diff --git a/news/2408.feature b/news/2408.feature new file mode 100644 index 00000000..aa8dc9f0 --- /dev/null +++ b/news/2408.feature @@ -0,0 +1 @@ +``pipenv check`` now may take multiple of the additional argument ``--ignore`` which takes a parameter ``cve_id`` for the purpose of ignoring specific CVEs. diff --git a/pipenv/cli.py b/pipenv/cli.py index fdbd24da..5e7b470b 100644 --- a/pipenv/cli.py +++ b/pipenv/cli.py @@ -695,10 +695,10 @@ def run(command, args, three=None, python=False): help="Given a code path, show potentially unused dependencies.", ) @option( - '--safety-ignore', - is_flag=True, - default=False, - help="Ignore specified packages when doing the safety check" + '--ignore', + '-i', + multiple=True, + help="Ignore specified vulnerability during safety checks." ) @argument('args', nargs=-1) def check( @@ -707,7 +707,7 @@ def check( system=False, unused=False, style=False, - safety_ignore=False, + ignore=None, args=None, ): from .core import do_check @@ -716,7 +716,7 @@ def check( python=python, system=system, unused=unused, - safety_ignore=safety_ignore, + ignore=ignore, args=args ) diff --git a/pipenv/core.py b/pipenv/core.py index 5f2d691e..6730038e 100644 --- a/pipenv/core.py +++ b/pipenv/core.py @@ -1061,7 +1061,7 @@ def do_lock( u'{0} {1} {2}'.format( crayons.normal('Locking'), crayons.red('[{0}]'.format(settings['log_string'])), - crayons.normal('dependencies…'), + crayons.normal('dependencies...'), ), err=True, ) @@ -1845,7 +1845,7 @@ def do_install( error, traceback = None, None click.echo( crayons.normal( - u'Requirements file provided! Importing into Pipfile...¦', + u'Requirements file provided! Importing into Pipfile...', bold=True, ), err=True, @@ -2338,7 +2338,7 @@ def do_run(command, args, three=None, python=False): do_run_posix(script, command=command) -def do_check(three=None, python=False, system=False, unused=False, safety_ignore=False,args=None): +def do_check(three=None, python=False, system=False, unused=False, ignore=None, args=None): if not system: # Ensure that virtualenv is available. ensure_project(three=three, python=python, validate=False, warn=False) @@ -2409,13 +2409,14 @@ def do_check(three=None, python=False, system=False, unused=False, safety_ignore python = which('python') else: python = system_which('python') - if safety_ignore: - ignore = '-i ' + ' -i '.join(args) + if ignore: + ignored = '--ignore {0}'.format('--ignore '.join(ignore)) + click.echo(crayons.normal('Notice: Ignoring CVE(s) {0}'.format(crayons.yellow(', '.join(ignore)))), err=True) else: - ignore = '' + ignored = '' c = delegator.run( '"{0}" {1} check --json --key=1ab8d58f-5122e025-83674263-bc1e79e0 {2}'.format( - python, escape_grouped_arguments(path), ignore + python, escape_grouped_arguments(path), ignored ) ) try: diff --git a/tests/integration/test_cli.py b/tests/integration/test_cli.py index 34b78dfb..56ae2210 100644 --- a/tests/integration/test_cli.py +++ b/tests/integration/test_cli.py @@ -82,7 +82,14 @@ def test_pipenv_graph_reverse(PipenvInstance, pypi): def test_pipenv_check(PipenvInstance, pypi): with PipenvInstance(pypi=pypi) as p: p.pipenv('install requests==1.0.0') - assert 'requests' in p.pipenv('check').out + c = p.pipenv('check') + assert c.return_code != 0 + assert 'requests' in c.out + p.pipenv('uninstall requests') + p.pipenv('install six') + c = p.pipenv('check --ignore 35015') + assert c.return_code == 0 + assert 'Ignoring' in c.err @pytest.mark.cli