forked from pypa/pip-audit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pyproject.toml
118 lines (108 loc) · 3.06 KB
/
pyproject.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
[build-system]
requires = ["flit_core >=3.2,<4"]
build-backend = "flit_core.buildapi"
[project]
name = "pip_audit"
dynamic = ["version"]
description = "A tool for scanning Python environments for known vulnerabilities"
readme = "README.md"
license = { file = "LICENSE" }
authors = [
{ name = "Alex Cameron", email = "[email protected]" },
{ name = "Dustin Ingram", email = "[email protected]" },
{ name = "William Woodruff", email = "[email protected]" },
]
classifiers = [
"Development Status :: 5 - Production/Stable",
"Intended Audience :: Developers",
"License :: OSI Approved :: Apache Software License",
"Programming Language :: Python :: 3 :: Only",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Topic :: Security",
]
dependencies = [
"CacheControl[filecache]>=0.12.10",
# NOTE(ww): Release 2.5.0 is broken, subsequent 2.5.x releases fix it.
# See: https://github.com/CycloneDX/cyclonedx-python-lib/issues/245
"cyclonedx-python-lib>=2.0.0,!=2.5.0",
"html5lib>=1.1",
"packaging>=23.0.0", # https://github.com/pypa/pip-audit/issues/464
"pip-api>=0.0.28",
"pip-requirements-parser>=32.0.0",
"resolvelib>=0.8.0",
"rich>=12.4",
"toml>=0.10",
]
requires-python = ">=3.7"
[project.optional-dependencies]
test = [
"coverage[toml]",
"pretend",
"pytest",
"pytest-cov",
]
lint = [
"black>=22.3.0",
# NOTE(ww): ruff is under active development, so we pin conservatively here
# and let Dependabot periodically perform this update.
"ruff < 0.0.221",
"interrogate",
"isort",
"mypy",
"pdoc3",
"types-html5lib",
"types-requests",
"types-toml",
]
dev = [
"build",
"bump>=1.3.2",
"pip-audit[test,lint]",
]
[project.scripts]
pip-audit = "pip_audit._cli:audit"
[project.urls]
Homepage = "https://pypi.org/project/pip-audit/"
Issues = "https://github.com/pypa/pip-audit/issues"
Source = "https://github.com/pypa/pip-audit"
[tool.isort]
line_length = 100
multi_line_output = 3
known_first_party = "pip_audit"
include_trailing_comma = true
[tool.black]
line-length = 100
[tool.interrogate]
# don't enforce documentation coverage for packaging, testing, the virtual
# environment, or the CLI (which is documented separately).
exclude = ["env", "test", "pip_audit/_cli.py"]
ignore-semiprivate = true
fail-under = 100
[tool.mypy]
allow_redefinition = true
check_untyped_defs = true
disallow_incomplete_defs = true
disallow_untyped_defs = true
ignore_missing_imports = true
no_implicit_optional = true
show_error_codes = true
sqlite_cache = true
strict_equality = true
warn_no_return = true
warn_redundant_casts = true
warn_return_any = true
warn_unreachable = true
warn_unused_configs = true
warn_unused_ignores = true
[tool.bump]
input = "pip_audit/__init__.py"
reset = true
[tool.ruff]
line-length = 100
select = ["E", "F", "W", "UP"]
target-version = "py37"