Replace usage of pipfile #5339
Merged
Replace usage of pipfile #5339
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is because pipfile is quite dormant.
Plette has a better code base and the same API.
oz123
force-pushed
the
replace-pipfile-with-plette
branch
2 times, most recently
from
cfd4683 to
79aeff5
Compare
This commit comes with a warning! This might be considered a behavior change. Since, plette uses a stricter boolean: \"true\" is not parsed the same way as "true"
Testing and development of plette parser will be done upstream.
oz123
force-pushed
the
replace-pipfile-with-plette
branch
from
59944dc to
d1aea86
Compare
Unnamed sources will break with the following error:
pipenv.vendor.plette.models.base.ValidationError: {'url': 'https://pypi.org/simple', 'verify_ssl': True}
name: required field
This tests actually required the private pypi, since fake-package doesn't exist on Pypi!
It seems the are was an assertion in this test that was wrong. I don't think pipenv install should modifiy the Pipfile when running `pipenv install`.
The source must contain a name or Plette will fail.
oz123
force-pushed
the
replace-pipfile-with-plette
branch
from
2f9e5c1 to
553925f
Compare
This was broken because of wrong Pipfile format. Plette is strict!
oz123
force-pushed
the
replace-pipfile-with-plette
branch
from
553925f to
8bbb4bd
Compare
matteius
reviewed
Sep 14, 2022
matteius
reviewed
Sep 14, 2022
matteius
reviewed
Sep 14, 2022
This is needed since the upgrade of requirementlib.
matteius
approved these changes
Sep 16, 2022
jeffwidman
added a commit
to dependabot/dependabot-core
that referenced
this pull request
Aug 10, 2023
The main user of `pipfile` is `pipenv`, and _not_ any of the other python package managers. However, `pipfile` library has been pretty much unmaintained, so `pipenv` switched to using `plette` for parsing/validation of `Pipfile`'s: * pypa/pipenv#5310 * pypa/pipenv#5339 So let's switch our usage as well. Today we only use `pipfile` for generating hashes, so this is effectively a silent no-op. However, down the road we could leverage `plette` for `Pipfile` parsing/validation... for example see how it's flagging things here: #6104 (comment)
jeffwidman
added a commit
to dependabot/dependabot-core
that referenced
this pull request
Aug 23, 2023
The main user of `pipfile` is `pipenv`, and _not_ any of the other python package managers. However, `pipfile` library has been pretty much unmaintained, so `pipenv` switched to using `plette` for parsing/validation of `Pipfile`'s: * pypa/pipenv#5310 * pypa/pipenv#5339 So let's switch our usage as well. Today we only use `pipfile` for generating hashes, so this is effectively a silent no-op. However, down the road we could leverage `plette` for `Pipfile` parsing/validation... for example see how it's flagging things here: #6104 (comment)
jeffwidman
added a commit
to jeffwidman/dependabot-core
that referenced
this pull request
Mar 21, 2024
The main user of `pipfile` is `pipenv`, and _not_ any of the other python package managers. However, `pipfile` library has been pretty much unmaintained, so `pipenv` switched to using `plette` for parsing/validation of `Pipfile`'s: * pypa/pipenv#5310 * pypa/pipenv#5339 So let's switch our usage as well. Today we only use `pipfile` for generating hashes, so this is effectively a silent no-op. However, down the road we could leverage `plette` for `Pipfile` parsing/validation... for example see how it's flagging things here: dependabot#6104 (comment)
abdulapopoola
added a commit
to dependabot/dependabot-core
that referenced
this pull request
Mar 22, 2024
The main user of `pipfile` is `pipenv`, and _not_ any of the other python package managers. However, `pipfile` library has been pretty much unmaintained, so `pipenv` switched to using `plette` for parsing/validation of `Pipfile`'s: * pypa/pipenv#5310 * pypa/pipenv#5339 So let's switch our usage as well. Today we only use `pipfile` for generating hashes, so this is effectively a silent no-op. However, down the road we could leverage `plette` for `Pipfile` parsing/validation... for example see how it's flagging things here: #6104 (comment) Co-authored-by: AbdulFattaah Popoola <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is because pipfile is quite dormant.
This will help with removing six. Also, worth noting:
plette's own Pipfile class uses a much stricter checking. I don't think it's going to be a problem
since 99% of the user don't craft their own
Pipfiles. However, I needed to fix some tests topass again.
If people did craft their own
Pipfilethe errors from Plette are pretty straight forward to understandso they can fix their files.
Also, a nice bonus: it seems that the test suite now runs ~20 min, compared to ~23 min. Still too long,
Just reminding ourselves ... it used to be 50 minutes ...
Fixes #5310