rspm edit blocklist-rule
Advanced
Command to edit an existing blocklist rule
Terminal
rspm edit blocklist-rule [flags]Examples
Terminal
# --- Common edits (--id is always required) ---
rspm edit blocklist-rule --id=[rule id] --package-name=[package name] --description=[text]
rspm edit blocklist-rule --id=[rule id] --package-name=[package name] --version=[version]
rspm edit blocklist-rule --id=[rule id] --package-name=[package name] --source=pypi --description=[text]
rspm edit blocklist-rule --id=[rule id] --source=[source name] --exception=true --description=[text]
rspm edit blocklist-rule --id=[rule id] --license-types=[comma-separated list of license types] --description=[text]
# --- Find a rule's ID ---
rspm list blocklist-rules
# --- Worked example ---
# Create a rule that blocks the 'ggplot2' package globally.
rspm create blocklist-rule --package-name=ggplot2
# Narrow the rule to the 'cran' source only, for versions <=3.3.2.
# Note that special characters like '<' and '>' must be escaped with quotes.
rspm edit blocklist-rule --id=1 --source=cran --version='<=3.3.2'
# Allow 'ggplot2' as an exception, then block it again.
rspm edit blocklist-rule --id=1 --exception=true
rspm edit blocklist-rule --id=1 --exception=false
# Adjust the priority and description.
rspm edit blocklist-rule --id=1 --priority=90 --description="Block 'ggplot2' versions <=3.3.2 in the 'cran' source"
# Update the license or license types.
rspm edit blocklist-rule --id=1 --license=GPL --license-types=GPL-2.0-only,GPL-2.0-or-later
# Add a 30-day cooldown so new versions are blocked until they reach that age.
rspm edit blocklist-rule --id=1 --min-age=30d
# --- Clear criteria (pass an empty string) ---
rspm edit blocklist-rule --id=1 --source="" --license=""
rspm edit blocklist-rule --id=1 --namespaces=""
rspm edit blocklist-rule --id=1 --min-age=""Options
Terminal
--bioconductor Block in all Bioconductor sources.
--block-unscored Block packages with unscored vulnerabilities.
--deleted-packages Block a package if it was deleted from the latest CRAN or PyPI snapshot.
--description string Description text. Optional.
--exception Allow package if any of the rules match.
-h, --help help for blocklist-rule
--id uint The rule ID. Required.
--license string Case-insensitive substring for matching package licenses.
--license-types string A comma-separated list of package license types. License types are either a license identifier in the SPDX License List (non-deprecated), or "Unknown" for an unknown or missing license. Use the 'rspm list license-types' command to display available license types, or see https://spdx.org/licenses/ for a detailed list of SPDX license identifiers.
--min-age string Block package versions until they reach this minimum age, expressed as a duration such as '30d' or '24h' (a cooldown on newly published versions).
--min-severity float Block packages matching or exceeding this vulnerability score.
--namespaces string Comma-separated VS Code extension publisher namespaces (e.g., 'ms-python' or 'ms-python,GitHub'). Blocks every extension under any of those namespaces; combine with --exception to allow only those namespaces. VSX sources only (Local VSX, Open VSX, Curated VSX) — has no effect on R, Python, or Bioconductor packages, and cannot be combined with a non-VSX --source, --repo, or --bioconductor.
--package-name string The name of the package.
--priority uint Execution priority, lower is executed earlier. (default 100)
--repo string The name of the repository.
--source string The name of the source.
--version string Version string with optional operator for matching like '<1.0.0'. Valid operators include: >, >=, <, and <=.
--vulns Block the package if it contains any known security vulnerabilities.Options inherited from parent commands
Terminal
-a, --address string The address of the remote server. If not specified, the PACKAGEMANAGER_ADDRESS environment variable is used.
-c, --config string Path to config file
--insecure-ssl-skip-verify If true, skip SSL certificate validation. This reduces the security that SSL normally provides.
-o, --output-format string Specify the output format 'human' for human-readable output or 'json' for JSON-encoded output. (default "human")
-v, --verbose Provide additional output