BLAKE2s (pip-audit-0.0.4.tar.gz) = 07e726eb27ca453638d64a84490a1a4fc934e819868c1fb50bd0a3bd2c023174
SHA512 (pip-audit-0.0.4.tar.gz) = 3192547e0c7bccda1c69ff20d7a23175f29260a05d882769f474577485da086f98dbe05af5c3e8c3eaed9b033cb251315832b84ed864986183fae8e157006bda
Size (pip-audit-0.0.4.tar.gz) = 31496 bytes
+SHA1 (patch-mypy.ini) = 63b86e4ab5735d44ebf0d695cf9e228181fb6b26
+SHA1 (patch-pip__audit_cli.py) = 23f15f2bf7afe7c0a9bb0abb77cfdf07438af011
+SHA1 (patch-pip__audit_dependency__source_resolvelib_pypi__provider.py) = f703cfbd4f8abbc51bb1effe291564267b062203
SHA1 (patch-pip__audit_service_pypi.py) = e9d290bd6b318e1ce0850b9e8de397b5da771620
-SHA1 (patch-setup.py) = af06b6796795e581e23fa0d89aa2d77e0832e784
+SHA1 (patch-setup.py) = 7460564df5eeef3d22f1314d9b554df0d74e8942
--- /dev/null
+$NetBSD$
+
+https://github.com/trailofbits/pip-audit/issues/115
+
+--- mypy.ini.orig 2021-11-09 16:11:51.000000000 +0000
++++ mypy.ini
+@@ -2,3 +2,7 @@
+ warn_return_any = True
+ warn_unused_configs = True
+ warn_unused_ignores = True
++warn_no_return = True
++strict_equality = True
++allow_redefinition = True
++check_untyped_defs = True
--- /dev/null
+$NetBSD$
+
+https://github.com/trailofbits/pip-audit/issues/115
+
+--- pip_audit/cli.py.orig 2021-11-09 16:11:51.000000000 +0000
++++ pip_audit/cli.py
+@@ -13,7 +13,12 @@ from typing import List, Optional
+
+ from pip_audit import __version__
+ from pip_audit.audit import AuditOptions, Auditor
+-from pip_audit.dependency_source import PipSource, RequirementSource, ResolveLibResolver
++from pip_audit.dependency_source import (
++ DependencySource,
++ PipSource,
++ RequirementSource,
++ ResolveLibResolver,
++)
+ from pip_audit.format import ColumnsFormat, JsonFormat, VulnerabilityFormat
+ from pip_audit.service import OsvService, PyPIService, VulnerabilityService
+ from pip_audit.state import AuditSpinner
+@@ -105,7 +110,7 @@ class ProgressSpinnerChoice(str, enum.En
+ return self.value
+
+
+-def audit():
++def audit() -> None:
+ """
+ The primary entrypoint for `pip-audit`.
+ """
+@@ -182,6 +187,7 @@ def audit():
+ with ExitStack() as stack:
+ state = stack.enter_context(AuditSpinner()) if args.progress_spinner else None
+
++ source: DependencySource
+ if args.requirements is not None:
+ req_files: List[Path] = [Path(req.name) for req in args.requirements]
+ source = RequirementSource(req_files, ResolveLibResolver(state), state)
+@@ -195,7 +201,7 @@ def audit():
+ vuln_count = 0
+ for (spec, vulns) in auditor.audit(source):
+ if state is not None:
+- state.update_state(f"Auditing {spec.package} ({spec.version})")
++ state.update_state(f"Auditing {spec.name} ({spec.version})")
+ result[spec] = vulns
+ if len(vulns) > 0:
+ pkg_count += 1
--- /dev/null
+$NetBSD$
+
+https://github.com/trailofbits/pip-audit/issues/115
+
+--- pip_audit/dependency_source/resolvelib/pypi_provider.py.orig 2021-11-09 16:11:51.000000000 +0000
++++ pip_audit/dependency_source/resolvelib/pypi_provider.py
+@@ -13,7 +13,7 @@ from operator import attrgetter
+ from platform import python_version
+ from tarfile import TarFile
+ from tempfile import TemporaryDirectory
+-from typing import List, Optional, Set
++from typing import BinaryIO, List, Optional, Set, cast
+ from urllib.parse import urlparse
+ from zipfile import ZipFile
+
+@@ -42,8 +42,8 @@ class Candidate:
+ self,
+ name: str,
+ version: Version,
+- url: Optional[str] = None,
+- extras: bool = None,
++ url: str,
++ extras: Set[str],
+ is_wheel: bool = True,
+ state: Optional[AuditState] = None,
+ ) -> None:
+@@ -89,7 +89,7 @@ class Candidate:
+ """
+ Computes the dependency set for this candidate.
+ """
+- deps = self.metadata.get_all("Requires-Dist", [])
++ deps: List[str] = self.metadata.get_all("Requires-Dist", [])
+ extras = self.extras if self.extras else [""]
+
+ for d in deps:
+@@ -125,7 +125,9 @@ class Candidate:
+ for n in z.namelist():
+ if n.endswith(".dist-info/METADATA"):
+ p = BytesParser()
+- return p.parse(z.open(n), headersonly=True)
++ # NOTE: MyPy bug? ZipFile.open is treated as IO[bytes], which
++ # should be unified with BinaryIO but isn't.
++ return p.parse(cast(BinaryIO, z.open(n)), headersonly=True)
+
+ # If we didn't find the metadata, return an empty dict
+ return EmailMessage() # pragma: no cover
Do not insist on one particular version of CacheControl.
---- setup.py.orig 2021-11-09 16:12:41.000000000 +0000
+--- setup.py.orig 2021-11-09 16:11:51.000000000 +0000
+++ setup.py
-@@ -30,12 +30,12 @@ setup(
- install_requires=[
+@@ -31,11 +31,11 @@ setup(
"pip-api>=0.0.23",
"packaging>=21.0.0",
# TODO: Remove this once 3.7 is our minimally supported version.
pkgsrc-wip -- http://pkgsrc.org/wip/ / pkgsrc-wip.git / commitdiff