira Is Now Available
Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.
By Jeppe Hasseriis - Apr 20, 2026
Company News
Socket Named Top Sales Organization by RepVue
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
By Sarah Gooding - Apr 17, 2026