We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Just installed safety in a new virtual enviroment. Seems like it has a dependency to vulnerable setuptools 58.0.4
cd somefolder python3 -m venv .safety-env source .safety-env/bin/activate pip install --upgrade pip # -> Successfully installed pip-23.2.1 pip install safety pip freeze # Result: # certifi==2023.7.22 # charset-normalizer==3.3.0 # click==8.1.7 # dparse==0.6.3 # idna==3.4 # packaging==21.3 # pyparsing==3.1.1 # requests==2.31.0 # ruamel.yaml==0.17.35 # ruamel.yaml.clib==0.2.8 # safety==2.3.5 # tomli==2.0.1 # urllib3==2.0.6 # But then, after checking: safety check # I get info: # -> Vulnerability found in setuptools version 58.0.4 # To check more, I install 'pipdeptree' and run it pip install pipdeptree pipdeptree -fl # Result: # pip==23.2.1 # pipdeptree==2.13.0 # safety==2.3.5 # click==8.1.7 # dparse==0.6.3 # packaging==21.3 # pyparsing==3.1.1 # tomli==2.0.1 # packaging==21.3 # pyparsing==3.1.1 # requests==2.31.0 # certifi==2023.7.22 # charset-normalizer==3.3.0 # idna==3.4 # urllib3==2.0.6 # ruamel.yaml==0.17.35 # ruamel.yaml.clib==0.2.8 # setuptools==58.0.4 # Suggestion - upgrade setuptools to >= 65.5.1 pip install --upgrade setuptools # -> 68.2.2
The text was updated successfully, but these errors were encountered:
yeisonvargasf
No branches or pull requests
Description
Just installed safety in a new virtual enviroment. Seems like it has a dependency to vulnerable setuptools 58.0.4
What I Did
The text was updated successfully, but these errors were encountered: