From 5930164a2f3a3ae68624468ba9deedb7c641b815 Mon Sep 17 00:00:00 2001 From: Dan Ryan Date: Sat, 30 Jun 2018 20:18:04 -0400 Subject: [PATCH] Fix parsing of usernames in private pypi URIs - Fixes #2459 and #2389 Signed-off-by: Dan Ryan --- news/2484.bugfix | 1 + news/2484.vendor | 1 + pipenv/vendor/requirementslib/__init__.py | 2 +- pipenv/vendor/requirementslib/_compat.py | 10 ---------- pipenv/vendor/requirementslib/models/requirements.py | 2 +- pipenv/vendor/requirementslib/models/utils.py | 7 ++++--- pipenv/vendor/requirementslib/utils.py | 2 +- pipenv/vendor/vendor.txt | 2 +- 8 files changed, 10 insertions(+), 17 deletions(-) create mode 100644 news/2484.bugfix create mode 100644 news/2484.vendor diff --git a/news/2484.bugfix b/news/2484.bugfix new file mode 100644 index 0000000000..ea4e1d298a --- /dev/null +++ b/news/2484.bugfix @@ -0,0 +1 @@ +Resolved an issue parsing usernames from private PyPI URIs in ``Pipfiles`` by updating ``requirementslib``. diff --git a/news/2484.vendor b/news/2484.vendor new file mode 100644 index 0000000000..ea4e1d298a --- /dev/null +++ b/news/2484.vendor @@ -0,0 +1 @@ +Resolved an issue parsing usernames from private PyPI URIs in ``Pipfiles`` by updating ``requirementslib``. diff --git a/pipenv/vendor/requirementslib/__init__.py b/pipenv/vendor/requirementslib/__init__.py index 88623173e9..776d2a15bc 100644 --- a/pipenv/vendor/requirementslib/__init__.py +++ b/pipenv/vendor/requirementslib/__init__.py @@ -1,5 +1,5 @@ # -*- coding=utf-8 -*- -__version__ = "1.0.8" +__version__ = "1.0.9" from .exceptions import RequirementError diff --git a/pipenv/vendor/requirementslib/_compat.py b/pipenv/vendor/requirementslib/_compat.py index 95b647ab31..52b35565fe 100644 --- a/pipenv/vendor/requirementslib/_compat.py +++ b/pipenv/vendor/requirementslib/_compat.py @@ -39,8 +39,6 @@ def do_import(module_path, subimport=None, old_path=None): InstallRequirement = do_import("req.req_install", "InstallRequirement") -parse_requirements = do_import("req.req_file", "parse_requirements") -RequirementSet = do_import("req.req_set", "RequirementSet") user_cache_dir = do_import("utils.appdirs", "user_cache_dir") FAVORITE_HASH = do_import("utils.hashes", "FAVORITE_HASH") is_file_url = do_import("download", "is_file_url") @@ -48,18 +46,10 @@ def do_import(module_path, subimport=None, old_path=None): path_to_url = do_import("download", "path_to_url") is_archive_file = do_import("download", "is_archive_file") _strip_extras = do_import("req.req_install", "_strip_extras") -PackageFinder = do_import("index", "PackageFinder") -FormatControl = do_import("index", "FormatControl") Link = do_import("index", "Link") Wheel = do_import("wheel", "Wheel") -Command = do_import("basecommand", "Command") -cmdoptions = do_import("cmdoptions") -get_installed_distributions = do_import( - "utils.misc", "get_installed_distributions", old_path="utils" -) is_installable_file = do_import("utils.misc", "is_installable_file", old_path="utils") is_installable_dir = do_import("utils.misc", "is_installable_dir", old_path="utils") -PyPI = do_import("models.index", "PyPI") make_abstract_dist = do_import( "operations.prepare", "make_abstract_dist", old_path="req.req_set" ) diff --git a/pipenv/vendor/requirementslib/models/requirements.py b/pipenv/vendor/requirementslib/models/requirements.py index 99d8ec76dd..d49ce49416 100644 --- a/pipenv/vendor/requirementslib/models/requirements.py +++ b/pipenv/vendor/requirementslib/models/requirements.py @@ -8,7 +8,6 @@ import requirements from first import first -from pkg_resources import RequirementParseError from six.moves.urllib import parse as urllib_parse from .baserequirement import BaseRequirement @@ -60,6 +59,7 @@ class NamedRequirement(BaseRequirement): @req.default def get_requirement(self): + from pkg_resources import RequirementParseError try: req = first(requirements.parse("{0}{1}".format(self.name, self.version))) except RequirementParseError: diff --git a/pipenv/vendor/requirementslib/models/utils.py b/pipenv/vendor/requirementslib/models/utils.py index 13b2b3683f..82309e9be9 100644 --- a/pipenv/vendor/requirementslib/models/utils.py +++ b/pipenv/vendor/requirementslib/models/utils.py @@ -4,8 +4,6 @@ import six from attr import validators from first import first -from packaging.markers import Marker, InvalidMarker -from packaging.specifiers import SpecifierSet, InvalidSpecifier from .._compat import Link from ..utils import SCHEME_LIST, VCS_LIST, is_star @@ -84,7 +82,7 @@ def strip_ssh_from_git_uri(uri): def add_ssh_scheme_to_git_uri(uri): - """Cleans VCS uris from pipenv.patched.notpip format""" + """Cleans VCS uris from pip format""" if isinstance(uri, six.string_types): # Add scheme for parsing purposes, this is also what pip does if uri.startswith("git+") and "://" not in uri: @@ -94,6 +92,7 @@ def add_ssh_scheme_to_git_uri(uri): def split_markers_from_line(line): """Split markers from a dependency""" + from packaging.markers import Marker, InvalidMarker if not any(line.startswith(uri_prefix) for uri_prefix in SCHEME_LIST): marker_sep = ";" else: @@ -125,6 +124,7 @@ def validate_path(instance, attr_, value): def validate_markers(instance, attr_, value): + from packaging.markers import Marker, InvalidMarker try: Marker("{0}{1}".format(attr_.name, value)) except InvalidMarker: @@ -132,6 +132,7 @@ def validate_markers(instance, attr_, value): def validate_specifiers(instance, attr_, value): + from packaging.specifiers import SpecifierSet, InvalidSpecifier if value == "": return True try: diff --git a/pipenv/vendor/requirementslib/utils.py b/pipenv/vendor/requirementslib/utils.py index 4204d73a13..4c0d3e07d1 100644 --- a/pipenv/vendor/requirementslib/utils.py +++ b/pipenv/vendor/requirementslib/utils.py @@ -159,7 +159,7 @@ def prepare_pip_source_args(sources, pip_args=None): # Trust the host if it's not verified. if not sources[0].get("verify_ssl", True): pip_args.extend( - ["--trusted-host", urlparse(sources[0]["url"]).netloc.split(":")[0]] + ["--trusted-host", urlparse(sources[0]["url"]).hostname] ) # Add additional sources as extra indexes. if len(sources) > 1: diff --git a/pipenv/vendor/vendor.txt b/pipenv/vendor/vendor.txt index 0b2808f010..10cd29444c 100644 --- a/pipenv/vendor/vendor.txt +++ b/pipenv/vendor/vendor.txt @@ -27,7 +27,7 @@ requests==2.19.1 idna==2.7 urllib3==1.23 certifi==2018.4.16 -requirementslib==1.0.8 +requirementslib==1.0.9 attrs==18.1.0 distlib==0.2.7 packaging==17.1