From e42e1ca7863ea93d2c9f49fd6d4a7e210265067f Mon Sep 17 00:00:00 2001 From: Daniel Hermann Date: Thu, 4 Jul 2019 15:20:22 +0200 Subject: [PATCH] Fix missing 'proxy' and 'cache' params in 'fetch_database' call In safety.check(), when vulnerable packages are found, a second 'fetch_database' call is executed to get details. However, the 'proxy' and 'cache' parameters are not passed to it. This patch fixes that. --- safety/safety.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/safety/safety.py b/safety/safety.py index 871bd775..2fca3eb2 100644 --- a/safety/safety.py +++ b/safety/safety.py @@ -137,7 +137,7 @@ def check(packages, key, db_mirror, cached, ignore_ids, proxy): spec_set = SpecifierSet(specifiers=specifier) if spec_set.contains(pkg.version): if not db_full: - db_full = fetch_database(full=True, key=key, db=db_mirror) + db_full = fetch_database(full=True, key=key, db=db_mirror, cached=cached, proxy=proxy) for data in get_vulnerabilities(pkg=name, spec=specifier, db=db_full): vuln_id = data.get("id").replace("pyup.io-", "") if vuln_id and vuln_id not in ignore_ids: