Merge branch 'master' into issue-3316-lock-all-deps-with-dev

news/4257.feature.rst

@@ -0,0 +1 @@
+Added ``--key`` command line parameter for including personal PyUp.io API tokens when running ``pipenv check``.

pipenv/cli/command.py

@@ -447,7 +447,8 @@ def run(state, command, args):
 
 
 @cli.command(
-    short_help="Checks for security vulnerabilities and against PEP 508 markers provided in Pipfile.",
+    short_help="Checks for PyUp Safety security vulnerabilities and against"
+               " PEP 508 markers provided in Pipfile.",
     context_settings=subcommand_context
 )
 @option(
@@ -460,19 +461,26 @@ def run(state, command, args):
     "--db",
     nargs=1,
     default=lambda: os.environ.get('PIPENV_SAFETY_DB', False),
-    help="Path to a local vulnerability database. Default: ENV PIPENV_SAFETY_DB or None",
+    help="Path to a local PyUp Safety vulnerabilities database."
+         " Default: ENV PIPENV_SAFETY_DB or None.",
 )
 @option(
     "--ignore",
     "-i",
     multiple=True,
-    help="Ignore specified vulnerability during safety checks.",
+    help="Ignore specified vulnerability during PyUp Safety checks.",
 )
 @option(
     "--output",
     type=Choice(["default", "json", "full-report", "bare"]),
     default="default",
-    help="Translates to --json, --full-report or --bare from safety check",
+    help="Translates to --json, --full-report or --bare from PyUp Safety check",
+)
+@option(
+    "--key",
+    help="Safety API key from PyUp.io for scanning dependencies against a live"
+         " vulnerabilities database. Leave blank for scanning against a"
+         " database that only updates once a month.",
 )
 @option(
     "--quiet",
@@ -490,11 +498,12 @@ def check(
     style=False,
     ignore=None,
     output="default",
+    key=None,
     quiet=False,
     args=None,
     **kwargs
 ):
-    """Checks for security vulnerabilities and against PEP 508 markers provided in Pipfile."""
+    """Checks for PyUp Safety security vulnerabilities and against PEP 508 markers provided in Pipfile."""
     from ..core import do_check
 
     do_check(
@@ -505,6 +514,7 @@ def check(
         db=db,
         ignore=ignore,
         output=output,
+        key=key,
         quiet=quiet,
         args=args,
         pypi_mirror=state.pypi_mirror,

pipenv/core.py

@@ -2570,6 +2570,7 @@ def do_check(
     db=False,
     ignore=None,
     output="default",
+    key=None,
     quiet=False,
     args=None,
     pypi_mirror=None
@@ -2687,8 +2688,8 @@ def do_check(
         if not quiet and not environments.is_quiet():
             click.echo(crayons.normal("Using local database {}".format(db)))
         cmd.append("--db={0}".format(db))
-    if PIPENV_PYUP_API_KEY and not db:
-        cmd = cmd + ["--key={0}".format(PIPENV_PYUP_API_KEY)]
+    elif key or PIPENV_PYUP_API_KEY:
+        cmd = cmd + ["--key={0}".format(key or PIPENV_PYUP_API_KEY)]
     if ignored:
         for cve in ignored:
             cmd += cve