Research
Security News
The Growing Risk of Malicious Browser Extensions
Socket researchers uncover how browser extensions in trusted stores are used to hijack sessions, redirect traffic, and manipulate user behavior.
By Kush Pandya - Jun 13, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
zygoat
93
Supply Chain Security
100
Vulnerability
100
Quality
100
Maintenance
100
License
- Maintainers
- 3
zygoat
What is zygoat?
zygoat is a command line tool used to bootstrap and configure a React/Django/Postgres stack web application.
Linting, test configuration, boilerplate, and development environment are automatically taken care of using zygoat so that you can get up and running faster.
zygoat also includes a preset deployment configuration to allow you to deploy your stack to an AWS environment with a single command. You'll get a full serverless AWS stack to keep things inexpensive and nimble.
How does it work?
zygoat works by defining Components, defined as parts of projects, and then defining how you implement those components based on whether you're creating a new project, updating an existing project, or deleting a component that's no longer needed.
For instance, for the python backend, we want to include black, which is a tool for automatically formatting python code in a standard way to make it pep8 compliant. To install black in for the python backend part of the project, we create a Component for it, specifically a FileComponent, which defines how we treat files that we need in projects. Then we register the Black component (defined in black.py) with the Backend component (defined in backend/__init__.py) as a sub component. This way, whenever you create or update (or delete) a project with the Backend component, you'll do the same 'phase' to the Black component.
Installation
pip install --upgrade zygoat
Usage
mkdir my-cool-new-app && cd my-cool-new-app
git init
zg new my-cool-new-app
For more customization and configuration, check out the official documentation.
How do I develop changes for it?
Make a new git repository somewhere, we'll call it test-zg
mkdir test-zg && cd test-zg
git init
Install the zygoat package locally
pip install --user --upgrade ~/Projects/zygoat # Or wherever you have it
If you're using the asdf version manager, reshim
asdf reshim python
Run zg commands, see if they fail
zg new test
zg update
zg delete
Contributing
zygoat is developed using the Poetry packaging framework for Python projects to make development as simple and portable as possible.
Documentation
FAQs
Unknown package
We found that zygoat demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
2025 Blockchain and Cryptocurrency Threat Report: Malware in the Open Source Supply Chain
An in-depth analysis of credential stealers, crypto drainers, cryptojackers, and clipboard hijackers abusing open source package registries to compromise Web3 development environments.
By Kirill Boychenko - Jun 12, 2025
Security News
pnpm 10.12 Introduces Global Virtual Store and Expanded Version Catalogs
pnpm 10.12.1 introduces a global virtual store for faster installs and new options for managing dependencies with version catalogs.
By Sarah Gooding - Jun 11, 2025