diff --git a/assets/pip-audit.py b/assets/pip-audit.py index 06be686c..fd74ee08 100644 --- a/assets/pip-audit.py +++ b/assets/pip-audit.py @@ -2,7 +2,7 @@ import subprocess from collections.abc import Iterator -from os import environ, path +from os import chdir, environ, getcwd, path from pip_audit._audit import Auditor from pip_audit._cli import VulnerabilityServiceChoice @@ -36,10 +36,20 @@ def main(): extra_install_args.extend(["--trusted-host", host]) for lock_path in changed_lock_files: - for install_cmd, line_number in install_commands(lock_path): + install(lock_path, auditor, extra_install_args, index_url) + + +def install(lock_path, auditor, extra_install_args, index_url=None): + install_cmds_by_line = install_commands(path.basename(lock_path)) + try: + original_cwd = getcwd() + tmpdir = path.join(original_cwd, "./.venv-deleteme") + chdir(path.dirname(lock_path)) + for install_cmd, line_number in install_cmds_by_line: + print(install_cmd, line_number) venv = VirtualEnv(install_cmd + extra_install_args, index_url=index_url) try: - venv.create("./.venv-deleteme") + venv.create(tmpdir) except VirtualEnvError as e: print(e) continue @@ -60,7 +70,9 @@ def main(): print(e) continue finally: - venv.clear_directory("./.venv-deleteme") + venv.clear_directory(tmpdir) + finally: + chdir(original_cwd) def install_commands(lock_path: str) -> Iterator[tuple[list[str], int]]: @@ -80,7 +92,7 @@ def install_commands(lock_path: str) -> Iterator[tuple[list[str], int]]: zero_indexed_lineno = 0 while zero_indexed_lineno < len(lock_file_lines): line = lock_file_lines[zero_indexed_lineno] - if line and line in diff_lines and not line.startswith(("#", "--", "-e ")): + if line and line in diff_lines and not line.startswith(("#", "--")): while line.endswith("\\"): zero_indexed_lineno += 1 line = line[:-1].strip() + " " + lock_file_lines[zero_indexed_lineno]