Fix resolving requirements with percent encoded characters #144
Conversation
|
@fviernau thanks ++, please have a look on https://github.com/nexB/python-inspector#testing to regenerate the tests with updated data |
Thanks @TG1999! I've re-generated the test data and found that there were further failing tests. So, I've decided Note: This PR should be merged only after #145 has been merged. |
fviernau
force-pushed
the
main
branch
2 times, most recently
from
9cbd2ed to
326f62d
Compare
|
@fviernau yes, makes sense |
I've tried to investigate this, but unfortunately all the tests do succeed on my machine running Ubuntu. |
| @@ -4,7 +4,7 @@ | |||
| "tool_homepageurl": "https://github.com/nexB/python-inspector", | |||
| "tool_version": "0.9.8", | |||
| "options": [ | |||
| "--requirement /home/frank/sources/github/nexB/python-inspector/tests/data/azure-devops.req.txt", | |||
There was a problem hiding this comment.
@TG1999 We should make the tests ignore the start of these paths for sanity
|
@fviernau From what I can see at https://download.pytorch.org/whl/torch/ macOs does not have a version
I understand this that when you ask for @TG1999 unrelated we will need to update this repo to use the latest skeleton and drop EOL Python 3.7 and older OS versions |
|
@fviernau strike this out: does NOT resolve on macOS but on linux. I would like to see the test run on all supported Python versions and not only on 3.7, as it could be an older bug in pip on macOS on these versions |
I've spent some time looking for a library using local version identifier ( @pombredanne - Is your suggestion to use a single library for the test which is available to all platforms to all supported python versions? (If so, would you know such a library?) ...or rather: How do you think the test should look like? |
There was a problem hiding this comment.
This looks good overall ... a few minor nits before merging:
-
Can you avoid making changes to the hardcoded test paths? this is minor but this is also unrelated.
-
Can you add a few unit tests for the
from_link()method which is the main one impacted? https://github.com/nexB/python-inspector/pull/144/files#diff-f69b55183727cdb44af1543579e8ad3953ef4934462f87f8f052c2b6fb64e7abR671
OR moving the decoding to the from_filename as suggested below?
src/python_inspector/utils_pypi.py
Outdated
| @@ -675,7 +676,7 @@ def from_link(cls, link: Link): | |||
| """ | |||
| requires_python = link.python_requires | |||
| path_or_url = link.url | |||
| filename = os.path.basename(path_or_url.strip("/")) | |||
| filename = os.path.basename(unquote(path_or_url).strip("/")) | |||
There was a problem hiding this comment.
Are you sure you want to unquote there and not after getting the basename, so this happens just on the filename and not the whole path?
What about using from_filename(filename) directly with an encoded filename? This may fail, so decoding/unquoting in from_filename(filename) instead may be a better place then.
There was a problem hiding this comment.
Makes sense to me. I've changed it, hope it's in the right place (overload) of that function.
|
@TG1999 re: #144 (comment) we need to update to the latest skeleton and drop CI OS combos no longer available |
@pombredanne ack! |
There is no such thing on PyPI alright. Let's get the latest cleaner CI defeinition and we may just mark this test as failing on macOS to move on as this is mysterious otherwise. |
Update the assertions to re-align with changed dependency trees. Signed-off-by: Frank Viernau <[email protected]>
This fixes several test cases in e.g. `test_cli.py`, `test_apy.py`. Signed-off-by: Frank Viernau <[email protected]>
`Distribution.from_link()` derives the version string of a package from the given (percent encoded) `Link.url`. That derivation lacks the decoding, so the resulting version string may also contain percent encoded characters in which case the dependency resolution fails. Fix the resolution by URL adding the missing unquoting. Fixes aboutcode-org#143. Signed-off-by: Frank Viernau <[email protected]>
|
@pombredanne I believe I've addressed all above points. The test is for now disabled on macOs. |
Move the resolution to the from_filename() method in subclasses Reference: aboutcode-org#143 Signed-off-by: Philippe Ombredanne <[email protected]>
These new test were missing originally and they excercise all the corner cases of encoding. Reference: aboutcode-org#143 Signed-off-by: Philippe Ombredanne <[email protected]>
* Ensure that we honor the --generic-paths option when converting to plain mapping. * Avoid recursive imports by moving remove_test_data_dir_variable_prefix to utils.py * Simplifify tests to bypass the creation of an output file when not needed * Some tests are also updated to account for package version updates. Reference: aboutcode-org#143 Signed-off-by: Philippe Ombredanne <[email protected]>
|
@fviernau FYI, I pushed a merge of main and a few commits to add tests, and refactored the tests approach to avoid any user-specific paths. |
Distribution.from_link()derives the version string of a package from the given (percent encoded)Link.url. That derivation lacks the decoding, so the resulting version string may also contain percent encoded characters in which case the dependency resolution fails.Fix the resolution by URL adding the missing unquoting.
Fixes #143.