checklist.day

Defused CSV

JSON →
library 3.0.0 ·python
verified May 21, 2026
serializationauth-securityhttp-networking

defusedcsv is a Python library (version 3.0.0) that acts as a drop-in replacement for the standard library's `csv` module, specifically designed to mitigate CSV injection attacks. It works by sanitizing output, prepending an apostrophe to cells that start with potentially malicious characters like `=`, `+`, `-`, `@`, `|`, or `%`, and escaping `|` characters within these cells. This prevents spreadsheet software (like MS Excel or LibreOffice) from interpreting the cell content as a formula. The library's release cadence appears to be infrequent, with the latest version published to PyPI on September 2, 2025.

Traffic · last 30 days ↑367% vs prev 7d · indexed Sun Apr 12 · updated Wed May 27

total hits 24
actors 7 distinct systems
last hit 1d ago ByteDance
ByteDance
10
GPTBot
2
Script
2
ChatGPT-User
1
Search engines
1
Humans
2

top countries 🇸🇬 Singapore · 🇨🇦 Canada · 🇺🇸 United States · 🇩🇪 Germany · 🇸🇪 Sweden

Resources

githubgithub.com/raphaelm/defusedcsv ↗
packagepypi.org/project/defusedcsv/ ↗

API endpoints

full doc /v1/registry/defusedcsv
install /v1/registry/defusedcsv/install
compatibility /v1/registry/defusedcsv/compatibility