---
- branch: MAIN
  date: Wed Mar 29 09:51:43 UTC 2023
  files:
  - new: '1.24'
    old: '1.23'
    path: pkgsrc/security/py-pip-audit/Makefile
    pathrev: pkgsrc/security/py-pip-audit/Makefile@1.24
    type: modified
  - new: '1.21'
    old: '1.20'
    path: pkgsrc/security/py-pip-audit/distinfo
    pathrev: pkgsrc/security/py-pip-audit/distinfo@1.21
    type: modified
  id: 20230329T095143Z.a12dd33fb6f6a207585ed4fff8e65800d6aa6c3b
  log: |
    py-pip_audit: update to 2.5.4.

    ## [2.5.4]

    ### Changed

    * Refactored `index-url` option to not override user pip config by default,
      unless specified ([#565](https://github.com/pypa/pip-audit/pull/565))

    ### Fixed

    * Fixed bug with the `--fix` flag where new requirements were sometimes being
      appended to requirement files instead of patching the existing requirement
      ([#577](https://github.com/pypa/pip-audit/pull/577))

    * Fixed a crash caused by auditing requirements files that refer to other
      requirements files ([#568](https://github.com/pypa/pip-audit/pull/568))

    ## [2.5.3]

    ### Changed

    * Further simplified `pip-audit`'s dependency resolution to remove inconsistent
      behaviour when using hashed requirements or the `--no-deps` flag
      ([#540](https://github.com/pypa/pip-audit/pull/540))

    ### Fixed

    * Fixed a crash caused by invalid UTF-8 sequences in subprocess outputs
      ([#572](https://github.com/pypa/pip-audit/pull/572))

    ## [2.5.2]

    ### Fixed

    * Fixed a loose dependency constraint for CycloneDX SBOM generation
      ([#558](https://github.com/pypa/pip-audit/pull/558))
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/py-pip-audit'
  unixtime: '1680083503'
  user: wiz