README: clarify pip-audit behavior around exit codes (#425)

...and offer a tip. Signed-off-by: William Woodruff <[email protected]> Signed-off-by: William Woodruff <[email protected]>
timothy-bartlett · Dec 7, 2022 · ed95644 · ed95644
1 parent b470b24
commit ed95644
Showing 1 changed file with 32 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -219,6 +219,10 @@ The current codes are:
 * `0`: No known vulnerabilities were detected.
 * `1`: One or more known vulnerabilities were found.
 
+`pip-audit`'s exit code cannot be suppressed.
+See [Suppressing exit codes from `pip-audit`](#suppressing-exit-codes-from-pip-audit)
+for supported alternatives.
+
 ### Dry runs
 
 `pip-audit` supports the `--dry-run` flag, which can be used to control whether
@@ -439,6 +443,34 @@ $ pipenv run pip-audit -r requirements.txt
 The `requirements.txt` file needs to be kept up to date with `pipenv` when running
 `pip-audit` locally like this.
 
+### Suppressing exit codes from `pip-audit`
+
+`pip-audit` intentionally does not support internally suppressing its own
+exit codes.
+
+Users who need to suppress a failing `pip-audit` invocation can use
+one of the standard shell idioms for doing so:
+
+```bash
+pip-audit || true
+```
+
+or, to exit entirely:
+
+```bash
+pip-audit || exit 0
+```
+
+The exit code can also be captured and handled explicitly:
+
+```bash
+pip-audit
+exitcode="${?}"
+# do something with ${exitcode}
+```
+
+See [Exit codes](#exit-codes) for a list of potential codes that need handling.
+
 ## Security Model
 
 This section exists to describe the security assumptions you **can** and **must not**