-
# Summary
Add support to scan the project(s) license compliance.
# Details
Make sure to distinguish or `build/dev` dependencies etc from the dependencies used by the `library/application`.
##…
-
The logging is being extra noisy in some cases. So far this only includes messages from the underlying Google API. Note this line in particular:
```
WARNING: All log messages before absl::Initiali…
-
### Expected behaviour
When I ran
```
$ pip-audit -r /path/to/requirements.txt
```
where the `requirements.txt` has dependency on the latest version of `opencv-python`
```
opencv-python==4.7.…
-
First of all, thanks for maintaining this parser! It's been invaluable within `pip-audit`.
Per https://github.com/pypa/pip/issues/11567: `#egg=packagename==packageversion` isn't actually valid, but…
-
Most package managers have a *-audit tool: pip-audit, cargo-audit, npm-audit, etc. that pull security advisories from public databases (OSV, CVEs, package-specific databases, etc)
Dependabot and reno…
-
when running `pip3 install -r requirements.txt` it errors out with
```
ERROR: Command errored out with exit status 1:
command: /usr/bin/python -c 'import sys, setuptools, tokenize; sys.ar…
-
**Is your feature request related to a problem? Please describe.**
The Python Packaging Advisory Database does contain more information than currently available in pip-audit's reports. In particula…
-
Per the discussion at https://discuss.python.org/t/pip-installation-reports/12316, there seems to be an interest in generating detailed reports on the artifacts installed into an environment, with per…
-
It seems that many things get a pip requirement added to the tests. This seems unnecessary since most things include pip in the installing environment as it is a host dependency of most python package…
-
root@esgfmeta-test-v4:docker exec -it -u root metagrid_local_django /bin/bash
root@2184f178b41a:/app# pip-audit
Found 6 known vulnerabilities in 5 packages
Name Version ID …