Skip to content
Snippets Groups Projects
Select Git revision
  • wip/7502
  • master default protected
  • to-spec-origin
  • wip/10726
  • wip/10797
  • TeofilC-patch-1
  • wip/10775
  • 3.14
  • wip/v2-gen-bounds
  • wip/pkgname_datadir_3_14
  • wip/8419
  • main-is-fix
  • wip/t10717
  • wip/t10759
  • wip/duplicate-env-vars
  • fix10819
  • fix10773
  • fix10821
  • re10819
  • wip/investigate-recomp
  • cabal-head
  • 3.14.1.1+1
  • cabal-install-v3.14.1.1
  • Cabal-hooks-3.14.1.1
  • Cabal-v3.14.1.1
  • 3.14.1.1
  • 3.14.1.1+0
  • cabal-install-solver-v3.14.1.0
  • cabal-install-v3.14.1.0
  • Cabal-syntax-v3.14.1.0
  • Cabal-v3.14.1.0
  • Cabal-3.14.0.0
  • Cabal-syntax-3.14.0.0
  • 3.12.1+0
  • cabal-install-solver-v3.12.1.0
  • cabal-install-v3.12.1.0
  • Cabal-syntax-v3.12.1.0
  • Cabal-v3.12.1.0
  • 3.12.0+0
  • cabal-install-v3.12.0.0-prerelease
40 results
Blame Permalink
  • andreas.abel's avatar
    a57cbc44
    Re #7777 #7778: check requirements.txt for security advisory · a57cbc44
    andreas.abel authored 
    There is a new make file,

    doc/Makefile

that defines these goals:

  - `check-requirements`:
    Check `requirements.txt` for security problems (CVEs) using `skjold`.
    This goal is intended for the "Users guide" CI.
    SKJOLD_GITHUB_API_TOKEN might have to be set if GITHUB_TOKEN is
    not in the environment, in order to access the GitHub GraphQL API.

  - `build-and-check-requirements`:
    Rebuild `requirements.txt` from `requirements.in` using `pip-compile`,
    and check with `check-requirements`.
    This goal is intended for manual invocation.

    It is invoked from the top Makefile via goal
    `users-guide-requirements`.

Alternatively, these goals could be coupled with the doc build
`make users-guide`.
However, since these goals require a couple of seconds to run, I think
it is annoying to call them on every build of the documentation.
    a57cbc44
    History
    Re #7777 #7778: check requirements.txt for security advisory
    andreas.abel authored 
    There is a new make file,

    doc/Makefile

that defines these goals:

  - `check-requirements`:
    Check `requirements.txt` for security problems (CVEs) using `skjold`.
    This goal is intended for the "Users guide" CI.
    SKJOLD_GITHUB_API_TOKEN might have to be set if GITHUB_TOKEN is
    not in the environment, in order to access the GitHub GraphQL API.

  - `build-and-check-requirements`:
    Rebuild `requirements.txt` from `requirements.in` using `pip-compile`,
    and check with `check-requirements`.
    This goal is intended for manual invocation.

    It is invoked from the top Makefile via goal
    `users-guide-requirements`.

Alternatively, these goals could be coupled with the doc build
`make users-guide`.
However, since these goals require a couple of seconds to run, I think
it is annoying to call them on every build of the documentation.
Code owners
Assign users and groups as approvers for specific file changes. Learn more.
pyproject.toml 496 B
1
2
3
4
5
6
7
8
9
10
11
12 






# https://pythonawesome.com/security-audit-python-project-dependencies-against-security-advisory-databases/
[tool.skjold]
sources       = ['github', 'gemnasium', 'pyup']
report_only   = false
         # ALT: true      # Report only, always exit with zero.
report_format = 'cli'
         # ALT: 'json'    # Output findings as `json`. Default is 'cli'.
verbose       = true
cache_dir     = '.skjold_cache'
cache_expires = 43200     # Cache max. age. (43200 = 12hrs)
ignore_file   = '.skjoldignore'