App for generating pip-constraints based on the GHSA #2453
bunny-therapist
started this conversation in
Show and tell
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I wrote a small program which fetches security vulnerabilities from GHSA and translates them into pip constraints which can be given to pip with the -c flag to ensure you do not install any packages with vulnerabilities. You can configure it to different severity levels and also ignore certain vulnerabilities as needed.
https://github.com/mam-dev/security-constraints
Beta Was this translation helpful? Give feedback.
All reactions