safety icon indicating copy to clipboard operation
safety copied to clipboard
verified publisher icon pyupio

Repo for safety-schemas package on Pypi is incorrect; no place to report issues on safety-schemas package

Open andy-maier opened this issue 1 year ago • 3 comments

Checklist

Safety version

safety-schemas 0.0.7

Python version

any

Operating System

any

Describe the problem you'd like to have solved

The safety-schemas package on Pypi points to a homepage that does not exist: https://github.com/pyupio/safety_schemas

I also did not find any repo under https://github.com/pyupio that sounded like it would contain safety-schemas.

The problem with this is that it is not clear where to open issues against the safety-schemas package.

Describe the ideal solution

Make the source repo of the safety-schemas package publicly available and link it from the Pypi package. Make sure the source repo of the safety-schemas package has its issue tracker enabled.

Alternatives and current workarounds

I will continue to post issues with safety-schemas on https://github.com/pyupio/safety/issues, as a workaround.

Additional context

No response

What I Did

Followed the homepage link on https://pypi.org/project/safety-schemas/

andy-maier avatar Oct 24 '24 09:10 andy-maier

Hi @andy-maier, thank you for opening this issue!

We appreciate your effort in reporting this. Our team will review it and get back to you soon. If you have any additional details or updates, feel free to add them to this issue.

Note: If this is a serious security issue that could impact the security of Safety CLI users, please email [email protected] immediately.

Thank you for contributing to Safety CLI!

github-actions[bot] avatar Oct 24 '24 09:10 github-actions[bot]

Hi @andy-maier thank you for bringing this to our attention! Currently we have the safety-schemas repo set to private. At the moment we are not planning to make it public but we will consider this and may revisit it to change it to be public. In the meanwhile any safety-schemas issues can be reported here!

dylanpulver avatar Oct 29 '24 14:10 dylanpulver

Then in the meantime, could the link to the repo on Pypi be changed to point to the safety repo, and a sentence added that explains it?

andy-maier avatar Oct 29 '24 18:10 andy-maier