Merge pull request #39 from enpaul/enp/bugfixes

Misc Bugfixes
This commit is contained in:
Ethan Paul 2021-01-22 19:27:43 -05:00 committed by GitHub
commit e3b3b19b31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 49 additions and 11 deletions

View File

@ -40,9 +40,7 @@ jobs:
- name: Setup:env
run: .github/scripts/setup-env.sh
- name: Run:${{ matrix.python.toxenv }}
run: $HOME/ci/bin/tox \
-e ${{ matrix.python.toxenv }} \
--require-poetry
run: $HOME/ci/bin/tox -e ${{ matrix.python.toxenv }} --require-poetry
Check:
runs-on: ubuntu-latest
steps:

View File

@ -2,6 +2,20 @@
See also: [Github Release Page](https://github.com/enpaul/tox-poetry-installer/releases).
## Version 0.6.2
View this release on:
[Github](https://github.com/enpaul/tox-poetry-installer/releases/tag/0.6.2),
[PyPI](https://pypi.org/project/tox-poetry-installer/0.6.2/)
* Update locked version of `py` to `1.10.0` to address
[CVE-2020-29651](https://nvd.nist.gov/vuln/detail/CVE-2020-29651)
* Fix dependency identification failing when the package under test is a transient dependency
of a locked dependency specified for installation
* Fix `AttributeError` being raised while creating the Tox self-provisioned environment when
using either the [`minversion`](https://tox.readthedocs.io/en/latest/config.html#conf-minversion)
or [`requires`](https://tox.readthedocs.io/en/latest/config.html#conf-requires) Tox config options
## Version 0.6.1

View File

@ -1,6 +1,6 @@
[tool.poetry]
name = "tox-poetry-installer"
version = "0.6.1"
version = "0.6.2"
license = "MIT"
authors = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]
description = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"

View File

@ -1,7 +1,7 @@
# pylint: disable=missing-docstring
__title__ = "tox-poetry-installer"
__summary__ = "Tox plugin to install Tox environment dependencies using the Poetry backend and lockfile"
__version__ = "0.6.1"
__version__ = "0.6.2"
__url__ = "https://github.com/enpaul/tox-poetry-installer/"
__license__ = "MIT"
__authors__ = ["Ethan Paul <24588726+enpaul@users.noreply.github.com>"]

View File

@ -112,7 +112,9 @@ def tox_testenv_install_deps(venv: ToxVirtualEnv, action: ToxAction) -> Optional
env_deps: List[PoetryPackage] = []
for dep in venv.envconfig.locked_deps:
env_deps += utilities.find_transients(package_map, dep.lower())
env_deps += utilities.find_transients(
package_map, dep.lower(), allow_missing=[poetry.package.name]
)
reporter.verbosity1(
f"{constants.REPORTER_PREFIX} Identified {len(env_deps)} environment dependencies to install to env"
)

View File

@ -48,13 +48,17 @@ def install_to_venv(
installer.install(dependency)
def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPackage]:
def find_transients(
packages: PackageMap, dependency_name: str, allow_missing: Sequence[str] = ()
) -> Set[PoetryPackage]:
"""Using a poetry object identify all dependencies of a specific dependency
:param poetry: Populated poetry object which can be used to build a populated locked
repository object.
:param packages: All packages from the lockfile to use for identifying dependency relationships.
:param dependency_name: Bare name (without version) of the dependency to fetch the transient
dependencies of.
:param allow_missing: Sequence of package names to allow to be missing from the lockfile. Any
packages that are not found in the lockfile but their name appears in this
list will be silently skipped from installation.
:returns: List of packages that need to be installed for the requested dependency.
.. note:: The package corresponding to the dependency named by ``dependency_name`` is included
@ -75,7 +79,15 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
return dict()
transients: PackageMap = {}
try:
package = packages[name]
except KeyError as err:
if name in allow_missing:
reporter.verbosity2(
f"{constants.REPORTER_PREFIX} Skip {name}: package is not in lockfile but designated as allowed to be missing"
)
return dict()
raise err
if not package.python_constraint.allows(constants.PLATFORM_VERSION):
reporter.verbosity2(
@ -133,6 +145,16 @@ def find_transients(packages: PackageMap, dependency_name: str) -> Set[PoetryPac
def check_preconditions(venv: ToxVirtualEnv, action: ToxAction) -> "_poetry.Poetry":
"""Check that the local project environment meets expectations"""
# Skip running the plugin for the provisioning environment. The provisioned environment,
# for alternative Tox versions and/or the ``requires`` meta dependencies is specially
# handled by Tox and is out of scope for this plugin. Since one of the ways to install this
# plugin in the first place is via the Tox provisioning environment, it quickly becomes a
# chicken-and-egg problem.
if action.name == venv.envconfig.config.provision_tox_env:
raise exceptions.SkipEnvironment(
f"Skipping Tox provisioning env '{action.name}'"
)
# Skip running the plugin for the packaging environment. PEP-517 front ends can handle
# that better than we can, so let them do their thing. More to the point: if you're having
# problems in the packaging env that this plugin would solve, god help you.
@ -190,6 +212,8 @@ def find_project_dependencies(
dependencies: List[PoetryPackage] = []
for dep in base_dependencies + extra_dependencies:
dependencies += find_transients(packages, dep.name.lower())
dependencies += find_transients(
packages, dep.name.lower(), allow_missing=[poetry.package.name]
)
return dependencies