Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update from main branch #430

Merged
merged 4 commits into from Nov 27, 2022
Merged

Update from main branch #430

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
a8c8c96
Merge pull request #429 from pyupio/develop
yeisonvargasf Nov 21, 2022
f55c927
Version 2.3.2
yeisonvargasf Nov 21, 2022
e6bceee
Starting version 2.3.3.dev
yeisonvargasf Nov 21, 2022
ab5a57c
Update version file to the current live version.
yeisonvargasf Nov 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
9 changes: 9 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Expand Up @@ -5,6 +5,15 @@ All notable changes to this project will be documented in this file.
The format is partly based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html) and [PEP 440](https://peps.python.org/pep-0440/)

## [Unreleased] 2.3.3.dev

## [2.3.2] - 2022-11-21
- Fixed #423: Bare output includes extra line in non-screen output with no vulnerabilities.
- Fixed #422: ResourceWarning (unclosed socket) in safety v.2.3.1.
- Fixed telemetry data missing when the CLI mode is used.
- Fixed wrong database fetching when the KEY and the database arguments are used at the same time.
- Added `SAFETY_PURE_YAML` env var, used for cases that require pure Python in the YAML parser.

## [2.3.1] - 2022-10-05
- Add `safety.alerts` module to setup.cfg

Expand Down
11 changes: 10 additions & 1 deletion README.md
View file
Open in desktop
Expand Up @@ -10,12 +10,21 @@ By default it uses the open Python vulnerability database [Safety DB](https://gi

For all commercial projects, Safely must be upgraded to use a [PyUp API](https://pyup.io) using the `--key` option.

# Supported and Tested Python Versions

Python: `3.6`, `3.7`, `3.8`, `3.9`, `3.10`, `3.11`

Safety supports the above versions but only is tested in the latest patch version available at [Python for Actions
](https://github.com/actions/python-versions/blob/main/versions-manifest.json). For instance, in Python `3.6` we only will test with `3.6.15`, which is the latest Python 3.6 version available on GitHub actions.

Make sure to use the latest patch available for your Python version.

# Using Safety as a GitHub Action

Safety can be integrated into your existing GitHub CI pipeline as an action. Just add the following as a step in your workflow YAML file after setting your `SAFETY_API_KEY` secret on GitHub under Settings -> Secrets -> Actions:

```yaml
- uses: pyupio/safety@2.3.1
- uses: pyupio/safety@2.3.2
with:
api-key: ${{ secrets.SAFETY_API_KEY }}
```
Expand Down
2 changes: 1 addition & 1 deletion safety/VERSION
View file
Open in desktop
@@ -1 +1 @@
2.3.2.dev
2.3.2