Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Environmental audits: run pip list in the local virtual environment, if present #455

Open
woodruffw opened this issue Dec 28, 2022 · 0 comments
Open

Environmental audits: run pip list in the local virtual environment, if present #455

woodruffw opened this issue Dec 28, 2022 · 0 comments
Assignees
@woodruffw @tetsuo-cpp
Labels
enhancement New feature or request

Comments

@woodruffw
Copy link
Member

This is a follow-on to #450.

#451 "resolves" the issue by emitting a warning on the current ambiguity, but we can do better than that: instead of just warning, we can use ${VIRTUAL_ENV}/bin/python as pip_api's Python base, which in turn will allow globally installed copies of pip-audit to audit local virtual environments (as users might intuitively expect).

To do that, we'll need to re-think how we use pip_api, and possibly upstream some changes:

  • We can't rely on pip_api.PIP_VERSION, since it's computed eagerly from whatever pip was found at module import time. Maybe we should just use pip_api.version().
  • It might make sense to change how pip_api currently supports overrides -- PIPAPI_PYTHON_LOCATION in the environment could probably be replaced with something more ergonomic.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@woodruffw woodruffw

@tetsuo-cpp tetsuo-cpp

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@woodruffw @tetsuo-cpp