pipinfo is an alternative command-line tool for listing Python packages with enhanced features like vulnerability and version checks.
Alternative tool for listing Python packages
pipinfo is designed for Python developers and security professionals who need a comprehensive overview of installed Python packages, including their versions, vulnerabilities, and update status. It simplifies package management by combining functionalities of pip list, pip show, and pip-audit, helping users identify outdated or vulnerable packages quickly.
To enable debug mode, set the PIPINFO_DEBUG environment variable. The tool caches data from web services to improve performance, influenced by standard environment variables for cache directories. It is recommended to run pipinfo in environments where Python package metadata is accessible and to regularly update packages flagged as outdated or vulnerable.
Ensure Python and pip are installed from https://www.python.org/downloads/ and https://pip.pypa.io/en/stable/installation/
Install pipinfo tool only with: pip install pnu-pipinfo
Alternatively, install the full PNU toolset with: pip install PNU
Or install PNU plus additional third-party tools with: pip install pytnixpipinfo
List all Python packages with default display
pipinfo -l | --check-latest
Check and highlight packages that are outdated
pipinfo -v | --check-vulns
Check and highlight packages with known vulnerabilities
pipinfo -i | --info
Print detailed information about package versions and vulnerabilities
pipinfo -I | --issues
List only packages that are outdated or vulnerable
pipinfo -S | --system
Show only system-wide installed packages
pipinfo -U | --user
Show only user-installed packages
pipinfo -O | --outdated
Show only outdated packages
pipinfo -V | --vulnerable
Show only vulnerable packages
pipinfo -c | --no-color
Disable colored output
pipinfo -p | --no-progress
Disable progress meter display