Workflow

Setuptools

Latest version: v69.5.1

Safety actively analyzes 630217 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 56 of 109

28.6.0

Not secure
=======

* 629: When scanning for packages, ``pkg_resources`` now
ignores empty egg-info directories and gives precedence to
packages whose versions are lexicographically greatest,
a rough approximation for preferring the latest available
version.

28.5.0

Not secure
=======

* 810: Tests are now invoked with tox and not setup.py test.
* 249 and 450 via 764: Avoid scanning the whole tree
when building the manifest. Also fixes a long-standing bug
where patterns in ``MANIFEST.in`` had implicit wildcard
matching. This caused ``global-exclude .foo`` to exclude
all ``*.foo`` files, but also ``global-exclude bar.py`` to
exclude ``foo_bar.py``.

28.4.0

Not secure
=======

* 732: Now extras with a hyphen are honored per PEP 426.
* 811: Update to pyparsing 2.1.10.
* Updated ``setuptools.command.sdist`` to re-use most of
the functionality directly from ``distutils.command.sdist``
for the ``add_defaults`` method with strategic overrides.
See 750 for rationale.
* 760 via 762: Look for certificate bundle where SUSE
Linux typically presents it. Use ``certifi.where()`` to locate
the bundle.

28.3.0

Not secure
=======

* 809: In ``find_packages()``, restore support for excluding
a parent package without excluding a child package.

* 805: Disable ``-nspkg.pth`` behavior on Python 3.3+ where
PEP-420 functionality is adequate. Fixes pip 1924.

28.1.0

Not secure
=======

* 803: Bump certifi to 2016.9.26.

28.0.0

Not secure
=======

* 733: Do not search excluded directories for packages.
This introduced a backwards incompatible change in ``find_packages()``
so that ``find_packages(exclude=['foo']) == []``, excluding subpackages of ``foo``.
Previously, ``find_packages(exclude=['foo']) == ['foo.bar']``,
even though the parent ``foo`` package was excluded.

* 795: Bump certifi.

* 719: Suppress decoding errors and instead log a warning
when metadata cannot be decoded.

Page 56 of 109

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.