-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
README: document the security model #183
Conversation
README.md
Outdated
- [Installation](#installation) | ||
- [Usage](#usage) | ||
- [Examples](#examples) | ||
- [Security Model](#security-model) | ||
- [Licensing](#licensing) | ||
- [Contributing](#contributing) | ||
- [Code of Conduct](#code-of-conduct) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This won't work on PyPI: pypa/readme_renderer#169
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
README.md
Outdated
|
||
`pip-audit` is a tool for auditing Python environments for packages with | ||
*known vulnerabilities*. A "known vulnerability" is a flaw in a package that, | ||
if uncorrected, *might* allow a malicious actor to perform unintended actions. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
...and also has been publicly reported to the project maintainers.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM w/ requested changes.
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
Closes #181.