pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/py-pip-audit
Module Name: pkgsrc
Committed By: wiz
Date: Tue Dec 7 20:27:07 UTC 2021
Modified Files:
pkgsrc/security/py-pip-audit: Makefile PLIST distinfo
Removed Files:
pkgsrc/security/py-pip-audit/patches: patch-setup.py
Log Message:
py-pip-audit: update to 1.1.0.
## [1.1.0]
### Added
* CLI: The `--path <PATH>` flag has been added, allowing users to limit
dependency discovery to one or more paths (specified separately)
when `pip-audit` is invoked in environment mode
([#148](https://github.com/trailofbits/pip-audit/pull/148))
* CLI: The `pip-audit` CLI can now be accessed through `python -m pip_audit`.
All functionality is identical to the functionality provided by the
`pip-audit` entrypoint
([#173](https://github.com/trailofbits/pip-audit/pull/173))
* CLI: The `--verbose` flag has been added, allowing users to receive more
more verbose output from `pip-audit`. Supplying the `--verbose` flag
overrides the `PIP_AUDIT_LOGLEVEL` environment variable and is equivalent to
setting it to `debug`
([#185](https://github.com/trailofbits/pip-audit/pull/185))
### Changed
* CLI: `pip-audit` now clears its spinner bar from the terminal upon
completion, preventing visual confusion
([#174](https://github.com/trailofbits/pip-audit/pull/174))
### Fixed
* Dependency sources: a crash caused by `platform.python_version` returning
an version string that couldn't be parsed as a PEP-440 version was fixed
([#175](https://github.com/trailofbits/pip-audit/pull/175))
* Dependency sources: a crash caused by incorrect assumptions about
the structure of source distributions was fixed
([#166](https://github.com/trailofbits/pip-audit/pull/166))
* Vulnerability sources: a performance issue on Windows caused by cache failures
was fixed ([#178](https://github.com/trailofbits/pip-audit/pull/178))
## [1.0.1] - 2021-12-02
### Fixed
* CLI: The `--desc` flag no longer requires a following argument. If passed
as a bare option, `--desc` is equivalent to `--desc on`
([#153](https://github.com/trailofbits/pip-audit/pull/153))
* Dependency resolution: The PyPI-based dependency resolver no longer throws
an uncaught exception on package resolution errors; instead, the package
is marked as skipped and an appropriate warning or fatal error (in
`--strict` mode) is produced
([#162](https://github.com/trailofbits/pip-audit/pull/162))
* CLI: When providing the `--cache-dir` flag, the command to read the pip cache
directory is no longer executed. Previously this was always executed and
could result into failure when the command fails. In CI environments, the
default `~/.cache` directory is typically not writable by the build user and
this meant that the `python -m pip cache dir` would fail before this fix,
even if the `--cache-dir` flag was provided.
([#161](https://github.com/trailofbits/pip-audit/pull/161))
## [1.0.0] - 2021-12-01
### Added
* This is the first stable release of `pip-audit`! The CLI is considered
stable from this point on, and all changes will comply with
[Semantic Versioning](https://semver.org/)
## [0.0.9] - 2021-12-01
### Added
* CLI: Skipped dependencies are now listed in the output of `pip-audit`,
for supporting output formats
([#145](https://github.com/trailofbits/pip-audit/pull/145))
* CLI: `pip-audit` now supports a "strict" mode (enabled with `-S` or
`--strict`) that fails if the audit if any individual dependency cannot be
resolved or audited. The default behavior is still to skip any individual
dependency errors ([#146](https://github.com/trailofbits/pip-audit/pull/146))
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 pkgsrc/security/py-pip-audit/Makefile \
pkgsrc/security/py-pip-audit/PLIST pkgsrc/security/py-pip-audit/distinfo
cvs rdiff -u -r1.1 -r0 pkgsrc/security/py-pip-audit/patches/patch-setup.py
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/py-pip-audit/Makefile
diff -u pkgsrc/security/py-pip-audit/Makefile:1.1 pkgsrc/security/py-pip-audit/Makefile:1.2
--- pkgsrc/security/py-pip-audit/Makefile:1.1 Tue Nov 16 16:04:40 2021
+++ pkgsrc/security/py-pip-audit/Makefile Tue Dec 7 20:27:07 2021
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.1 2021/11/16 16:04:40 wiz Exp $
+# $NetBSD: Makefile,v 1.2 2021/12/07 20:27:07 wiz Exp $
-DISTNAME= pip-audit-0.0.5
+DISTNAME= pip-audit-1.1.0
PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
CATEGORIES= security python
# pypi file does not include tests
@@ -14,11 +14,12 @@ HOMEPAGE= https://pypi.org/project/pip-a
COMMENT= Scan Python environments for known vulnerabilities
LICENSE= apache-2.0
-DEPENDS+= ${PYPKGPREFIX}-cachecontrol>=0.12.6:../../devel/py-cachecontrol
+DEPENDS+= ${PYPKGPREFIX}-cachecontrol>=0.12.10:../../devel/py-cachecontrol
+DEPENDS+= ${PYPKGPREFIX}-cyclonedx-python-lib>=0.11.1:../../security/py-cyclonedx-python-lib
DEPENDS+= ${PYPKGPREFIX}-html5lib>=1.1:../../textproc/py-html5lib
DEPENDS+= ${PYPKGPREFIX}-lockfile>=0.12.2:../../devel/py-lockfile
DEPENDS+= ${PYPKGPREFIX}-packaging>=21.0.0:../../devel/py-packaging
-DEPENDS+= ${PYPKGPREFIX}-pip-api>=0.0.23:../../devel/py-pip-api
+DEPENDS+= ${PYPKGPREFIX}-pip-api>=0.0.25:../../devel/py-pip-api
DEPENDS+= ${PYPKGPREFIX}-progress>=1.6:../../devel/py-progress
DEPENDS+= ${PYPKGPREFIX}-resolvelib>=0.8.0:../../devel/py-resolvelib
TEST_DEPENDS+= ${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
@@ -39,9 +40,9 @@ post-install:
${MV} pip-audit pip-audit-${PYVERSSUFFIX} || ${TRUE}
${RM} -r ${DESTDIR}${PREFIX}/${PYSITELIB}/test
-# as of 0.0.4
-# 2 failed, 46 passed
-# https://github.com/trailofbits/pip-audit/issues/115
+# as of 1.1.0
+# 2 failed, 59 passed
+# https://github.com/trailofbits/pip-audit/issues/195
TEST_ENV+= PYTHONPATH=${WRKSRC}/build/lib:${WRKSRC}/build/lib/test
do-test:
cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX}
Index: pkgsrc/security/py-pip-audit/PLIST
diff -u pkgsrc/security/py-pip-audit/PLIST:1.1 pkgsrc/security/py-pip-audit/PLIST:1.2
--- pkgsrc/security/py-pip-audit/PLIST:1.1 Tue Nov 16 16:04:40 2021
+++ pkgsrc/security/py-pip-audit/PLIST Tue Dec 7 20:27:07 2021
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.1 2021/11/16 16:04:40 wiz Exp $
+@comment $NetBSD: PLIST,v 1.2 2021/12/07 20:27:07 wiz Exp $
bin/pip-audit-${PYVERSSUFFIX}
${PYSITELIB}/${EGG_INFODIR}/PKG-INFO
${PYSITELIB}/${EGG_INFODIR}/SOURCES.txt
@@ -9,66 +9,72 @@ ${PYSITELIB}/${EGG_INFODIR}/top_level.tx
${PYSITELIB}/pip_audit/__init__.py
${PYSITELIB}/pip_audit/__init__.pyc
${PYSITELIB}/pip_audit/__init__.pyo
+${PYSITELIB}/pip_audit/__main__.py
+${PYSITELIB}/pip_audit/__main__.pyc
+${PYSITELIB}/pip_audit/__main__.pyo
+${PYSITELIB}/pip_audit/_audit.py
+${PYSITELIB}/pip_audit/_audit.pyc
+${PYSITELIB}/pip_audit/_audit.pyo
+${PYSITELIB}/pip_audit/_cli.py
+${PYSITELIB}/pip_audit/_cli.pyc
+${PYSITELIB}/pip_audit/_cli.pyo
+${PYSITELIB}/pip_audit/_dependency_source/__init__.py
+${PYSITELIB}/pip_audit/_dependency_source/__init__.pyc
+${PYSITELIB}/pip_audit/_dependency_source/__init__.pyo
+${PYSITELIB}/pip_audit/_dependency_source/interface.py
+${PYSITELIB}/pip_audit/_dependency_source/interface.pyc
+${PYSITELIB}/pip_audit/_dependency_source/interface.pyo
+${PYSITELIB}/pip_audit/_dependency_source/pip.py
+${PYSITELIB}/pip_audit/_dependency_source/pip.pyc
+${PYSITELIB}/pip_audit/_dependency_source/pip.pyo
+${PYSITELIB}/pip_audit/_dependency_source/requirement.py
+${PYSITELIB}/pip_audit/_dependency_source/requirement.pyc
+${PYSITELIB}/pip_audit/_dependency_source/requirement.pyo
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/__init__.py
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/__init__.pyc
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/__init__.pyo
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/pypi_provider.py
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/pypi_provider.pyc
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/pypi_provider.pyo
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/resolvelib.py
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/resolvelib.pyc
+${PYSITELIB}/pip_audit/_dependency_source/resolvelib/resolvelib.pyo
+${PYSITELIB}/pip_audit/_format/__init__.py
+${PYSITELIB}/pip_audit/_format/__init__.pyc
+${PYSITELIB}/pip_audit/_format/__init__.pyo
+${PYSITELIB}/pip_audit/_format/columns.py
+${PYSITELIB}/pip_audit/_format/columns.pyc
+${PYSITELIB}/pip_audit/_format/columns.pyo
+${PYSITELIB}/pip_audit/_format/cyclonedx.py
+${PYSITELIB}/pip_audit/_format/cyclonedx.pyc
+${PYSITELIB}/pip_audit/_format/cyclonedx.pyo
+${PYSITELIB}/pip_audit/_format/interface.py
+${PYSITELIB}/pip_audit/_format/interface.pyc
+${PYSITELIB}/pip_audit/_format/interface.pyo
+${PYSITELIB}/pip_audit/_format/json.py
+${PYSITELIB}/pip_audit/_format/json.pyc
+${PYSITELIB}/pip_audit/_format/json.pyo
+${PYSITELIB}/pip_audit/_service/__init__.py
+${PYSITELIB}/pip_audit/_service/__init__.pyc
+${PYSITELIB}/pip_audit/_service/__init__.pyo
+${PYSITELIB}/pip_audit/_service/interface.py
+${PYSITELIB}/pip_audit/_service/interface.pyc
+${PYSITELIB}/pip_audit/_service/interface.pyo
+${PYSITELIB}/pip_audit/_service/osv.py
+${PYSITELIB}/pip_audit/_service/osv.pyc
+${PYSITELIB}/pip_audit/_service/osv.pyo
+${PYSITELIB}/pip_audit/_service/pypi.py
+${PYSITELIB}/pip_audit/_service/pypi.pyc
+${PYSITELIB}/pip_audit/_service/pypi.pyo
+${PYSITELIB}/pip_audit/_state.py
+${PYSITELIB}/pip_audit/_state.pyc
+${PYSITELIB}/pip_audit/_state.pyo
+${PYSITELIB}/pip_audit/_util.py
+${PYSITELIB}/pip_audit/_util.pyc
+${PYSITELIB}/pip_audit/_util.pyo
${PYSITELIB}/pip_audit/_version.py
${PYSITELIB}/pip_audit/_version.pyc
${PYSITELIB}/pip_audit/_version.pyo
-${PYSITELIB}/pip_audit/audit.py
-${PYSITELIB}/pip_audit/audit.pyc
-${PYSITELIB}/pip_audit/audit.pyo
-${PYSITELIB}/pip_audit/cli.py
-${PYSITELIB}/pip_audit/cli.pyc
-${PYSITELIB}/pip_audit/cli.pyo
-${PYSITELIB}/pip_audit/dependency_source/__init__.py
-${PYSITELIB}/pip_audit/dependency_source/__init__.pyc
-${PYSITELIB}/pip_audit/dependency_source/__init__.pyo
-${PYSITELIB}/pip_audit/dependency_source/interface.py
-${PYSITELIB}/pip_audit/dependency_source/interface.pyc
-${PYSITELIB}/pip_audit/dependency_source/interface.pyo
-${PYSITELIB}/pip_audit/dependency_source/pip.py
-${PYSITELIB}/pip_audit/dependency_source/pip.pyc
-${PYSITELIB}/pip_audit/dependency_source/pip.pyo
-${PYSITELIB}/pip_audit/dependency_source/requirement.py
-${PYSITELIB}/pip_audit/dependency_source/requirement.pyc
-${PYSITELIB}/pip_audit/dependency_source/requirement.pyo
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.py
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.pyc
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/__init__.pyo
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.py
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.pyc
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/pypi_provider.pyo
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.py
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.pyc
-${PYSITELIB}/pip_audit/dependency_source/resolvelib/resolvelib.pyo
-${PYSITELIB}/pip_audit/format/__init__.py
-${PYSITELIB}/pip_audit/format/__init__.pyc
-${PYSITELIB}/pip_audit/format/__init__.pyo
-${PYSITELIB}/pip_audit/format/columns.py
-${PYSITELIB}/pip_audit/format/columns.pyc
-${PYSITELIB}/pip_audit/format/columns.pyo
-${PYSITELIB}/pip_audit/format/interface.py
-${PYSITELIB}/pip_audit/format/interface.pyc
-${PYSITELIB}/pip_audit/format/interface.pyo
-${PYSITELIB}/pip_audit/format/json.py
-${PYSITELIB}/pip_audit/format/json.pyc
-${PYSITELIB}/pip_audit/format/json.pyo
-${PYSITELIB}/pip_audit/service/__init__.py
-${PYSITELIB}/pip_audit/service/__init__.pyc
-${PYSITELIB}/pip_audit/service/__init__.pyo
-${PYSITELIB}/pip_audit/service/interface.py
-${PYSITELIB}/pip_audit/service/interface.pyc
-${PYSITELIB}/pip_audit/service/interface.pyo
-${PYSITELIB}/pip_audit/service/osv.py
-${PYSITELIB}/pip_audit/service/osv.pyc
-${PYSITELIB}/pip_audit/service/osv.pyo
-${PYSITELIB}/pip_audit/service/pypi.py
-${PYSITELIB}/pip_audit/service/pypi.pyc
-${PYSITELIB}/pip_audit/service/pypi.pyo
-${PYSITELIB}/pip_audit/state.py
-${PYSITELIB}/pip_audit/state.pyc
-${PYSITELIB}/pip_audit/state.pyo
-${PYSITELIB}/pip_audit/util.py
-${PYSITELIB}/pip_audit/util.pyc
-${PYSITELIB}/pip_audit/util.pyo
-${PYSITELIB}/pip_audit/virtual_env.py
-${PYSITELIB}/pip_audit/virtual_env.pyc
-${PYSITELIB}/pip_audit/virtual_env.pyo
+${PYSITELIB}/pip_audit/_virtual_env.py
+${PYSITELIB}/pip_audit/_virtual_env.pyc
+${PYSITELIB}/pip_audit/_virtual_env.pyo
Index: pkgsrc/security/py-pip-audit/distinfo
diff -u pkgsrc/security/py-pip-audit/distinfo:1.1 pkgsrc/security/py-pip-audit/distinfo:1.2
--- pkgsrc/security/py-pip-audit/distinfo:1.1 Tue Nov 16 16:04:40 2021
+++ pkgsrc/security/py-pip-audit/distinfo Tue Dec 7 20:27:07 2021
@@ -1,6 +1,5 @@
-$NetBSD: distinfo,v 1.1 2021/11/16 16:04:40 wiz Exp $
+$NetBSD: distinfo,v 1.2 2021/12/07 20:27:07 wiz Exp $
-BLAKE2s (pip-audit-0.0.5.tar.gz) = c60ea00a1e24ff8e0677ae3d8d7d72b606e919475534b108de32174b2cad7826
-SHA512 (pip-audit-0.0.5.tar.gz) = 018aa04901baee74399314faa3afeebd141be91d4bba7621f5c657281458ae5a7d90db60e3059d9bfec858dc0e4251b9c56321b8d22d2533edf9db1154180a03
-Size (pip-audit-0.0.5.tar.gz) = 31766 bytes
-SHA1 (patch-setup.py) = 2171a0cc6c3b737844cce29f1c38d1099115f640
+BLAKE2s (pip-audit-1.1.0.tar.gz) = c31697d727e3fe5413a281f37b24e83732afbc20dfead2e436a4680d3fc6e8a4
+SHA512 (pip-audit-1.1.0.tar.gz) = 77c0552f840ca17fb9a80e9dd594bf8faf74aad5331e1689ad6b7c436d29589fd1b5db9db3e41a16679934fe1856ad0d0821ee5c52a5d4508fda6236bdf27f22
+Size (pip-audit-1.1.0.tar.gz) = 41526 bytes
Home |
Main Index |
Thread Index |
Old Index