pkgsrc.se | The NetBSD package collection

./security/py-pip-audit, Scan Python environments for known vulnerabilities

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 2.8.0nb1, Package name: py312-pip-audit-2.8.0nb1, Maintainer: pkgsrc-users

pip-audit is a prototype tool for scanning Python environments for
packages with known vulnerabilities. It uses the Python Packaging
Advisory Database via the PyPI JSON API as a source of vulnerability
reports.

Master sites:

https://files.pythonhosted.org/packages/source/p/pip-audit/ (Download)

Filesize: 49.876 KB

Version history: (Expand)

(2025-02-23) Updated to version: py312-pip-audit-2.8.0nb1
(2025-02-07) Updated to version: py312-pip-audit-2.8.0
(2024-12-09) Updated to version: py312-pip-audit-2.7.3nb1
(2024-10-14) Updated to version: py312-pip-audit-2.7.3
(2024-05-05) Updated to version: py311-pip-audit-2.7.3
(2024-02-29) Updated to version: py311-pip-audit-2.7.2

CVS history: (Expand)

2025-02-23 22:08:49 by Thomas Klausner | Files touched by this commit (2)

Log message:
py-pip-audit: adapt for flit_core 3.11.

Bump PKGREVISION.

2025-02-07 08:23:32 by Adam Ciarcinski | Files touched by this commit (3) | Package updated

Log message:
py-pip-audit: updated to 2.8.0

2.8.0

Added

pip-audit now allows some CLI flags to be configured via environment
variables

Changed

The default cache locations on macOS and Linux now respect each platform's
caching directory idioms (e.g. XDG)

The minimum version of Python is now 3.9

2024-12-09 09:13:21 by Thomas Klausner | Files touched by this commit (3)

Log message:
py-pip-audit: remove unused dependencies

Bump PKGREVISION.

2024-10-14 08:46:10 by Thomas Klausner | Files touched by this commit (325)

Log message:
*: clean-up after python38 removal

2024-05-05 12:10:37 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
py-pip-audit: update to 2.7.3.

Improved handling of temporary files on Windows
Fixed a subprocess deadlock on Windows

2024-02-29 22:10:21 by Adam Ciarcinski | Files touched by this commit (2) | Package updated

Log message:
py-pip-audit: updated to 2.7.2

2.7.2

Fixed

pip-audit now invokes pip with --keyring-provider=subprocess, partially fixing a \ 
regression that was introduced with another authentication fix in 2.6.2. This \ 
allows the interior pip to use keyring to perform third-party index \ 
authentication.

2024-02-14 22:36:32 by Adam Ciarcinski | Files touched by this commit (2) | Package updated

Log message:
py-pip-audit: updated to 2.7.1

2.7.1

Fixed

Improved the error returned to users when their default temporary directory \ 
lacks execute permissions

2024-01-14 21:33:38 by Thomas Klausner | Files touched by this commit (2) | Package updated

Log message:
py-pip-audit: update to 2.7.0.

## [2.7.0]

### Added

* `pip-audit` now includes vulnerability aliases when `--format=json` is used,
  and also includes them in other output formats if specified by adding the
  flag `--aliases`

## [2.6.3]

### Fixed

* Removed a misleading warning message that resulted in user confusion
  ([#719](https://github.com/pypa/pip-audit/pull/719))