search

pyupio / safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
https://safetycli.com/product/safety-cli
MIT License
1.66k stars 141 forks source link

safety check is done successfully but exit code is 255 #360

Closed minyoung90 closed 2 years ago

minyoung90 commented 2 years ago

Description

I ran this command

> safety check
+==============================================================================+
|                                                                              |
|                               /$$$$$$            /$$                         |
|                              /$$__  $$          | $$                         |
|           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$           |
|          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$           |
|         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$           |
|          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$           |
|          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$           |
|         |_______/  \_______/|__/     \_______/   \___/   \____  $$           |
|                                                          /$$  | $$           |
|                                                         |  $$$$$$/           |
|  by pyup.io                                              \______/            |
|                                                                              |
+==============================================================================+
| REPORT                                                                       |
| checked 99 packages, using free DB (updated once a month)                    |
+============================+===========+==========================+==========+
| package                    | installed | affected                 | ID       |
+============================+===========+==========================+==========+
| sqlalchemy-utils           | 0.37.9    | >=0.27.0                 | 42194    |
+==============================================================================+
> echo $?
255

This makes some script pipelines be failed because of exit code (what I expected...)

What I Did

I don't know how to deal with it. Below is my setting.

- repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.2.1
    hooks:
      - id: python-safety-dependencies-check
        args: [--ignore=42194]
minyoung90 commented 2 years ago

My mistake, I just added ignore setting to only pre-commit setting!

Ruslan-Skira commented 2 years ago

Explain please what does it mean --ignore=42194 (ID). Does it an issue or not? Because it is still opened issue. https://github.com/kvesteri/sqlalchemy-utils/issues/166. And you decided to ignore it temporarily?