"check" command is deprecated. Seems that "scan" command offers a replacement

[thorroed]

upstream safety maintainers decided to deprecate the "check" command.

The following output is currently generated:

...
DEPRECATED: this command (check) has been DEPRECATED, and will be unsupported beyond 01 June 2024.

We highly encourage switching to the new scan command which is easier to use, more powerful, and can be set up to mimic the deprecated command if required.
...

[Lucas-C]

Thank you for the heads up @thorroed 👍

[Lucas-C]

It seems that the new scan command does not support the --file parameter anymore.
The closest equivalent is --target, that must be a project directory, not a requirements.txt file.

The --ignore parameter also does not exist in the new scan command.

This means that some refactoring works need to be undertaken.
I do not have the time to do this in the the foreseeable future, but I would be happy to merge PRs adding support for the scan command to this pre-commit hook.

Maybe the simplest solution would be to expose a second hook, python-safety-dependencies-scan.

[Lucas-C]

If the warning is annoying you, you can restrict the version of safety to be <=2.3.5:

safety<=2.3.5

[ev-agelos]

How? I mean your code depends on safety except if you mean to fork? Shouldnt you restrict it in your code, otherwise whoever uses your code it will fail anyway
Sorry i thought it was an error instead of warning