You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Before possibly introducing another tool, we would like to raise this feature also here. There is a small prototype, pipctl (using pip-tools), that can resolve application dependencies without known vulnerabilities, or allowing only acceptable ones. Would pip-tools community be interested in such a feature directly in pip-tools codebase?
Describe the solution you'd like
See pipctl prototype that can resolve application dependencies respecting vulnerabilities.
The text was updated successfully, but these errors were encountered:
What's the problem this feature will solve?
We have proposed including vulnerability information in the resolution process Python upstream. Unfortunately, the pip community does not seem to be open to include such feature directly in pip.
Before possibly introducing another tool, we would like to raise this feature also here. There is a small prototype, pipctl (using pip-tools), that can resolve application dependencies without known vulnerabilities, or allowing only acceptable ones. Would pip-tools community be interested in such a feature directly in pip-tools codebase?
Describe the solution you'd like
See pipctl prototype that can resolve application dependencies respecting vulnerabilities.
The text was updated successfully, but these errors were encountered: