Poetry plugin for checking security vulnerabilities in dependencies

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opeco17 from gravatar.com opeco17

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: opeco17
  • Tags poetry, vulnerabilities, security, audit
  • Requires: Python >=3.7, <4.0
Classifiers

Project description

Poetry Audit Plugin

Poetry plugin for checking security vulnerabilities in dependencies based on safety.

$ poetry audit
Scanning 19 packages...

  • ansible-runner     installed 1.1.2  affected <1.3.1   CVE PVE-2021-36995
  • ansible-tower-cli  installed 3.1.8  affected <3.2.0   CVE CVE-2020-1733 
  • jinja2             installed 2.0    affected <2.11.3  CVE CVE-2020-28493

3 vulnerabilities found

Installation

The easiest way to install the export plugin is via the plugin add command of Poetry.

poetry plugin add poetry-audit-plugin

If you used pipx to install Poetry you can add the plugin via the pipx inject command.

pipx inject poetry poetry-audit-plugin

Otherwise, if you used pip to install Poetry you can add the plugin packages via the pip install command.

pip install poetry-audit-plugin

Available options

  • --json: Export the result in JSON format.

Exit codes

poetry audit will exit with a code indicating its status.

  • 0: Vulnerabilities were not found.
  • 1: One or more vulnerabilities were found.

License

This project is licensed under the terms of the MIT license.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for opeco17 from gravatar.com opeco17

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License
  • Author: opeco17
  • Tags poetry, vulnerabilities, security, audit
  • Requires: Python >=3.7, <4.0
Classifiers

Release history Release notifications | RSS feed

0.4.0

0.3.0

This version

0.2.0

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

poetry_audit_plugin-0.2.0.tar.gz (5.2 kB view details)

Uploaded Source

Built Distribution

poetry_audit_plugin-0.2.0-py3-none-any.whl (6.1 kB view details)

Uploaded Python 3

File details

Details for the file poetry_audit_plugin-0.2.0.tar.gz.

File metadata

  • Download URL: poetry_audit_plugin-0.2.0.tar.gz
  • Upload date:
  • Size: 5.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/1.2.2 CPython/3.7.15 Linux/5.15.0-1023-azure

File hashes

Hashes for poetry_audit_plugin-0.2.0.tar.gz
Algorithm Hash digest
SHA256 96a91eb2ea9f6abc6a8b9c86996edc03bc7c60449477df08ee86de2481071314
MD5 9b56d0614b89999da652b90e22edc621
BLAKE2b-256 c428ae41056dc58e78758edbbeb1dc10c8a714c2eb9f820c02e6200058d1e723

See more details on using hashes here.

File details

Details for the file poetry_audit_plugin-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for poetry_audit_plugin-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 d682cfe0683827e281468a4640e09aca03d564d8fdfed3201988cb0aff451dbb
MD5 be3d240a36b678a48e1f4c4fa47755a8
BLAKE2b-256 10cee9f05cbc1748c35d0746a7ec3f79dcddaf70ab5dee25528f2ae15a879fba

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page