-
Notifications
You must be signed in to change notification settings - Fork 64
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
cli: allow ignoring specific vulnerability IDs (#275)
* pip_audit: provide has_any_id API for VulnerabilityResult This API allows developers to query whether a VulnerabilityResult contains at least one of the vulnerability IDs passed in as argument either as its ID or as one of the aliases. This method will return True if the vulnerability IDs passed in as argument intersect with the VulnerabilityResult's aliases + ID, False otherwise. * cli: allow ignoring specific vulnerability IDs This commit introduces a new flag to pip-audit's CLI (--ignore-vuln) that takes a string representing a vulnerability id, if any of the packages scanned detect said vulnerability, it will be ignored in the final report. This allows users of pip-audit to ignore certain vulnerabilities that they may deem not exploitable for whatever reason. The flag can be used multiple times to ignore multiple vulnerabilities. Closes #245 Co-authored-by: William Woodruff <william@trailofbits.com>
- Loading branch information
Showing
6 changed files
with
61 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters