pysentry-rs 0.3.6__tar.gz → 0.3.7__tar.gz

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/Cargo.lock

@@ -1137,7 +1137,7 @@ dependencies = [
 
 [[package]]
 name = "pysentry"
-version = "0.3.6"
+version = "0.3.7"
 dependencies = [
  "anyhow",
  "async-trait",
@@ -1277,9 +1277,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.11.1"
+version = "1.11.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191"
+checksum = "23d7fd106d8c02486a8d64e778353d1cffe08ce79ac2e82f540c86d0facf6912"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -1512,9 +1512,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.142"
+version = "1.0.143"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "030fedb782600dcbd6f02d479bf0d817ac3bb40d644745b769d6a96bc3afc5a7"
+checksum = "d401abef1d108fbd9cbaebc3e46611f4b1021f714a0597a71f41ee463f5f4a5a"
 dependencies = [
  "itoa",
  "memchr",
@@ -1686,31 +1686,31 @@ checksum = "e502f78cdbb8ba4718f566c418c52bc729126ffd16baee5baa718cf25dd5a69a"
 
 [[package]]
 name = "tempfile"
-version = "3.20.0"
+version = "3.21.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e8a64e3985349f2441a1a9ef0b853f869006c3855f2cda6862a94d26ebb9d6a1"
+checksum = "15b61f8f20e3a6f7e0649d825294eaf317edce30f82cf6026e7e4cb9222a7d1e"
 dependencies = [
  "fastrand",
  "getrandom 0.3.3",
  "once_cell",
  "rustix",
- "windows-sys 0.59.0",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
 name = "thiserror"
-version = "2.0.15"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "80d76d3f064b981389ecb4b6b7f45a0bf9fdac1d5b9204c7bd6714fecc302850"
+checksum = "3467d614147380f2e4e374161426ff399c91084acd2363eaf549172b3d5e60c0"
 dependencies = [
  "thiserror-impl",
 ]
 
 [[package]]
 name = "thiserror-impl"
-version = "2.0.15"
+version = "2.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "44d29feb33e986b6ea906bd9c3559a856983f92371b3eaa5e83782a351623de0"
+checksum = "6c5e1be1c48b9172ee610da68fd9cd2770e7a4056cb3fc98710ee6906f0c7960"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -2524,9 +2524,9 @@ dependencies = [
 
 [[package]]
 name = "zip"
-version = "4.3.0"
+version = "4.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9aed4ac33e8eb078c89e6cbb1d5c4c7703ec6d299fc3e7c3695af8f8b423468b"
+checksum = "8835eb39822904d39cb19465de1159e05d371973f0c6df3a365ad50565ddc8b9"
 dependencies = [
  "arbitrary",
  "crc32fast",

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "pysentry"
-version = "0.3.6"
+version = "0.3.7"
 edition = "2021"
 rust-version = "1.79"
 description = "Security vulnerability auditing for Python packages"
@@ -32,17 +32,17 @@ futures = "0.3.31"
 owo-colors = "4.2.2"
 pep440_rs = "0.7.3"
 pyo3 = { version = "0.25.1", features = ["extension-module"], optional = true }
-regex = "1.11.1"
+regex = "1.11.2"
 reqwest = { version = "0.12.23", features = ["json", "stream", "rustls-tls-native-roots"], default-features = false }
 rustc-hash = "2.1.1"
 serde = { version = "1.0.219", features = ["derive"] }
-serde_json = "1.0.142"
+serde_json = "1.0.143"
 serde_yaml = "0.9.34"
 sha2 = "0.10.9"
-tempfile = "3.20.0"
-thiserror = "2.0.15"
+tempfile = "3.21.0"
+thiserror = "2.0.16"
 tokio = { version = "1.47.1", features = ["fs", "io-util", "rt-multi-thread", "macros", "process"] }
 toml = "0.9.5"
 tracing = "0.1.41"
 tracing-subscriber = { version = "0.3.19", features = ["env-filter"] }
-zip = { version = "4.3.0", default-features = false, features = ["deflate"] }
+zip = { version = "4.5.0", default-features = false, features = ["deflate"] }

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: pysentry-rs
-Version: 0.3.6
+Version: 0.3.7
 Classifier: Development Status :: 4 - Beta
 Classifier: Intended Audience :: Developers
 Classifier: License :: OSI Approved :: GNU General Public License v3 (GPLv3)
@@ -37,11 +37,11 @@ A fast, reliable security vulnerability scanner for Python projects, written in
 
 ## Overview
 
-PySentry audits Python projects for known security vulnerabilities by analyzing dependency files (`uv.lock`, `poetry.lock`, `Pipfile.lock`, `pyproject.toml`, `Pipfile`, `requirements.txt`) and cross-referencing them against multiple vulnerability databases. It provides comprehensive reporting with support for various output formats and filtering options.
+PySentry audits Python projects for known security vulnerabilities by analyzing dependency files (`uv.lock`, `poetry.lock`, `Pipfile.lock`, `pylock.toml`, `pyproject.toml`, `Pipfile`, `requirements.txt`) and cross-referencing them against multiple vulnerability databases. It provides comprehensive reporting with support for various output formats and filtering options.
 
 ## Key Features
 
-- **Multiple Project Formats**: Supports `uv.lock`, `poetry.lock`, `Pipfile.lock`, `pyproject.toml`, `Pipfile`, and `requirements.txt` files
+- **Multiple Project Formats**: Supports `uv.lock`, `poetry.lock`, `Pipfile.lock`, `pylock.toml`, `pyproject.toml`, `Pipfile`, and `requirements.txt` files
 - **External Resolver Integration**: Leverages `uv` and `pip-tools` for accurate requirements.txt constraint solving
 - **Multiple Data Sources**:
   - PyPA Advisory Database (default)
@@ -301,7 +301,7 @@ Add PySentry to your `.pre-commit-config.yaml`:
 ```yaml
 repos:
   - repo: https://github.com/pysentry/pysentry-pre-commit
-    rev: v0.3.5
+    rev: v0.3.6
     hooks:
       - id: pysentry # default pysentry settings
 ```
@@ -311,7 +311,7 @@ repos:
 ```yaml
 repos:
   - repo: https://github.com/pysentry/pysentry-pre-commit
-    rev: v0.3.5
+    rev: v0.3.6
     hooks:
       - id: pysentry
         args: ["--sources", "pypa,osv", "--fail-on", "high"]

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/README.md

@@ -11,11 +11,11 @@ A fast, reliable security vulnerability scanner for Python projects, written in
 
 ## Overview
 
-PySentry audits Python projects for known security vulnerabilities by analyzing dependency files (`uv.lock`, `poetry.lock`, `Pipfile.lock`, `pyproject.toml`, `Pipfile`, `requirements.txt`) and cross-referencing them against multiple vulnerability databases. It provides comprehensive reporting with support for various output formats and filtering options.
+PySentry audits Python projects for known security vulnerabilities by analyzing dependency files (`uv.lock`, `poetry.lock`, `Pipfile.lock`, `pylock.toml`, `pyproject.toml`, `Pipfile`, `requirements.txt`) and cross-referencing them against multiple vulnerability databases. It provides comprehensive reporting with support for various output formats and filtering options.
 
 ## Key Features
 
-- **Multiple Project Formats**: Supports `uv.lock`, `poetry.lock`, `Pipfile.lock`, `pyproject.toml`, `Pipfile`, and `requirements.txt` files
+- **Multiple Project Formats**: Supports `uv.lock`, `poetry.lock`, `Pipfile.lock`, `pylock.toml`, `pyproject.toml`, `Pipfile`, and `requirements.txt` files
 - **External Resolver Integration**: Leverages `uv` and `pip-tools` for accurate requirements.txt constraint solving
 - **Multiple Data Sources**:
   - PyPA Advisory Database (default)
@@ -275,7 +275,7 @@ Add PySentry to your `.pre-commit-config.yaml`:
 ```yaml
 repos:
   - repo: https://github.com/pysentry/pysentry-pre-commit
-    rev: v0.3.5
+    rev: v0.3.6
     hooks:
       - id: pysentry # default pysentry settings
 ```
@@ -285,7 +285,7 @@ repos:
 ```yaml
 repos:
   - repo: https://github.com/pysentry/pysentry-pre-commit
-    rev: v0.3.5
+    rev: v0.3.6
     hooks:
       - id: pysentry
         args: ["--sources", "pypa,osv", "--fail-on", "high"]

pysentry_rs-0.3.7/benchmarks/results/0.3.6.md

@@ -0,0 +1,141 @@
+# PySentry - pip-audit Benchmark Report
+
+**Generated:** 2025-08-21 19:52:35
+**Duration:** 1m 56.44s
+**Total Tests:** 20
+
+## Executive Summary
+
+**Overall Success Rate:** 100.0% (20/20 successful runs)
+
+### Small_Requirements Dataset - Cold Cache
+- **Fastest:** pysentry-pypi (0.250s) - 35.37x faster than slowest
+- **Memory Efficient:** pysentry-osv (11.03 MB) - 9.68x less memory than highest
+
+### Small_Requirements Dataset - Hot Cache
+- **Fastest:** pysentry-pypi (0.221s) - 35.46x faster than slowest
+- **Memory Efficient:** pysentry-osv (10.81 MB) - 9.68x less memory than highest
+
+### Large_Requirements Dataset - Cold Cache
+- **Fastest:** pysentry-pypi (0.722s) - 27.16x faster than slowest
+- **Memory Efficient:** pysentry-osv (10.93 MB) - 9.84x less memory than highest
+
+### Large_Requirements Dataset - Hot Cache
+- **Fastest:** pysentry-pypi (0.686s) - 23.48x faster than slowest
+- **Memory Efficient:** pysentry-osv (11.07 MB) - 9.83x less memory than highest
+
+## Test Environment
+
+- **Platform:** Linux-6.11.0-1018-azure-x86_64-with-glibc2.39
+- **Python Version:** 3.11.13
+- **CPU Cores:** 4
+- **Total Memory:** 15.62 GB
+- **Available Memory:** 14.63 GB
+
+## Performance Comparison
+
+### Small_Requirements Dataset - Cold Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.250s | 1.00x |
+| 🥈 pysentry-osv | 1.045s | 4.18x |
+|  pysentry-all-sources | 1.152s | 4.60x |
+|  pysentry-pypa | 1.155s | 4.61x |
+|  pip-audit-default | 8.852s | 35.37x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 11.03 MB | 1.00x |
+| 🥈 pysentry-pypi | 11.64 MB | 1.06x |
+|  pip-audit-default | 45.64 MB | 4.14x |
+|  pysentry-pypa | 75.38 MB | 6.84x |
+|  pysentry-all-sources | 106.78 MB | 9.68x |
+
+### Small_Requirements Dataset - Hot Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.221s | 1.00x |
+| 🥈 pysentry-pypa | 0.729s | 3.29x |
+|  pysentry-osv | 0.982s | 4.43x |
+|  pysentry-all-sources | 1.112s | 5.02x |
+|  pip-audit-default | 7.854s | 35.46x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 10.81 MB | 1.00x |
+| 🥈 pysentry-pypi | 11.93 MB | 1.10x |
+|  pip-audit-default | 44.88 MB | 4.15x |
+|  pysentry-pypa | 69.38 MB | 6.42x |
+|  pysentry-all-sources | 104.60 MB | 9.68x |
+
+### Large_Requirements Dataset - Cold Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.722s | 1.00x |
+| 🥈 pysentry-pypa | 1.258s | 1.74x |
+|  pysentry-all-sources | 3.183s | 4.41x |
+|  pysentry-osv | 3.714s | 5.14x |
+|  pip-audit-default | 19.619s | 27.16x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 10.93 MB | 1.00x |
+| 🥈 pysentry-pypi | 14.27 MB | 1.31x |
+|  pip-audit-default | 47.34 MB | 4.33x |
+|  pysentry-pypa | 74.92 MB | 6.85x |
+|  pysentry-all-sources | 107.52 MB | 9.84x |
+
+### Large_Requirements Dataset - Hot Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.686s | 1.00x |
+| 🥈 pysentry-pypa | 1.206s | 1.76x |
+|  pysentry-all-sources | 3.464s | 5.05x |
+|  pysentry-osv | 3.799s | 5.54x |
+|  pip-audit-default | 16.105s | 23.48x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 11.07 MB | 1.00x |
+| 🥈 pysentry-pypi | 11.27 MB | 1.02x |
+|  pip-audit-default | 47.18 MB | 4.26x |
+|  pysentry-pypa | 52.84 MB | 4.77x |
+|  pysentry-all-sources | 108.84 MB | 9.83x |
+
+## Detailed Analysis
+
+### Pysentry Performance
+
+- **Execution Time:** Avg: 1.542s, Min: 0.221s, Max: 3.799s
+
+- **Memory Usage:** Avg: 49.58 MB, Min: 10.81 MB, Max: 108.84 MB
+
+- **Success Rate:** 100.0% (16/16)
+
+### Pip-Audit Performance
+
+- **Execution Time:** Avg: 13.108s, Min: 7.854s, Max: 19.619s
+
+- **Memory Usage:** Avg: 46.26 MB, Min: 44.88 MB, Max: 47.34 MB
+
+- **Success Rate:** 100.0% (4/4)

pysentry_rs-0.3.7/benchmarks/results/latest.md

@@ -0,0 +1,141 @@
+# PySentry - pip-audit Benchmark Report
+
+**Generated:** 2025-08-21 19:52:35
+**Duration:** 1m 56.44s
+**Total Tests:** 20
+
+## Executive Summary
+
+**Overall Success Rate:** 100.0% (20/20 successful runs)
+
+### Small_Requirements Dataset - Cold Cache
+- **Fastest:** pysentry-pypi (0.250s) - 35.37x faster than slowest
+- **Memory Efficient:** pysentry-osv (11.03 MB) - 9.68x less memory than highest
+
+### Small_Requirements Dataset - Hot Cache
+- **Fastest:** pysentry-pypi (0.221s) - 35.46x faster than slowest
+- **Memory Efficient:** pysentry-osv (10.81 MB) - 9.68x less memory than highest
+
+### Large_Requirements Dataset - Cold Cache
+- **Fastest:** pysentry-pypi (0.722s) - 27.16x faster than slowest
+- **Memory Efficient:** pysentry-osv (10.93 MB) - 9.84x less memory than highest
+
+### Large_Requirements Dataset - Hot Cache
+- **Fastest:** pysentry-pypi (0.686s) - 23.48x faster than slowest
+- **Memory Efficient:** pysentry-osv (11.07 MB) - 9.83x less memory than highest
+
+## Test Environment
+
+- **Platform:** Linux-6.11.0-1018-azure-x86_64-with-glibc2.39
+- **Python Version:** 3.11.13
+- **CPU Cores:** 4
+- **Total Memory:** 15.62 GB
+- **Available Memory:** 14.63 GB
+
+## Performance Comparison
+
+### Small_Requirements Dataset - Cold Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.250s | 1.00x |
+| 🥈 pysentry-osv | 1.045s | 4.18x |
+|  pysentry-all-sources | 1.152s | 4.60x |
+|  pysentry-pypa | 1.155s | 4.61x |
+|  pip-audit-default | 8.852s | 35.37x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 11.03 MB | 1.00x |
+| 🥈 pysentry-pypi | 11.64 MB | 1.06x |
+|  pip-audit-default | 45.64 MB | 4.14x |
+|  pysentry-pypa | 75.38 MB | 6.84x |
+|  pysentry-all-sources | 106.78 MB | 9.68x |
+
+### Small_Requirements Dataset - Hot Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.221s | 1.00x |
+| 🥈 pysentry-pypa | 0.729s | 3.29x |
+|  pysentry-osv | 0.982s | 4.43x |
+|  pysentry-all-sources | 1.112s | 5.02x |
+|  pip-audit-default | 7.854s | 35.46x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 10.81 MB | 1.00x |
+| 🥈 pysentry-pypi | 11.93 MB | 1.10x |
+|  pip-audit-default | 44.88 MB | 4.15x |
+|  pysentry-pypa | 69.38 MB | 6.42x |
+|  pysentry-all-sources | 104.60 MB | 9.68x |
+
+### Large_Requirements Dataset - Cold Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.722s | 1.00x |
+| 🥈 pysentry-pypa | 1.258s | 1.74x |
+|  pysentry-all-sources | 3.183s | 4.41x |
+|  pysentry-osv | 3.714s | 5.14x |
+|  pip-audit-default | 19.619s | 27.16x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 10.93 MB | 1.00x |
+| 🥈 pysentry-pypi | 14.27 MB | 1.31x |
+|  pip-audit-default | 47.34 MB | 4.33x |
+|  pysentry-pypa | 74.92 MB | 6.85x |
+|  pysentry-all-sources | 107.52 MB | 9.84x |
+
+### Large_Requirements Dataset - Hot Cache
+
+#### Execution Time Comparison
+
+| Tool Configuration | Execution Time | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-pypi | 0.686s | 1.00x |
+| 🥈 pysentry-pypa | 1.206s | 1.76x |
+|  pysentry-all-sources | 3.464s | 5.05x |
+|  pysentry-osv | 3.799s | 5.54x |
+|  pip-audit-default | 16.105s | 23.48x |
+
+#### Memory Usage Comparison
+
+| Tool Configuration | Peak Memory | Relative Performance |
+|---------------------|---------------------|---------------------|
+| 🥇 pysentry-osv | 11.07 MB | 1.00x |
+| 🥈 pysentry-pypi | 11.27 MB | 1.02x |
+|  pip-audit-default | 47.18 MB | 4.26x |
+|  pysentry-pypa | 52.84 MB | 4.77x |
+|  pysentry-all-sources | 108.84 MB | 9.83x |
+
+## Detailed Analysis
+
+### Pysentry Performance
+
+- **Execution Time:** Avg: 1.542s, Min: 0.221s, Max: 3.799s
+
+- **Memory Usage:** Avg: 49.58 MB, Min: 10.81 MB, Max: 108.84 MB
+
+- **Success Rate:** 100.0% (16/16)
+
+### Pip-Audit Performance
+
+- **Execution Time:** Avg: 13.108s, Min: 7.854s, Max: 19.619s
+
+- **Memory Usage:** Avg: 46.26 MB, Min: 44.88 MB, Max: 47.34 MB
+
+- **Success Rate:** 100.0% (4/4)

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/src/cli.rs

@@ -151,6 +151,10 @@ pub struct AuditArgs {
     #[arg(long)]
     pub direct_only: bool,
 
+    /// Include withdrawn vulnerabilities in results
+    #[arg(long)]
+    pub include_withdrawn: bool,
+
     /// Disable caching
     #[arg(long)]
     pub no_cache: bool,
@@ -363,6 +367,10 @@ impl AuditArgs {
             merged.detailed = config.defaults.detailed;
         }
 
+        if !self.include_withdrawn {
+            merged.include_withdrawn = config.defaults.include_withdrawn;
+        }
+
         if self.resolver == ResolverTypeArg::Uv && config.resolver.resolver_type != "uv" {
             merged.resolver = match config.resolver.resolver_type.as_str() {
                 "pip-tools" => ResolverTypeArg::PipTools,
@@ -1010,6 +1018,7 @@ async fn perform_audit(audit_args: &AuditArgs, cache_dir: &Path) -> Result<Audit
         audit_args.severity.clone().into(),
         audit_args.ignore_ids.to_vec(),
         audit_args.direct_only,
+        audit_args.include_withdrawn,
     );
     let matcher = VulnerabilityMatcher::new(database, matcher_config);
 
@@ -1117,6 +1126,7 @@ pub async fn config_init(args: &ConfigInitArgs) -> Result<()> {
     println!("- Severity: low, medium, high, critical");
     println!("- Sources: pypa, pypi, osv");
     println!("- Resolver: uv, pip-tools");
+    println!("- Include withdrawn: true/false");
 
     Ok(())
 }
@@ -1192,6 +1202,10 @@ pub async fn config_show(args: &ConfigShowArgs) -> Result<()> {
             config_loader.config.defaults.direct_only
         );
         println!("  Detailed: {}", config_loader.config.defaults.detailed);
+        println!(
+            "  Include withdrawn: {}",
+            config_loader.config.defaults.include_withdrawn
+        );
         println!();
         println!(
             "  Sources: {}",
@@ -1292,6 +1306,9 @@ fail_on = "high"
 # Uncomment to include dev/optional dependencies
 # scope = "all"
 
+# Uncomment to include withdrawn vulnerabilities by default
+# include_withdrawn = true
+
 [sources]
 # Choose your vulnerability sources
 enabled = ["pypa"]

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/src/config.rs

@@ -75,6 +75,9 @@ pub struct DefaultConfig {
 
     #[serde(default)]
     pub detailed: bool,
+
+    #[serde(default)]
+    pub include_withdrawn: bool,
 }
 
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -481,6 +484,7 @@ impl Default for DefaultConfig {
             scope: default_scope(),
             direct_only: false,
             detailed: false,
+            include_withdrawn: false,
         }
     }
 }

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/src/error.rs

@@ -24,7 +24,7 @@ pub type Result<T> = std::result::Result<T, AuditError>;
 /// Audit error types
 #[derive(Debug, Error)]
 pub enum AuditError {
-    #[error("No dependency information found. Run 'uv lock' to generate a lock file")]
+    #[error("No dependency information found. Generate a lock file (uv.lock, poetry.lock, Pipfile.lock, pylock.toml) or add pyproject.toml/requirements.txt")]
     NoDependencyInfo,
 
     #[error("Failed to download vulnerability database: {0}")]

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/src/lib.rs

@@ -97,6 +97,8 @@ impl AuditEngine {
         source_type: VulnerabilitySourceType,
         min_severity: SeverityLevel,
         ignore_ids: &[String],
+        direct_only: bool,
+        include_withdrawn: bool,
     ) -> Result<AuditReport> {
         let project_path = project_path.as_ref();
 
@@ -125,7 +127,12 @@ impl AuditEngine {
         let database = vuln_source.fetch_vulnerabilities(&packages).await?;
 
         // 4. Match vulnerabilities
-        let matcher_config = MatcherConfig::new(min_severity, ignore_ids.to_vec(), false);
+        let matcher_config = MatcherConfig::new(
+            min_severity,
+            ignore_ids.to_vec(),
+            direct_only,
+            include_withdrawn,
+        );
         let matcher = VulnerabilityMatcher::new(database, matcher_config);
 
         let matches = matcher.find_vulnerabilities(&dependencies)?;

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/src/output/report.rs

@@ -263,11 +263,18 @@ impl ReportGenerator {
                     String::new()
                 };
 
+                let withdrawn_tag = if m.vulnerability.withdrawn.is_some() {
+                    format!(" {}", "(WITHDRAWN)".yellow().bold())
+                } else {
+                    String::new()
+                };
+
                 writeln!(
                     output,
-                    " {}. {}  {} v{}  [{}]{}",
+                    " {}. {}{}  {} v{}  [{}]{}",
                     i + 1,
                     ColoredOutput::vulnerability_id(&m.vulnerability.id),
+                    withdrawn_tag,
                     ColoredOutput::package_name(&m.package_name.to_string()),
                     m.installed_version,
                     ColoredOutput::severity(&m.vulnerability.severity),
@@ -438,12 +445,19 @@ impl ReportGenerator {
                     String::new()
                 };
 
+                let withdrawn_tag = if m.vulnerability.withdrawn.is_some() {
+                    " ⚠️ **WITHDRAWN**"
+                } else {
+                    ""
+                };
+
                 writeln!(
                     output,
-                    "### {}. {} `{}`{}",
+                    "### {}. {} `{}`{}{}",
                     i + 1,
                     severity_icon,
                     m.vulnerability.id,
+                    withdrawn_tag,
                     source_tag
                 )?;
                 writeln!(output)?;
@@ -459,6 +473,14 @@ impl ReportGenerator {
                     writeln!(output, "- **CVSS Score:** {cvss:.1}")?;
                 }
 
+                if let Some(withdrawn_date) = &m.vulnerability.withdrawn {
+                    writeln!(
+                        output,
+                        "- **⚠️ Withdrawn:** {}",
+                        withdrawn_date.format("%Y-%m-%d")
+                    )?;
+                }
+
                 writeln!(output, "- **Summary:** {}", m.vulnerability.summary)?;
 
                 if let Some(description) = &m.vulnerability.description {
@@ -546,6 +568,7 @@ impl ReportGenerator {
                     references: m.vulnerability.references.clone(),
                     is_direct: m.is_direct,
                     source: m.vulnerability.source.clone(),
+                    withdrawn: m.vulnerability.withdrawn.map(|dt| dt.to_rfc3339()),
                 })
                 .collect(),
             fix_suggestions: report
@@ -610,6 +633,7 @@ struct JsonVulnerability {
     references: Vec<String>,
     is_direct: bool,
     source: Option<String>,
+    withdrawn: Option<String>,
 }
 
 #[derive(Serialize, Deserialize)]
@@ -660,6 +684,7 @@ mod tests {
             published: None,
             modified: None,
             source: Some("test".to_string()),
+            withdrawn: None,
         };
 
         let matches = vec![VulnerabilityMatch {

{pysentry_rs-0.3.6 → pysentry_rs-0.3.7}/src/output/sarif.rs

@@ -326,6 +326,17 @@ impl SarifGenerator {
                 rule["properties"]["cvss_score"] = json!(cvss);
             }
 
+            // Add withdrawal information if available
+            if let Some(withdrawn_date) = &m.vulnerability.withdrawn {
+                rule["properties"]["withdrawn"] = json!(withdrawn_date.to_rfc3339());
+                rule["properties"]["tags"] = json!([
+                    "security",
+                    "vulnerability",
+                    format!("{:?}", m.vulnerability.severity).to_lowercase(),
+                    "withdrawn"
+                ]);
+            }
+
             // Add timestamps if available
             if let Some(published) = &m.vulnerability.published {
                 rule["properties"]["published_date"] = json!(published.to_string());
@@ -643,6 +654,7 @@ mod tests {
             published: None,
             modified: None,
             source: Some("test".to_string()),
+            withdrawn: None,
         }
     }