Poetry plugin for checking security vulnerabilities in dependencies

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opeco17 from gravatar.com opeco17

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: opeco17
  • Tags poetry, vulnerabilities, security, audit
  • Requires: Python >=3.7, <4.0
Classifiers

Project description

Poetry Audit Plugin

Poetry plugin for checking security vulnerabilities in dependencies based on safety.

$ poetry audit
Scanning 19 packages...

  • ansible-runner     installed 1.1.2  affected <1.3.1   CVE PVE-2021-36995
  • ansible-tower-cli  installed 3.1.8  affected <3.2.0   CVE CVE-2020-1733 
  • jinja2             installed 2.0    affected <2.11.3  CVE CVE-2020-28493

3 vulnerabilities found

Installation

The easiest way to install the export plugin is via the plugin add command of Poetry.

poetry plugin add poetry-audit-plugin

If you used pipx to install Poetry you can add the plugin via the pipx inject command.

pipx inject poetry poetry-audit-plugin

Otherwise, if you used pip to install Poetry you can add the plugin packages via the pip install command.

pip install poetry-audit-plugin

Available options

  • --json: Export the result in JSON format.

Exit codes

poetry audit will exit with a code indicating its status.

  • 0: Vulnerabilities were not found.
  • 1: One or more vulnerabilities were found.

License

This project is licensed under the terms of the MIT license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opeco17 from gravatar.com opeco17

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: opeco17
  • Tags poetry, vulnerabilities, security, audit
  • Requires: Python >=3.7, <4.0
Classifiers

Release history Release notifications | RSS feed

0.4.0

0.3.0

0.2.0

This version

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

poetry-audit-plugin-0.1.1.tar.gz (5.2 kB view details)

Uploaded Source

Built Distribution

poetry_audit_plugin-0.1.1-py3-none-any.whl (6.1 kB view details)

Uploaded Python 3

File details

Details for the file poetry-audit-plugin-0.1.1.tar.gz.

File metadata

  • Download URL: poetry-audit-plugin-0.1.1.tar.gz
  • Upload date:
  • Size: 5.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.1.13 CPython/3.7.12 Linux/5.13.0-1021-azure

File hashes

Hashes for poetry-audit-plugin-0.1.1.tar.gz
Algorithm Hash digest
SHA256 c32c4b5fec733ca04c20700dbb55b32e5e4af2171987e8f208c611688ed86233
MD5 47d51372253c1081026c032c249abefa
BLAKE2b-256 129ca4809e0b51304ab1d3e111f263346507a8510fd4a67aa3f0a159cf186ddf

See more details on using hashes here.

File details

Details for the file poetry_audit_plugin-0.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for poetry_audit_plugin-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 9d33e2929965e08a227a67db8ea0780ff81ca836ca9e0769ed1fb4fd7aa86f01
MD5 045c40a2b4ccecfd434757307f96afd9
BLAKE2b-256 c18873a6ff688f26404de9285bfc4d678da75dac4497a527ef5050b6563a439c

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page