Poetry plugin for checking security vulnerabilities in dependencies

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opeco17 from gravatar.com opeco17

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: opeco17
  • Tags poetry , vulnerabilities , security , audit
  • Requires: Python >=3.7, <4.0
Classifiers
Report project as malware

Project description

Poetry Audit Plugin

Poetry plugin for checking security vulnerabilities in dependencies based on safety.

$ poetry audit
Scanning 19 packages...

  • ansible-runner     installed 1.1.2  affected <1.3.1   CVE PVE-2021-36995
  • ansible-tower-cli  installed 3.1.8  affected <3.2.0   CVE CVE-2020-1733 
  • jinja2             installed 2.0    affected <2.11.3  CVE CVE-2020-28493

3 vulnerabilities found

Installation

The easiest way to install the export plugin is via the plugin add command of Poetry.

poetry plugin add poetry-audit-plugin

If you used pipx to install Poetry you can add the plugin via the pipx inject command.

pipx inject poetry poetry-audit-plugin

Otherwise, if you used pip to install Poetry you can add the plugin packages via the pip install command.

pip install poetry-audit-plugin

Available options

  • --json: Export the result in JSON format.

License

This project is licensed under the terms of the MIT license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opeco17 from gravatar.com opeco17

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: opeco17
  • Tags poetry , vulnerabilities , security , audit
  • Requires: Python >=3.7, <4.0
Classifiers

Release history Release notifications | RSS feed

1.0.0

0.4.0

0.3.0

0.2.0

0.1.1

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

poetry-audit-plugin-0.1.0.tar.gz (5.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

poetry_audit_plugin-0.1.0-py3-none-any.whl (6.0 kB view details)

Uploaded Python 3

File details

Details for the file poetry-audit-plugin-0.1.0.tar.gz.

File metadata

  • Download URL: poetry-audit-plugin-0.1.0.tar.gz
  • Upload date:
  • Size: 5.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.13 CPython/3.9.12 Darwin/20.6.0

File hashes

Hashes for poetry-audit-plugin-0.1.0.tar.gz
Algorithm Hash digest
SHA256 e76cbdcc758e770611b4eb69c20613996c60df9bf87613b2fc1a69de4d45cfdf
MD5 70f60a02fd6cc08e5362b837ecb500b8
BLAKE2b-256 ad18f97b3d2cb29f142ac342851c39475cab8e66b30a9de9c0e918b15c2fb733

See more details on using hashes here.

File details

Details for the file poetry_audit_plugin-0.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for poetry_audit_plugin-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 0e8994cfc76e18d96de20c551ba4fed36d2718339350247b0d0b08d2d76e4096
MD5 d9de0d26eca083c53f633341a74898cc
BLAKE2b-256 5837f498837eb380059b7e25533c01f9ad5001a8e1ec2afe03f3ab18a4bbb471

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page