Fix Vulnerable Dependencies
Fix the vulnerable dependencies in your application.
Note: Updating the dependencies might affect your application.
While running this command, will ask you which package manager do you want to use.
- pip
- pipenv
- conda
Based on your selection, it uses the package manager and will install the dependencies.
Fix dependency
pyraider fix
fix dependency by severity
Supported severities
- high
- medium
- low
pyraider fix -s high
Fix dependency with deep scan
pyraider fix -d
Fix dependency with deep scan by severity
Supported severities
- high
- medium
- low
pyraider fix -d -s high
You should get a result like this.
_____ _____ _ _
| __ \ | __ \ (_) | |
| |__) | _| |__) |__ _ _ __| | ___ _ __
| ___/ | | | _ // _` | |/ _` |/ _ \ '__|
| | | |_| | | \ \ (_| | | (_| | __/ |
|_| \__, |_| \_\__,_|_|\__,_|\___|_|
__/ |
|___/
by RaiderSource version 1.0.3
Started Scanning .....
Do you want to use pip to install packages? [Y/n] y
Do you want to update django pacakge from 1.11.13 to 3.1a1 version? [Y/n] y
Collecting django==3.1a1
Using cached Django-3.1a1-py3-none-any.whl (7.5 MB)
Requirement already satisfied: sqlparse>=0.2.2 in ./venv/lib/python3.7/site-packages (from django==3.1a1) (0.3.1)
Requirement already satisfied: pytz in ./venv/lib/python3.7/site-packages (from django==3.1a1) (2020.1)
Requirement already satisfied: asgiref>=3.2 in ./venv/lib/python3.7/site-packages (from django==3.1a1) (3.2.7)
Installing collected packages: django
Attempting uninstall: django
Found existing installation: Django 1.11.13
Uninstalling Django-1.11.13:
Successfully uninstalled Django-1.11.13
Successfully installed django-3.1a1
0
django==3.1a1 version has been installed successfully!!!
If you press Y it will automatically install the dependency.