Skip to content

Commit

Permalink
Ignore eggs hashes from PyPI JSON API
Browse files Browse the repository at this point in the history
  • Loading branch information
@atugushev
atugushev authored and Asif Saif Uddin committed Apr 30, 2020
1 parent a40414a commit 0c3d022
Show file tree
Hide file tree
Showing 2 changed files with 52 additions and 5 deletions.
2 changes: 2 additions & 0 deletions piptools/repositories/pypi.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,7 @@

class PyPIRepository(BaseRepository):
DEFAULT_INDEX_URL = PyPI.simple_url
HASHABLE_PACKAGE_TYPES = {"bdist_wheel", "sdist"}

"""
The PyPIRepository will use the provided Finder instance to lookup
Expand Down Expand Up @@ -338,6 +339,7 @@ def _get_hashes_from_pypi(self, ireq):
algo=FAVORITE_HASH, digest=file_["digests"][FAVORITE_HASH]
)
for file_ in release_files
if file_["packagetype"] in self.HASHABLE_PACKAGE_TYPES
}
except KeyError:
log.debug("Missing digests of release files on PyPI")
Expand Down
55 changes: 50 additions & 5 deletions tests/test_repository_pypi.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -172,31 +172,76 @@ def test_pip_cache_dir_is_empty(from_line, tmpdir):
"project_data, expected_hashes",
(
pytest.param(
{"releases": {"0.1": [{"digests": {"sha256": "fake-hash"}}]}},
{
"releases": {
"0.1": [
{
"packagetype": "bdist_wheel",
"digests": {"sha256": "fake-hash"},
}
]
}
},
{"sha256:fake-hash"},
id="return single hash",
),
pytest.param(
{
"releases": {
"0.1": [
{"digests": {"sha256": "fake-hash-number1"}},
{"digests": {"sha256": "fake-hash-number2"}},
{
"packagetype": "bdist_wheel",
"digests": {"sha256": "fake-hash-number1"},
},
{
"packagetype": "sdist",
"digests": {"sha256": "fake-hash-number2"},
},
]
}
},
{"sha256:fake-hash-number1", "sha256:fake-hash-number2"},
id="return multiple hashes",
),
pytest.param(
{
"releases": {
"0.1": [
{
"packagetype": "bdist_wheel",
"digests": {"sha256": "fake-hash-number1"},
},
{
"packagetype": "sdist",
"digests": {"sha256": "fake-hash-number2"},
},
{
"packagetype": "bdist_eggs",
"digests": {"sha256": "fake-hash-number3"},
},
]
}
},
{"sha256:fake-hash-number1", "sha256:fake-hash-number2"},
id="return only bdist_wheel and sdist hashes",
),
pytest.param(None, None, id="not found project data"),
pytest.param({}, None, id="not found releases key"),
pytest.param({"releases": {}}, None, id="not found version"),
pytest.param({"releases": {"0.1": [{}]}}, None, id="not found digests"),
pytest.param(
{"releases": {"0.1": [{"digests": {}}]}}, None, id="digests are empty"
{"releases": {"0.1": [{"packagetype": "bdist_wheel", "digests": {}}]}},
None,
id="digests are empty",
),
pytest.param(
{"releases": {"0.1": [{"digests": {"md5": "fake-hash"}}]}},
{
"releases": {
"0.1": [
{"packagetype": "bdist_wheel", "digests": {"md5": "fake-hash"}}
]
}
},
None,
id="not found sha256 algo",
),
Expand Down

0 comments on commit 0c3d022

Please sign in to comment.