Merge pull request #34 from enpaul/enp/fix-unsafe

Fix unsafe dependency handling
This commit is contained in:
Ethan Paul 2020-12-16 20:37:35 -05:00 committed by GitHub
commit 0614913cc5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 54 additions and 35 deletions

View File

@ -1,6 +1,6 @@
[tool.poetry] [tool.poetry]
name = "tox-poetry-installer" name = "tox-poetry-installer"
version = "0.6.0" version = "0.6.1"
license = "MIT" license = "MIT"
authors = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"] authors = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]
description = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile" description = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"

View File

@ -1,7 +1,7 @@
# pylint: disable=missing-docstring # pylint: disable=missing-docstring
__title__ = "tox-poetry-installer" __title__ = "tox-poetry-installer"
__summary__ = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile" __summary__ = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"
__version__ = "0.6.0" __version__ = "0.6.1"
__url__ = "https://github.com/enpaul/tox-poetry-installer/" __url__ = "https://github.com/enpaul/tox-poetry-installer/"
__license__ = "MIT" __license__ = "MIT"
__authors__ = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"] __authors__ = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]

View File

@ -62,21 +62,22 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
""" """
from tox_poetry_installer import _poetry from tox_poetry_installer import _poetry
try:
def find_deps_of_deps(name: str, searched: Set[str]) -> PackageMap: def find_deps_of_deps(name: str, searched: Set[str]) -> PackageMap:
package = packages[name] searched.add(name)
transients: PackageMap = {}
searched.update([name])
if name in _poetry.Provider.UNSAFE_PACKAGES: if name in _poetry.Provider.UNSAFE_PACKAGES:
reporter.warning( reporter.warning(
f"{constants.REPORTER_PREFIX} Installing package '{name}' using Poetry is not supported; skipping installation of package '{name}'" f"{constants.REPORTER_PREFIX} Installing package '{name}' using Poetry is not supported and will be skipped"
) )
reporter.verbosity2( reporter.verbosity2(
f"{constants.REPORTER_PREFIX} Skip {package}: designated unsafe by Poetry" f"{constants.REPORTER_PREFIX} Skip {name}: designated unsafe by Poetry"
) )
elif not package.python_constraint.allows(constants.PLATFORM_VERSION): return dict()
transients: PackageMap = {}
package = packages[name]
if not package.python_constraint.allows(constants.PLATFORM_VERSION):
reporter.verbosity2( reporter.verbosity2(
f"{constants.REPORTER_PREFIX} Skip {package}: incompatible Python requirement '{package.python_constraint}' for current version '{constants.PLATFORM_VERSION}'" f"{constants.REPORTER_PREFIX} Skip {package}: incompatible Python requirement '{package.python_constraint}' for current version '{constants.PLATFORM_VERSION}'"
) )
@ -85,21 +86,36 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
f"{constants.REPORTER_PREFIX} Skip {package}: incompatible platform requirement '{package.platform}' for current platform '{sys.platform}'" f"{constants.REPORTER_PREFIX} Skip {package}: incompatible platform requirement '{package.platform}' for current platform '{sys.platform}'"
) )
else: else:
reporter.verbosity2(f"{constants.REPORTER_PREFIX} Include {package}") reporter.verbosity2(
f"{constants.REPORTER_PREFIX} Including {package} for installation"
)
transients[name] = package transients[name] = package
for dep in package.requires: for index, dep in enumerate(package.requires):
reporter.verbosity2(
f"{constants.REPORTER_PREFIX} Processing dependency {index + 1}/{len(package.requires)} for {package}: {dep.name}"
)
if dep.name not in searched: if dep.name not in searched:
transients.update(find_deps_of_deps(dep.name, searched)) transients.update(find_deps_of_deps(dep.name, searched))
else:
reporter.verbosity2(
f"{constants.REPORTER_PREFIX} Package with name '{dep.name}' has already been processed, skipping"
)
return transients return transients
searched: Set[str] = set() searched: Set[str] = set()
try:
transients: PackageMap = find_deps_of_deps( transients: PackageMap = find_deps_of_deps(
packages[dependency_name].name, searched packages[dependency_name].name, searched
) )
return set(transients.values())
except KeyError: except KeyError:
if dependency_name in _poetry.Provider.UNSAFE_PACKAGES:
reporter.warning(
f"{constants.REPORTER_PREFIX} Installing package '{dependency_name}' using Poetry is not supported and will be skipped"
)
return set()
if any( if any(
delimiter in dependency_name delimiter in dependency_name
for delimiter in constants.PEP508_VERSION_DELIMITERS for delimiter in constants.PEP508_VERSION_DELIMITERS
@ -107,10 +123,13 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
raise exceptions.LockedDepVersionConflictError( raise exceptions.LockedDepVersionConflictError(
f"Locked dependency '{dependency_name}' cannot include version specifier" f"Locked dependency '{dependency_name}' cannot include version specifier"
) from None ) from None
raise exceptions.LockedDepNotFoundError( raise exceptions.LockedDepNotFoundError(
f"No version of locked dependency '{dependency_name}' found in the project lockfile" f"No version of locked dependency '{dependency_name}' found in the project lockfile"
) from None ) from None
return set(transients.values())
def check_preconditions(venv: ToxVirtualEnv, action: ToxAction) -> "_poetry.Poetry": def check_preconditions(venv: ToxVirtualEnv, action: ToxAction) -> "_poetry.Poetry":
"""Check that the local project environment meets expectations""" """Check that the local project environment meets expectations"""