-
Notifications
You must be signed in to change notification settings - Fork 64
/
pyproject.toml
106 lines (97 loc) · 3.05 KB
/
pyproject.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
[build-system]
requires = ["flit_core >=3.2,<4"]
build-backend = "flit_core.buildapi"
[project]
name = "pip_audit"
dynamic = ["version"]
description = "A tool for scanning Python environments for known vulnerabilities"
readme = "README.md"
license = { file = "LICENSE" }
authors = [
{ name = "Alex Cameron", email = "[email protected]" },
{ name = "Dustin Ingram", email = "[email protected]" },
{ name = "William Woodruff", email = "[email protected]" },
]
classifiers = [
"Development Status :: 5 - Production/Stable",
"Intended Audience :: Developers",
"License :: OSI Approved :: Apache Software License",
"Programming Language :: Python :: 3 :: Only",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Programming Language :: Python :: 3.12",
"Programming Language :: Python :: 3.13",
"Topic :: Security",
]
dependencies = [
"CacheControl[filecache] >= 0.13.0",
"cyclonedx-python-lib >= 5,< 9",
"packaging>=23.0.0", # https://github.com/pypa/pip-audit/issues/464
"pip-api>=0.0.28",
"pip-requirements-parser>=32.0.0",
"requests >= 2.31.0",
"rich>=12.4",
"toml>=0.10",
"platformdirs>=4.2.0",
]
requires-python = ">=3.9"
[project.optional-dependencies]
test = [
"coverage[toml] ~= 7.0, != 7.3.3", # https://github.com/nedbat/coveragepy/issues/1713
"pretend",
"pytest",
"pytest-cov",
]
lint = [
# NOTE(ww): ruff is under active development, so we pin conservatively here
# and let Dependabot periodically perform this update.
"ruff < 0.8.7",
# HACK(ww): interrogate needs setuptools to provide `pkg_resources` on Python 3.12+;
# remove this when https://github.com/econchick/interrogate/issues/164 is resolved.
"setuptools",
"interrogate",
"mypy",
"types-requests",
"types-toml",
]
doc = ["pdoc"]
dev = ["build", "bump>=1.3.2", "pip-audit[doc,test,lint]"]
[project.scripts]
pip-audit = "pip_audit._cli:audit"
[project.urls]
Homepage = "https://pypi.org/project/pip-audit/"
Issues = "https://github.com/pypa/pip-audit/issues"
Source = "https://github.com/pypa/pip-audit"
[tool.interrogate]
# don't enforce documentation coverage for packaging, testing, the virtual
# environment, or the CLI (which is documented separately).
exclude = ["env", "test", "pip_audit/_cli.py"]
ignore-semiprivate = true
fail-under = 100
[tool.mypy]
allow_redefinition = true
check_untyped_defs = true
disallow_incomplete_defs = true
disallow_untyped_defs = true
ignore_missing_imports = true
no_implicit_optional = true
show_error_codes = true
sqlite_cache = true
strict_equality = true
warn_no_return = true
warn_redundant_casts = true
warn_return_any = true
warn_unreachable = true
warn_unused_configs = true
warn_unused_ignores = true
[tool.bump]
input = "pip_audit/__init__.py"
reset = true
[tool.ruff]
line-length = 100
[tool.ruff.lint]
# Never enforce `E501` (line length violations).
ignore = ["E501"]
select = ["E", "F", "I", "W", "UP"]