summarylogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.SRCINFO5
-rw-r--r--PKGBUILD23
2 files changed, 24 insertions, 4 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 7646a11ed729..9c1a48bbb1bc 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,13 +1,13 @@
pkgbase = python-pip-audit-git
pkgdesc = A tool for scanning Python environments for known vulnerabilities
- pkgver = r61.844c85f
+ pkgver = r98.1c69d2d
pkgrel = 1
url = https://github.com/trailofbits/pip-audit
arch = any
license = Apache
makedepends = git
makedepends = python-setuptools
- depends = python-pip-api
+ depends = python-pip-api>=0.0.23
depends = python-packaging
depends = python-dataclasses
depends = python-progress
@@ -15,6 +15,7 @@ pkgbase = python-pip-audit-git
depends = python-html5lib
depends = python-cachecontrol
depends = python-lockfile
+ depends = python-cyclonedx-lib
conflicts = python-pip-audit
options = !strip
source = pip-audit::git+https://github.com/trailofbits/pip-audit.git
diff --git a/PKGBUILD b/PKGBUILD
index d99f6176c958..255395f9af0b 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -2,13 +2,32 @@
pkgname=python-pip-audit-git
_gitpkgname=pip-audit
-pkgver=r61.844c85f
+pkgver=r98.1c69d2d
pkgrel=1
pkgdesc='A tool for scanning Python environments for known vulnerabilities'
arch=('any')
url='https://github.com/trailofbits/pip-audit'
license=('Apache')
-depends=('python-pip-api' 'python-packaging' 'python-dataclasses' 'python-progress' 'python-resolvelib' 'python-html5lib' 'python-cachecontrol' 'python-lockfile')
+depends=(
+ # Upstream requires pip-api >= 0.0.23 but Arch’s Community
+ # repository is on 0.0.18, which causes an error message that
+ # says “failed to list installed distributions.”
+ # Once community/python-pip-api catches up to version 0.0.23,
+ # remove the `>=0.0.23` part from the following line.
+ 'python-pip-api>=0.0.23'
+ 'python-packaging'
+ 'python-dataclasses'
+ 'python-progress'
+ # Upstream requires resolvelib >=0.8.0, but extra/python-resolvelib
+ # is at 0.5.5 (possibly for compatibility with extra/python-pip
+ # 20.3.4). The 0.5.5 version appears to work just fine, so let’s
+ # ignore the mismatch.
+ 'python-resolvelib'
+ 'python-html5lib'
+ 'python-cachecontrol'
+ 'python-lockfile'
+ 'python-cyclonedx-lib'
+)
makedepends=('git' 'python-setuptools')
conflicts=('python-pip-audit')
options=('!strip')