-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add test for GitHub tokens, warning for password stored #1
Add test for GitHub tokens, warning for password stored #1
Conversation
Relates-to: python-poetry/poetry#3132 Relates-to: python-poetry/poetry#3200
This change allows for development dependencies to be ignored creating `Poetry` instances. This is used when PEP 517 artifacts are built as they are not required in this scenario. Relates-to: python-poetry/poetry#2174
DeepCode's analysis on #15233b found:
Top issues
👉 View analysis in DeepCode’s Dashboard | Configure the bot |
Fixed the deepcode CI issue, but not sure why the other tests are failing since it fails on the 'Install Poetry' step. Maybe the base branch needs to be rebased to the latest one from upstream? I tested this locally and everything passes. |
user="fafb334-cb038533f851c23d0b63254223Abf72ce4f02987e7064b0c95566699a", | ||
password="x-oauth-basic", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is not entirely correct since the user
identified here is actually the personal access token, and the password
is the auth protocol. However, it was the easiest thing to do without rewriting the regex matching and url parsing logic.
34f5576
to
1354d9e
Compare
* Simplify temporary_directory and use safe_rmtree
This resolves a crash that occurs on PyPy3 on Windows Closes python-poetry/poetry#3545
Paths for generated code that's excluded by vcs, but then included explicitly, were wrong because they appared in the exclude list during Builder.find_excluded_files(). I changed find_excluded_files to not exclude files which are explicitly included, by taking a set difference. Added a test for this case.
Useful for R&D departments :) python-poetry/poetry#3485
Update packaging dep to v20.8
Always close the wheel tempfile after writing to it
Make sdist deterministic by setting gzip mtime to 0
Release 1.1.0a1
* tests: fix incorrect parameters * pep440: replace lark in favour of regex The lark early implementation of PEP440 that was introduced was not performant. The implementation added on average around 7 seconds to the test suite execution time. This change drops the lark parser, and uses `packaging.version` provided regex for version string parsing. New dataclass interface for version instances remain unaffected.
…etry#157) * tests: add coverage for poetry.core.version.pep440 * pep440: allow release tuples * pep440: support post/local release comparisons This change ensures that post and local releases are taken into consideration when checking if version range allows a post release local build release at upper and lower bounds. The following conditions now hold for upper bound checks. - `<=3.0.0` allows `3.0.0+local.1`, `3.0.0-1` - `<=3.0.0+local.1` disallows `3.0.0+local.2`, allows `3.0.0-1` - `<=3.0.0-1` allows `3.0.0+local.1`, `3.0.0` Lower bound checks require no modification and works due to the implicit version comparison of `poetry.core.pep440.PEP440Version`.
This change ensures that post and local releases are taken into consideration when checking if semver version instance allows post and local build releases. The following conditions now hold `poetry.core.semver.Version.allows`. - `3.0.0` allows `3.0.0+local.1`, `3.0.0-1` - `3.0.0+local.1` disallows `3.0.0+local.2`, allows `3.0.0-1` - `3.0.0-1` disallows ``3.0.0`, `3.0.0+local.1`, allows `3.0.0-1+local.1`
Release 1.1.0a2
Release 1.1.0a3
This change also fixes python 3.10 failures.
When generating setup.py and PKG-INFO files, ensure that generated files use a deterministic timestamp to enhance reproducibility of source distributions.
…ies with markers (python-poetry#153) * fix(packages/dependency): add space after filename for file dependencies with markers local vendored files need a space after the file name and before the ";" which demarks the start of markers fix #3872
new (vcs.git): extract user credential (passord, deployment key, ...) from git url change (vcs.git): change order of init arguments for `ParsedUrl` change (vcs.git): make user, password, port, name and rev optional for `ParsedUrl`
…olean whether the ParsedUrl contains a secret like a password
0e59024
to
75f18a0
Compare
Resolves: python-poetry/poetry#2348
Changes:
x-oauth-basic
GitHub URL is used in package link (Add Personal Access Token Authentication Support python-poetry/poetry#2348).is_unsafe
property (based on discussion in allow appending deployment key to username (#2062) python-poetry/poetry#2169 (comment)).@finswimmer : I have based this off of your branch that resovles python-poetry/poetry#2062. Hopefully this helps in speeding things up towards getting that issue closed.