Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support --dry-run with the --fix flag #220

Closed
tetsuo-cpp opened this issue Jan 13, 2022 · 1 comment · Fixed by #223
Closed

Support --dry-run with the --fix flag #220

tetsuo-cpp opened this issue Jan 13, 2022 · 1 comment · Fixed by #223
Assignees
@woodruffw
Labels
component:dep-sources Dependency sources enhancement New feature or request pri:high High(er) priority tasks
Milestone
Follow-on

Comments

@tetsuo-cpp
Copy link
Contributor

Ideally, users should be able to run --fix with --dry-run and find out what changes would be applied without actually modifying the environment/requirements file.
@tetsuo-cpp tetsuo-cpp added enhancement New feature or request component:dep-sources Dependency sources pri:high High(er) priority tasks labels Jan 13, 2022
@tetsuo-cpp tetsuo-cpp added this to the Follow-on milestone Jan 13, 2022
@woodruffw woodruffw self-assigned this Jan 14, 2022
@woodruffw
Copy link
Member

This is an interesting case, since it changes the functionality of --dry-run w/r/t the Auditor object:

  • pip-audit --dry-run: resolve dependencies, but do not audit them
  • pip-audit --fix --dry-run: resolve dependencies and audit them, but do not attempt to fix them

Not a difficult change to make, but I'll give some thought to how we describe that behavior in the --help and README.

woodruffw added a commit that referenced this issue Jan 14, 2022
@woodruffw
cli: support --fix --dry-run
d7ea110 
Closes #220.
@woodruffw woodruffw mentioned this issue Jan 14, 2022
Merged
woodruffw added a commit that referenced this issue Jan 18, 2022
@woodruffw
cli: support --fix --dry-run (#223)
b5e2ac0 
* cli: support `--fix --dry-run`

Closes #220.

* Makefile: remove redundant lint command

We don't need this diff check.

* README: update `pip-audit --help`, document `--dry-run` behavior

* CHANGELOG: record changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@woodruffw woodruffw

Labels
component:dep-sources Dependency sources enhancement New feature or request pri:high High(er) priority tasks
Projects
None yet
Milestone
Follow-on
Development

Successfully merging a pull request may close this issue.

cli: support --fix --dry-run pypa/pip-audit
2 participants
@woodruffw @tetsuo-cpp