Skip to content

Commit

Permalink
apply review feedback, hash is optional
Browse files Browse the repository at this point in the history
  • Loading branch information
@radoering
radoering committed Nov 19, 2023
1 parent 09b8bab commit 9531082
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 14 deletions.
28 changes: 15 additions & 13 deletions src/poetry/repositories/http_repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,7 @@ def _links_to_data(self, links: list[Link], data: PackageInfo) -> dict[str, Any]
f' "{data.version}"'
)
urls = defaultdict(list)
metadata = {}
metadata: dict[str, pkginfo.Distribution] = {}
files: list[dict[str, Any]] = []
for link in links:
if link.yanked and not data.yanked:
Expand All @@ -255,24 +255,26 @@ def _links_to_data(self, links: list[Link], data: PackageInfo) -> dict[str, Any]
assert link.metadata_url is not None
response = self.session.get(link.metadata_url)
distribution = pkginfo.Distribution()
assert link.metadata_hash_name is not None
metadata_hash = getattr(hashlib, link.metadata_hash_name)(
response.text.encode()
).hexdigest()

if metadata_hash != link.metadata_hash:
self._log(
f"Metadata file hash ({metadata_hash}) does not match"
f" expected hash ({link.metadata_hash}).",
level="warning",
)
if link.metadata_hash_name is not None:
metadata_hash = getattr(hashlib, link.metadata_hash_name)(
response.text.encode()
).hexdigest()

if metadata_hash != link.metadata_hash:
self._log(
f"Metadata file hash ({metadata_hash}) does not match"
f" expected hash ({link.metadata_hash})."
f" Metadata file for {link.filename} will be ignored.",
level="warning",
)
continue

distribution.parse(response.content)
metadata[link.url] = distribution
except requests.HTTPError:
self._log(
f"Failed to retrieve metadata at {link.metadata_url}",
level="debug",
level="warning",
)

if link.is_wheel:
Expand Down
2 changes: 1 addition & 1 deletion tests/repositories/fixtures/legacy/isort-metadata.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<body>
<h1>Links for isort</h1>
<a href="https://files.pythonhosted.org/packages/1f/2c/non-existant/isort-metadata-4.3.4-py3-none-any.whl#sha256=1153601da39a25b14ddc54955dbbacbb6b2d19135386699e2ad58517953b34af"
data-dist-info-metadata="sha256=e360bf0ed8a06390513d50dd5b7e9d635c789853a93b84163f9de4ae0647580c">isort-metadata-4.3.4-py3-none-any.whl</a><br/>
data-dist-info-metadata="sha256=bae4de89925408d7302514a734450f238c417a29a5228e28e894fd5c8ed12196">isort-metadata-4.3.4-py3-none-any.whl</a><br/>
</body>
</html>
<!--SERIAL 3575149-->
8 changes: 8 additions & 0 deletions tests/repositories/test_legacy_repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -206,6 +206,14 @@ def test_get_package_information_pep_658(mocker: MockerFixture) -> None:
assert package.name == "isort-metadata"
assert package.version.text == isort_package.version.text == "4.3.4"
assert package.description == isort_package.description
assert (
package.requires == isort_package.requires == [Dependency("futures", "*")]
)
assert (
str(package.python_constraint)
== str(isort_package.python_constraint)
== ">=2.7,<3.0.dev0 || >=3.4.dev0"
)


def test_get_package_information_skips_dependencies_with_invalid_constraints() -> None:
Expand Down

0 comments on commit 9531082

Please sign in to comment.