Add test for GitHub tokens, warning for password stored #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Relates-to: python-poetry/poetry#3132 Relates-to: python-poetry/poetry#3200
This change allows for development dependencies to be ignored creating `Poetry` instances. This is used when PEP 517 artifacts are built as they are not required in this scenario. Relates-to: python-poetry/poetry#2174
DeepCode's analysis on #15233b found:
Top issues
👉 View analysis in DeepCode’s Dashboard | Configure the bot |
|
Fixed the deepcode CI issue, but not sure why the other tests are failing since it fails on the 'Install Poetry' step. Maybe the base branch needs to be rebased to the latest one from upstream? I tested this locally and everything passes. |
setu4993
commented
Nov 22, 2020
Comment on lines
+311
to
+305
| user="fafb334-cb038533f851c23d0b63254223Abf72ce4f02987e7064b0c95566699a", | ||
| password="x-oauth-basic", |
There was a problem hiding this comment.
This is not entirely correct since the user identified here is actually the personal access token, and the password is the auth protocol. However, it was the easiest thing to do without rewriting the regex matching and url parsing logic.
setu4993
changed the title
2 tasks
setu4993
force-pushed
the
feature/add-test-github-tokens
branch
5 times, most recently
from
34f5576
to
1354d9e
Compare
* Simplify temporary_directory and use safe_rmtree
This resolves a crash that occurs on PyPy3 on Windows Closes python-poetry/poetry#3545
Paths for generated code that's excluded by vcs, but then included explicitly, were wrong because they appared in the exclude list during Builder.find_excluded_files(). I changed find_excluded_files to not exclude files which are explicitly included, by taking a set difference. Added a test for this case.
Useful for R&D departments :) python-poetry/poetry#3485
Update packaging dep to v20.8
Always close the wheel tempfile after writing to it
Make sdist deterministic by setting gzip mtime to 0
Release 1.1.0a1
* tests: fix incorrect parameters * pep440: replace lark in favour of regex The lark early implementation of PEP440 that was introduced was not performant. The implementation added on average around 7 seconds to the test suite execution time. This change drops the lark parser, and uses `packaging.version` provided regex for version string parsing. New dataclass interface for version instances remain unaffected.
…etry#157) * tests: add coverage for poetry.core.version.pep440 * pep440: allow release tuples * pep440: support post/local release comparisons This change ensures that post and local releases are taken into consideration when checking if version range allows a post release local build release at upper and lower bounds. The following conditions now hold for upper bound checks. - `<=3.0.0` allows `3.0.0+local.1`, `3.0.0-1` - `<=3.0.0+local.1` disallows `3.0.0+local.2`, allows `3.0.0-1` - `<=3.0.0-1` allows `3.0.0+local.1`, `3.0.0` Lower bound checks require no modification and works due to the implicit version comparison of `poetry.core.pep440.PEP440Version`.
This change ensures that post and local releases are taken into consideration when checking if semver version instance allows post and local build releases. The following conditions now hold `poetry.core.semver.Version.allows`. - `3.0.0` allows `3.0.0+local.1`, `3.0.0-1` - `3.0.0+local.1` disallows `3.0.0+local.2`, allows `3.0.0-1` - `3.0.0-1` disallows ``3.0.0`, `3.0.0+local.1`, allows `3.0.0-1+local.1`
Release 1.1.0a2
Release 1.1.0a3
This change also fixes python 3.10 failures.
When generating setup.py and PKG-INFO files, ensure that generated files use a deterministic timestamp to enhance reproducibility of source distributions.
…ies with markers (python-poetry#153) * fix(packages/dependency): add space after filename for file dependencies with markers local vendored files need a space after the file name and before the ";" which demarks the start of markers fix #3872
new (vcs.git): extract user credential (passord, deployment key, ...) from git url change (vcs.git): change order of init arguments for `ParsedUrl` change (vcs.git): make user, password, port, name and rev optional for `ParsedUrl`
…olean whether the ParsedUrl contains a secret like a password
setu4993
force-pushed
the
feature/add-test-github-tokens
branch
from
0e59024
to
75f18a0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolves: python-poetry/poetry#2348
Changes:
x-oauth-basicGitHub URL is used in package link (Add Personal Access Token Authentication Support python-poetry/poetry#2348).is_unsafeproperty (based on discussion in allow appending deployment key to username (#2062) python-poetry/poetry#2169 (comment)).@finswimmer : I have based this off of your branch that resovles python-poetry/poetry#2062. Hopefully this helps in speeding things up towards getting that issue closed.