-
Notifications
You must be signed in to change notification settings - Fork 3.1k
Add pylock parser and validator #13369
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Draft
sbidoul
wants to merge
37
commits into
pypa:main
Choose a base branch
from
sbidoul:pylock-parser_sbi
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Draft
Changes from all commits
Commits
Show all changes
37 commits
Select commit
Hold shift + click to select a range
378fa93
Add pylock parser and validator
sbidoul 910cee3
pylock: use Version type instead of str
sbidoul 0d32f8b
pylock: support package.marker
sbidoul 72936fe
pylock: support requires-python
sbidoul bbf16bc
pylock: parse environments
sbidoul dd6b915
pylock: parse package size
sbidoul 2d0fa1d
pylock: refine validation of package sources
sbidoul 1fe4d40
pylock: packages list is requried
sbidoul 561ecbe
pylock: remove unused argument
sbidoul 938c150
pylock: improve getters
sbidoul 9778ac7
pylock: test file name validator
sbidoul fbc7a98
pylock: don't import typing_extensions at runtime
sbidoul e91e8ba
pylock: type-fu
sbidoul f40e1f8
pylock: refine and test some validation erros
sbidoul d1ade91
pylock: refactor
sbidoul f51ba7e
pylock: remove unused attribute
sbidoul a1a962e
pylock: factor out _get_list
sbidoul f3400ab
pylock: read extras, dependency_groups, default_groups
sbidoul ce4a2dd
pylock: read tool sections
sbidoul 71e1738
pylock: read upload_time
sbidoul 424e574
pylock: read dependencies field
sbidoul c291de2
pylock: read attestation-identities field
sbidoul 75b0e1c
pylock: move toml export function to utils
sbidoul 679b559
pylock: read index field
sbidoul 367d558
pylock: validate hashes
sbidoul 0bf4617
pylock: factorize path/url validation
sbidoul 4598342
pylock: declare exported names
sbidoul a648002
pylock: rename is_valid_pylock_file_name
sbidoul ad033f7
pylock: tune dataclasses
sbidoul 92b3b88
pylock: handwoven constructors
sbidoul 11ad4c1
pylock: add is_direct property
sbidoul d5bc7c7
pylock: use abstract classes
sbidoul a895ec2
pylock: sdist/wheel name is optional
sbidoul 11143fd
pylock: validate package name normalization
sbidoul 9114668
pylock: preserve distinction between absent and empty extras and depd…
sbidoul 669e28f
pylock: algorithms_guaranteed is a SHOULD
sbidoul c3eceab
pylock: new style type annotations
sbidoul File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I’m thinking, in many situations it might not actually be desirable to use a relative path. Not sure if there’s a good way to tell which way the user wants each package to be. Since outputting to stdout always generates an absolute path, maybe it’s less confusing if absolute path is the default when you output to a file too, and you need to somehow tell pip to use a relative path explicitly. Something similar to how we have
--only-binaryfor install? I don’t know.Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure either. I'd say relative paths below the
pylock.tomllocation is a good default. And it gives a nice result for the commonpip lock -e ..Anyway, I'm going to remove this change from this PR and handle that separately.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel as though when you generate a pylock file, it makes sense for the paths to be relative to the location of the file. But when you generate to stdout (which has no location), it makes sense for paths to be absolute. As you say, though, maybe we don't want relative paths that go up in the filesystem hierarchy.
I'd go with:
But it's debatable enough that I think doing it as a separate PR is sensible.