Releases: pypa/pip-audit
Releases · pypa/pip-audit
v2.7.2
Fixed
pip-audit now invokes pip with --keyring-provider=subprocess,
partially fixing a regression that was introduced with another authentication
fix in 2.6.2. This allows the interior pip to use keyring to perform
third-party index authentication.
Full Changelog: v2.7.1...v2.7.2
v2.7.1
Fixed
- Improved the error returned to users when their default temporary
directory lacks execute permissions
(#737)
v2.7.0
Added
pip-audit now includes vulnerability aliases when --format=json is used,
and also includes them in other output formats if specified by adding the
flag --aliases
v2.6.3
Fixed
- Removed a misleading warning message that resulted in user confusion
(#719)
v2.6.2
Changed
pip-audit's minimum Python version is now 3.8.
Fixed
- Fixed a hang caused by auditing requirements when resolving against
an index that requires authentication, causing pip to wait indefinitely
for credentials (#707)
v2.6.1
Fixed
- Fixed a crash on Windows caused by
pip-audit's use of temporary files
(#647)
v2.6.0
Added
- Added option to skip dependency resolution via
pip with the --disable-pip
flag. This option can only be used with hashed requirements files or when the
--no-deps flag has been provided
(#610)
v2.5.6
Fixed
- Fixed a crash caused by incompatible dependency changes
(#617)
v2.5.5
Fixed
- Fixed a crash caused by incompatible dependency changes
(#605)
