Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
index-url
option to not override user pip config by default,
unless specified (#565)Improved error messaging when a requirements input or indirect dependency has an invalid (non-PEP 440) requirements specifier (#507)
pip-audit
's handling of dependency resolution has been significantly
refactored and simplified (#523)
Fixed an issue where hash checking would fail when using third-party indices (#462)
Fixed the behavior of the --skip-editable
flag, which had regressed
with an internal API change
(#499)
Fixed a dependency resolution bug that can potentially be triggered when multiple packages have the same subdependency (#488)
packaging
to ensure that non-normalized versions
are handled correctly (#471)requires-python
version
(#447)