Slight tweak to api, add test, add news

Signed-off-by: Dan Ryan <dan@danryan.co>

news/2408.feature

@@ -0,0 +1 @@
+``pipenv check`` now may take multiple of the additional argument ``--ignore`` which takes a parameter ``cve_id`` for the purpose of ignoring specific CVEs.

pipenv/cli.py

@@ -695,10 +695,10 @@ def run(command, args, three=None, python=False):
     help="Given a code path, show potentially unused dependencies.",
 )
 @option(
-    '--safety-ignore',
-    is_flag=True,
-    default=False,
-    help="Ignore specified packages when doing the safety check"
+    '--ignore',
+    '-i',
+    multiple=True,
+    help="Ignore specified vulnerability during safety checks."
 )
 @argument('args', nargs=-1)
 def check(
@@ -707,7 +707,7 @@ def check(
     system=False,
     unused=False,
     style=False,
-    safety_ignore=False,
+    ignore=None,
     args=None,
 ):
     from .core import do_check
@@ -716,7 +716,7 @@ def check(
         python=python,
         system=system,
         unused=unused,
-        safety_ignore=safety_ignore,
+        ignore=ignore,
         args=args
     )
 

pipenv/core.py

@@ -1061,7 +1061,7 @@ def do_lock(
                 u'{0} {1} {2}'.format(
                     crayons.normal('Locking'),
                     crayons.red('[{0}]'.format(settings['log_string'])),
-                    crayons.normal('dependencies…'),
+                    crayons.normal('dependencies...'),
                 ),
                 err=True,
             )
@@ -1845,7 +1845,7 @@ def do_install(
         error, traceback = None, None
         click.echo(
             crayons.normal(
-                u'Requirements file provided! Importing into Pipfile...¦',
+                u'Requirements file provided! Importing into Pipfile...',
                 bold=True,
             ),
             err=True,
@@ -2338,7 +2338,7 @@ def do_run(command, args, three=None, python=False):
         do_run_posix(script, command=command)
 
 
-def do_check(three=None, python=False, system=False, unused=False, safety_ignore=False,args=None):
+def do_check(three=None, python=False, system=False, unused=False, ignore=None, args=None):
     if not system:
         # Ensure that virtualenv is available.
         ensure_project(three=three, python=python, validate=False, warn=False)
@@ -2409,13 +2409,14 @@ def do_check(three=None, python=False, system=False, unused=False, safety_ignore
         python = which('python')
     else:
         python = system_which('python')
-    if safety_ignore:
-        ignore = '-i ' + ' -i '.join(args)
+    if ignore:
+        ignored = '--ignore {0}'.format('--ignore '.join(ignore))
+        click.echo(crayons.normal('Notice: Ignoring CVE(s) {0}'.format(crayons.yellow(', '.join(ignore)))), err=True)
     else:
-        ignore = ''
+        ignored = ''
     c = delegator.run(
         '"{0}" {1} check --json --key=1ab8d58f-5122e025-83674263-bc1e79e0 {2}'.format(
-            python, escape_grouped_arguments(path), ignore
+            python, escape_grouped_arguments(path), ignored
         )
     )
     try:

tests/integration/test_cli.py

@@ -82,7 +82,14 @@ def test_pipenv_graph_reverse(PipenvInstance, pypi):
 def test_pipenv_check(PipenvInstance, pypi):
     with PipenvInstance(pypi=pypi) as p:
         p.pipenv('install requests==1.0.0')
-        assert 'requests' in p.pipenv('check').out
+        c = p.pipenv('check')
+        assert c.return_code != 0
+        assert 'requests' in c.out
+        p.pipenv('uninstall requests')
+        p.pipenv('install six')
+        c = p.pipenv('check --ignore 35015')
+        assert c.return_code == 0
+        assert 'Ignoring' in c.err
 
 
 @pytest.mark.cli