Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
- Maintainers
- 3
μsort
Safe, minimal import sorting for Python projects.
μsort is a safe, minimal import sorter. Its primary goal is to make no "dangerous" changes to code. This is achieved by detecting distinct "blocks" of imports that are the most likely to be safely interchangeable, and only reordering imports within these blocks without altering formatting. Code style is left as an exercise for linters and formatters.
Within a block, µsort will follow common Python conventions for grouping imports based on source (standard library, third-party, first-party, or relative), and then sorting lexicographically within each group. This will commonly look like:
import re
from pathlib import Path
from typing import Iterable
from unittest.mock import call, Mock, patch
import aiohttp
from aiosqlite import connect
import foo
from bar import bar
from .main import main
Blocks are inferred from a number of real world conditions, including any intermediate statements between imports:
import warnings
warnings.filterwarnings(...)
import re
import sys
In this case, µsort detects two blocks–separated by the call to filterwarnings(),
and will only sort imports inside of each block. Running µsort on this code
will generate no changes, because each block is already sorted.
Imports can be excluded from blocks using the #usort:skip directive, or with
#isort:skip for compatibility with existing codebases. µsort will leave
these imports unchanged, and treat them as block separators.
See the User Guide for more details about how blocks are detected, and how sorting is performed.
Install
µsort requires Python 3.6 or newer to run. Install µsort with:
$ pip install usort
Usage
To format one or more files or directories in-place:
$ usort format <path> [<path> ...]
To generate a diff of changes without modifying files:
$ usort diff <path>
To just validate that files are formatted correctly, like during CI:
$ usort check <path>
pre-commit
µsort provides a pre-commit hook. To enforce sorted
imports before every commit, add the following to your .pre-commit-config.yaml
file:
- repo: https://github.com/facebook/usort
rev: v1.0.7
hooks:
- id: usort
License
μsort is MIT licensed, as found in the LICENSE file.
FAQs
A small, safe import sorter
We found that usort demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025