App for generating pip-constraints based on the GHSA #2453
bunny-therapist
started this conversation in
Show and tell
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I wrote a small program which fetches security vulnerabilities from GHSA and translates them into pip constraints which can be given to pip with the -c flag to ensure you do not install any packages with vulnerabilities. You can configure it to different severity levels and also ignore certain vulnerabilities as needed.
https://github.com/mam-dev/security-constraints
Beta Was this translation helpful? Give feedback.
All reactions