Closed staticdev closed 3 years ago
It is likely to be due to the january update of the safety database (not an issue with the safety package)
You should investigate the underlying packages - possibly py
.
Check this PR on my project: https://github.com/hacf-fr/renault-api/pull/127
@epenet I thought it could be something like that. But should´t we see the result instead of just an error code? If is just a new package that is insecure I should see that on the execution logs, right?
If you remove --bare
from the safety check, then it will display the details.
The --bare
is added to reduce exposure (you don't want the whole world to know what makes your package insecure) but you can remove it temporarily on your local system.
@epenet you are correct, taking off --bare I could see the problem. This is strange, because with --bare I should be able to see unsafe package names. Anyhow I don't have a way to reproduce this non-output case so I am closing this issue (can also be already fixed in latests). Thanks.
Description
I have many projects using safety for some time now. After upgrading from 1.9.0 to 1.10.0, all pipelines break (also running locally). Also 1.10.2 did not fix the issue.
What I Did
I use a nox session with the command
safety check --file=requirements.txt --bare
Error:
Ex. https://github.com/staticdev/irpf-cei/pull/327/checks?check_run_id=1679307781