-
Notifications
You must be signed in to change notification settings - Fork 33
Expand file tree
/
Copy pathpyproject.toml
More file actions
85 lines (78 loc) · 2.88 KB
/
pyproject.toml
File metadata and controls
85 lines (78 loc) · 2.88 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# Copyright 2025 Google LLC
#
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file or at
# https://developers.google.com/open-source/licenses/bsd
[build-system]
requires = [
"pdm-backend",
]
build-backend = "pdm.backend"
[project]
name = "vanir"
version = "1.0.3"
authors = [
{ name = "Hyunwook (Wooky) Baek", email = "[email protected]" },
{ name = "Duy Truong", email = "[email protected]" },
{ name = "Justin Dunlap", email = "[email protected]" },
]
maintainers = [
{ name = "Hyunwook (Wooky) Baek", email = "[email protected]" },
{ name = "Duy Truong", email = "[email protected]" },
{ name = "Justin Dunlap", email = "[email protected]" },
]
description = """\
Vanir is a source code-based static analysis tool that automatically \
identifies the list of missing security patches in the target system. \
"""
readme = "README.md"
# This license only applies to precompiled packages of Vanir that includes
# FuzzyC.
license = "GPL-3.0-only"
requires-python = "<3.14,>=3.10"
classifiers = [
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3 :: Only",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
"Programming Language :: Python :: 3.12",
"Programming Language :: Python :: 3.13",
"Operating System :: POSIX :: Linux",
"Topic :: Security",
]
keywords = [
"static analysis",
"source code analysis",
"missing patch scanner",
]
dependencies = [
# Keep only direct dependencies here, same as those mentioned in the
# requirements.txt file. The dependencies here are kept at least on the same
# version as present in the requirements_lock files and less than the next
# major version to ensure compatibility.
# Ref: https://packaging.python.org/en/latest/discussions/versioning/#semantic-versioning.
"absl-py>=2.4.0,<3",
"google-api-core[grpc]>=2.30.2,<3",
"google-auth>=2.49.1,<3",
"google-cloud-iam>=2.22.0,<3",
# PiPs dependency resolution resolves to different major versions for
# google-cloud-storage(v2.19.0 for Python 3.11, 3.12 and v3.9.0 for Python
# 3.10 and 3.13) for different Python versions, hence keep the version
# upper limit as 4 to keep the version range inclusive and simple.
"google-cloud-storage>=2.19.0,<4",
"jinja2>=3.1.6,<4",
"jsonpath_ng>=1.8.0,<2",
"mmh3>=5.2.1,<6",
# Use the latest supported OSV version as per the Python version.
"osv>=0.0.21,<0.1.0; python_version>='3.10' and python_version<'3.13'",
"osv>=0.1.2,<1; python_version>='3.13'",
"protobuf>=6.33.6,<7",
"python-dateutil>=2.9.0.post0,<3",
"requests>=2.33.1,<3",
"tenacity>=9.1.4,<10",
"typing-extensions>=4.15.0,<5",
"unidiff>=0.7.5,<1",
]
[project.urls]
Homepage = "https://github.com/google/vanir"
Issues = "https://github.com/google/vanir/issues"