safety in tox: scan requirements for known bad packages
This commit is contained in:
parent
e61c55bed2
commit
509072ab78
@ -17,6 +17,7 @@ flake8-fixme
|
|||||||
flake8-isort
|
flake8-isort
|
||||||
flake8-logging-format
|
flake8-logging-format
|
||||||
flake8-mutable
|
flake8-mutable
|
||||||
|
safety # check requirements file for issues
|
||||||
|
|
||||||
# maintenance utilities and tox
|
# maintenance utilities and tox
|
||||||
pip-tools # pip-compile
|
pip-tools # pip-compile
|
||||||
|
|||||||
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# This file is autogenerated by pip-compile
|
# This file is autogenerated by pip-compile with python 3.8
|
||||||
# To update, run:
|
# To update, run:
|
||||||
#
|
#
|
||||||
# pip-compile --output-file=requirements/requirements-dev.txt requirements/requirements-dev.in
|
# pip-compile --output-file=requirements/requirements-dev.txt requirements/requirements-dev.in
|
||||||
@ -12,20 +12,36 @@ bandit==1.6.2
|
|||||||
# via -r requirements/requirements-dev.in
|
# via -r requirements/requirements-dev.in
|
||||||
bleach==3.3.0
|
bleach==3.3.0
|
||||||
# via mdx-linkify
|
# via mdx-linkify
|
||||||
|
certifi==2021.5.30
|
||||||
|
# via requests
|
||||||
|
chardet==4.0.0
|
||||||
|
# via requests
|
||||||
click==7.1.2
|
click==7.1.2
|
||||||
# via
|
# via
|
||||||
# flask
|
# flask
|
||||||
# pip-tools
|
# pip-tools
|
||||||
|
# safety
|
||||||
coverage==5.5
|
coverage==5.5
|
||||||
# via pytest-cov
|
# via pytest-cov
|
||||||
distlib==0.3.2
|
distlib==0.3.2
|
||||||
# via virtualenv
|
# via virtualenv
|
||||||
dlint==0.11.0
|
dlint==0.11.0
|
||||||
# via -r requirements/requirements-dev.in
|
# via -r requirements/requirements-dev.in
|
||||||
|
dparse==0.5.1
|
||||||
|
# via safety
|
||||||
filelock==3.0.12
|
filelock==3.0.12
|
||||||
# via
|
# via
|
||||||
# tox
|
# tox
|
||||||
# virtualenv
|
# virtualenv
|
||||||
|
flake8==3.9.2
|
||||||
|
# via
|
||||||
|
# -r requirements/requirements-dev.in
|
||||||
|
# dlint
|
||||||
|
# flake8-builtins
|
||||||
|
# flake8-docstrings
|
||||||
|
# flake8-executable
|
||||||
|
# flake8-isort
|
||||||
|
# flake8-mutable
|
||||||
flake8-blind-except==0.2.0
|
flake8-blind-except==0.2.0
|
||||||
# via -r requirements/requirements-dev.in
|
# via -r requirements/requirements-dev.in
|
||||||
flake8-builtins==1.5.3
|
flake8-builtins==1.5.3
|
||||||
@ -42,21 +58,14 @@ flake8-logging-format==0.6.0
|
|||||||
# via -r requirements/requirements-dev.in
|
# via -r requirements/requirements-dev.in
|
||||||
flake8-mutable==1.2.0
|
flake8-mutable==1.2.0
|
||||||
# via -r requirements/requirements-dev.in
|
# via -r requirements/requirements-dev.in
|
||||||
flake8==3.9.2
|
|
||||||
# via
|
|
||||||
# -r requirements/requirements-dev.in
|
|
||||||
# dlint
|
|
||||||
# flake8-builtins
|
|
||||||
# flake8-docstrings
|
|
||||||
# flake8-executable
|
|
||||||
# flake8-isort
|
|
||||||
# flake8-mutable
|
|
||||||
flask==1.1.2
|
flask==1.1.2
|
||||||
# via -r requirements/requirements.in
|
# via -r requirements/requirements.in
|
||||||
gitdb==4.0.7
|
gitdb==4.0.7
|
||||||
# via gitpython
|
# via gitpython
|
||||||
gitpython==3.1.18
|
gitpython==3.1.18
|
||||||
# via bandit
|
# via bandit
|
||||||
|
idna==2.10
|
||||||
|
# via requests
|
||||||
iniconfig==1.1.1
|
iniconfig==1.1.1
|
||||||
# via pytest
|
# via pytest
|
||||||
isort==5.9.1
|
isort==5.9.1
|
||||||
@ -78,7 +87,9 @@ mdx-linkify==2.1
|
|||||||
packaging==20.9
|
packaging==20.9
|
||||||
# via
|
# via
|
||||||
# bleach
|
# bleach
|
||||||
|
# dparse
|
||||||
# pytest
|
# pytest
|
||||||
|
# safety
|
||||||
# tox
|
# tox
|
||||||
pbr==5.6.0
|
pbr==5.6.0
|
||||||
# via stevedore
|
# via stevedore
|
||||||
@ -106,16 +117,22 @@ pyparsing==2.4.7
|
|||||||
# via
|
# via
|
||||||
# packaging
|
# packaging
|
||||||
# pydot
|
# pydot
|
||||||
pytest-cov==2.12.1
|
|
||||||
# via -r requirements/requirements-dev.in
|
|
||||||
pytest==6.2.4
|
pytest==6.2.4
|
||||||
# via
|
# via
|
||||||
# -r requirements/requirements-dev.in
|
# -r requirements/requirements-dev.in
|
||||||
# pytest-cov
|
# pytest-cov
|
||||||
|
pytest-cov==2.12.1
|
||||||
|
# via -r requirements/requirements-dev.in
|
||||||
pytz==2021.1
|
pytz==2021.1
|
||||||
# via tzlocal
|
# via tzlocal
|
||||||
pyyaml==5.4.1
|
pyyaml==5.4.1
|
||||||
# via bandit
|
# via
|
||||||
|
# bandit
|
||||||
|
# dparse
|
||||||
|
requests==2.25.1
|
||||||
|
# via safety
|
||||||
|
safety==1.10.3
|
||||||
|
# via -r requirements/requirements-dev.in
|
||||||
six==1.15.0
|
six==1.15.0
|
||||||
# via
|
# via
|
||||||
# bandit
|
# bandit
|
||||||
@ -132,18 +149,21 @@ testfixtures==6.17.1
|
|||||||
# via flake8-isort
|
# via flake8-isort
|
||||||
toml==0.10.2
|
toml==0.10.2
|
||||||
# via
|
# via
|
||||||
|
# dparse
|
||||||
# pep517
|
# pep517
|
||||||
# pytest
|
# pytest
|
||||||
# pytest-cov
|
# pytest-cov
|
||||||
# tox
|
# tox
|
||||||
tox-wheel==0.6.0
|
|
||||||
# via -r requirements/requirements-dev.in
|
|
||||||
tox==3.23.1
|
tox==3.23.1
|
||||||
# via
|
# via
|
||||||
# -r requirements/requirements-dev.in
|
# -r requirements/requirements-dev.in
|
||||||
# tox-wheel
|
# tox-wheel
|
||||||
|
tox-wheel==0.6.0
|
||||||
|
# via -r requirements/requirements-dev.in
|
||||||
tzlocal==2.1
|
tzlocal==2.1
|
||||||
# via -r requirements/requirements.in
|
# via -r requirements/requirements.in
|
||||||
|
urllib3==1.26.5
|
||||||
|
# via requests
|
||||||
versioneer==0.19
|
versioneer==0.19
|
||||||
# via -r requirements/requirements-dev.in
|
# via -r requirements/requirements-dev.in
|
||||||
virtualenv==20.4.7
|
virtualenv==20.4.7
|
||||||
|
|||||||
1
tox.ini
1
tox.ini
@ -58,6 +58,7 @@ commands =
|
|||||||
# again it seems the most valuable here to run against the packaged code
|
# again it seems the most valuable here to run against the packaged code
|
||||||
commands =
|
commands =
|
||||||
bandit {envsitepackagesdir}/incorporealcms/ -r
|
bandit {envsitepackagesdir}/incorporealcms/ -r
|
||||||
|
safety check -r requirements/requirements-dev.txt
|
||||||
|
|
||||||
[testenv:lint]
|
[testenv:lint]
|
||||||
# run style checks
|
# run style checks
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user