diff --git a/assets/pip-audit.py b/assets/pip-audit.py index fd74ee08..4c1c0e76 100644 --- a/assets/pip-audit.py +++ b/assets/pip-audit.py @@ -96,9 +96,12 @@ def install_commands(lock_path: str) -> Iterator[tuple[list[str], int]]: while line.endswith("\\"): zero_indexed_lineno += 1 line = line[:-1].strip() + " " + lock_file_lines[zero_indexed_lineno] - # There could be quoted or escaped spaces, but unlikely in 1st word. - install_cmd = [line.strip().split(" ", 1)[0]] - yield (install_cmd, zero_indexed_lineno + 1) + # There could be quoted or escaped spaces, but unlikely to be affected. + # Ignore --hash= and anything commented out but allow @ and ;sys_platform + install_cmd = line.strip().split("#", 1)[0].split(" --", 1)[0].strip() + if install_cmd.startswith("-e "): + install_cmd = install_cmd[3:].strip() + yield ([install_cmd], zero_indexed_lineno + 1) zero_indexed_lineno += 1 if __name__ == "__main__":