4018 shaares
3 results
tagged
dependencies
Effectively find upstream & downstream dependencies of a Pypi package
More about it: https://blog.acolyer.org/2020/09/21/watchman/
Alt: https://github.com/DavHau/pypi-deps-db
libraries.io also provides this information, possibly less accurate
Almost a year ago, GitHub introduced security alerts. They are an awesome feature.
They function as notifications you receive whenever a vulnerability affecting one of your project dependencies.
But long after receiving a notification, how to list all security alerts affecting your repositories ?
I didn't found an out-of-the box solution …
I ended up not using this code, but it may be useful to others:
mock_setup_provider.py
:
import sys
from unittest.mock import Mock
class MockSetupProvider(Mock):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.captured_setup_requires = set()
def setup(self, *args, **kwargs):
self.captured_setup_requires.update(kwargs.get('setup_requires'))
setup_extractor …