cli: allow ignoring specific vulnerability IDs

This commit introduces a new flag to pip-audit's CLI (--ignore-vuln)
that takes a string representing a vulnerability id, if any of the
packages scanned detect said vulnerability, it will be ignored in the
final report.

This allows users of pip-audit to ignore certain vulnerabilities that
they may deem not exploitable for whatever reason.

The flag can be used multiple times to ignore multiple vulnerabilities.

Closes #245

README.md

@@ -74,6 +74,7 @@ usage: pip-audit [-h] [-V] [-l] [-r REQUIREMENTS] [-f FORMAT] [-s SERVICE]
                  [--path PATHS] [-v] [--fix] [--require-hashes]
                  [--index-url INDEX_URL] [--extra-index-url EXTRA_INDEX_URLS]
                  [--skip-editable] [--no-deps] [-o FILE]
+                 [--ignore-vuln IGNORE_VULNS]
                  [project_path]
 
 audit the Python environment for dependencies with known vulnerabilities
@@ -142,6 +143,9 @@ optional arguments:
                         False)
   -o FILE, --output FILE
                         output results to the given file (default: None)
+  --ignore-vuln IGNORE_VULNS
+                        ignore a specific vulnerability by its vulnerability
+                        ID (default: [])
 ```
 <!-- @end-pip-audit-help@ -->
 

pip_audit/_cli.py

@@ -287,6 +287,14 @@ def _parser() -> argparse.ArgumentParser:
         # argparse's default renderer uses __repr__ and produces
         # a pretty unpleasant help message.
     )
+    parser.add_argument(
+        "--ignore-vuln",
+        type=str,
+        action="append",
+        dest="ignore_vulns",
+        default=[],
+        help="ignore a specific vulnerability by its vulnerability ID",
+    )
     return parser