Python - Pip

  • 12 January 2023
  • 0 replies
  • 276 views

Debricked currently supports tracking Python dependencies via:

  • Pip, using the older requirements.txt files

  • Pipenv, using the newer Pipfile.lock files

 

Pip

For the fastest and most accurate results, a file containing the resolved dependency tree has to be created prior to scanning.

This can be done using the High Performance Scans technology in our Debricked CLI. By running the resolve command, the CLI automatically detects all manifest files without the recommended lock files and generates the files as needed. The first part of the name is based on the name of the file it was generated from:

<FILE_NAME>.pip.debricked.lock

Example: requirements.txt.pip.debricked.lock

 

 

If at least one of the supported files is committed to your repository, it will be automatically scanned for dependencies when you have done any of our integrations to your CI/CD pipeline.
 

Supported file formats and features:

Language

Package Manager

Supported File Formats

Root dependencies 

Indirect dependencies

Dependency trees

Security Scanning

License Scanning

Root Fix

Python

pip

requirements.txt

 

 

Pipenv

Pipfile

 

 

Pipfile.lock

 

 

 

Have a look at the overview of all supported languages.


0 replies

Be the first to reply!

Reply