Skip to content

Commit

Permalink
Remove code handling pyproject.lock files
Browse files Browse the repository at this point in the history 
Poetry no longer supports them.
  • Loading branch information
@deivid-rodriguez @jeffwidman
deivid-rodriguez authored and jeffwidman committed Aug 18, 2023
1 parent 1dfd94e commit c4c6b25
Show file tree
Hide file tree
Showing 33 changed files with 54 additions and 110 deletions.
8 changes: 1 addition & 7 deletions python/lib/dependabot/python/file_fetcher.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,7 +91,7 @@ def pipenv_files
end

def pyproject_files
[pyproject, pyproject_lock, poetry_lock, pdm_lock].compact
[pyproject, poetry_lock, pdm_lock].compact
end

def requirement_files
Expand Down Expand Up @@ -166,12 +166,6 @@ def pyproject
@pyproject = fetch_file_if_present("pyproject.toml")
end

def pyproject_lock
return @pyproject_lock if defined?(@pyproject_lock)

@pyproject_lock = fetch_file_if_present("pyproject.lock")
end

def poetry_lock
return @poetry_lock if defined?(@poetry_lock)

Expand Down
4 changes: 0 additions & 4 deletions python/lib/dependabot/python/file_parser.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -208,10 +208,6 @@ def pyproject
@pyproject ||= get_original_file("pyproject.toml")
end

def pyproject_lock
@pyproject_lock ||= get_original_file("pyproject.lock")
end

def poetry_lock
@poetry_lock ||= get_original_file("poetry.lock")
end
Expand Down
14 changes: 1 addition & 13 deletions python/lib/dependabot/python/file_parser/pyproject_files_parser.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -194,12 +194,6 @@ def parsed_pyproject
raise Dependabot::DependencyFileNotParseable, pyproject.path
end

def parsed_pyproject_lock
@parsed_pyproject_lock ||= TomlRB.parse(pyproject_lock.content)
rescue TomlRB::ParseError, TomlRB::ValueOverwriteError
raise Dependabot::DependencyFileNotParseable, pyproject_lock.path
end

def parsed_poetry_lock
@parsed_poetry_lock ||= TomlRB.parse(poetry_lock.content)
rescue TomlRB::ParseError, TomlRB::ValueOverwriteError
Expand All @@ -212,7 +206,7 @@ def pyproject
end

def lockfile
poetry_lock || pyproject_lock
poetry_lock
end

def parsed_pep621_dependencies
Expand All @@ -235,12 +229,6 @@ def write_temporary_pyproject

def parsed_lockfile
return parsed_poetry_lock if poetry_lock
return parsed_pyproject_lock if pyproject_lock
end

def pyproject_lock
@pyproject_lock ||=
dependency_files.find { |f| f.name == "pyproject.lock" }
end

def poetry_lock
Expand Down
6 changes: 1 addition & 5 deletions python/lib/dependabot/python/file_updater.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ def resolver_type

def subdependency_resolver
return :pipfile if pipfile_lock
return :poetry if poetry_lock || pyproject_lock
return :poetry if poetry_lock
return :pip_compile if pip_compile_files.any?

raise "Claimed to be a sub-dependency, but no lockfile exists!"
Expand Down Expand Up @@ -144,10 +144,6 @@ def pyproject
@pyproject ||= get_original_file("pyproject.toml")
end

def pyproject_lock
@pyproject_lock ||= get_original_file("pyproject.lock")
end

def poetry_lock
@poetry_lock ||= get_original_file("poetry.lock")
end
Expand Down
10 changes: 2 additions & 8 deletions python/lib/dependabot/python/file_updater/poetry_file_updater.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,9 +182,7 @@ def updated_lockfile_content_for(pyproject_content)

run_poetry_update_command

return File.read("poetry.lock") if File.exist?("poetry.lock")

File.read("pyproject.lock")
File.read("poetry.lock")
end
end
end
Expand Down Expand Up @@ -313,17 +311,13 @@ def pyproject
end

def lockfile
@lockfile ||= pyproject_lock || poetry_lock
@lockfile ||= poetry_lock
end

def python_helper_path
NativeHelpers.python_helper_path
end

def pyproject_lock
dependency_files.find { |f| f.name == "pyproject.lock" }
end

def poetry_lock
dependency_files.find { |f| f.name == "poetry.lock" }
end
Expand Down
8 changes: 2 additions & 6 deletions python/lib/dependabot/python/update_checker.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ def updated_requirements
requirements: requirements,
latest_resolvable_version: preferred_resolvable_version&.to_s,
update_strategy: requirements_update_strategy,
has_lockfile: !(pipfile_lock || poetry_lock || pyproject_lock).nil?
has_lockfile: !(pipfile_lock || poetry_lock).nil?
).updated_requirements
end

Expand Down Expand Up @@ -143,7 +143,7 @@ def resolver_type

def subdependency_resolver
return :pipenv if pipfile_lock
return :poetry if poetry_lock || pyproject_lock
return :poetry if poetry_lock
return :pip_compile if pip_compile_files.any?

raise "Claimed to be a sub-dependency, but no lockfile exists!"
Expand Down Expand Up @@ -315,10 +315,6 @@ def pyproject
dependency_files.find { |f| f.name == "pyproject.toml" }
end

def pyproject_lock
dependency_files.find { |f| f.name == "pyproject.lock" }
end

def poetry_lock
dependency_files.find { |f| f.name == "poetry.lock" }
end
Expand Down
12 changes: 2 additions & 10 deletions python/lib/dependabot/python/update_checker/poetry_version_resolver.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,11 +88,7 @@ def fetch_latest_resolvable_version_string(requirement:)
# Shell out to Poetry, which handles everything for us.
run_poetry_update_command

updated_lockfile =
if File.exist?("poetry.lock") then File.read("poetry.lock")
else
File.read("pyproject.lock")
end
updated_lockfile = File.read("poetry.lock")
updated_lockfile = TomlRB.parse(updated_lockfile)

fetch_version_from_parsed_lockfile(updated_lockfile)
Expand Down Expand Up @@ -310,16 +306,12 @@ def pyproject
dependency_files.find { |f| f.name == "pyproject.toml" }
end

def pyproject_lock
dependency_files.find { |f| f.name == "pyproject.lock" }
end

def poetry_lock
dependency_files.find { |f| f.name == "poetry.lock" }
end

def lockfile
poetry_lock || pyproject_lock
poetry_lock
end

def run_poetry_command(command, fingerprint: nil)
Expand Down
48 changes: 18 additions & 30 deletions python/spec/dependabot/python/file_parser/pyproject_files_parser_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,51 +107,39 @@
let(:poetry_lock) do
Dependabot::DependencyFile.new(
name: "poetry.lock",
content: pyproject_lock_body
content: poetry_lock_body
)
end
let(:pyproject_lock_body) do
fixture("pyproject_locks", pyproject_lock_fixture_name)
let(:poetry_lock_body) do
fixture("poetry_locks", poetry_lock_fixture_name)
end
let(:pyproject_lock_fixture_name) { "poetry.lock" }
let(:poetry_lock_fixture_name) { "poetry.lock" }

its(:length) { is_expected.to eq(36) }

it "doesn't include the Python requirement" do
expect(dependencies.map(&:name)).to_not include("python")
end

context "that is called pyproject.lock (legacy name)" do
let(:files) { [pyproject, pyproject_lock] }
let(:pyproject_lock) do
Dependabot::DependencyFile.new(
name: "pyproject.lock",
content: pyproject_lock_body
)
end

its(:length) { is_expected.to eq(36) }

describe "a development sub-dependency" do
subject(:dep) { dependencies.find { |d| d.name == "atomicwrites" } }
describe "a development sub-dependency" do
subject(:dep) { dependencies.find { |d| d.name == "atomicwrites" } }

its(:subdependency_metadata) do
is_expected.to eq([{ production: false }])
end
its(:subdependency_metadata) do
is_expected.to eq([{ production: false }])
end
end

describe "a production sub-dependency" do
subject(:dep) { dependencies.find { |d| d.name == "certifi" } }
describe "a production sub-dependency" do
subject(:dep) { dependencies.find { |d| d.name == "certifi" } }

its(:subdependency_metadata) do
is_expected.to eq([{ production: true }])
end
its(:subdependency_metadata) do
is_expected.to eq([{ production: true }])
end
end

context "with a path dependency" do
let(:pyproject_fixture_name) { "dir_dependency.toml" }
let(:pyproject_lock_fixture_name) { "dir_dependency.lock" }
let(:poetry_lock_fixture_name) { "dir_dependency.lock" }
subject(:dependency_names) { dependencies.map(&:name) }

it "excludes the path dependency" do
Expand All @@ -165,7 +153,7 @@

context "with a git dependency" do
let(:pyproject_fixture_name) { "git_dependency.toml" }
let(:pyproject_lock_fixture_name) { "git_dependency.lock" }
let(:poetry_lock_fixture_name) { "git_dependency.lock" }

it "excludes the git dependency" do
expect(dependencies.map(&:name)).to_not include("toml")
Expand All @@ -174,7 +162,7 @@

context "with a url dependency" do
let(:pyproject_fixture_name) { "url_dependency.toml" }
let(:pyproject_lock_fixture_name) { "url_dependency.lock" }
let(:poetry_lock_fixture_name) { "url_dependency.lock" }

it "excludes the url dependency" do
expect(dependencies.map(&:name)).to_not include("toml")
Expand Down Expand Up @@ -294,9 +282,9 @@
)
end
let(:pdm_lock_body) do
fixture("pyproject_locks", pyproject_lock_fixture_name)
fixture("poetry_locks", poetry_lock_fixture_name)
end
let(:pyproject_lock_fixture_name) { "pdm_example.lock" }
let(:poetry_lock_fixture_name) { "pdm_example.lock" }
let(:files) { [pyproject, pdm_lock] }

subject(:dependencies) { parser.dependency_set.dependencies }
Expand Down
10 changes: 5 additions & 5 deletions python/spec/dependabot/python/file_parser_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1212,18 +1212,18 @@
end
end

context "with a pyproject.toml in poetry format and pyproject.lock legacy poetry lock file" do
let(:files) { [pyproject, pyproject_lock] }
context "with a pyproject.toml in poetry format and a lock file" do
let(:files) { [pyproject, poetry_lock] }
let(:pyproject) do
Dependabot::DependencyFile.new(
name: "pyproject.toml",
content: fixture("pyproject_files", "basic_poetry_dependencies.toml")
)
end
let(:pyproject_lock) do
let(:poetry_lock) do
Dependabot::DependencyFile.new(
name: "pyproject.lock",
content: fixture("pyproject_locks", "poetry.lock")
name: "poetry.lock",
content: fixture("poetry_locks", "poetry.lock")
)
end

Expand Down
14 changes: 7 additions & 7 deletions python/spec/dependabot/python/file_updater/poetry_file_updater_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,8 +25,8 @@
end
let(:lockfile) do
Dependabot::DependencyFile.new(
name: "pyproject.lock",
content: fixture("pyproject_locks", lockfile_fixture_name)
name: "poetry.lock",
content: fixture("poetry_locks", lockfile_fixture_name)
)
end
let(:pyproject_fixture_name) { "version_not_specified.toml" }
Expand Down Expand Up @@ -65,9 +65,9 @@
subject(:updated_files) { updater.updated_dependency_files }

it "updates the lockfile successfully (and doesn't affect other deps)" do
expect(updated_files.map(&:name)).to eq(%w(pyproject.lock))
expect(updated_files.map(&:name)).to eq(%w(poetry.lock))

updated_lockfile = updated_files.find { |f| f.name == "pyproject.lock" }
updated_lockfile = updated_files.find { |f| f.name == "poetry.lock" }

lockfile_obj = TomlRB.parse(updated_lockfile.content)
requests = lockfile_obj["package"].find { |d| d["name"] == "requests" }
Expand Down Expand Up @@ -106,7 +106,7 @@
end

it "updates the lockfile successfully" do
updated_lockfile = updated_files.find { |f| f.name == "pyproject.lock" }
updated_lockfile = updated_files.find { |f| f.name == "poetry.lock" }

lockfile_obj = TomlRB.parse(updated_lockfile.content)
requests = lockfile_obj["package"].find { |d| d["name"] == "requests" }
Expand Down Expand Up @@ -144,7 +144,7 @@
)
end
it "updates the lockfile" do
updated_lockfile = updated_files.find { |f| f.name == "pyproject.lock" }
updated_lockfile = updated_files.find { |f| f.name == "poetry.lock" }

lockfile_obj = TomlRB.parse(updated_lockfile.content)
requests = lockfile_obj["package"].find { |d| d["name"] == "django" }
Expand Down Expand Up @@ -337,7 +337,7 @@
let(:lockfile) do
Dependabot::DependencyFile.new(
name: "poetry.lock",
content: fixture("pyproject_locks", lockfile_fixture_name)
content: fixture("poetry_locks", lockfile_fixture_name)
)
end

Expand Down
Loading

0 comments on commit c4c6b25

Please sign in to comment.