mirror of
https://github.com/enpaul/tox-poetry-installer.git
synced 2025-11-04 07:46:06 +00:00
Merge pull request #34 from enpaul/enp/fix-unsafe
Fix unsafe dependency handling
This commit is contained in:
GitHub
@@ -1,6 +1,6 @@
|
|||||||
[tool.poetry]
|
[tool.poetry]
|
||||||
name = "tox-poetry-installer"
|
name = "tox-poetry-installer"
|
||||||
version = "0.6.0"
|
version = "0.6.1"
|
||||||
license = "MIT"
|
license = "MIT"
|
||||||
authors = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]
|
authors = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]
|
||||||
description = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"
|
description = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
# pylint: disable=missing-docstring
|
# pylint: disable=missing-docstring
|
||||||
__title__ = "tox-poetry-installer"
|
__title__ = "tox-poetry-installer"
|
||||||
__summary__ = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"
|
__summary__ = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"
|
||||||
__version__ = "0.6.0"
|
__version__ = "0.6.1"
|
||||||
__url__ = "https://github.com/enpaul/tox-poetry-installer/"
|
__url__ = "https://github.com/enpaul/tox-poetry-installer/"
|
||||||
__license__ = "MIT"
|
__license__ = "MIT"
|
||||||
__authors__ = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]
|
__authors__ = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]
|
||||||
|
|||||||
@@ -62,21 +62,22 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
|
|||||||
"""
|
"""
|
||||||
from tox_poetry_installer import _poetry
|
from tox_poetry_installer import _poetry
|
||||||
|
|
||||||
try:
|
|
||||||
|
|
||||||
def find_deps_of_deps(name: str, searched: Set[str]) -> PackageMap:
|
def find_deps_of_deps(name: str, searched: Set[str]) -> PackageMap:
|
||||||
package = packages[name]
|
searched.add(name)
|
||||||
transients: PackageMap = {}
|
|
||||||
searched.update([name])
|
|
||||||
|
|
||||||
if name in _poetry.Provider.UNSAFE_PACKAGES:
|
if name in _poetry.Provider.UNSAFE_PACKAGES:
|
||||||
reporter.warning(
|
reporter.warning(
|
||||||
f"{constants.REPORTER_PREFIX} Installing package '{name}' using Poetry is not supported; skipping installation of package '{name}'"
|
f"{constants.REPORTER_PREFIX} Installing package '{name}' using Poetry is not supported and will be skipped"
|
||||||
)
|
)
|
||||||
reporter.verbosity2(
|
reporter.verbosity2(
|
||||||
f"{constants.REPORTER_PREFIX} Skip {package}: designated unsafe by Poetry"
|
f"{constants.REPORTER_PREFIX} Skip {name}: designated unsafe by Poetry"
|
||||||
)
|
)
|
||||||
elif not package.python_constraint.allows(constants.PLATFORM_VERSION):
|
return dict()
|
||||||
|
|
||||||
|
transients: PackageMap = {}
|
||||||
|
package = packages[name]
|
||||||
|
|
||||||
|
if not package.python_constraint.allows(constants.PLATFORM_VERSION):
|
||||||
reporter.verbosity2(
|
reporter.verbosity2(
|
||||||
f"{constants.REPORTER_PREFIX} Skip {package}: incompatible Python requirement '{package.python_constraint}' for current version '{constants.PLATFORM_VERSION}'"
|
f"{constants.REPORTER_PREFIX} Skip {package}: incompatible Python requirement '{package.python_constraint}' for current version '{constants.PLATFORM_VERSION}'"
|
||||||
)
|
)
|
||||||
@@ -85,21 +86,36 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
|
|||||||
f"{constants.REPORTER_PREFIX} Skip {package}: incompatible platform requirement '{package.platform}' for current platform '{sys.platform}'"
|
f"{constants.REPORTER_PREFIX} Skip {package}: incompatible platform requirement '{package.platform}' for current platform '{sys.platform}'"
|
||||||
)
|
)
|
||||||
else:
|
else:
|
||||||
reporter.verbosity2(f"{constants.REPORTER_PREFIX} Include {package}")
|
reporter.verbosity2(
|
||||||
|
f"{constants.REPORTER_PREFIX} Including {package} for installation"
|
||||||
|
)
|
||||||
transients[name] = package
|
transients[name] = package
|
||||||
for dep in package.requires:
|
for index, dep in enumerate(package.requires):
|
||||||
|
reporter.verbosity2(
|
||||||
|
f"{constants.REPORTER_PREFIX} Processing dependency {index + 1}/{len(package.requires)} for {package}: {dep.name}"
|
||||||
|
)
|
||||||
if dep.name not in searched:
|
if dep.name not in searched:
|
||||||
transients.update(find_deps_of_deps(dep.name, searched))
|
transients.update(find_deps_of_deps(dep.name, searched))
|
||||||
|
else:
|
||||||
|
reporter.verbosity2(
|
||||||
|
f"{constants.REPORTER_PREFIX} Package with name '{dep.name}' has already been processed, skipping"
|
||||||
|
)
|
||||||
|
|
||||||
return transients
|
return transients
|
||||||
|
|
||||||
searched: Set[str] = set()
|
searched: Set[str] = set()
|
||||||
|
|
||||||
|
try:
|
||||||
transients: PackageMap = find_deps_of_deps(
|
transients: PackageMap = find_deps_of_deps(
|
||||||
packages[dependency_name].name, searched
|
packages[dependency_name].name, searched
|
||||||
)
|
)
|
||||||
|
|
||||||
return set(transients.values())
|
|
||||||
except KeyError:
|
except KeyError:
|
||||||
|
if dependency_name in _poetry.Provider.UNSAFE_PACKAGES:
|
||||||
|
reporter.warning(
|
||||||
|
f"{constants.REPORTER_PREFIX} Installing package '{dependency_name}' using Poetry is not supported and will be skipped"
|
||||||
|
)
|
||||||
|
return set()
|
||||||
|
|
||||||
if any(
|
if any(
|
||||||
delimiter in dependency_name
|
delimiter in dependency_name
|
||||||
for delimiter in constants.PEP508_VERSION_DELIMITERS
|
for delimiter in constants.PEP508_VERSION_DELIMITERS
|
||||||
@@ -107,10 +123,13 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
|
|||||||
raise exceptions.LockedDepVersionConflictError(
|
raise exceptions.LockedDepVersionConflictError(
|
||||||
f"Locked dependency '{dependency_name}' cannot include version specifier"
|
f"Locked dependency '{dependency_name}' cannot include version specifier"
|
||||||
) from None
|
) from None
|
||||||
|
|
||||||
raise exceptions.LockedDepNotFoundError(
|
raise exceptions.LockedDepNotFoundError(
|
||||||
f"No version of locked dependency '{dependency_name}' found in the project lockfile"
|
f"No version of locked dependency '{dependency_name}' found in the project lockfile"
|
||||||
) from None
|
) from None
|
||||||
|
|
||||||
|
return set(transients.values())
|
||||||
|
|
||||||
|
|
||||||
def check_preconditions(venv: ToxVirtualEnv, action: ToxAction) -> "_poetry.Poetry":
|
def check_preconditions(venv: ToxVirtualEnv, action: ToxAction) -> "_poetry.Poetry":
|
||||||
"""Check that the local project environment meets expectations"""
|
"""Check that the local project environment meets expectations"""
|
||||||
|
|||||||
Reference in New Issue
Block a user