Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Recognize Python packages (wheels, eggs, various dist as archives or installed) #253

Closed
balusarakesh opened this issue Apr 13, 2016 · 20 comments
Closed

Recognize Python packages (wheels, eggs, various dist as archives or installed) #253

balusarakesh opened this issue Apr 13, 2016 · 20 comments
Assignees
@licodeli
Labels
enhancement package scan package-formats

Comments

@balusarakesh
Copy link
Collaborator

scancode must be able to detect Python packages used by in a project by parsing files like setup.py, .whl files, .eggs files, requirements.txt or pip_requirements.txt.
balusarakesh pushed a commit that referenced this issue Apr 18, 2016
#253 minor corrections and updated comments
a4c5e1b
@pombredanne pombredanne changed the title recognize python packages Recognize Python packages (wheels, eggs, various dist as archives or installed) Apr 18, 2016
pombredanne pushed a commit that referenced this issue Aug 23, 2016
@pombredanne
#253 minor corrections and updated comments
980f4b1
pombredanne pushed a commit that referenced this issue Nov 8, 2016
@pombredanne
#253 minor corrections and updated comments
d453a3d
pombredanne pushed a commit that referenced this issue Nov 15, 2016
@pombredanne
#253 minor corrections and updated comments
339cdeb
pombredanne pushed a commit that referenced this issue Dec 6, 2016
@pombredanne
#253 Recognize Python packages using setup.py files
7025368 
Signed-off-by: Philippe Ombredanne <[email protected]>
pombredanne pushed a commit that referenced this issue Dec 6, 2016
@pombredanne
#253 Recognize python wheels as packages
bd70867 
Signed-off-by: Philippe Ombredanne <[email protected]>
pombredanne pushed a commit that referenced this issue Dec 6, 2016
@pombredanne
#253 Recognize Python .egg files as packages
0d4905b 
Signed-off-by: Philippe Ombredanne <[email protected]>
pombredanne pushed a commit that referenced this issue Dec 6, 2016
@pombredanne
#253 Ensure that opened files are closed
a58ca53 
Signed-off-by: Philippe Ombredanne <[email protected]>
pombredanne pushed a commit that referenced this issue Dec 6, 2016
@pombredanne
#253 Improve functions documentation
4c11550 
Signed-off-by: Philippe Ombredanne <[email protected]>
pombredanne added a commit that referenced this issue Dec 6, 2016
@pombredanne
#253 Document code, add several FIXME and reformat
fce71b4 
Signed-off-by: Philippe Ombredanne <[email protected]>
@pombredanne pombredanne mentioned this issue Dec 30, 2016
Merged
licodeli pushed a commit that referenced this issue Jan 5, 2017
#253 Pypi: Fix the test to fit for the setup.py name
bcbee9b
licodeli pushed a commit that referenced this issue Jan 5, 2017
#253: Pypi: add author object mapper and update the test to make sure…
deda5e0 
… the build passes
pombredanne added a commit that referenced this issue Jan 5, 2017
@pombredanne
Merge pull request #421 from nexB/253-python-packages
088e86a 
#253 python packages
@sschuberth
Copy link
Collaborator

Just for the record, while PR #421 is thankfully merged, support for recognizing Python packages based on *requirements*.txt files is still missing.

@pombredanne
Copy link
Member

pombredanne commented Jan 6, 2017
edited
Loading

@sschuberth indeed. There are several limitation in the current code.

  1. support for requirements is one: https://github.com/landscapeio/requirements-detector may be what the doctor ordered, may be together with pip proper used as a library and also many of the https://pypi.python.org/pypi?%3Aaction=search&submit=search&term=requirements

  2. support for parsing setup.py is somewhat weak too. These could be some pointers:

  1. Parsing actual packages as installed could likely benefit from code/functions existing in distutils, pip and setuptools

@pombredanne pombredanne modified the milestone: v2.0 Mar 24, 2017
@pombredanne
Copy link
Member

The basic is there. Addintional updates will be for post 2.0

@pombredanne pombredanne modified the milestones: v2.1, v2.0 Mar 24, 2017
@pombredanne pombredanne added this to the v2.1 milestone Jun 23, 2017
@pombredanne
Copy link
Member

pombredanne commented Jun 23, 2017
edited
Loading

Our hand rolled code for Python packages needs beefing. We should use instead:

  1. https://github.com/pombredanne/pkginfo enhanced for pip-installed wheels
  2. The requirements parser from pyup by @jayfk https://github.com/pyupio/pyup/blob/master/pyup/requirements.py

And possibly yet more candidates:

Setup.py through mocking:

Using pip to parse requirements and some other pointers :

@jayfk
Copy link

jayfk commented Jul 13, 2017

Okay, this is now useable for requirements.txt, tox.ini and conda.yml (PyPi dependencies only).

I'm planning to add read-only setup.py support soon.

@pombredanne
Copy link
Member

@jayfk Thanks++
So I guess my approach will be to:

  1. for conda and tox files invoke with the proper filetypes. Check for exceptions and is_valid
  2. for req-like looking text files invoke with the proper filetypes. Check for exceptions and is_valid too. Since there are possibly more filename variety there, I will fish with a wide net and balk if this does not parse and only return errors when this is really a requirements*.txt files. I guess something similar to this: https://github.com/pyupio/pyup/blob/e6d2984efb42be8d195ac1f2c7e6a27505596fdc/pyup/bot.py#L486

@pombredanne pombredanne mentioned this issue Jul 13, 2017
Open
@pombredanne pombredanne removed this from the v2.1 milestone Oct 4, 2017
@pombredanne pombredanne mentioned this issue Dec 4, 2017
Open
@pombredanne pombredanne mentioned this issue Oct 31, 2018
Closed
@pombredanne pombredanne mentioned this issue Apr 1, 2019
Open
@licodeli
Copy link
Contributor

Please refer to this: https://pythonhosted.org/pkginfo/distributions.html#introspecting-unpacked-source-distributions

Our goal is to report first installed Python packages, this is likely a job for pkg_info instead of dparse

licodeli pushed a commit that referenced this issue May 27, 2019
Include pkginfo lib #253
6eb931d 
Signed-off-by: Li <[email protected]>
@licodeli
Copy link
Contributor

This can be another tool: https://pypi.org/project/wheel-inspect/

licodeli pushed a commit that referenced this issue May 29, 2019
Include pkginfo lib and add the parser #253
e4f62b7 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 1, 2019
Add the function and test to parse wheel file #253
794a684 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 3, 2019
Add new parser2 function for pypi #253
d7ebe5a 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 5, 2019
Add tests for the parse function #253
04c74ae 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 9, 2019
Add the dparse lib #253
fe2f4f4 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 9, 2019
Include dparse in the dependency #253
0f4bdae 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 11, 2019
Add parse with dparse #253
c64548e 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 11, 2019
Add test for dparse function #253
0c579ad 
Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 12, 2019
Incldue the function to parse the dependencies and set back to package
30ed9dc 
…#253

Signed-off-by: Li <[email protected]>
licodeli pushed a commit that referenced this issue Jun 12, 2019
Include the requirement/version info #253
e0d9ba7 
Signed-off-by: Li <[email protected]>
@pombredanne pombredanne mentioned this issue May 4, 2020
Closed
@pombredanne pombredanne mentioned this issue Jun 2, 2020
Closed
@pombredanne pombredanne mentioned this issue Sep 30, 2020
Open
@pombredanne pombredanne mentioned this issue Feb 19, 2021
Open
@pombredanne pombredanne mentioned this issue Apr 11, 2021
Open
@pombredanne
Copy link
Member

This is all done now and merged in develop.

pombredanne pushed a commit that referenced this issue Sep 8, 2022
@kurtmckee
Support Ruby method names and operator overrides, including Unicode
155eeec 
Fixes #253

This patch contains these changes:

* Add 50+ new Ruby tests for method name/operator override matching.
* Unicode method names are now supported (#253).
* `=` method name postfixes are now supported.
* These operator overrides are now supported:
  `<`, `<=`, `!` `!@`, `~@`, `!`, `!=`, `!~`, `=~`
* The `<>` "operator" override is removed. It appears that this was
  a typo in the regular expression (`<=?>` should have been `<=>?`).

Syntax verified with https://docs.ruby-lang.org/en/2.7.0/syntax/methods_rdoc.html
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@licodeli licodeli

Labels
enhancement package scan package-formats
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@sschuberth @amitsaha @pombredanne @jayfk @licodeli @balusarakesh