From dfe812b73aed050000774e45f0312e374a06a377 Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 21:41:19 +1030 Subject: [PATCH 1/4] Add .pre-commit-hooks.yaml file --- .pre-commit-hooks.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 .pre-commit-hooks.yaml diff --git a/.pre-commit-hooks.yaml b/.pre-commit-hooks.yaml new file mode 100644 index 0000000..105c853 --- /dev/null +++ b/.pre-commit-hooks.yaml @@ -0,0 +1,6 @@ +- id: uv-secure + name: uv-secure + description: "Run 'uv-secure' to check uv.lock dependencies for known vulnerabilities" + entry: uv-secure + language: python + pass_filenames: false From 6cb815e3a2b896b9b1f2a940f44cdd56a3532aed Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 21:57:08 +1030 Subject: [PATCH 2/4] Removed emoji from output that breaks pre-commit --- src/uv_secure/run.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/uv_secure/run.py b/src/uv_secure/run.py index b25fe78..772100f 100644 --- a/src/uv_secure/run.py +++ b/src/uv_secure/run.py @@ -156,7 +156,7 @@ def check_dependencies(uv_lock_path: Path, ignore_ids: list[str]) -> int: Panel.fit( f"[bold green]No vulnerabilities detected![/]\n" f"Checked: [bold]{total_dependencies}[/] {total_plural}\n" - f"All dependencies appear safe! 🎉" + f"All dependencies appear safe!" ) ) return 0 # Exit successfully From 6effb3aa866c199a8b1c29157477332b8993998a Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 22:00:15 +1030 Subject: [PATCH 3/4] Updated README example of output --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index aa8fba1..f8068b8 100644 --- a/README.md +++ b/README.md @@ -31,11 +31,11 @@ working directory and scan that for known vulnerabilities. E.g. ```text >> uv-secure Checking dependencies for vulnerabilities... -╭──────────────────────────────────╮ -│ No vulnerabilities detected! │ -│ Checked: 160 dependencies │ -│ All dependencies appear safe! 🎉 │ -╰──────────────────────────────────╯ +╭───────────────────────────────╮ +│ No vulnerabilities detected! │ +│ Checked: 160 dependencies │ +│ All dependencies appear safe! │ +╰───────────────────────────────╯ ``` ## Related Work and Motivation From 39c83e2413e8bc52922acd4bd312130763a60a98 Mon Sep 17 00:00:00 2001 From: Owen Lamont Date: Sat, 21 Dec 2024 22:09:19 +1030 Subject: [PATCH 4/4] Document installation of uv-secure --- README.md | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/README.md b/README.md index f8068b8..3153ef9 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,26 @@ Scan your uv.lock file for dependencies with known vulnerabilities +## Installation + +I recommend installing uv-secure as a uv tool or with pipx as it's intended to be used +as a CLI tool and it probably only makes sense to have one version installed globally. + +Installing with uv tool as follows: + +```shell +uv tool install uv-secure +``` + +or with pipx: + +```shell +pipx install uv-secure +``` + +you can optionally install uv-secure as a development dependency in a virtual +environment. + ## Usage After installation you can run uv-secure --help to see the options.