Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Safety key flag #4257

Merged
merged 4 commits into from
May 20, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions news/4257.feature.rst
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Added ``--key`` command line parameter for including personal PyUp.io API tokens when running ``pipenv check``.
20 changes: 15 additions & 5 deletions pipenv/cli/command.py
Original file line number Diff line number Diff line change
Expand Up @@ -410,7 +410,8 @@ def run(state, command, args):


@cli.command(
short_help="Checks for security vulnerabilities and against PEP 508 markers provided in Pipfile.",
short_help="Checks for PyUp Safety security vulnerabilities and against"
" PEP 508 markers provided in Pipfile.",
context_settings=subcommand_context
)
@option(
Expand All @@ -423,19 +424,26 @@ def run(state, command, args):
"--db",
nargs=1,
default=lambda: os.environ.get('PIPENV_SAFETY_DB', False),
help="Path to a local vulnerability database. Default: ENV PIPENV_SAFETY_DB or None",
help="Path to a local PyUp Safety vulnerabilities database."
" Default: ENV PIPENV_SAFETY_DB or None.",
)
@option(
"--ignore",
"-i",
multiple=True,
help="Ignore specified vulnerability during safety checks.",
help="Ignore specified vulnerability during PyUp Safety checks.",
)
@option(
"--output",
type=Choice(["default", "json", "full-report", "bare"]),
default="default",
help="Translates to --json, --full-report or --bare from safety check",
help="Translates to --json, --full-report or --bare from PyUp Safety check",
)
@option(
"--key",
help="Safety API key from PyUp.io for scanning dependencies against a live"
" vulnerabilities database. Leave blank for scanning against a"
" database that only updates once a month.",
)
@option(
"--quiet",
Expand All @@ -453,11 +461,12 @@ def check(
style=False,
ignore=None,
output="default",
key=None,
quiet=False,
args=None,
**kwargs
):
"""Checks for security vulnerabilities and against PEP 508 markers provided in Pipfile."""
"""Checks for PyUp Safety security vulnerabilities and against PEP 508 markers provided in Pipfile."""
from ..core import do_check

do_check(
Expand All @@ -468,6 +477,7 @@ def check(
db=db,
ignore=ignore,
output=output,
key=key,
quiet=quiet,
args=args,
pypi_mirror=state.pypi_mirror,
Expand Down
5 changes: 3 additions & 2 deletions pipenv/core.py
Original file line number Diff line number Diff line change
Expand Up @@ -2568,6 +2568,7 @@ def do_check(
db=False,
ignore=None,
output="default",
key=None,
quiet=False,
args=None,
pypi_mirror=None
Expand Down Expand Up @@ -2685,8 +2686,8 @@ def do_check(
if not quiet and not environments.is_quiet():
click.echo(crayons.normal("Using local database {}".format(db)))
cmd.append("--db={0}".format(db))
if PIPENV_PYUP_API_KEY and not db:
cmd = cmd + ["--key={0}".format(PIPENV_PYUP_API_KEY)]
elif key or PIPENV_PYUP_API_KEY:
cmd = cmd + ["--key={0}".format(key or PIPENV_PYUP_API_KEY)]
if ignored:
for cve in ignored:
cmd += cve
Expand Down