py-pip-audit: update to 2.3.4.

## [2.3.4]

### Fixed

* Vulnerability fixing: the `--fix` flag now works for vulnerabilities found in
  requirement subdependencies. A new line is now added to the requirement file
  to explicitly pin the offending subdependency
  ([#297](pypa/pip-audit#297))

## [2.3.3]

### Changed

* CLI: `pip-audit` now warns on the combination of `-s osv` and
  `--require-hashes`, notifying users that only the PyPI service
  can fully verify hashes
  ([#298](pypa/pip-audit#298))

### Fixed

* CLI/Dependency sources: `--cache-dir=...` and other flags that affect
  dependency resolver behavior now work correctly when auditing a
  `pyproject.toml` dependency source
  ([#300](pypa/pip-audit#300))

## [2.3.2] - 2022-05-14

### Changed

* CLI: `pip-audit`'s progress spinner has been refactored to make it
  faster and more responsive
  ([#283](pypa/pip-audit#283))

* CLI, Vulnerability sources: the error message used to report
  connection failures to vulnerability sources was improved
  ([#287](pypa/pip-audit#287))

* Vulnerability sources: the OSV service is now more resilient
  to schema changes ([#288](pypa/pip-audit#288))

* Vulnerability sources: the PyPI service provides a better
  error message during some cases of service degradation
  ([#294](pypa/pip-audit#294))

### Fixed

* Vulnerability sources: a bug stemming from an incorrect assumption
  about OSV's schema guarantees was fixed
  ([#284](pypa/pip-audit#284))

* Caching: `pip-audit` now respects `pip`'s `PIP_NO_CACHE_DIR`
  and will not attempt to use the `pip` cache if present
  ([#290](pypa/pip-audit#290))

security/py-pip-audit/Makefile

@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.14 2022/05/29 07:47:05 wiz Exp $
+# $NetBSD: Makefile,v 1.15 2022/07/03 10:35:54 wiz Exp $
 
-DISTNAME=	pip-audit-2.3.1
+DISTNAME=	pip-audit-2.3.4
 PKGNAME=	${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=	security python
 # pypi file does not include tests
@@ -16,12 +16,13 @@ LICENSE=	apache-2.0
 
 TOOL_DEPENDS+=	${PYPKGPREFIX}-flit_core-[0-9]*:../../devel/py-flit_core
 DEPENDS+=	${PYPKGPREFIX}-cachecontrol>=0.12.10:../../devel/py-cachecontrol
-DEPENDS+=	${PYPKGPREFIX}-cyclonedx-python-lib>=1.0.0:../../security/py-cyclonedx-python-lib
+DEPENDS+=	${PYPKGPREFIX}-cyclonedx-python-lib>=2.0.0:../../security/py-cyclonedx-python-lib
 DEPENDS+=	${PYPKGPREFIX}-html5lib>=1.1:../../textproc/py-html5lib
 DEPENDS+=	${PYPKGPREFIX}-packaging>=21.0.0:../../devel/py-packaging
 DEPENDS+=	${PYPKGPREFIX}-pip-api>=0.0.28:../../devel/py-pip-api
-DEPENDS+=	${PYPKGPREFIX}-progress>=1.6:../../devel/py-progress
 DEPENDS+=	${PYPKGPREFIX}-resolvelib>=0.8.0:../../devel/py-resolvelib
+DEPENDS+=	${PYPKGPREFIX}-rich>=12.4:../../comms/py-rich
+DEPENDS+=	${PYPKGPREFIX}-toml>=0.10:../../textproc/py-toml
 TEST_DEPENDS+=	${PYPKGPREFIX}-pretend-[0-9]*:../../devel/py-pretend
 TEST_DEPENDS+=	${PYPKGPREFIX}-test-[0-9]*:../../devel/py-test
 
@@ -33,8 +34,8 @@ post-install:
 	cd ${DESTDIR}${PREFIX}/bin && \
         ${MV} pip-audit pip-audit-${PYVERSSUFFIX} || ${TRUE}
 
-# as of 2.3.0
-# 1 failed, 133 passed
+# as of 2.3.4
+# 1 failed, 149 passed
 TEST_ENV+=	PYTHONPATH=${WRKSRC}/build/lib:${WRKSRC}/build/lib/test
 do-test:
 	cd ${WRKSRC} && ${SETENV} ${TEST_ENV} pytest-${PYVERSSUFFIX}

security/py-pip-audit/distinfo

@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.11 2022/05/29 07:47:05 wiz Exp $
+$NetBSD: distinfo,v 1.12 2022/07/03 10:35:54 wiz Exp $
 
-BLAKE2s (pip-audit-2.3.1.tar.gz) = 419c83f36da01b5c64e773859be182b8aa5f4b6e6cb3df4690748d87dd5eda53
-SHA512 (pip-audit-2.3.1.tar.gz) = 2fc9de538a852efc5714bed6aff43273aaaf85e53312187f4c420d63a231656e7f8114b856adf7ca1f56ae1006323e39450e2a070a055839a23593bd0f5f01c7
-Size (pip-audit-2.3.1.tar.gz) = 59275 bytes
+BLAKE2s (pip-audit-2.3.4.tar.gz) = 40f6ad530e2993ea90b987e00f133a92b66123e336be43008f1bd0f4ea633b33
+SHA512 (pip-audit-2.3.4.tar.gz) = f0d8886d198bf0c6a13cdbb007cb1ffe6bb22ac51d96dafd1eec05beedd970fae5937fe5db78c7bf5c8f1efb6068d3c7f5cda67ef4b5bb5a3741674c0a0b5ab7
+Size (pip-audit-2.3.4.tar.gz) = 63854 bytes