From 2597011cee04b08c4bcc083e29078e72d3ef5290 Mon Sep 17 00:00:00 2001 From: Ryan Ahearn Date: Fri, 12 Aug 2022 15:12:07 +0000 Subject: [PATCH] make audit for python dependency audits --- Makefile | 5 +++++ requirements.txt | 8 ++++++++ requirements_for_test.txt | 2 +- 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 7b13cced5..47ed4d1c6 100644 --- a/Makefile +++ b/Makefile @@ -77,6 +77,11 @@ freeze-requirements: ## Pin all requirements including sub dependencies into req pip install --upgrade pip-tools pip-compile requirements.in +.PHONY: audit +audit: + pip install --upgrade pip-audit + pip-audit -r requirements.txt -r requirements_for_test.txt -l + .PHONY: clean clean: rm -rf node_modules cache target venv .coverage build tests/.cache ${CF_MANIFEST_PATH} diff --git a/requirements.txt b/requirements.txt index 867feacea..427056f5c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -86,6 +86,7 @@ flask==2.1.2 # flask-marshmallow # flask-migrate # flask-redis + # flask-sqlalchemy # gds-metrics # notifications-utils flask-bcrypt==1.0.1 @@ -118,6 +119,8 @@ idna==3.3 # via # jsonschema # requests +importlib-metadata==4.12.0 + # via flask iso8601==1.0.2 # via -r requirements.in isoduration==20.11.0 @@ -249,9 +252,12 @@ sqlalchemy==1.4.36 # via # -r requirements.in # alembic + # flask-sqlalchemy # marshmallow-sqlalchemy statsd==3.3.0 # via notifications-utils +typing-extensions==4.3.0 + # via pypdf2 uri-template==1.2.0 # via jsonschema urllib3==1.26.9 @@ -275,6 +281,8 @@ werkzeug==2.0.3 # flask wrapt==1.14.1 # via deprecated +zipp==3.8.1 + # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: # setuptools diff --git a/requirements_for_test.txt b/requirements_for_test.txt index d7450055e..3c6756bc1 100644 --- a/requirements_for_test.txt +++ b/requirements_for_test.txt @@ -1,4 +1,4 @@ --r requirements.txt +--requirement requirements.txt flake8==4.0.1 flake8-bugbear==22.4.25 isort==5.10.1