search

pyupio / safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
https://safetycli.com/product/safety-cli
MIT License
1.66k stars 141 forks source link

ansible_tower_cli false positive #361

Closed RomainGuilloux closed 2 years ago

RomainGuilloux commented 2 years ago

Description

It looks like there is a fall positive for the ansible_tower_cli analysis. In pypi the latest version is 3.3.9

https://pypi.org/project/ansible-tower-cli/#history

What I Did

 python3 -m safety check
+==============================================================================+
|                                                                              |
|                               /$$$$$$            /$$                         |
|                              /$$__  $$          | $$                         |
|           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$           |
|          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$           |
|         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$           |
|          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$           |
|          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$           |
|         |_______/  \_______/|__/     \_______/   \___/   \____  $$           |
|                                                          /$$  | $$           |
|                                                         |  $$$$$$/           |
|  by pyup.io                                              \______/            |
|                                                                              |
+==============================================================================+
| REPORT                                                                       |
| checked 133 packages, using free DB (updated once a month)                   |
+============================+===========+==========================+==========+
| package                    | installed | affected                 | ID       |
+============================+===========+==========================+==========+
| ansible-tower-cli          | 3.3.9     | <3.4.5                   | 42863    |
| ansible-tower-cli          | 3.3.9     | <3.6.4                   | 42878    |
| ansible-tower-cli          | 3.3.9     | <3.6.4                   | 42880    |
| ansible-tower-cli          | 3.3.9     | <3.6.4                   | 42876    |
| ansible-tower-cli          | 3.3.9     | <3.6.4                   | 42870    |
| ansible-tower-cli          | 3.3.9     | <3.6.4                   | 42872    |
| ansible-tower-cli          | 3.3.9     | <3.6.4                   | 42874    |
| ansible-tower-cli          | 3.3.9     | <3.7                     | 42925    |
| ansible-tower-cli          | 3.3.9     | <3.8                     | 42922    |
| ansible-tower-cli          | 3.3.9     | <3.8                     | 42927    |
| ansible-tower-cli          | 3.3.9     | <3.8.2                   | 42861    |
+==============================================================================+
SCH227 commented 2 years ago

Romain, thank you a lot for contacting. The mistaken entries have been already corrected in our db. Thank you again!