From 93c803d04977add92398d7e13463c2797af2736f Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Mon, 16 Jan 2023 19:37:19 +0100 Subject: [PATCH 01/10] Fail gracefully at parsing setup.py with no deps. Raise an exception in 'get_requirements_from_python_manifest' only if dependencies are defined in 'setup.py'. Signed-off-by: Bennati, Stefano --- src/python_inspector/resolution.py | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/src/python_inspector/resolution.py b/src/python_inspector/resolution.py index 8ee9dabc..e86cac5b 100644 --- a/src/python_inspector/resolution.py +++ b/src/python_inspector/resolution.py @@ -10,6 +10,7 @@ import operator import os import tarfile +import re from typing import Dict from typing import Generator from typing import List @@ -299,11 +300,17 @@ def get_requirements_from_python_manifest( ) else: - # We should not raise exception here as we may have a setup.py that does not - # have any dependencies. We should not fail in this case. - raise Exception( - f"Unable to collect setup.py dependencies securely: {setup_py_location}" - ) + # Do not raise exception here as we may have a setup.py that does not + # have any dependencies. + with(open(setup_py_location)) as sf: + install_requires = [] + parameters = re.sub(r"\s", "", re.findall(r'install_requires[\s]*=[\s]*\[[^\]]*\]', + sf.read())[0]) + exec(parameters) # update 'install_requires' from setup.py + if install_requires != []: + raise Exception( + f"Unable to collect setup.py dependencies securely: {setup_py_location}" + ) DEFAULT_ENVIRONMENT = utils_pypi.Environment.from_pyver_and_os( From 1fb0affda39dee37b582d23aaeb5c95c593a621d Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Mon, 23 Jan 2023 13:18:36 +0100 Subject: [PATCH 02/10] fix tests Signed-off-by: Bennati, Stefano --- tests/data/pinned-requirements.txt-expected.json | 2 +- tests/data/single-url-except-simple-expected.json | 2 +- tests/data/test-api-expected.json | 2 +- tests/data/test-api-with-prefer-source.json | 2 +- tests/data/test-api-with-python-311.json | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/tests/data/pinned-requirements.txt-expected.json b/tests/data/pinned-requirements.txt-expected.json index 67a1517c..a6a75f13 100644 --- a/tests/data/pinned-requirements.txt-expected.json +++ b/tests/data/pinned-requirements.txt-expected.json @@ -5147,4 +5147,4 @@ "dependencies": [] } ] -} \ No newline at end of file +} diff --git a/tests/data/single-url-except-simple-expected.json b/tests/data/single-url-except-simple-expected.json index 1f0604c3..7b311f78 100644 --- a/tests/data/single-url-except-simple-expected.json +++ b/tests/data/single-url-except-simple-expected.json @@ -1043,4 +1043,4 @@ "dependencies": [] } ] -} \ No newline at end of file +} diff --git a/tests/data/test-api-expected.json b/tests/data/test-api-expected.json index ed947eb2..a0f37c35 100644 --- a/tests/data/test-api-expected.json +++ b/tests/data/test-api-expected.json @@ -805,4 +805,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/tests/data/test-api-with-prefer-source.json b/tests/data/test-api-with-prefer-source.json index 465307fd..8e1c1b5d 100644 --- a/tests/data/test-api-with-prefer-source.json +++ b/tests/data/test-api-with-prefer-source.json @@ -421,4 +421,4 @@ ] } ] -} \ No newline at end of file +} diff --git a/tests/data/test-api-with-python-311.json b/tests/data/test-api-with-python-311.json index 465307fd..8e1c1b5d 100644 --- a/tests/data/test-api-with-python-311.json +++ b/tests/data/test-api-with-python-311.json @@ -421,4 +421,4 @@ ] } ] -} \ No newline at end of file +} From 674498336ac0524f15cf3ce862ff1ba79a44c69c Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Mon, 23 Jan 2023 14:31:08 +0100 Subject: [PATCH 03/10] Fix formatting with 'make valid' Signed-off-by: Bennati, Stefano --- etc/scripts/check_thirdparty.py | 1 - etc/scripts/fetch_thirdparty.py | 3 +-- .../test_utils_pip_compatibility_tags.py | 3 +-- etc/scripts/test_utils_pypi_supported_tags.py | 1 - etc/scripts/utils_dejacode.py | 1 - etc/scripts/utils_pip_compatibility_tags.py | 11 +++----- etc/scripts/utils_thirdparty.py | 3 +-- src/_packagedcode/models.py | 14 +++------- src/_packagedcode/pypi.py | 26 +++++++++---------- src/_packagedcode/utils.py | 3 ++- src/python_inspector/resolution.py | 9 ++++--- 11 files changed, 30 insertions(+), 45 deletions(-) diff --git a/etc/scripts/check_thirdparty.py b/etc/scripts/check_thirdparty.py index b052f25b..999d1125 100644 --- a/etc/scripts/check_thirdparty.py +++ b/etc/scripts/check_thirdparty.py @@ -9,7 +9,6 @@ # See https://aboutcode.org for more information about nexB OSS projects. # import click - import utils_thirdparty diff --git a/etc/scripts/fetch_thirdparty.py b/etc/scripts/fetch_thirdparty.py index 89d17ded..31921f0e 100644 --- a/etc/scripts/fetch_thirdparty.py +++ b/etc/scripts/fetch_thirdparty.py @@ -14,9 +14,8 @@ import sys import click - -import utils_thirdparty import utils_requirements +import utils_thirdparty TRACE = False TRACE_DEEP = False diff --git a/etc/scripts/test_utils_pip_compatibility_tags.py b/etc/scripts/test_utils_pip_compatibility_tags.py index 98187c56..15cff454 100644 --- a/etc/scripts/test_utils_pip_compatibility_tags.py +++ b/etc/scripts/test_utils_pip_compatibility_tags.py @@ -25,11 +25,10 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ -from unittest.mock import patch import sysconfig +from unittest.mock import patch import pytest - import utils_pip_compatibility_tags diff --git a/etc/scripts/test_utils_pypi_supported_tags.py b/etc/scripts/test_utils_pypi_supported_tags.py index d291572d..576321ee 100644 --- a/etc/scripts/test_utils_pypi_supported_tags.py +++ b/etc/scripts/test_utils_pypi_supported_tags.py @@ -11,7 +11,6 @@ # limitations under the License. import pytest - from utils_pypi_supported_tags import validate_platforms_for_pypi """ diff --git a/etc/scripts/utils_dejacode.py b/etc/scripts/utils_dejacode.py index f28e2479..005ca07f 100644 --- a/etc/scripts/utils_dejacode.py +++ b/etc/scripts/utils_dejacode.py @@ -14,7 +14,6 @@ import requests import saneyaml - from packaging import version as packaging_version """ diff --git a/etc/scripts/utils_pip_compatibility_tags.py b/etc/scripts/utils_pip_compatibility_tags.py index 5d5eb34c..2b8da6e7 100644 --- a/etc/scripts/utils_pip_compatibility_tags.py +++ b/etc/scripts/utils_pip_compatibility_tags.py @@ -27,14 +27,9 @@ import re -from packaging.tags import ( - compatible_tags, - cpython_tags, - generic_tags, - interpreter_name, - interpreter_version, - mac_platforms, -) +from packaging.tags import (compatible_tags, cpython_tags, generic_tags, + interpreter_name, interpreter_version, + mac_platforms) _osx_arch_pat = re.compile(r"(.+)_(\d+)_(\d+)_(.+)") diff --git a/etc/scripts/utils_thirdparty.py b/etc/scripts/utils_thirdparty.py index 53f2d33c..64e5c0ff 100644 --- a/etc/scripts/utils_thirdparty.py +++ b/etc/scripts/utils_thirdparty.py @@ -25,14 +25,13 @@ import packageurl import requests import saneyaml +import utils_pip_compatibility_tags from commoncode import fileutils from commoncode.hash import multi_checksums from commoncode.text import python_safe_name from packaging import tags as packaging_tags from packaging import version as packaging_version -import utils_pip_compatibility_tags - """ Utilities to manage Python thirparty libraries source, binaries and metadata in local directories and remote repositories. diff --git a/src/_packagedcode/models.py b/src/_packagedcode/models.py index 4fa67c00..a7aa8485 100644 --- a/src/_packagedcode/models.py +++ b/src/_packagedcode/models.py @@ -13,19 +13,13 @@ from fnmatch import fnmatchcase import attr -from packageurl import normalize_qualifiers -from packageurl import PackageURL - from commoncode import filetype -from commoncode.datautils import choices -from commoncode.datautils import Boolean -from commoncode.datautils import Date -from commoncode.datautils import Integer -from commoncode.datautils import List -from commoncode.datautils import Mapping -from commoncode.datautils import String +from commoncode.datautils import (Boolean, Date, Integer, List, Mapping, + String, choices) from commoncode.fileutils import as_posixpath from commoncode.resource import Resource +from packageurl import PackageURL, normalize_qualifiers + try: from typecode import contenttype except ImportError: diff --git a/src/_packagedcode/pypi.py b/src/_packagedcode/pypi.py index 962bafde..da1a351b 100644 --- a/src/_packagedcode/pypi.py +++ b/src/_packagedcode/pypi.py @@ -9,37 +9,37 @@ # import ast -from configparser import ConfigParser +import base64 import copy import json import logging -from pathlib import Path import os import re import sys -from typing import NamedTuple import tempfile import zipfile +from configparser import ConfigParser +from pathlib import Path +from typing import NamedTuple + import dparse2 +# FIXME: we always want to use the external library rather than the built-in for now +import importlib_metadata import packvers as packaging import pip_requirements_parser import pkginfo2 from commoncode import fileutils -from packvers.specifiers import SpecifierSet +from commoncode.fileutils import as_posixpath from packageurl import PackageURL from packvers import markers from packvers.requirements import Requirement +from packvers.specifiers import SpecifierSet from packvers.utils import canonicalize_name -from _packagedcode import models -from _packagedcode.utils import build_description -from _packagedcode.utils import combine_expressions -from _packagedcode.utils import yield_dependencies_from_package_data -from _packagedcode.utils import yield_dependencies_from_package_resource -# FIXME: we always want to use the external library rather than the built-in for now -import importlib_metadata -import base64 -from commoncode.fileutils import as_posixpath +from _packagedcode import models +from _packagedcode.utils import (build_description, combine_expressions, + yield_dependencies_from_package_data, + yield_dependencies_from_package_resource) try: from zipfile import Path as ZipPath diff --git a/src/_packagedcode/utils.py b/src/_packagedcode/utils.py index 1cddc775..416bf18f 100644 --- a/src/_packagedcode/utils.py +++ b/src/_packagedcode/utils.py @@ -9,7 +9,8 @@ try: from license_expression import Licensing - from license_expression import combine_expressions as le_combine_expressions + from license_expression import \ + combine_expressions as le_combine_expressions except: Licensing = None le_combine_expressions = None diff --git a/src/python_inspector/resolution.py b/src/python_inspector/resolution.py index e86cac5b..1b3a04d3 100644 --- a/src/python_inspector/resolution.py +++ b/src/python_inspector/resolution.py @@ -9,8 +9,8 @@ import operator import os -import tarfile import re +import tarfile from typing import Dict from typing import Generator from typing import List @@ -302,10 +302,11 @@ def get_requirements_from_python_manifest( else: # Do not raise exception here as we may have a setup.py that does not # have any dependencies. - with(open(setup_py_location)) as sf: + with (open(setup_py_location)) as sf: install_requires = [] - parameters = re.sub(r"\s", "", re.findall(r'install_requires[\s]*=[\s]*\[[^\]]*\]', - sf.read())[0]) + parameters = re.sub( + r"\s", "", re.findall(r"install_requires[\s]*=[\s]*\[[^\]]*\]", sf.read())[0] + ) exec(parameters) # update 'install_requires' from setup.py if install_requires != []: raise Exception( From 01e839c7bb56653e9374da40811a500fe2ff9712 Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Fri, 27 Jan 2023 09:11:00 +0100 Subject: [PATCH 04/10] Remove 'exec' function to make processing secure. Signed-off-by: Bennati, Stefano --- src/python_inspector/resolution.py | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/src/python_inspector/resolution.py b/src/python_inspector/resolution.py index 1b3a04d3..4da8fa42 100644 --- a/src/python_inspector/resolution.py +++ b/src/python_inspector/resolution.py @@ -303,15 +303,13 @@ def get_requirements_from_python_manifest( # Do not raise exception here as we may have a setup.py that does not # have any dependencies. with (open(setup_py_location)) as sf: - install_requires = [] - parameters = re.sub( - r"\s", "", re.findall(r"install_requires[\s]*=[\s]*\[[^\]]*\]", sf.read())[0] - ) - exec(parameters) # update 'install_requires' from setup.py - if install_requires != []: - raise Exception( - f"Unable to collect setup.py dependencies securely: {setup_py_location}" - ) + match = re.search(r"install_requires[\s]*=[\s]*\[([^\]]*)\]", sf.read()) + if match is not None: + install_requires = re.sub(r"\s", "", match.group(1)) + if install_requires != "": + raise Exception( + f"Unable to collect setup.py dependencies securely: {setup_py_location}" + ) DEFAULT_ENVIRONMENT = utils_pypi.Environment.from_pyver_and_os( From 25fc03f671b95c0f24cfda120fc8d9643bcdd04b Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Fri, 27 Jan 2023 16:34:31 +0100 Subject: [PATCH 05/10] add tests Signed-off-by: Bennati, Stefano --- .../data/secure-setup/setup-emptyrequires.py | 41 ++++++++++++++++++ tests/data/secure-setup/setup-norequires.py | 40 ++++++++++++++++++ tests/data/secure-setup/setup-requires.py | 41 ++++++++++++++++++ tests/test_resolution.py | 42 +++++++++++++++++++ 4 files changed, 164 insertions(+) create mode 100644 tests/data/secure-setup/setup-emptyrequires.py create mode 100644 tests/data/secure-setup/setup-norequires.py create mode 100644 tests/data/secure-setup/setup-requires.py diff --git a/tests/data/secure-setup/setup-emptyrequires.py b/tests/data/secure-setup/setup-emptyrequires.py new file mode 100644 index 00000000..511cd08f --- /dev/null +++ b/tests/data/secure-setup/setup-emptyrequires.py @@ -0,0 +1,41 @@ +""" +Copyright 2018 Matthew Aynalem + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +""" +from distutils.core import setup + +from setuptools import find_packages + +setup( + name="packer.py", + version="0.3.0", + author="Matthew Aynalem", + author_email="maynalem@gmail.com", + packages=["packerpy"], + url="https://github.com/mayn/packer.py", + license="Apache License 2.0", + description="packer.py - python library to run hashicorp packer CLI commands", + keywords="hashicorp packer", + long_description=open("README.rst").read(), + install_requires=[], + classifiers=[ + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 2.7", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.4", + "Programming Language :: Python :: 3.5", + "Programming Language :: Python :: 3.6", + ], +) diff --git a/tests/data/secure-setup/setup-norequires.py b/tests/data/secure-setup/setup-norequires.py new file mode 100644 index 00000000..7b7eb420 --- /dev/null +++ b/tests/data/secure-setup/setup-norequires.py @@ -0,0 +1,40 @@ +""" +Copyright 2018 Matthew Aynalem + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +""" +from distutils.core import setup + +from setuptools import find_packages + +setup( + name="packer.py", + version="0.3.0", + author="Matthew Aynalem", + author_email="maynalem@gmail.com", + packages=["packerpy"], + url="https://github.com/mayn/packer.py", + license="Apache License 2.0", + description="packer.py - python library to run hashicorp packer CLI commands", + keywords="hashicorp packer", + long_description=open("README.rst").read(), + classifiers=[ + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 2.7", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.4", + "Programming Language :: Python :: 3.5", + "Programming Language :: Python :: 3.6", + ], +) diff --git a/tests/data/secure-setup/setup-requires.py b/tests/data/secure-setup/setup-requires.py new file mode 100644 index 00000000..3947d20d --- /dev/null +++ b/tests/data/secure-setup/setup-requires.py @@ -0,0 +1,41 @@ +""" +Copyright 2018 Matthew Aynalem + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +""" +from distutils.core import setup + +from setuptools import find_packages + +setup( + name="packer.py", + version="0.3.0", + author="Matthew Aynalem", + author_email="maynalem@gmail.com", + packages=["packerpy"], + url="https://github.com/mayn/packer.py", + license="Apache License 2.0", + description="packer.py - python library to run hashicorp packer CLI commands", + keywords="hashicorp packer", + long_description=open("README.rst").read(), + install_requires=["requirement1", "requirement2"], + classifiers=[ + "License :: OSI Approved :: Apache Software License", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 2.7", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.4", + "Programming Language :: Python :: 3.5", + "Programming Language :: Python :: 3.6", + ], +) diff --git a/tests/test_resolution.py b/tests/test_resolution.py index ab833a69..33c59ef4 100644 --- a/tests/test_resolution.py +++ b/tests/test_resolution.py @@ -21,6 +21,7 @@ from python_inspector.error import NoVersionsFound from python_inspector.resolution import PythonInputProvider from python_inspector.resolution import get_requirements_from_dependencies +from python_inspector.resolution import get_requirements_from_python_manifest from python_inspector.resolution import is_valid_version from python_inspector.resolution import parse_reqs_from_setup_py_insecurely from python_inspector.utils_pypi import PYPI_PUBLIC_REPO @@ -241,6 +242,47 @@ def test_get_requirements_from_dependencies_with_editable_requirements(): assert requirements == [] +def test_get_requirements_from_python_manifest_securely(): + sdist_location = "tests/data/secure-setup" + setup_py_emptyrequires = "setup-emptyrequires.py" + setup_py_norequires = "setup-norequires.py" + setup_py_requires = "setup-requires.py" + analyze_setup_py_insecurely = False + try: + ret = list( + get_requirements_from_python_manifest( + sdist_location, + sdist_location + "/" + setup_py_norequires, + [sdist_location + "/" + setup_py_norequires], + analyze_setup_py_insecurely, + ) + ) + assert ret == [] + except Exception: + pytest.fail("Failure parsing setup.py where requirements are not provided.") + try: + ret = list( + get_requirements_from_python_manifest( + sdist_location, + sdist_location + "/" + setup_py_emptyrequires, + [sdist_location + "/" + setup_py_emptyrequires], + analyze_setup_py_insecurely, + ) + ) + assert ret == [] + except Exception: + pytest.fail("Failure getting empty requirements securely from setup.py.") + with pytest.raises(Exception): + ret = list( + get_requirements_from_python_manifest( + sdist_location, + sdist_location + "/" + setup_py_requires, + [sdist_location + "/" + setup_py_requires], + analyze_setup_py_insecurely, + ).next() + ) + + def test_setup_py_parsing_insecure(): setup_py_file = setup_test_env.get_test_loc("insecure-setup/setup.py") reqs = [str(req) for req in list(parse_reqs_from_setup_py_insecurely(setup_py=setup_py_file))] From 88be60551cc7c56802d0ba813f289b30cd16e40b Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Fri, 10 Feb 2023 11:26:42 +0100 Subject: [PATCH 06/10] fixup! Fix formatting with 'make valid' Signed-off-by: Bennati, Stefano --- etc/scripts/check_thirdparty.py | 1 + etc/scripts/fetch_thirdparty.py | 3 ++- .../test_utils_pip_compatibility_tags.py | 3 ++- etc/scripts/test_utils_pypi_supported_tags.py | 1 + etc/scripts/utils_dejacode.py | 1 + etc/scripts/utils_pip_compatibility_tags.py | 11 +++++--- etc/scripts/utils_thirdparty.py | 3 ++- src/_packagedcode/models.py | 14 +++++++--- src/_packagedcode/pypi.py | 26 +++++++++---------- src/_packagedcode/utils.py | 3 +-- 10 files changed, 41 insertions(+), 25 deletions(-) diff --git a/etc/scripts/check_thirdparty.py b/etc/scripts/check_thirdparty.py index 999d1125..b052f25b 100644 --- a/etc/scripts/check_thirdparty.py +++ b/etc/scripts/check_thirdparty.py @@ -9,6 +9,7 @@ # See https://aboutcode.org for more information about nexB OSS projects. # import click + import utils_thirdparty diff --git a/etc/scripts/fetch_thirdparty.py b/etc/scripts/fetch_thirdparty.py index 31921f0e..89d17ded 100644 --- a/etc/scripts/fetch_thirdparty.py +++ b/etc/scripts/fetch_thirdparty.py @@ -14,8 +14,9 @@ import sys import click -import utils_requirements + import utils_thirdparty +import utils_requirements TRACE = False TRACE_DEEP = False diff --git a/etc/scripts/test_utils_pip_compatibility_tags.py b/etc/scripts/test_utils_pip_compatibility_tags.py index 15cff454..98187c56 100644 --- a/etc/scripts/test_utils_pip_compatibility_tags.py +++ b/etc/scripts/test_utils_pip_compatibility_tags.py @@ -25,10 +25,11 @@ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. """ -import sysconfig from unittest.mock import patch +import sysconfig import pytest + import utils_pip_compatibility_tags diff --git a/etc/scripts/test_utils_pypi_supported_tags.py b/etc/scripts/test_utils_pypi_supported_tags.py index 576321ee..d291572d 100644 --- a/etc/scripts/test_utils_pypi_supported_tags.py +++ b/etc/scripts/test_utils_pypi_supported_tags.py @@ -11,6 +11,7 @@ # limitations under the License. import pytest + from utils_pypi_supported_tags import validate_platforms_for_pypi """ diff --git a/etc/scripts/utils_dejacode.py b/etc/scripts/utils_dejacode.py index 005ca07f..f28e2479 100644 --- a/etc/scripts/utils_dejacode.py +++ b/etc/scripts/utils_dejacode.py @@ -14,6 +14,7 @@ import requests import saneyaml + from packaging import version as packaging_version """ diff --git a/etc/scripts/utils_pip_compatibility_tags.py b/etc/scripts/utils_pip_compatibility_tags.py index 2b8da6e7..5d5eb34c 100644 --- a/etc/scripts/utils_pip_compatibility_tags.py +++ b/etc/scripts/utils_pip_compatibility_tags.py @@ -27,9 +27,14 @@ import re -from packaging.tags import (compatible_tags, cpython_tags, generic_tags, - interpreter_name, interpreter_version, - mac_platforms) +from packaging.tags import ( + compatible_tags, + cpython_tags, + generic_tags, + interpreter_name, + interpreter_version, + mac_platforms, +) _osx_arch_pat = re.compile(r"(.+)_(\d+)_(\d+)_(.+)") diff --git a/etc/scripts/utils_thirdparty.py b/etc/scripts/utils_thirdparty.py index 64e5c0ff..53f2d33c 100644 --- a/etc/scripts/utils_thirdparty.py +++ b/etc/scripts/utils_thirdparty.py @@ -25,13 +25,14 @@ import packageurl import requests import saneyaml -import utils_pip_compatibility_tags from commoncode import fileutils from commoncode.hash import multi_checksums from commoncode.text import python_safe_name from packaging import tags as packaging_tags from packaging import version as packaging_version +import utils_pip_compatibility_tags + """ Utilities to manage Python thirparty libraries source, binaries and metadata in local directories and remote repositories. diff --git a/src/_packagedcode/models.py b/src/_packagedcode/models.py index a7aa8485..4fa67c00 100644 --- a/src/_packagedcode/models.py +++ b/src/_packagedcode/models.py @@ -13,13 +13,19 @@ from fnmatch import fnmatchcase import attr +from packageurl import normalize_qualifiers +from packageurl import PackageURL + from commoncode import filetype -from commoncode.datautils import (Boolean, Date, Integer, List, Mapping, - String, choices) +from commoncode.datautils import choices +from commoncode.datautils import Boolean +from commoncode.datautils import Date +from commoncode.datautils import Integer +from commoncode.datautils import List +from commoncode.datautils import Mapping +from commoncode.datautils import String from commoncode.fileutils import as_posixpath from commoncode.resource import Resource -from packageurl import PackageURL, normalize_qualifiers - try: from typecode import contenttype except ImportError: diff --git a/src/_packagedcode/pypi.py b/src/_packagedcode/pypi.py index da1a351b..962bafde 100644 --- a/src/_packagedcode/pypi.py +++ b/src/_packagedcode/pypi.py @@ -9,37 +9,37 @@ # import ast -import base64 +from configparser import ConfigParser import copy import json import logging +from pathlib import Path import os import re import sys +from typing import NamedTuple import tempfile import zipfile -from configparser import ConfigParser -from pathlib import Path -from typing import NamedTuple - import dparse2 -# FIXME: we always want to use the external library rather than the built-in for now -import importlib_metadata import packvers as packaging import pip_requirements_parser import pkginfo2 from commoncode import fileutils -from commoncode.fileutils import as_posixpath +from packvers.specifiers import SpecifierSet from packageurl import PackageURL from packvers import markers from packvers.requirements import Requirement -from packvers.specifiers import SpecifierSet from packvers.utils import canonicalize_name - from _packagedcode import models -from _packagedcode.utils import (build_description, combine_expressions, - yield_dependencies_from_package_data, - yield_dependencies_from_package_resource) +from _packagedcode.utils import build_description +from _packagedcode.utils import combine_expressions +from _packagedcode.utils import yield_dependencies_from_package_data +from _packagedcode.utils import yield_dependencies_from_package_resource + +# FIXME: we always want to use the external library rather than the built-in for now +import importlib_metadata +import base64 +from commoncode.fileutils import as_posixpath try: from zipfile import Path as ZipPath diff --git a/src/_packagedcode/utils.py b/src/_packagedcode/utils.py index 416bf18f..1cddc775 100644 --- a/src/_packagedcode/utils.py +++ b/src/_packagedcode/utils.py @@ -9,8 +9,7 @@ try: from license_expression import Licensing - from license_expression import \ - combine_expressions as le_combine_expressions + from license_expression import combine_expressions as le_combine_expressions except: Licensing = None le_combine_expressions = None From 4e0cae587ff51e992dc92a335c68170dac0f1e93 Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Fri, 10 Feb 2023 11:58:18 +0100 Subject: [PATCH 07/10] fixup! fix tests Signed-off-by: Bennati, Stefano --- tests/data/azure-devops.req-310-expected.json | 36 +++++++++---------- tests/data/azure-devops.req-38-expected.json | 36 +++++++++---------- .../single-url-except-simple-expected.json | 36 +++++++++---------- tests/test_resolution.py | 6 ++-- 4 files changed, 57 insertions(+), 57 deletions(-) diff --git a/tests/data/azure-devops.req-310-expected.json b/tests/data/azure-devops.req-310-expected.json index 5306706e..7c73996e 100644 --- a/tests/data/azure-devops.req-310-expected.json +++ b/tests/data/azure-devops.req-310-expected.json @@ -945,12 +945,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "39.0.0", + "version": "39.0.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.6+ and PyPy3 7.2+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2023-01-02T03:31:52", + "release_date": "2023-02-07T19:40:44", "parties": [ { "type": "person", @@ -983,11 +983,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": "https://github.com/pyca/cryptography", - "download_url": "https://files.pythonhosted.org/packages/7a/46/8b58d6b8244ff613ecb983b9428d1168dd0b014a34e13fb19737b9ba1fc1/cryptography-39.0.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 4172511, + "download_url": "https://files.pythonhosted.org/packages/bb/03/20b85e10571c919fd4862465c53ae40b6494fa7f82fd74131f401ce504f6/cryptography-39.0.1-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", + "size": 4183626, "sha1": null, - "md5": "16571f6085127885160e7e3c5d51e360", - "sha256": "1a6915075c6d3a5e1215eab5d99bcec0da26036ff2102a1038401d6ef5bef25b", + "md5": "f9d2f40e36ef1db745d2127cb3af366f", + "sha256": "e124352fd3db36a9d4a21c1aa27fd5d051e621845cb87fb851c08f4f75ce8be6", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pyca/cryptography/", @@ -1008,20 +1008,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/39.0.0/json", + "api_data_url": "https://pypi.org/pypi/cryptography/39.0.1/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@39.0.0" + "purl": "pkg:pypi/cryptography@39.0.1" }, { "type": "pypi", "namespace": null, "name": "cryptography", - "version": "39.0.0", + "version": "39.0.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.6+ and PyPy3 7.2+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2023-01-02T03:36:08", + "release_date": "2023-02-07T19:41:00", "parties": [ { "type": "person", @@ -1054,11 +1054,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": "https://github.com/pyca/cryptography", - "download_url": "https://files.pythonhosted.org/packages/12/e3/c46c274cf466b24e5d44df5d5cd31a31ff23e57f074a2bb30931a8c9b01a/cryptography-39.0.0.tar.gz", - "size": 603406, + "download_url": "https://files.pythonhosted.org/packages/6a/f5/a729774d087e50fffd1438b3877a91e9281294f985bda0fd15bf99016c78/cryptography-39.0.1.tar.gz", + "size": 603634, "sha1": null, - "md5": "12d0c6df42f600637a97904f84988ae2", - "sha256": "f964c7dcf7802d133e8dbd1565914fa0194f9d683d82411989889ecd701e8adf", + "md5": "f660591f3e629f2722e218d5f2ca35e5", + "sha256": "d1f6198ee6d9148405e49887803907fe8962a23e6c6f83ea7d98f1c0de375695", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pyca/cryptography/", @@ -1079,9 +1079,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/39.0.0/json", + "api_data_url": "https://pypi.org/pypi/cryptography/39.0.1/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@39.0.0" + "purl": "pkg:pypi/cryptography@39.0.1" }, { "type": "pypi", @@ -2421,7 +2421,7 @@ "package": "pkg:pypi/azure-storage-blob@12.13.1", "dependencies": [ "pkg:pypi/azure-core@1.26.3", - "pkg:pypi/cryptography@39.0.0", + "pkg:pypi/cryptography@39.0.1", "pkg:pypi/msrest@0.6.21" ] }, @@ -2444,7 +2444,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@39.0.0", + "package": "pkg:pypi/cryptography@39.0.1", "dependencies": [ "pkg:pypi/cffi@1.15.1" ] diff --git a/tests/data/azure-devops.req-38-expected.json b/tests/data/azure-devops.req-38-expected.json index bf68133f..7595174d 100644 --- a/tests/data/azure-devops.req-38-expected.json +++ b/tests/data/azure-devops.req-38-expected.json @@ -945,12 +945,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "39.0.0", + "version": "39.0.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.6+ and PyPy3 7.2+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2023-01-02T03:31:52", + "release_date": "2023-02-07T19:40:44", "parties": [ { "type": "person", @@ -983,11 +983,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": "https://github.com/pyca/cryptography", - "download_url": "https://files.pythonhosted.org/packages/7a/46/8b58d6b8244ff613ecb983b9428d1168dd0b014a34e13fb19737b9ba1fc1/cryptography-39.0.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 4172511, + "download_url": "https://files.pythonhosted.org/packages/bb/03/20b85e10571c919fd4862465c53ae40b6494fa7f82fd74131f401ce504f6/cryptography-39.0.1-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", + "size": 4183626, "sha1": null, - "md5": "16571f6085127885160e7e3c5d51e360", - "sha256": "1a6915075c6d3a5e1215eab5d99bcec0da26036ff2102a1038401d6ef5bef25b", + "md5": "f9d2f40e36ef1db745d2127cb3af366f", + "sha256": "e124352fd3db36a9d4a21c1aa27fd5d051e621845cb87fb851c08f4f75ce8be6", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pyca/cryptography/", @@ -1008,20 +1008,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/39.0.0/json", + "api_data_url": "https://pypi.org/pypi/cryptography/39.0.1/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@39.0.0" + "purl": "pkg:pypi/cryptography@39.0.1" }, { "type": "pypi", "namespace": null, "name": "cryptography", - "version": "39.0.0", + "version": "39.0.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.6+ and PyPy3 7.2+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2023-01-02T03:36:08", + "release_date": "2023-02-07T19:41:00", "parties": [ { "type": "person", @@ -1054,11 +1054,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": "https://github.com/pyca/cryptography", - "download_url": "https://files.pythonhosted.org/packages/12/e3/c46c274cf466b24e5d44df5d5cd31a31ff23e57f074a2bb30931a8c9b01a/cryptography-39.0.0.tar.gz", - "size": 603406, + "download_url": "https://files.pythonhosted.org/packages/6a/f5/a729774d087e50fffd1438b3877a91e9281294f985bda0fd15bf99016c78/cryptography-39.0.1.tar.gz", + "size": 603634, "sha1": null, - "md5": "12d0c6df42f600637a97904f84988ae2", - "sha256": "f964c7dcf7802d133e8dbd1565914fa0194f9d683d82411989889ecd701e8adf", + "md5": "f660591f3e629f2722e218d5f2ca35e5", + "sha256": "d1f6198ee6d9148405e49887803907fe8962a23e6c6f83ea7d98f1c0de375695", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pyca/cryptography/", @@ -1079,9 +1079,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/39.0.0/json", + "api_data_url": "https://pypi.org/pypi/cryptography/39.0.1/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@39.0.0" + "purl": "pkg:pypi/cryptography@39.0.1" }, { "type": "pypi", @@ -2421,7 +2421,7 @@ "package": "pkg:pypi/azure-storage-blob@12.13.1", "dependencies": [ "pkg:pypi/azure-core@1.26.3", - "pkg:pypi/cryptography@39.0.0", + "pkg:pypi/cryptography@39.0.1", "pkg:pypi/msrest@0.6.21" ] }, @@ -2444,7 +2444,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@39.0.0", + "package": "pkg:pypi/cryptography@39.0.1", "dependencies": [ "pkg:pypi/cffi@1.15.1" ] diff --git a/tests/data/single-url-except-simple-expected.json b/tests/data/single-url-except-simple-expected.json index 7b311f78..30ce254d 100644 --- a/tests/data/single-url-except-simple-expected.json +++ b/tests/data/single-url-except-simple-expected.json @@ -894,12 +894,12 @@ "type": "pypi", "namespace": null, "name": "zipp", - "version": "3.12.1", + "version": "3.13.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: https://pypi.org/project/zipp\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n\n.. image:: https://github.com/jaraco/zipp/workflows/tests/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/psf/black\n :alt: Code style: Black\n\n.. .. image:: https://readthedocs.org/projects/skeleton/badge/?version=latest\n.. :target: https://skeleton.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2023-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/zipp\n :target: https://tidelift.com/subscription/pkg/pypi-zipp?utm_source=pypi-zipp&utm_medium=readme\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.9\n - 3.12\n * - 3.5\n - 3.11\n * - 3.2\n - 3.10\n * - 3.3 ??\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.\n\nSecurity Contact\n================\n\nTo report a security vulnerability, please use the\n`Tidelift security contact `_.\nTidelift will coordinate the fix and disclosure.", - "release_date": "2023-02-05T17:47:17", + "release_date": "2023-02-09T17:04:05", "parties": [ { "type": "person", @@ -916,11 +916,11 @@ "Programming Language :: Python :: 3 :: Only" ], "homepage_url": "https://github.com/jaraco/zipp", - "download_url": "https://files.pythonhosted.org/packages/37/7d/4a5221043904612db108bbe7d0ad7409015fb143bae137c72d9dfd7b75e1/zipp-3.12.1-py3-none-any.whl", + "download_url": "https://files.pythonhosted.org/packages/95/7b/1608a7344743f54a8c072d64d2a279934fd204d6d015278b0a0ed4ce104b/zipp-3.13.0-py3-none-any.whl", "size": 6718, "sha1": null, - "md5": "e377da0396565d8783c7e204800b6583", - "sha256": "6c4fe274b8f85ec73c37a8e4e3fa00df9fb9335da96fb789e3b96b318e5097b3", + "md5": "bbe676c29bf9e6db5a128cf2cbcb3b0f", + "sha256": "e8b2a36ea17df80ffe9e2c4fda3f693c3dad6df1697d3cd3af232db680950b0b", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -939,20 +939,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/zipp/3.12.1/json", + "api_data_url": "https://pypi.org/pypi/zipp/3.13.0/json", "datasource_id": null, - "purl": "pkg:pypi/zipp@3.12.1" + "purl": "pkg:pypi/zipp@3.13.0" }, { "type": "pypi", "namespace": null, "name": "zipp", - "version": "3.12.1", + "version": "3.13.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: https://pypi.org/project/zipp\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n\n.. image:: https://github.com/jaraco/zipp/workflows/tests/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/psf/black\n :alt: Code style: Black\n\n.. .. image:: https://readthedocs.org/projects/skeleton/badge/?version=latest\n.. :target: https://skeleton.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2023-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/zipp\n :target: https://tidelift.com/subscription/pkg/pypi-zipp?utm_source=pypi-zipp&utm_medium=readme\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.9\n - 3.12\n * - 3.5\n - 3.11\n * - 3.2\n - 3.10\n * - 3.3 ??\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.\n\nSecurity Contact\n================\n\nTo report a security vulnerability, please use the\n`Tidelift security contact `_.\nTidelift will coordinate the fix and disclosure.", - "release_date": "2023-02-05T17:47:18", + "release_date": "2023-02-09T17:04:06", "parties": [ { "type": "person", @@ -969,11 +969,11 @@ "Programming Language :: Python :: 3 :: Only" ], "homepage_url": "https://github.com/jaraco/zipp", - "download_url": "https://files.pythonhosted.org/packages/1f/29/54ba1934c45af649698410456fa8a78a475c82efd5c562e51011079458d1/zipp-3.12.1.tar.gz", - "size": 17987, + "download_url": "https://files.pythonhosted.org/packages/d1/2f/ba544a8a6ad5ad9dcec1b00f536bb9fb078f5f50d1a1408876de18a9151b/zipp-3.13.0.tar.gz", + "size": 18725, "sha1": null, - "md5": "6cc740ee6b1c7e80262e914d1d5d7e79", - "sha256": "a3cac813d40993596b39ea9e93a18e8a2076d5c378b8bc88ec32ab264e04ad02", + "md5": "ee68b317a1393b11c2d4037a30d18bed", + "sha256": "23f70e964bc11a34cef175bc90ba2914e1e4545ea1e3e2f67c079671883f9cb6", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -992,9 +992,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/zipp/3.12.1/json", + "api_data_url": "https://pypi.org/pypi/zipp/3.13.0/json", "datasource_id": null, - "purl": "pkg:pypi/zipp@3.12.1" + "purl": "pkg:pypi/zipp@3.13.0" } ], "resolved_dependencies_graph": [ @@ -1015,7 +1015,7 @@ { "package": "pkg:pypi/importlib-metadata@6.0.0", "dependencies": [ - "pkg:pypi/zipp@3.12.1" + "pkg:pypi/zipp@3.13.0" ] }, { @@ -1039,8 +1039,8 @@ ] }, { - "package": "pkg:pypi/zipp@3.12.1", + "package": "pkg:pypi/zipp@3.13.0", "dependencies": [] } ] -} +} \ No newline at end of file diff --git a/tests/test_resolution.py b/tests/test_resolution.py index 33c59ef4..407beb1e 100644 --- a/tests/test_resolution.py +++ b/tests/test_resolution.py @@ -126,7 +126,7 @@ def test_get_resolved_dependencies_with_tilde_requirement_using_json_api(): "pkg:pypi/jinja2@3.1.2", "pkg:pypi/markupsafe@2.1.2", "pkg:pypi/werkzeug@2.2.2", - "pkg:pypi/zipp@3.12.1", + "pkg:pypi/zipp@3.13.0", ] @@ -147,11 +147,11 @@ def test_without_supported_wheels(): assert plist == [ "pkg:pypi/autobahn@22.3.2", "pkg:pypi/cffi@1.15.1", - "pkg:pypi/cryptography@39.0.0", + "pkg:pypi/cryptography@39.0.1", "pkg:pypi/hyperlink@21.0.0", "pkg:pypi/idna@3.4", "pkg:pypi/pycparser@2.21", - "pkg:pypi/setuptools@67.1.0", + "pkg:pypi/setuptools@67.2.0", "pkg:pypi/txaio@23.1.1", ] From aa64f264f8e6e633a5bb02004279fe96aa01faa2 Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Thu, 16 Feb 2023 08:47:50 +0100 Subject: [PATCH 08/10] Obtain install_requires via AST. Signed-off-by: Bennati, Stefano --- src/python_inspector/resolution.py | 47 +++++++++++++++++++++++++----- 1 file changed, 39 insertions(+), 8 deletions(-) diff --git a/src/python_inspector/resolution.py b/src/python_inspector/resolution.py index 4da8fa42..6fe97557 100644 --- a/src/python_inspector/resolution.py +++ b/src/python_inspector/resolution.py @@ -7,6 +7,7 @@ # See https://aboutcode.org for more information about nexB OSS projects. # +import ast import operator import os import re @@ -282,7 +283,7 @@ def get_requirements_from_python_manifest( """ Return a list of parsed requirements from the ``sdist_location`` sdist location """ - # Look in requirements file if and only if thy are refered in setup.py or setup.cfg + # Look in requirements file if and only if they are refered in setup.py or setup.cfg # And no deps have been yielded by requirements file. requirements = list( get_reqs_from_requirements_file_in_sdist( @@ -303,13 +304,43 @@ def get_requirements_from_python_manifest( # Do not raise exception here as we may have a setup.py that does not # have any dependencies. with (open(setup_py_location)) as sf: - match = re.search(r"install_requires[\s]*=[\s]*\[([^\]]*)\]", sf.read()) - if match is not None: - install_requires = re.sub(r"\s", "", match.group(1)) - if install_requires != "": - raise Exception( - f"Unable to collect setup.py dependencies securely: {setup_py_location}" - ) + file_contents = sf.read() + node = ast.parse(file_contents) + setup_fct = [ + elem + for elem in ast.walk(node) + if ( + isinstance(elem, ast.Expr) + and isinstance(elem.value, ast.Call) + and isinstance(elem.value.func, ast.Name) + and elem.value.func.id == "setup" + ) + ] + if len(setup_fct) == 0: + raise Exception( + f"Unable to collect setup.py dependencies securely: {setup_py_location}" + ) + if len(setup_fct) > 1: + print( + f"Warning: identified multiple definitions of 'setup()' in {setup_py_location}, defaulting to the first occurrence" + ) + setup_fct = setup_fct[0] + install_requires = [ + k.value for k in setup_fct.value.keywords if k.arg == "install_requires" + ] + if len(install_requires) == 0: + raise Exception( + f"Unable to collect setup.py dependencies securely: {setup_py_location}" + ) + if len(install_requires) > 1: + print( + f"Warning: identified multiple definitions of 'install_requires' in {setup_py_location}, defaulting to the first occurrence" + ) + install_requires = install_requires[0].elts + if len(install_requires) != 0: + raise Exception( + f"Unable to collect setup.py dependencies securely: {setup_py_location}" + ) DEFAULT_ENVIRONMENT = utils_pypi.Environment.from_pyver_and_os( From 5dadfb3f46c00f0f2d816938f4a7658517dec138 Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Thu, 16 Feb 2023 08:58:23 +0100 Subject: [PATCH 09/10] Rebuild fixtures. Signed-off-by: Bennati, Stefano --- tests/data/azure-devops.req-310-expected.json | 42 +++--- tests/data/azure-devops.req-38-expected.json | 42 +++--- .../pinned-pdt-requirements.txt-expected.json | 34 ++--- .../pinned-requirements.txt-expected.json | 38 +++--- .../single-url-except-simple-expected.json | 121 ++++-------------- tests/data/test-api-expected.json | 38 +++--- tests/data/test-api-pdt-expected.json | 34 ++--- tests/data/test-api-with-prefer-source.json | 22 ++-- tests/data/test-api-with-python-311.json | 22 ++-- 9 files changed, 165 insertions(+), 228 deletions(-) diff --git a/tests/data/azure-devops.req-310-expected.json b/tests/data/azure-devops.req-310-expected.json index 7c73996e..27e2885f 100644 --- a/tests/data/azure-devops.req-310-expected.json +++ b/tests/data/azure-devops.req-310-expected.json @@ -2125,12 +2125,12 @@ "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.4.0", + "version": "4.5.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see PEP 698)\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see PEP 696)\n - The `infer_variance=` argument to `TypeVar` (see PEP 695)\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see PEP 681)\n - `get_overloads`\n - `LiteralString` (see PEP 675)\n - `Never`\n - `NotRequired` (see PEP 655)\n - `reveal_type`\n - `Required` (see PEP 655)\n - `Self` (see PEP 673)\n - `TypeVarTuple` (see PEP 646; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `Unpack` (see PEP 646)\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see PEP 612)\n - `ParamSpec` (see PEP 612; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `ParamSpecArgs` (see PEP 612)\n - `ParamSpecKwargs` (see PEP 612)\n - `TypeAlias` (see PEP 613)\n - `TypeGuard` (see PEP 647)\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see PEP 593)\n\n- In `typing` since Python 3.8\n\n - `final` (see PEP 591)\n - `Final` (see PEP 591)\n - `Literal` (see PEP 586)\n - `Protocol` (see PEP 544)\n - `runtime_checkable` (see PEP 544)\n - `TypedDict` (see PEP 589)\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see PEP 526)\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs 695 and 696)\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs 695 and 696, which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain PEP 612 special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", - "release_date": "2022-10-06T22:40:00", + "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see [PEP 698](https://peps.python.org/pep-0698/))\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see [PEP 696](https://peps.python.org/pep-0696/))\n - The `infer_variance=` argument to `TypeVar` (see [PEP 695](https://peps.python.org/pep-0695/))\n - The `@deprecated` decorator (see [PEP 702](https://peps.python.org/pep-0702/))\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see [PEP 681](https://peps.python.org/pep-0681/))\n - `get_overloads`\n - `LiteralString` (see [PEP 675](https://peps.python.org/pep-0675/))\n - `Never`\n - `NotRequired` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `reveal_type`\n - `Required` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `Self` (see [PEP 673](https://peps.python.org/pep-0673/))\n - `TypeVarTuple` (see [PEP 646](https://peps.python.org/pep-0646/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `Unpack` (see [PEP 646](https://peps.python.org/pep-0646/))\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpec` (see [PEP 612](https://peps.python.org/pep-0612/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `ParamSpecArgs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpecKwargs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `TypeAlias` (see [PEP 613](https://peps.python.org/pep-0613/))\n - `TypeGuard` (see [PEP 647](https://peps.python.org/pep-0647/))\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see [PEP 593](https://peps.python.org/pep-0593/))\n\n- In `typing` since Python 3.8\n\n - `final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Literal` (see [PEP 586](https://peps.python.org/pep-0586/))\n - `Protocol` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `runtime_checkable` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `TypedDict` (see [PEP 589](https://peps.python.org/pep-0589/))\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see [PEP 526](https://peps.python.org/pep-0526/))\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/))\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/), which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain [PEP 612](https://peps.python.org/pep-0612/) special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", + "release_date": "2023-02-15T00:17:53", "parties": [ { "type": "person", @@ -2160,17 +2160,18 @@ "Programming Language :: Python :: 3", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": "", - "download_url": "https://files.pythonhosted.org/packages/0b/8e/f1a0a5a76cfef77e1eb6004cb49e5f8d72634da638420b9ea492ce8305e8/typing_extensions-4.4.0-py3-none-any.whl", - "size": 26662, + "download_url": "https://files.pythonhosted.org/packages/31/25/5abcd82372d3d4a3932e1fa8c3dbf9efac10cc7c0d16e78467460571b404/typing_extensions-4.5.0-py3-none-any.whl", + "size": 27736, "sha1": null, - "md5": "f9df449d3052bf105d5c09460857ab77", - "sha256": "16fa4864408f655d35ec496218b85f79b3437c829e93320c7c9215ccfd92489e", + "md5": "159820157d72b39382de7c13ff173897", + "sha256": "fb33085c39dd998ac16d1431ebc293a8b3eedd00fd4a32de0ff79002c19511b4", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -2189,20 +2190,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.4.0/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.5.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.4.0" + "purl": "pkg:pypi/typing-extensions@4.5.0" }, { "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.4.0", + "version": "4.5.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see PEP 698)\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see PEP 696)\n - The `infer_variance=` argument to `TypeVar` (see PEP 695)\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see PEP 681)\n - `get_overloads`\n - `LiteralString` (see PEP 675)\n - `Never`\n - `NotRequired` (see PEP 655)\n - `reveal_type`\n - `Required` (see PEP 655)\n - `Self` (see PEP 673)\n - `TypeVarTuple` (see PEP 646; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `Unpack` (see PEP 646)\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see PEP 612)\n - `ParamSpec` (see PEP 612; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `ParamSpecArgs` (see PEP 612)\n - `ParamSpecKwargs` (see PEP 612)\n - `TypeAlias` (see PEP 613)\n - `TypeGuard` (see PEP 647)\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see PEP 593)\n\n- In `typing` since Python 3.8\n\n - `final` (see PEP 591)\n - `Final` (see PEP 591)\n - `Literal` (see PEP 586)\n - `Protocol` (see PEP 544)\n - `runtime_checkable` (see PEP 544)\n - `TypedDict` (see PEP 589)\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see PEP 526)\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs 695 and 696)\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs 695 and 696, which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain PEP 612 special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", - "release_date": "2022-10-06T22:40:03", + "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see [PEP 698](https://peps.python.org/pep-0698/))\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see [PEP 696](https://peps.python.org/pep-0696/))\n - The `infer_variance=` argument to `TypeVar` (see [PEP 695](https://peps.python.org/pep-0695/))\n - The `@deprecated` decorator (see [PEP 702](https://peps.python.org/pep-0702/))\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see [PEP 681](https://peps.python.org/pep-0681/))\n - `get_overloads`\n - `LiteralString` (see [PEP 675](https://peps.python.org/pep-0675/))\n - `Never`\n - `NotRequired` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `reveal_type`\n - `Required` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `Self` (see [PEP 673](https://peps.python.org/pep-0673/))\n - `TypeVarTuple` (see [PEP 646](https://peps.python.org/pep-0646/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `Unpack` (see [PEP 646](https://peps.python.org/pep-0646/))\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpec` (see [PEP 612](https://peps.python.org/pep-0612/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `ParamSpecArgs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpecKwargs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `TypeAlias` (see [PEP 613](https://peps.python.org/pep-0613/))\n - `TypeGuard` (see [PEP 647](https://peps.python.org/pep-0647/))\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see [PEP 593](https://peps.python.org/pep-0593/))\n\n- In `typing` since Python 3.8\n\n - `final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Literal` (see [PEP 586](https://peps.python.org/pep-0586/))\n - `Protocol` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `runtime_checkable` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `TypedDict` (see [PEP 589](https://peps.python.org/pep-0589/))\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see [PEP 526](https://peps.python.org/pep-0526/))\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/))\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/), which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain [PEP 612](https://peps.python.org/pep-0612/) special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", + "release_date": "2023-02-15T00:17:55", "parties": [ { "type": "person", @@ -2232,17 +2233,18 @@ "Programming Language :: Python :: 3", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": "", - "download_url": "https://files.pythonhosted.org/packages/e3/a7/8f4e456ef0adac43f452efc2d0e4b242ab831297f1bac60ac815d37eb9cf/typing_extensions-4.4.0.tar.gz", - "size": 49708, + "download_url": "https://files.pythonhosted.org/packages/d3/20/06270dac7316220643c32ae61694e451c98f8caf4c8eab3aa80a2bedf0df/typing_extensions-4.5.0.tar.gz", + "size": 52399, "sha1": null, - "md5": "5cfcb56ea6fc4972c3600c0030f4d136", - "sha256": "1511434bb92bf8dd198c12b1cc812e800d4181cfcb867674e0f8279cc93087aa", + "md5": "03a01698ace869506cab825697dfb7e1", + "sha256": "5cb5f4a79139d699607b3ef622a1dedafa84e115ab0024e0d9c044a9479ca7cb", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -2261,9 +2263,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.4.0/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.5.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.4.0" + "purl": "pkg:pypi/typing-extensions@4.5.0" }, { "type": "pypi", @@ -2408,7 +2410,7 @@ "dependencies": [ "pkg:pypi/requests@2.28.2", "pkg:pypi/six@1.16.0", - "pkg:pypi/typing-extensions@4.4.0" + "pkg:pypi/typing-extensions@4.5.0" ] }, { @@ -2497,7 +2499,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/typing-extensions@4.4.0", + "package": "pkg:pypi/typing-extensions@4.5.0", "dependencies": [] }, { diff --git a/tests/data/azure-devops.req-38-expected.json b/tests/data/azure-devops.req-38-expected.json index 7595174d..6c0ce905 100644 --- a/tests/data/azure-devops.req-38-expected.json +++ b/tests/data/azure-devops.req-38-expected.json @@ -2125,12 +2125,12 @@ "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.4.0", + "version": "4.5.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see PEP 698)\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see PEP 696)\n - The `infer_variance=` argument to `TypeVar` (see PEP 695)\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see PEP 681)\n - `get_overloads`\n - `LiteralString` (see PEP 675)\n - `Never`\n - `NotRequired` (see PEP 655)\n - `reveal_type`\n - `Required` (see PEP 655)\n - `Self` (see PEP 673)\n - `TypeVarTuple` (see PEP 646; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `Unpack` (see PEP 646)\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see PEP 612)\n - `ParamSpec` (see PEP 612; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `ParamSpecArgs` (see PEP 612)\n - `ParamSpecKwargs` (see PEP 612)\n - `TypeAlias` (see PEP 613)\n - `TypeGuard` (see PEP 647)\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see PEP 593)\n\n- In `typing` since Python 3.8\n\n - `final` (see PEP 591)\n - `Final` (see PEP 591)\n - `Literal` (see PEP 586)\n - `Protocol` (see PEP 544)\n - `runtime_checkable` (see PEP 544)\n - `TypedDict` (see PEP 589)\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see PEP 526)\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs 695 and 696)\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs 695 and 696, which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain PEP 612 special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", - "release_date": "2022-10-06T22:40:00", + "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see [PEP 698](https://peps.python.org/pep-0698/))\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see [PEP 696](https://peps.python.org/pep-0696/))\n - The `infer_variance=` argument to `TypeVar` (see [PEP 695](https://peps.python.org/pep-0695/))\n - The `@deprecated` decorator (see [PEP 702](https://peps.python.org/pep-0702/))\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see [PEP 681](https://peps.python.org/pep-0681/))\n - `get_overloads`\n - `LiteralString` (see [PEP 675](https://peps.python.org/pep-0675/))\n - `Never`\n - `NotRequired` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `reveal_type`\n - `Required` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `Self` (see [PEP 673](https://peps.python.org/pep-0673/))\n - `TypeVarTuple` (see [PEP 646](https://peps.python.org/pep-0646/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `Unpack` (see [PEP 646](https://peps.python.org/pep-0646/))\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpec` (see [PEP 612](https://peps.python.org/pep-0612/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `ParamSpecArgs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpecKwargs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `TypeAlias` (see [PEP 613](https://peps.python.org/pep-0613/))\n - `TypeGuard` (see [PEP 647](https://peps.python.org/pep-0647/))\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see [PEP 593](https://peps.python.org/pep-0593/))\n\n- In `typing` since Python 3.8\n\n - `final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Literal` (see [PEP 586](https://peps.python.org/pep-0586/))\n - `Protocol` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `runtime_checkable` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `TypedDict` (see [PEP 589](https://peps.python.org/pep-0589/))\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see [PEP 526](https://peps.python.org/pep-0526/))\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/))\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/), which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain [PEP 612](https://peps.python.org/pep-0612/) special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", + "release_date": "2023-02-15T00:17:53", "parties": [ { "type": "person", @@ -2160,17 +2160,18 @@ "Programming Language :: Python :: 3", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": "", - "download_url": "https://files.pythonhosted.org/packages/0b/8e/f1a0a5a76cfef77e1eb6004cb49e5f8d72634da638420b9ea492ce8305e8/typing_extensions-4.4.0-py3-none-any.whl", - "size": 26662, + "download_url": "https://files.pythonhosted.org/packages/31/25/5abcd82372d3d4a3932e1fa8c3dbf9efac10cc7c0d16e78467460571b404/typing_extensions-4.5.0-py3-none-any.whl", + "size": 27736, "sha1": null, - "md5": "f9df449d3052bf105d5c09460857ab77", - "sha256": "16fa4864408f655d35ec496218b85f79b3437c829e93320c7c9215ccfd92489e", + "md5": "159820157d72b39382de7c13ff173897", + "sha256": "fb33085c39dd998ac16d1431ebc293a8b3eedd00fd4a32de0ff79002c19511b4", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -2189,20 +2190,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.4.0/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.5.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.4.0" + "purl": "pkg:pypi/typing-extensions@4.5.0" }, { "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.4.0", + "version": "4.5.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see PEP 698)\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see PEP 696)\n - The `infer_variance=` argument to `TypeVar` (see PEP 695)\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see PEP 681)\n - `get_overloads`\n - `LiteralString` (see PEP 675)\n - `Never`\n - `NotRequired` (see PEP 655)\n - `reveal_type`\n - `Required` (see PEP 655)\n - `Self` (see PEP 673)\n - `TypeVarTuple` (see PEP 646; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `Unpack` (see PEP 646)\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see PEP 612)\n - `ParamSpec` (see PEP 612; the `typing_extensions` version supports the `default=` argument from PEP 696)\n - `ParamSpecArgs` (see PEP 612)\n - `ParamSpecKwargs` (see PEP 612)\n - `TypeAlias` (see PEP 613)\n - `TypeGuard` (see PEP 647)\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see PEP 593)\n\n- In `typing` since Python 3.8\n\n - `final` (see PEP 591)\n - `Final` (see PEP 591)\n - `Literal` (see PEP 586)\n - `Protocol` (see PEP 544)\n - `runtime_checkable` (see PEP 544)\n - `TypedDict` (see PEP 589)\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see PEP 526)\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs 695 and 696)\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs 695 and 696, which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain PEP 612 special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", - "release_date": "2022-10-06T22:40:03", + "description": "Backported and Experimental Type Hints for Python 3.7+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\nNew features may be added to `typing_extensions` as soon as they are specified\nin a PEP that has been added to the [python/peps](https://github.com/python/peps)\nrepository. If the PEP is accepted, the feature will then be added to `typing`\nfor the next CPython release. No typing PEP has been rejected so far, so we\nhaven't yet figured out how to deal with that possibility.\n\nStarting with version 4.0.0, `typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version is incremented for all backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n`typing_extensions` supports Python versions 3.7 and higher. In the future,\nsupport for older Python versions will be dropped some time after that version\nreaches end of life.\n\n## Included items\n\nThis module currently contains the following:\n\n- Experimental features\n\n - `override` (see [PEP 698](https://peps.python.org/pep-0698/))\n - The `default=` argument to `TypeVar`, `ParamSpec`, and `TypeVarTuple` (see [PEP 696](https://peps.python.org/pep-0696/))\n - The `infer_variance=` argument to `TypeVar` (see [PEP 695](https://peps.python.org/pep-0695/))\n - The `@deprecated` decorator (see [PEP 702](https://peps.python.org/pep-0702/))\n\n- In `typing` since Python 3.11\n\n - `assert_never`\n - `assert_type`\n - `clear_overloads`\n - `@dataclass_transform()` (see [PEP 681](https://peps.python.org/pep-0681/))\n - `get_overloads`\n - `LiteralString` (see [PEP 675](https://peps.python.org/pep-0675/))\n - `Never`\n - `NotRequired` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `reveal_type`\n - `Required` (see [PEP 655](https://peps.python.org/pep-0655/))\n - `Self` (see [PEP 673](https://peps.python.org/pep-0673/))\n - `TypeVarTuple` (see [PEP 646](https://peps.python.org/pep-0646/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `Unpack` (see [PEP 646](https://peps.python.org/pep-0646/))\n\n- In `typing` since Python 3.10\n\n - `Concatenate` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpec` (see [PEP 612](https://peps.python.org/pep-0612/); the `typing_extensions` version supports the `default=` argument from [PEP 696](https://peps.python.org/pep-0696/))\n - `ParamSpecArgs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `ParamSpecKwargs` (see [PEP 612](https://peps.python.org/pep-0612/))\n - `TypeAlias` (see [PEP 613](https://peps.python.org/pep-0613/))\n - `TypeGuard` (see [PEP 647](https://peps.python.org/pep-0647/))\n - `is_typeddict`\n\n- In `typing` since Python 3.9\n\n - `Annotated` (see [PEP 593](https://peps.python.org/pep-0593/))\n\n- In `typing` since Python 3.8\n\n - `final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Final` (see [PEP 591](https://peps.python.org/pep-0591/))\n - `Literal` (see [PEP 586](https://peps.python.org/pep-0586/))\n - `Protocol` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `runtime_checkable` (see [PEP 544](https://peps.python.org/pep-0544/))\n - `TypedDict` (see [PEP 589](https://peps.python.org/pep-0589/))\n - `get_origin` (`typing_extensions` provides this function only in Python 3.7+)\n - `get_args` (`typing_extensions` provides this function only in Python 3.7+)\n\n- In `typing` since Python 3.7\n\n - `OrderedDict`\n\n- In `typing` since Python 3.5 or 3.6 (see [the typing documentation](https://docs.python.org/3.10/library/typing.html) for details)\n\n - `AsyncContextManager`\n - `AsyncGenerator`\n - `AsyncIterable`\n - `AsyncIterator`\n - `Awaitable`\n - `ChainMap`\n - `ClassVar` (see [PEP 526](https://peps.python.org/pep-0526/))\n - `ContextManager`\n - `Coroutine`\n - `Counter`\n - `DefaultDict`\n - `Deque`\n - `NewType`\n - `NoReturn`\n - `overload`\n - `Text`\n - `Type`\n - `TYPE_CHECKING`\n - `get_type_hints`\n\n- The following have always been present in `typing`, but the `typing_extensions` versions provide\n additional features:\n\n - `Any` (supports inheritance since Python 3.11)\n - `NamedTuple` (supports multiple inheritance with `Generic` since Python 3.11)\n - `TypeVar` (see PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/))\n\n# Other Notes and Limitations\n\nCertain objects were changed after they were added to `typing`, and\n`typing_extensions` provides a backport even on newer Python versions:\n\n- `TypedDict` does not store runtime information\n about which (if any) keys are non-required in Python 3.8, and does not\n honor the `total` keyword with old-style `TypedDict()` in Python\n 3.9.0 and 3.9.1. `TypedDict` also does not support multiple inheritance\n with `typing.Generic` on Python <3.11.\n- `get_origin` and `get_args` lack support for `Annotated` in\n Python 3.8 and lack support for `ParamSpecArgs` and `ParamSpecKwargs`\n in 3.9.\n- `@final` was changed in Python 3.11 to set the `.__final__` attribute.\n- `@overload` was changed in Python 3.11 to make function overloads\n introspectable at runtime. In order to access overloads with\n `typing_extensions.get_overloads()`, you must use\n `@typing_extensions.overload`.\n- `NamedTuple` was changed in Python 3.11 to allow for multiple inheritance\n with `typing.Generic`.\n- Since Python 3.11, it has been possible to inherit from `Any` at\n runtime. `typing_extensions.Any` also provides this capability.\n- `TypeVar` gains two additional parameters, `default=` and `infer_variance=`,\n in the draft PEPs [695](https://peps.python.org/pep-0695/) and [696](https://peps.python.org/pep-0696/), which are being considered for inclusion\n in Python 3.12.\n\nThere are a few types whose interface was modified between different\nversions of typing. For example, `typing.Sequence` was modified to\nsubclass `typing.Reversible` as of Python 3.5.3.\n\nThese changes are _not_ backported to prevent subtle compatibility\nissues when mixing the differing implementations of modified classes.\n\nCertain types have incorrect runtime behavior due to limitations of older\nversions of the typing module:\n\n- `ParamSpec` and `Concatenate` will not work with `get_args` and\n `get_origin`. Certain [PEP 612](https://peps.python.org/pep-0612/) special cases in user-defined\n `Generic`s are also not available.\n\nThese types are only guaranteed to work for static type checking.\n\n## Running tests\n\nTo run tests, navigate into the appropriate source directory and run\n`test_typing_extensions.py`.", + "release_date": "2023-02-15T00:17:55", "parties": [ { "type": "person", @@ -2232,17 +2233,18 @@ "Programming Language :: Python :: 3", "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": "", - "download_url": "https://files.pythonhosted.org/packages/e3/a7/8f4e456ef0adac43f452efc2d0e4b242ab831297f1bac60ac815d37eb9cf/typing_extensions-4.4.0.tar.gz", - "size": 49708, + "download_url": "https://files.pythonhosted.org/packages/d3/20/06270dac7316220643c32ae61694e451c98f8caf4c8eab3aa80a2bedf0df/typing_extensions-4.5.0.tar.gz", + "size": 52399, "sha1": null, - "md5": "5cfcb56ea6fc4972c3600c0030f4d136", - "sha256": "1511434bb92bf8dd198c12b1cc812e800d4181cfcb867674e0f8279cc93087aa", + "md5": "03a01698ace869506cab825697dfb7e1", + "sha256": "5cb5f4a79139d699607b3ef622a1dedafa84e115ab0024e0d9c044a9479ca7cb", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -2261,9 +2263,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.4.0/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.5.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.4.0" + "purl": "pkg:pypi/typing-extensions@4.5.0" }, { "type": "pypi", @@ -2408,7 +2410,7 @@ "dependencies": [ "pkg:pypi/requests@2.28.2", "pkg:pypi/six@1.16.0", - "pkg:pypi/typing-extensions@4.4.0" + "pkg:pypi/typing-extensions@4.5.0" ] }, { @@ -2497,7 +2499,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/typing-extensions@4.4.0", + "package": "pkg:pypi/typing-extensions@4.5.0", "dependencies": [] }, { diff --git a/tests/data/pinned-pdt-requirements.txt-expected.json b/tests/data/pinned-pdt-requirements.txt-expected.json index c533ff56..a001530a 100644 --- a/tests/data/pinned-pdt-requirements.txt-expected.json +++ b/tests/data/pinned-pdt-requirements.txt-expected.json @@ -2831,12 +2831,12 @@ "type": "pypi", "namespace": null, "name": "openpyxl", - "version": "3.1.0", + "version": "3.1.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "A Python library to read/write Excel 2010 xlsx/xlsm files\n.. image:: https://coveralls.io/repos/bitbucket/openpyxl/openpyxl/badge.svg?branch=default\n :target: https://coveralls.io/bitbucket/openpyxl/openpyxl?branch=default\n :alt: coverage status\n\nIntroduction\n------------\n\nopenpyxl is a Python library to read/write Excel 2010 xlsx/xlsm/xltx/xltm files.\n\nIt was born from lack of existing library to read/write natively from Python\nthe Office Open XML format.\n\nAll kudos to the PHPExcel team as openpyxl was initially based on PHPExcel.\n\n\nSecurity\n--------\n\nBy default openpyxl does not guard against quadratic blowup or billion laughs\nxml attacks. To guard against these attacks install defusedxml.\n\nMailing List\n------------\n\nThe user list can be found on http://groups.google.com/group/openpyxl-users\n\n\nSample code::\n\n from openpyxl import Workbook\n wb = Workbook()\n\n # grab the active worksheet\n ws = wb.active\n\n # Data can be assigned directly to cells\n ws['A1'] = 42\n\n # Rows can also be appended\n ws.append([1, 2, 3])\n\n # Python types will automatically be converted\n import datetime\n ws['A2'] = datetime.datetime.now()\n\n # Save the file\n wb.save(\"sample.xlsx\")\n\n\nDocumentation\n-------------\n\nThe documentation is at: https://openpyxl.readthedocs.io\n\n* installation methods\n* code examples\n* instructions for contributing\n\nRelease notes: https://openpyxl.readthedocs.io/en/stable/changes.html", - "release_date": "2023-01-31T14:40:28", + "release_date": "2023-02-13T16:51:26", "parties": [ { "type": "person", @@ -2860,11 +2860,11 @@ "Programming Language :: Python :: 3.9" ], "homepage_url": "https://openpyxl.readthedocs.io", - "download_url": "https://files.pythonhosted.org/packages/0d/89/f78a9a895e221ec8b13ae7f9495f340a0fb43563b13e2891b5df134f20ea/openpyxl-3.1.0-py2.py3-none-any.whl", - "size": 250043, + "download_url": "https://files.pythonhosted.org/packages/9e/57/1d3c2ce7f6f783be9b21569fc468a9f3660e35cc17017abfbbc26d3bd061/openpyxl-3.1.1-py2.py3-none-any.whl", + "size": 249839, "sha1": null, - "md5": "66351b61736b19d3c88cd108908447d1", - "sha256": "24d7d361025d186ba91eff58135d50855cf035a84371b891e58fb6eb5125660f", + "md5": "864e1e1ea061fe056ade64f4e7bbaf22", + "sha256": "a0266e033e65f33ee697254b66116a5793c15fc92daf64711080000df4cfe0a8", "sha512": null, "bug_tracking_url": "https://foss.heptapod.net/openpyxl/openpyxl/-/issues", "code_view_url": "https://foss.heptapod.net/openpyxl/openpyxl", @@ -2884,20 +2884,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.0/json", + "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.1/json", "datasource_id": null, - "purl": "pkg:pypi/openpyxl@3.1.0" + "purl": "pkg:pypi/openpyxl@3.1.1" }, { "type": "pypi", "namespace": null, "name": "openpyxl", - "version": "3.1.0", + "version": "3.1.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "A Python library to read/write Excel 2010 xlsx/xlsm files\n.. image:: https://coveralls.io/repos/bitbucket/openpyxl/openpyxl/badge.svg?branch=default\n :target: https://coveralls.io/bitbucket/openpyxl/openpyxl?branch=default\n :alt: coverage status\n\nIntroduction\n------------\n\nopenpyxl is a Python library to read/write Excel 2010 xlsx/xlsm/xltx/xltm files.\n\nIt was born from lack of existing library to read/write natively from Python\nthe Office Open XML format.\n\nAll kudos to the PHPExcel team as openpyxl was initially based on PHPExcel.\n\n\nSecurity\n--------\n\nBy default openpyxl does not guard against quadratic blowup or billion laughs\nxml attacks. To guard against these attacks install defusedxml.\n\nMailing List\n------------\n\nThe user list can be found on http://groups.google.com/group/openpyxl-users\n\n\nSample code::\n\n from openpyxl import Workbook\n wb = Workbook()\n\n # grab the active worksheet\n ws = wb.active\n\n # Data can be assigned directly to cells\n ws['A1'] = 42\n\n # Rows can also be appended\n ws.append([1, 2, 3])\n\n # Python types will automatically be converted\n import datetime\n ws['A2'] = datetime.datetime.now()\n\n # Save the file\n wb.save(\"sample.xlsx\")\n\n\nDocumentation\n-------------\n\nThe documentation is at: https://openpyxl.readthedocs.io\n\n* installation methods\n* code examples\n* instructions for contributing\n\nRelease notes: https://openpyxl.readthedocs.io/en/stable/changes.html", - "release_date": "2023-01-31T14:40:31", + "release_date": "2023-02-13T16:51:28", "parties": [ { "type": "person", @@ -2921,11 +2921,11 @@ "Programming Language :: Python :: 3.9" ], "homepage_url": "https://openpyxl.readthedocs.io", - "download_url": "https://files.pythonhosted.org/packages/3d/73/bb87810cdde809f69fef11d31e77297894e58710d47626dc5e5b3ff8f92a/openpyxl-3.1.0.tar.gz", - "size": 186306, + "download_url": "https://files.pythonhosted.org/packages/10/bf/950ea7896f3c42ab04073cd2903f0a190ba77ef28bdf76191f6f86373712/openpyxl-3.1.1.tar.gz", + "size": 185802, "sha1": null, - "md5": "b7ba597b801b9a102f27599b2fa227b3", - "sha256": "eccedbe1cdd8b2494057e73959b496821141038dbb7eb9266ea59e3f34208231", + "md5": "0b1a5d776707ef471810f61c7bf77a2d", + "sha256": "f06d44e2c973781068bce5ecf860a09bcdb1c7f5ce1facd5e9aa82c92c93ae72", "sha512": null, "bug_tracking_url": "https://foss.heptapod.net/openpyxl/openpyxl/-/issues", "code_view_url": "https://foss.heptapod.net/openpyxl/openpyxl", @@ -2945,9 +2945,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.0/json", + "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.1/json", "datasource_id": null, - "purl": "pkg:pypi/openpyxl@3.1.0" + "purl": "pkg:pypi/openpyxl@3.1.1" }, { "type": "pypi", @@ -5025,7 +5025,7 @@ { "key": "openpyxl", "package_name": "openpyxl", - "installed_version": "3.1.0", + "installed_version": "3.1.1", "dependencies": [ { "key": "et-xmlfile", diff --git a/tests/data/pinned-requirements.txt-expected.json b/tests/data/pinned-requirements.txt-expected.json index a6a75f13..67b35959 100644 --- a/tests/data/pinned-requirements.txt-expected.json +++ b/tests/data/pinned-requirements.txt-expected.json @@ -2831,12 +2831,12 @@ "type": "pypi", "namespace": null, "name": "openpyxl", - "version": "3.1.0", + "version": "3.1.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "A Python library to read/write Excel 2010 xlsx/xlsm files\n.. image:: https://coveralls.io/repos/bitbucket/openpyxl/openpyxl/badge.svg?branch=default\n :target: https://coveralls.io/bitbucket/openpyxl/openpyxl?branch=default\n :alt: coverage status\n\nIntroduction\n------------\n\nopenpyxl is a Python library to read/write Excel 2010 xlsx/xlsm/xltx/xltm files.\n\nIt was born from lack of existing library to read/write natively from Python\nthe Office Open XML format.\n\nAll kudos to the PHPExcel team as openpyxl was initially based on PHPExcel.\n\n\nSecurity\n--------\n\nBy default openpyxl does not guard against quadratic blowup or billion laughs\nxml attacks. To guard against these attacks install defusedxml.\n\nMailing List\n------------\n\nThe user list can be found on http://groups.google.com/group/openpyxl-users\n\n\nSample code::\n\n from openpyxl import Workbook\n wb = Workbook()\n\n # grab the active worksheet\n ws = wb.active\n\n # Data can be assigned directly to cells\n ws['A1'] = 42\n\n # Rows can also be appended\n ws.append([1, 2, 3])\n\n # Python types will automatically be converted\n import datetime\n ws['A2'] = datetime.datetime.now()\n\n # Save the file\n wb.save(\"sample.xlsx\")\n\n\nDocumentation\n-------------\n\nThe documentation is at: https://openpyxl.readthedocs.io\n\n* installation methods\n* code examples\n* instructions for contributing\n\nRelease notes: https://openpyxl.readthedocs.io/en/stable/changes.html", - "release_date": "2023-01-31T14:40:28", + "release_date": "2023-02-13T16:51:26", "parties": [ { "type": "person", @@ -2860,11 +2860,11 @@ "Programming Language :: Python :: 3.9" ], "homepage_url": "https://openpyxl.readthedocs.io", - "download_url": "https://files.pythonhosted.org/packages/0d/89/f78a9a895e221ec8b13ae7f9495f340a0fb43563b13e2891b5df134f20ea/openpyxl-3.1.0-py2.py3-none-any.whl", - "size": 250043, + "download_url": "https://files.pythonhosted.org/packages/9e/57/1d3c2ce7f6f783be9b21569fc468a9f3660e35cc17017abfbbc26d3bd061/openpyxl-3.1.1-py2.py3-none-any.whl", + "size": 249839, "sha1": null, - "md5": "66351b61736b19d3c88cd108908447d1", - "sha256": "24d7d361025d186ba91eff58135d50855cf035a84371b891e58fb6eb5125660f", + "md5": "864e1e1ea061fe056ade64f4e7bbaf22", + "sha256": "a0266e033e65f33ee697254b66116a5793c15fc92daf64711080000df4cfe0a8", "sha512": null, "bug_tracking_url": "https://foss.heptapod.net/openpyxl/openpyxl/-/issues", "code_view_url": "https://foss.heptapod.net/openpyxl/openpyxl", @@ -2884,20 +2884,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.0/json", + "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.1/json", "datasource_id": null, - "purl": "pkg:pypi/openpyxl@3.1.0" + "purl": "pkg:pypi/openpyxl@3.1.1" }, { "type": "pypi", "namespace": null, "name": "openpyxl", - "version": "3.1.0", + "version": "3.1.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "A Python library to read/write Excel 2010 xlsx/xlsm files\n.. image:: https://coveralls.io/repos/bitbucket/openpyxl/openpyxl/badge.svg?branch=default\n :target: https://coveralls.io/bitbucket/openpyxl/openpyxl?branch=default\n :alt: coverage status\n\nIntroduction\n------------\n\nopenpyxl is a Python library to read/write Excel 2010 xlsx/xlsm/xltx/xltm files.\n\nIt was born from lack of existing library to read/write natively from Python\nthe Office Open XML format.\n\nAll kudos to the PHPExcel team as openpyxl was initially based on PHPExcel.\n\n\nSecurity\n--------\n\nBy default openpyxl does not guard against quadratic blowup or billion laughs\nxml attacks. To guard against these attacks install defusedxml.\n\nMailing List\n------------\n\nThe user list can be found on http://groups.google.com/group/openpyxl-users\n\n\nSample code::\n\n from openpyxl import Workbook\n wb = Workbook()\n\n # grab the active worksheet\n ws = wb.active\n\n # Data can be assigned directly to cells\n ws['A1'] = 42\n\n # Rows can also be appended\n ws.append([1, 2, 3])\n\n # Python types will automatically be converted\n import datetime\n ws['A2'] = datetime.datetime.now()\n\n # Save the file\n wb.save(\"sample.xlsx\")\n\n\nDocumentation\n-------------\n\nThe documentation is at: https://openpyxl.readthedocs.io\n\n* installation methods\n* code examples\n* instructions for contributing\n\nRelease notes: https://openpyxl.readthedocs.io/en/stable/changes.html", - "release_date": "2023-01-31T14:40:31", + "release_date": "2023-02-13T16:51:28", "parties": [ { "type": "person", @@ -2921,11 +2921,11 @@ "Programming Language :: Python :: 3.9" ], "homepage_url": "https://openpyxl.readthedocs.io", - "download_url": "https://files.pythonhosted.org/packages/3d/73/bb87810cdde809f69fef11d31e77297894e58710d47626dc5e5b3ff8f92a/openpyxl-3.1.0.tar.gz", - "size": 186306, + "download_url": "https://files.pythonhosted.org/packages/10/bf/950ea7896f3c42ab04073cd2903f0a190ba77ef28bdf76191f6f86373712/openpyxl-3.1.1.tar.gz", + "size": 185802, "sha1": null, - "md5": "b7ba597b801b9a102f27599b2fa227b3", - "sha256": "eccedbe1cdd8b2494057e73959b496821141038dbb7eb9266ea59e3f34208231", + "md5": "0b1a5d776707ef471810f61c7bf77a2d", + "sha256": "f06d44e2c973781068bce5ecf860a09bcdb1c7f5ce1facd5e9aa82c92c93ae72", "sha512": null, "bug_tracking_url": "https://foss.heptapod.net/openpyxl/openpyxl/-/issues", "code_view_url": "https://foss.heptapod.net/openpyxl/openpyxl", @@ -2945,9 +2945,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.0/json", + "api_data_url": "https://pypi.org/pypi/openpyxl/3.1.1/json", "datasource_id": null, - "purl": "pkg:pypi/openpyxl@3.1.0" + "purl": "pkg:pypi/openpyxl@3.1.1" }, { "type": "pypi", @@ -4976,7 +4976,7 @@ "pkg:pypi/click@8.0.4", "pkg:pypi/jinja2@3.1.2", "pkg:pypi/license-expression@30.1.0", - "pkg:pypi/openpyxl@3.1.0", + "pkg:pypi/openpyxl@3.1.1", "pkg:pypi/packageurl-python@0.9.9", "pkg:pypi/saneyaml@0.5.2" ] @@ -5066,7 +5066,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/openpyxl@3.1.0", + "package": "pkg:pypi/openpyxl@3.1.1", "dependencies": [ "pkg:pypi/et-xmlfile@1.1.0" ] @@ -5147,4 +5147,4 @@ "dependencies": [] } ] -} +} \ No newline at end of file diff --git a/tests/data/single-url-except-simple-expected.json b/tests/data/single-url-except-simple-expected.json index 30ce254d..13dbc28f 100644 --- a/tests/data/single-url-except-simple-expected.json +++ b/tests/data/single-url-except-simple-expected.json @@ -142,12 +142,12 @@ "type": "pypi", "namespace": null, "name": "flask", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "A simple framework for building complex web applications.\nFlask\n=====\n\nFlask is a lightweight `WSGI`_ web application framework. It is designed\nto make getting started quick and easy, with the ability to scale up to\ncomplex applications. It began as a simple wrapper around `Werkzeug`_\nand `Jinja`_ and has become one of the most popular Python web\napplication frameworks.\n\nFlask offers suggestions, but doesn't enforce any dependencies or\nproject layout. It is up to the developer to choose the tools and\nlibraries they want to use. There are many extensions provided by the\ncommunity that make adding new functionality easy.\n\n.. _WSGI: https://wsgi.readthedocs.io/\n.. _Werkzeug: https://werkzeug.palletsprojects.com/\n.. _Jinja: https://jinja.palletsprojects.com/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n $ pip install -U Flask\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n # save this as app.py\n from flask import Flask\n\n app = Flask(__name__)\n\n @app.route(\"/\")\n def hello():\n return \"Hello, World!\"\n\n.. code-block:: text\n\n $ flask run\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n\n\nContributing\n------------\n\nFor guidance on setting up a development environment and how to make a\ncontribution to Flask, see the `contributing guidelines`_.\n\n.. _contributing guidelines: https://github.com/pallets/flask/blob/main/CONTRIBUTING.rst\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Flask and the libraries\nit uses. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, `please\ndonate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://flask.palletsprojects.com/\n- Changes: https://flask.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Flask/\n- Source Code: https://github.com/pallets/flask/\n- Issue Tracker: https://github.com/pallets/flask/issues/\n- Website: https://palletsprojects.com/p/flask/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T23:26:30", + "release_date": "2023-02-15T22:43:55", "parties": [ { "type": "person", @@ -177,11 +177,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/flask", - "download_url": "https://files.pythonhosted.org/packages/0f/43/15f4f9ab225b0b25352412e8daa3d0e3d135fcf5e127070c74c3632c8b4c/Flask-2.2.2-py3-none-any.whl", - "size": 101477, + "download_url": "https://files.pythonhosted.org/packages/95/9c/a3542594ce4973786236a1b7b702b8ca81dbf40ea270f0f96284f0c27348/Flask-2.2.3-py3-none-any.whl", + "size": 101839, "sha1": null, - "md5": "e737537775d400ad00adf8f59358f7ab", - "sha256": "b9c46cc36662a7949f34b52d8ec7bb59c0d74ba08ba6cb9ce9adc1d8676d9526", + "md5": "caa7a4f7604efe271c93f742933cb145", + "sha256": "c0bec9477df1cb867e5a67c9e1ab758de9cb4a3e52dd70681f59fa40a62b3f2d", "sha512": null, "bug_tracking_url": "https://github.com/pallets/flask/issues/", "code_view_url": "https://github.com/pallets/flask/", @@ -201,76 +201,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/flask/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/flask/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/flask@2.2.2" - }, - { - "type": "pypi", - "namespace": null, - "name": "flask", - "version": "2.2.2", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "A simple framework for building complex web applications.\nFlask\n=====\n\nFlask is a lightweight `WSGI`_ web application framework. It is designed\nto make getting started quick and easy, with the ability to scale up to\ncomplex applications. It began as a simple wrapper around `Werkzeug`_\nand `Jinja`_ and has become one of the most popular Python web\napplication frameworks.\n\nFlask offers suggestions, but doesn't enforce any dependencies or\nproject layout. It is up to the developer to choose the tools and\nlibraries they want to use. There are many extensions provided by the\ncommunity that make adding new functionality easy.\n\n.. _WSGI: https://wsgi.readthedocs.io/\n.. _Werkzeug: https://werkzeug.palletsprojects.com/\n.. _Jinja: https://jinja.palletsprojects.com/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n $ pip install -U Flask\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n # save this as app.py\n from flask import Flask\n\n app = Flask(__name__)\n\n @app.route(\"/\")\n def hello():\n return \"Hello, World!\"\n\n.. code-block:: text\n\n $ flask run\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n\n\nContributing\n------------\n\nFor guidance on setting up a development environment and how to make a\ncontribution to Flask, see the `contributing guidelines`_.\n\n.. _contributing guidelines: https://github.com/pallets/flask/blob/main/CONTRIBUTING.rst\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Flask and the libraries\nit uses. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, `please\ndonate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://flask.palletsprojects.com/\n- Changes: https://flask.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Flask/\n- Source Code: https://github.com/pallets/flask/\n- Issue Tracker: https://github.com/pallets/flask/issues/\n- Website: https://palletsprojects.com/p/flask/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T23:26:33", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Armin Ronacher", - "email": "armin.ronacher@active-4.com", - "url": null - }, - { - "type": "person", - "role": "maintainer", - "name": "Pallets", - "email": "contact@palletsprojects.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Framework :: Flask", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Internet :: WWW/HTTP :: WSGI", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", - "Topic :: Software Development :: Libraries :: Application Frameworks" - ], - "homepage_url": "https://palletsprojects.com/p/flask", - "download_url": "https://files.pythonhosted.org/packages/69/b6/53cfa30eed5aa7343daff36622843688ba8c6fe9829bb2b92e193ab1163f/Flask-2.2.2.tar.gz", - "size": 677389, - "sha1": null, - "md5": "c0d2276cb7d59a06d62c915da9c77ba6", - "sha256": "642c450d19c4ad482f96729bd2a8f6d32554aa1e231f4f6b4e7e5264b16cca2b", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/flask/issues/", - "code_view_url": "https://github.com/pallets/flask/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/flask/2.2.2/json", - "datasource_id": null, - "purl": "pkg:pypi/flask@2.2.2" + "purl": "pkg:pypi/flask@2.2.3" }, { "type": "pypi", @@ -760,12 +693,12 @@ "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:13", + "release_date": "2023-02-14T17:18:42", "parties": [ { "type": "person", @@ -795,11 +728,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/c8/27/be6ddbcf60115305205de79c29004a0c6bc53cec814f733467b1bb89386d/Werkzeug-2.2.2-py3-none-any.whl", - "size": 232700, + "download_url": "https://files.pythonhosted.org/packages/f6/f8/9da63c1617ae2a1dec2fbf6412f3a0cfe9d4ce029eccbda6e1e4258ca45f/Werkzeug-2.2.3-py3-none-any.whl", + "size": 233551, "sha1": null, - "md5": "7d1583943fb626014027b4fbd75507a0", - "sha256": "f979ab81f58d7318e064e99c4506445d60135ac5cd2e177a2de0089bfd4c9bd5", + "md5": "fd276a08a0dcdf25a48ed1a5ac07b836", + "sha256": "56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -819,20 +752,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" }, { "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:15", + "release_date": "2023-02-14T17:18:44", "parties": [ { "type": "person", @@ -862,11 +795,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/f8/c1/1c8e539f040acd80f844c69a5ef8e2fccdf8b442dabb969e497b55d544e1/Werkzeug-2.2.2.tar.gz", - "size": 844378, + "download_url": "https://files.pythonhosted.org/packages/02/3c/baaebf3235c87d61d6593467056d5a8fba7c75ac838b8d100a5e64eba7a0/Werkzeug-2.2.3.tar.gz", + "size": 845884, "sha1": null, - "md5": "9d7e50c5bb3a9fc12823b5faf374b90e", - "sha256": "7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", + "md5": "28c3ec6a4b1ce8f06c85612c1dfa351a", + "sha256": "2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -886,9 +819,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" }, { "type": "pypi", @@ -1003,13 +936,13 @@ "dependencies": [] }, { - "package": "pkg:pypi/flask@2.2.2", + "package": "pkg:pypi/flask@2.2.3", "dependencies": [ "pkg:pypi/click@8.1.3", "pkg:pypi/importlib-metadata@6.0.0", "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", - "pkg:pypi/werkzeug@2.2.2" + "pkg:pypi/werkzeug@2.2.3" ] }, { @@ -1033,7 +966,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/werkzeug@2.2.2", + "package": "pkg:pypi/werkzeug@2.2.3", "dependencies": [ "pkg:pypi/markupsafe@2.1.2" ] diff --git a/tests/data/test-api-expected.json b/tests/data/test-api-expected.json index a0f37c35..546da8c9 100644 --- a/tests/data/test-api-expected.json +++ b/tests/data/test-api-expected.json @@ -639,12 +639,12 @@ "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:13", + "release_date": "2023-02-14T17:18:42", "parties": [ { "type": "person", @@ -674,11 +674,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/c8/27/be6ddbcf60115305205de79c29004a0c6bc53cec814f733467b1bb89386d/Werkzeug-2.2.2-py3-none-any.whl", - "size": 232700, + "download_url": "https://files.pythonhosted.org/packages/f6/f8/9da63c1617ae2a1dec2fbf6412f3a0cfe9d4ce029eccbda6e1e4258ca45f/Werkzeug-2.2.3-py3-none-any.whl", + "size": 233551, "sha1": null, - "md5": "7d1583943fb626014027b4fbd75507a0", - "sha256": "f979ab81f58d7318e064e99c4506445d60135ac5cd2e177a2de0089bfd4c9bd5", + "md5": "fd276a08a0dcdf25a48ed1a5ac07b836", + "sha256": "56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -698,20 +698,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" }, { "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:15", + "release_date": "2023-02-14T17:18:44", "parties": [ { "type": "person", @@ -741,11 +741,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/f8/c1/1c8e539f040acd80f844c69a5ef8e2fccdf8b442dabb969e497b55d544e1/Werkzeug-2.2.2.tar.gz", - "size": 844378, + "download_url": "https://files.pythonhosted.org/packages/02/3c/baaebf3235c87d61d6593467056d5a8fba7c75ac838b8d100a5e64eba7a0/Werkzeug-2.2.3.tar.gz", + "size": 845884, "sha1": null, - "md5": "9d7e50c5bb3a9fc12823b5faf374b90e", - "sha256": "7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", + "md5": "28c3ec6a4b1ce8f06c85612c1dfa351a", + "sha256": "2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -765,9 +765,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" } ], "resolution": [ @@ -781,7 +781,7 @@ "pkg:pypi/click@8.1.3", "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", - "pkg:pypi/werkzeug@2.2.2" + "pkg:pypi/werkzeug@2.2.3" ] }, { @@ -799,10 +799,10 @@ "dependencies": [] }, { - "package": "pkg:pypi/werkzeug@2.2.2", + "package": "pkg:pypi/werkzeug@2.2.3", "dependencies": [ "pkg:pypi/markupsafe@2.1.2" ] } ] -} +} \ No newline at end of file diff --git a/tests/data/test-api-pdt-expected.json b/tests/data/test-api-pdt-expected.json index 26235bbf..b08323d8 100644 --- a/tests/data/test-api-pdt-expected.json +++ b/tests/data/test-api-pdt-expected.json @@ -639,12 +639,12 @@ "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:13", + "release_date": "2023-02-14T17:18:42", "parties": [ { "type": "person", @@ -674,11 +674,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/c8/27/be6ddbcf60115305205de79c29004a0c6bc53cec814f733467b1bb89386d/Werkzeug-2.2.2-py3-none-any.whl", - "size": 232700, + "download_url": "https://files.pythonhosted.org/packages/f6/f8/9da63c1617ae2a1dec2fbf6412f3a0cfe9d4ce029eccbda6e1e4258ca45f/Werkzeug-2.2.3-py3-none-any.whl", + "size": 233551, "sha1": null, - "md5": "7d1583943fb626014027b4fbd75507a0", - "sha256": "f979ab81f58d7318e064e99c4506445d60135ac5cd2e177a2de0089bfd4c9bd5", + "md5": "fd276a08a0dcdf25a48ed1a5ac07b836", + "sha256": "56433961bc1f12533306c624f3be5e744389ac61d722175d543e1751285da612", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -698,20 +698,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" }, { "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:15", + "release_date": "2023-02-14T17:18:44", "parties": [ { "type": "person", @@ -741,11 +741,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/f8/c1/1c8e539f040acd80f844c69a5ef8e2fccdf8b442dabb969e497b55d544e1/Werkzeug-2.2.2.tar.gz", - "size": 844378, + "download_url": "https://files.pythonhosted.org/packages/02/3c/baaebf3235c87d61d6593467056d5a8fba7c75ac838b8d100a5e64eba7a0/Werkzeug-2.2.3.tar.gz", + "size": 845884, "sha1": null, - "md5": "9d7e50c5bb3a9fc12823b5faf374b90e", - "sha256": "7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", + "md5": "28c3ec6a4b1ce8f06c85612c1dfa351a", + "sha256": "2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -765,9 +765,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" } ], "resolution": [ @@ -804,7 +804,7 @@ { "key": "werkzeug", "package_name": "werkzeug", - "installed_version": "2.2.2", + "installed_version": "2.2.3", "dependencies": [ { "key": "markupsafe", diff --git a/tests/data/test-api-with-prefer-source.json b/tests/data/test-api-with-prefer-source.json index 8e1c1b5d..65226ee4 100644 --- a/tests/data/test-api-with-prefer-source.json +++ b/tests/data/test-api-with-prefer-source.json @@ -322,12 +322,12 @@ "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:15", + "release_date": "2023-02-14T17:18:44", "parties": [ { "type": "person", @@ -357,11 +357,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/f8/c1/1c8e539f040acd80f844c69a5ef8e2fccdf8b442dabb969e497b55d544e1/Werkzeug-2.2.2.tar.gz", - "size": 844378, + "download_url": "https://files.pythonhosted.org/packages/02/3c/baaebf3235c87d61d6593467056d5a8fba7c75ac838b8d100a5e64eba7a0/Werkzeug-2.2.3.tar.gz", + "size": 845884, "sha1": null, - "md5": "9d7e50c5bb3a9fc12823b5faf374b90e", - "sha256": "7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", + "md5": "28c3ec6a4b1ce8f06c85612c1dfa351a", + "sha256": "2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -381,9 +381,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" } ], "resolution": [ @@ -397,7 +397,7 @@ "pkg:pypi/click@8.1.3", "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", - "pkg:pypi/werkzeug@2.2.2" + "pkg:pypi/werkzeug@2.2.3" ] }, { @@ -415,10 +415,10 @@ "dependencies": [] }, { - "package": "pkg:pypi/werkzeug@2.2.2", + "package": "pkg:pypi/werkzeug@2.2.3", "dependencies": [ "pkg:pypi/markupsafe@2.1.2" ] } ] -} +} \ No newline at end of file diff --git a/tests/data/test-api-with-python-311.json b/tests/data/test-api-with-python-311.json index 8e1c1b5d..65226ee4 100644 --- a/tests/data/test-api-with-python-311.json +++ b/tests/data/test-api-with-python-311.json @@ -322,12 +322,12 @@ "type": "pypi", "namespace": null, "name": "werkzeug", - "version": "2.2.2", + "version": "2.2.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "The comprehensive WSGI web application library.\nWerkzeug\n========\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive `WSGI`_ web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n`Flask`_ wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n.. _WSGI: https://wsgi.readthedocs.io/en/latest/\n.. _Flask: https://www.palletsprojects.com/p/flask/\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U Werkzeug\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n from werkzeug.wrappers import Request, Response\n\n @Request.application\n def application(request):\n return Response('Hello, World!')\n\n if __name__ == '__main__':\n from werkzeug.serving import run_simple\n run_simple('localhost', 4000, application)\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://werkzeug.palletsprojects.com/\n- Changes: https://werkzeug.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/Werkzeug/\n- Source Code: https://github.com/pallets/werkzeug/\n- Issue Tracker: https://github.com/pallets/werkzeug/issues/\n- Website: https://palletsprojects.com/p/werkzeug/\n- Twitter: https://twitter.com/PalletsTeam\n- Chat: https://discord.gg/pallets", - "release_date": "2022-08-08T21:44:15", + "release_date": "2023-02-14T17:18:44", "parties": [ { "type": "person", @@ -357,11 +357,11 @@ "Topic :: Software Development :: Libraries :: Application Frameworks" ], "homepage_url": "https://palletsprojects.com/p/werkzeug/", - "download_url": "https://files.pythonhosted.org/packages/f8/c1/1c8e539f040acd80f844c69a5ef8e2fccdf8b442dabb969e497b55d544e1/Werkzeug-2.2.2.tar.gz", - "size": 844378, + "download_url": "https://files.pythonhosted.org/packages/02/3c/baaebf3235c87d61d6593467056d5a8fba7c75ac838b8d100a5e64eba7a0/Werkzeug-2.2.3.tar.gz", + "size": 845884, "sha1": null, - "md5": "9d7e50c5bb3a9fc12823b5faf374b90e", - "sha256": "7ea2d48322cc7c0f8b3a215ed73eabd7b5d75d0b50e31ab006286ccff9e00b8f", + "md5": "28c3ec6a4b1ce8f06c85612c1dfa351a", + "sha256": "2e1ccc9417d4da358b9de6f174e3ac094391ea1d4fbef2d667865d819dfd0afe", "sha512": null, "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", "code_view_url": "https://github.com/pallets/werkzeug/", @@ -381,9 +381,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.2/json", + "api_data_url": "https://pypi.org/pypi/werkzeug/2.2.3/json", "datasource_id": null, - "purl": "pkg:pypi/werkzeug@2.2.2" + "purl": "pkg:pypi/werkzeug@2.2.3" } ], "resolution": [ @@ -397,7 +397,7 @@ "pkg:pypi/click@8.1.3", "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", - "pkg:pypi/werkzeug@2.2.2" + "pkg:pypi/werkzeug@2.2.3" ] }, { @@ -415,10 +415,10 @@ "dependencies": [] }, { - "package": "pkg:pypi/werkzeug@2.2.2", + "package": "pkg:pypi/werkzeug@2.2.3", "dependencies": [ "pkg:pypi/markupsafe@2.1.2" ] } ] -} +} \ No newline at end of file From 093275ff2c8cdc0916e054ae85cec20de2ed1ed9 Mon Sep 17 00:00:00 2001 From: "Bennati, Stefano" Date: Thu, 16 Feb 2023 09:17:49 +0100 Subject: [PATCH 10/10] fix tests. Signed-off-by: Bennati, Stefano --- src/python_inspector/resolution.py | 6 ++++-- tests/test_resolution.py | 8 ++++---- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/python_inspector/resolution.py b/src/python_inspector/resolution.py index 6fe97557..c9e2f3b9 100644 --- a/src/python_inspector/resolution.py +++ b/src/python_inspector/resolution.py @@ -322,7 +322,8 @@ def get_requirements_from_python_manifest( ) if len(setup_fct) > 1: print( - f"Warning: identified multiple definitions of 'setup()' in {setup_py_location}, defaulting to the first occurrence" + f"Warning: identified multiple definitions of 'setup()' in {setup_py_location}, " + "defaulting to the first occurrence" ) setup_fct = setup_fct[0] install_requires = [ @@ -334,7 +335,8 @@ def get_requirements_from_python_manifest( ) if len(install_requires) > 1: print( - f"Warning: identified multiple definitions of 'install_requires' in {setup_py_location}, defaulting to the first occurrence" + f"Warning: identified multiple definitions of 'install_requires' in " + "{setup_py_location}, defaulting to the first occurrence" ) install_requires = install_requires[0].elts if len(install_requires) != 0: diff --git a/tests/test_resolution.py b/tests/test_resolution.py index 407beb1e..b5e6e2cb 100644 --- a/tests/test_resolution.py +++ b/tests/test_resolution.py @@ -50,7 +50,7 @@ def test_get_resolved_dependencies_with_flask_and_python_310(): "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", "pkg:pypi/markupsafe@2.1.2", - "pkg:pypi/werkzeug@2.2.2", + "pkg:pypi/werkzeug@2.2.3", ] @@ -74,7 +74,7 @@ def test_get_resolved_dependencies_with_flask_and_python_310_windows(): "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", "pkg:pypi/markupsafe@2.1.2", - "pkg:pypi/werkzeug@2.2.2", + "pkg:pypi/werkzeug@2.2.3", ] @@ -125,7 +125,7 @@ def test_get_resolved_dependencies_with_tilde_requirement_using_json_api(): "pkg:pypi/itsdangerous@2.1.2", "pkg:pypi/jinja2@3.1.2", "pkg:pypi/markupsafe@2.1.2", - "pkg:pypi/werkzeug@2.2.2", + "pkg:pypi/werkzeug@2.2.3", "pkg:pypi/zipp@3.13.0", ] @@ -151,7 +151,7 @@ def test_without_supported_wheels(): "pkg:pypi/hyperlink@21.0.0", "pkg:pypi/idna@3.4", "pkg:pypi/pycparser@2.21", - "pkg:pypi/setuptools@67.2.0", + "pkg:pypi/setuptools@67.3.2", "pkg:pypi/txaio@23.1.1", ]