When I run the command hatch run audit:check
I get this:
No known vulnerabilities found
Name Skip Reason
------------ ---------------------------------------------------------------------------
greatproject Dependency not found on PyPI and could not be audited: greatproject (0.1.0)
[tool.hatch.envs.audit]
description = """Check dependencies for security vulnerabilities."""
extra-dependencies = [
"pip-audit",
]
[tool.hatch.envs.audit.scripts]
check = ["pip-audit"]I haven't used pip-audit before, but I like the idea of checking for security vulnerabilities and a general section on security in our guide. I wonder if we should remove this feature from minimal and add it to the "full" version of the package??
When I run the command
hatch run audit:checkI get this:
I haven't used
pip-auditbefore, but I like the idea of checking for security vulnerabilities and a general section on security in our guide. I wonder if we should remove this feature from minimal and add it to the "full" version of the package??