Aller au contenu

pip-audit

pip-audit is a tool for scanning Python environments for packages with known vulnerabilities.

Utilisation

pip-audit -r requirements.txt

Utilisation avec pre-commit

Configuration

.pre-commit-config.yaml
repos:
  - repo: https://github.com/pypa/pip-audit
    rev: v2.7.3
    hooks:
      - id: pip-audit
        args: ["-r", "requirements.txt"]
        files: "requirements.txt"

Utilisation

pre-commit run --all-files pip-audit

Ressources