Skip to content
Snippets Groups Projects
Commit d6ab14e2 authored by André Gomes's avatar André Gomes
Browse files

Remove third-party dependency for PyPi latest version

parent 2ef715a0
No related branches found
No related tags found
No related merge requests found
......@@ -11,14 +11,14 @@
ARG JAVA_VERSION="21"
ARG MAVEN_VERSION="3.9.9"
ARG PYTHON_VERSION="3.11.9"
ARG PYTHON_VERSION="3.13.5"
FROM eclipse-temurin:${JAVA_VERSION}-jdk-alpine AS java
FROM maven:${MAVEN_VERSION}-eclipse-temurin-${JAVA_VERSION} AS maven
FROM python:${PYTHON_VERSION}-alpine3.20
LABEL maintainer="André Gomes <andre.gomes@eclipse-foundation.org>"
LABEL description="Docker image for building and installing Eclipse Dash IP Analysis"
LABEL description="Docker image for building and installing Eclipse IP Analysis"
LABEL version="0.1"
ENV JAVA_HOME=/opt/java/openjdk
......@@ -42,7 +42,7 @@ RUN pip install --no-cache-dir hatch
WORKDIR /app
# Clone, build, and install with Hatch
RUN git clone https://gitlab.eclipse.org/eclipse/technology/dash/ip-check.git . && \
RUN git clone https://gitlab.eclipse.org/eclipse/technology/dash/ip-analysis.git . && \
hatch build && \
pip install --no-cache-dir dist/eclipse_ipa-*.whl
......
......@@ -27,7 +27,7 @@ TypeScript (NPM and Yarn), Kotlin (Gradle), Python._
In order to run the tool, you must install the base requirements described below.
- Python >=3.9, <3.13: check your Python version with the command ```python --version```. In some systems, you may not have
- Python >=3.9: check your Python version with the command ```python --version```. In some systems, you may not have
the alias for Python mapping to Python 3. In such cases, you can run ```python3 --version```. Moreover, check that you
have the Python Package Manager (pip) installed. Similar to Python, you can run ```pip --version``` or
```pip3 --version```. The resulting line should contain your version of Python at its end. If pip is not installed,
......
......@@ -22,9 +22,8 @@ authors = [
description = "A package to perform IP Analysis for GitHub and GitLab projects"
readme = "README.md"
license = { text = "EPL-2.0" }
requires-python = ">=3.9,<3.13"
dependencies = ["chardet==5.2.0", "get-pypi-latest-version==0.1.0", "Jinja2==3.1.6", "python-gitlab==6.1.0",
"PyGithub==2.6.1"]
requires-python = ">=3.9"
dependencies = ["chardet==5.2.0", "Jinja2==3.1.6", "python-gitlab==6.1.0", "PyGithub==2.6.1"]
classifiers = [
"Programming Language :: Python :: 3",
"License :: OSI Approved :: Eclipse Public License 2.0 (EPL-2.0)",
......
......@@ -11,17 +11,20 @@
__version__ = "0.1.0"
import fnmatch
import re
from fnmatch import translate
from re import match
from requests import exceptions, get
def find_dependencies_gitlab(config, logger, lang, files, default_filenames):
# Attempt to find dependency files
filepaths = []
for pattern in config.get(lang, 'DependencySearch', fallback=default_filenames).split(','):
regex = fnmatch.translate(pattern.strip())
# Pattern to regex
regex = translate(pattern.strip())
for f in files:
if re.match(regex, f['name']):
if match(regex, f['name']):
filepaths.append(f['path'])
# print(filepaths)
logger.info("Dependency filepaths for " + lang + ": " + str(filepaths))
......@@ -32,9 +35,10 @@ def find_dependencies_github(config, logger, lang, files, default_filenames):
# Attempt to find dependency files
filepaths = []
for pattern in config.get(lang, 'DependencySearch', fallback=default_filenames).split(','):
regex = fnmatch.translate(pattern.strip())
# Pattern to regex
regex = translate(pattern.strip())
for f in files:
if re.match(regex, f.name):
if match(regex, f.name):
filepaths.append(f.path)
# print(filepaths)
logger.info("Dependency filepaths for " + lang + ": " + str(filepaths))
......@@ -59,6 +63,36 @@ def add_ghdep_locations(dependency_locations, proj, lang, paths):
dependency_locations[proj][lang].append(path)
def get_pypy_latest_version(package_name):
pypi_url = "https://pypi.org/pypi"
json_url = f"{pypi_url}/{package_name}/json"
try:
# Make the request to the PyPI API with a timeout
response = get(json_url, timeout=30)
# Raise an exception for bad status codes (4xx or 5xx)
response.raise_for_status()
data = response.json()
except exceptions.HTTPError as e:
if e.response.status_code == 404:
raise ValueError(f"Package '{package_name}' not found on PyPI.") from e
raise ValueError(
f"Failed to retrieve data from PyPI. Status: {e.response.status_code}"
) from e
except exceptions.RequestException as e:
# Handle network-related errors like timeouts or connection issues
raise ValueError(f"Request to PyPI failed: {e}") from e
# Extract the latest version
try:
latest_version = data["info"]["version"]
return latest_version
except KeyError:
raise ValueError(f"Could not find 'info' or 'version' in PyPI response for {package_name}.")
def add_error_report(config, location, error):
if config['output_report']:
return {'location': location, 'name': error, 'license': '', 'status': 'error', 'authority': '-',
......
......@@ -20,7 +20,6 @@ from subprocess import PIPE, Popen
from tomllib import loads, TOMLDecodeError
from chardet import detect
from get_pypi_latest_version import GetPyPiLatestVersion
from ..common import utils
......@@ -213,9 +212,6 @@ class Dash:
sorted_contents = contents.split("\n")
sorted_contents.sort()
# To get latest versions
obtainer = GetPyPiLatestVersion()
# Handle versions
contents = []
for line in sorted_contents:
......@@ -233,12 +229,12 @@ class Dash:
elif "=" not in line:
# When no version is specified, assume the latest
try:
contents.append(line + "==" + obtainer(line))
contents.append(line + "==" + utils.get_pypy_latest_version(line))
except ValueError:
self.logger.warning(
"Error obtaining latest PyPi version for " + line + ". Attempting with " + line.capitalize())
try:
contents.append(line.capitalize() + "==" + obtainer(line.capitalize()))
contents.append(line.capitalize() + "==" + utils.get_pypy_latest_version(line.capitalize()))
except ValueError:
self.logger.warning(
"Error obtaining latest PyPi version for " + line.capitalize() + ". Gave up...")
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment