From 817d171c415573596b15308cf10fd9c20a4737be Mon Sep 17 00:00:00 2001 From: Rafael Pivato Date: Sun, 17 May 2020 15:41:01 -0300 Subject: [PATCH 1/3] Accepts Safety API key flag --- pipenv/cli/command.py | 8 ++++++++ pipenv/core.py | 5 +++-- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/pipenv/cli/command.py b/pipenv/cli/command.py index 008ec47948..464fded0a4 100644 --- a/pipenv/cli/command.py +++ b/pipenv/cli/command.py @@ -437,6 +437,12 @@ def run(state, command, args): default="default", help="Translates to --json, --full-report or --bare from safety check", ) +@option( + "--safety-key", + help="Safety API key from PyUp.io for scanning dependencies against a live" + " vulnerabilities database. Leave blank for scanning against a" + " database that only updates once a month.", +) @option( "--quiet", is_flag=True, @@ -453,6 +459,7 @@ def check( style=False, ignore=None, output="default", + safety_key=None, quiet=False, args=None, **kwargs @@ -468,6 +475,7 @@ def check( db=db, ignore=ignore, output=output, + safety_key=safety_key, quiet=quiet, args=args, pypi_mirror=state.pypi_mirror, diff --git a/pipenv/core.py b/pipenv/core.py index 1ab68bb3fc..fc137a1cb0 100644 --- a/pipenv/core.py +++ b/pipenv/core.py @@ -2565,6 +2565,7 @@ def do_check( db=False, ignore=None, output="default", + safety_key=None, quiet=False, args=None, pypi_mirror=None @@ -2682,8 +2683,8 @@ def do_check( if not quiet and not environments.is_quiet(): click.echo(crayons.normal("Using local database {}".format(db))) cmd.append("--db={0}".format(db)) - if PIPENV_PYUP_API_KEY and not db: - cmd = cmd + ["--key={0}".format(PIPENV_PYUP_API_KEY)] + if not db and (safety_key or PIPENV_PYUP_API_KEY): + cmd = cmd + ["--key={0}".format(safety_key or PIPENV_PYUP_API_KEY)] if ignored: for cve in ignored: cmd += cve From b32dd524d1041d2c1fc867f533ac314ff776ca24 Mon Sep 17 00:00:00 2001 From: Rafael Pivato Date: Sun, 17 May 2020 16:42:12 -0300 Subject: [PATCH 2/3] Safety help strings --- pipenv/cli/command.py | 18 ++++++++++-------- pipenv/core.py | 6 +++--- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/pipenv/cli/command.py b/pipenv/cli/command.py index 464fded0a4..9d40516865 100644 --- a/pipenv/cli/command.py +++ b/pipenv/cli/command.py @@ -410,7 +410,8 @@ def run(state, command, args): @cli.command( - short_help="Checks for security vulnerabilities and against PEP 508 markers provided in Pipfile.", + short_help="Checks for PyUp Safety security vulnerabilities and against" + " PEP 508 markers provided in Pipfile.", context_settings=subcommand_context ) @option( @@ -423,22 +424,23 @@ def run(state, command, args): "--db", nargs=1, default=lambda: os.environ.get('PIPENV_SAFETY_DB', False), - help="Path to a local vulnerability database. Default: ENV PIPENV_SAFETY_DB or None", + help="Path to a local PyUp Safety vulnerabilities database." + " Default: ENV PIPENV_SAFETY_DB or None.", ) @option( "--ignore", "-i", multiple=True, - help="Ignore specified vulnerability during safety checks.", + help="Ignore specified vulnerability during PyUp Safety checks.", ) @option( "--output", type=Choice(["default", "json", "full-report", "bare"]), default="default", - help="Translates to --json, --full-report or --bare from safety check", + help="Translates to --json, --full-report or --bare from PyUp Safety check", ) @option( - "--safety-key", + "--key", help="Safety API key from PyUp.io for scanning dependencies against a live" " vulnerabilities database. Leave blank for scanning against a" " database that only updates once a month.", @@ -459,12 +461,12 @@ def check( style=False, ignore=None, output="default", - safety_key=None, + key=None, quiet=False, args=None, **kwargs ): - """Checks for security vulnerabilities and against PEP 508 markers provided in Pipfile.""" + """Checks for PyUp Safety security vulnerabilities and against PEP 508 markers provided in Pipfile.""" from ..core import do_check do_check( @@ -475,7 +477,7 @@ def check( db=db, ignore=ignore, output=output, - safety_key=safety_key, + key=key, quiet=quiet, args=args, pypi_mirror=state.pypi_mirror, diff --git a/pipenv/core.py b/pipenv/core.py index fc137a1cb0..3d61bad140 100644 --- a/pipenv/core.py +++ b/pipenv/core.py @@ -2565,7 +2565,7 @@ def do_check( db=False, ignore=None, output="default", - safety_key=None, + key=None, quiet=False, args=None, pypi_mirror=None @@ -2683,8 +2683,8 @@ def do_check( if not quiet and not environments.is_quiet(): click.echo(crayons.normal("Using local database {}".format(db))) cmd.append("--db={0}".format(db)) - if not db and (safety_key or PIPENV_PYUP_API_KEY): - cmd = cmd + ["--key={0}".format(safety_key or PIPENV_PYUP_API_KEY)] + elif key or PIPENV_PYUP_API_KEY: + cmd = cmd + ["--key={0}".format(key or PIPENV_PYUP_API_KEY)] if ignored: for cve in ignored: cmd += cve From ce5499db0f44f405def8e313074c1402c9ad1236 Mon Sep 17 00:00:00 2001 From: Dan Ryan Date: Wed, 20 May 2020 09:57:52 -0400 Subject: [PATCH 3/3] Added news entry Signed-off-by: Dan Ryan --- news/4257.feature.rst | 1 + 1 file changed, 1 insertion(+) create mode 100644 news/4257.feature.rst diff --git a/news/4257.feature.rst b/news/4257.feature.rst new file mode 100644 index 0000000000..1b5e55164d --- /dev/null +++ b/news/4257.feature.rst @@ -0,0 +1 @@ +Added ``--key`` command line parameter for including personal PyUp.io API tokens when running ``pipenv check``.