[BUG] Support for scanning conda packages using "jake ddt -c" removed from version 1.0

sonatype-nexus-community / jake

Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.

https://jake.readthedocs.io/

Apache License 2.0

111 stars 24 forks source link

[BUG] Support for scanning conda packages using "jake ddt -c" removed from version 1.0 #101

Open mikekanenz opened 2 years ago

mikekanenz commented 2 years ago

In the earlier versions of jake e.g. 0.2.77 I was able to scan non-python conda packages which show up in a "conda list" but not in "pip list" output. This was very useful for looking for vulnerabilities in packages from conda-forge which are not available in conda main. The command used was: conda list | jake ddt -c In more recent versions support for the -c flag appears to have been removed. Does anyone know why this was removed and if it can be restored?

madpah commented 2 years ago

Hi @mikekanenz - thanks for the Issue. It was removed partly in oversight as jake was refactored.

We'll get this added back for you.