Conversation
octo-sts
bot
commented
Sep 23, 2024
octo-sts
bot
commented
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
octo-sts
bot
added
request-version-update
Package py3-pipenv: Click to expand/collapsePackage py3-pipenv:
(
"""
# Generated by melange
pkgname = py3-pipenv
- pkgver = 2024.0.2-r0
+ pkgver = 2024.0.3-r0
arch = x86_64
- size = 21090547
+ size = 21457005
origin = py3-pipenv
pkgdesc = Python Development Workflow for Humans.
url =
- commit = 05ae208f86f5b6ce0bef38bd903e77c0ef7c05dc
- builddate = 1726368954
+ commit = b35be6e0c8f9f1dd16a2a384e0305f68a13ca1a1
license = MIT
depend = cmd:python3.12
... // 3 identical lines
depend = py3-virtualenv
depend = python-3
- provides = cmd:pipenv-resolver=2024.0.2-r0
- provides = cmd:pipenv=2024.0.2-r0
- datahash = fa3886cdca12b951359d5c0947e92536347244ae67525928ca22b0719753f9a5
+ provides = cmd:pipenv-resolver=2024.0.3-r0
+ provides = cmd:pipenv=2024.0.3-r0
+ datahash = 095627a1b1f33956f9b0c8e431a97779adc870c6d2c8a8fe1ec033247f38f9ac
"""
)
Added: /usr/lib/python3.12/site-packages/packaging/init.py bincapz found differences: Click to expand/collapseDeleted: py3-pipenv/usr/lib/python3.12/site-packages/pipenv-2024.0.2.dist-info/direct_url.json [✅ LOW]
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/metadata.py [
|
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | net/download | download files | core-metadata-download-url download_url |
| +MEDIUM | process/name/get | get the current process name | process_name |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/_musllinux.py [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | exec/program | execute external program | subprocess.PIPE, text subprocess.run([ld], stderr |
| +MEDIUM | process/executable_path | gets executable associated to this process | sys.executable |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/_manylinux.py [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | process/executable_path | gets executable associated to this process | sys.executable |
| +MEDIUM | process/name/get | get the current process name | process_name |
| +MEDIUM | ref/site/download | http dropper url | https://github.com/python/cpython/blob/fcf1d003bf4f0100c/Lib/platform.py |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://github.com/python/cpython/blob/fcf1d003bf4f0100c/Lib/platform.py https://sourceware.org/bugzilla/show_bug.cgi?id=24636 https://static.docs.arm.com/ihi0044/g/aaelf32.pdf |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/_elffile.py [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://gist.github.com/lyssdod/f51579ae8d93c8657a5564aefc2ffbca https://refspecs.linuxfoundation.org/elf/gabi4 |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/specifiers.py [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | python/mypy#13475 |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/tags.py [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | evasion/single_line_imports | imports built-in and executes more code on the same line | import platform; |
| +MEDIUM | exec/program | execute external program | subprocess.PIPE, subprocess.run( |
| +MEDIUM | process/executable_path | gets executable associated to this process | sys.executable |
| +LOW | ref/site/url | contains embedded HTTPS URLs | pypa/pip#3383 |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/_parser.py [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | techniques/code_eval | evaluate code dynamically using eval() | eval(python |
| +LOW | fd/read | reads from a file handle | Op(tokenizer.read() append(tokenizer.read() process_env_var(tokenizer.read() process_python_str(tokenizer.read() |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/markers.py [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | exec/shell_command | execute a shell command | system |
| +MEDIUM | kernel/platform | system platform identification | sys.platform |
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://peps.python.org/pep-0685/ |
Added: py3-pipenv/usr/lib/python3.12/site-packages/pipenv-2024.0.3.dist-info/direct_url.json [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/path/file/url | file url | file:///home |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/init.py [✅ LOW]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +LOW | ref/site/url | contains embedded HTTPS URLs | https://github.com/pypa/packaging |
Added: py3-pipenv/usr/lib/python3.12/site-packages/packaging/_tokenizer.py [⚠️ MEDIUM]
| RISK | KEY | DESCRIPTION | EVIDENCE |
|---|---|---|---|
| +MEDIUM | exec/shell_command | execute a shell command | system |
| +LOW | fd/read | reads from a file handle | self.read() |
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/routines/install.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/pyparsing/core.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/commands/search.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/index/collector.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/wheel_builder.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/project.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/locations/_sysconfig.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/self_outdated_check.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/utils/entrypoints.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_internal/req/req_uninstall.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/safety/alerts/github.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/exceptions.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/utils/dependencies.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/vendor/dparse/updater.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/urllib3/contrib/pyopenssl.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/_vendor/cachecontrol/caches/file_cache.py
Changed: /tmp/wolfictl-apk-29500048/py3-pipenv/usr/lib/python3.12/site-packages/pipenv/patched/pip/main.py
Moved: py3-pipenv/var/lib/db/sbom/py3-pipenv-2024.0.2-r0.spdx.json -> /tmp/wolfictl-apk-29500048/py3-pipenv/var/lib/db/sbom/py3-pipenv-2024.0.3-r0.spdx.json (similarity: 0.99)
octo-sts
bot
added
the
bincapz/pass
|
Open AI suggestions to solve the build error: |
2 participants
