Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

remove category usage from the poetry detector #991

Merged
merged 3 commits into from
Feb 1, 2024
Merged

remove category usage from the poetry detector #991

merged 3 commits into from
Feb 1, 2024

Conversation

tofay
Copy link
Contributor

@tofay tofay commented Jan 30, 2024

As of poetry 1.5.0 this field is no longer recorded in lockfiles: https://github.com/python-poetry/poetry/blob/master/CHANGELOG.md#150---2023-05-19

This causes the poetry detector to misclassify normal dependencies as dev dependencies, due to the existing logic of classifying dependencies as normal if and only if the category field is present and "main".

This follows the approach of #117, which conservatively adds all dependencies from the lockfile as normal dependencies lest dev dependencies be misclassified inadvertently.

@tofay tofay requested a review from a team as a code owner January 30, 2024 13:47
@tofay tofay requested a review from amitla1 January 30, 2024 13:47
@codecov Codecov
Copy link

codecov bot commented Jan 30, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (715078c) 75.3% compared to head (3622512) 75.2%.
Report is 5 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##            main    #991     +/-   ##
=======================================
- Coverage   75.3%   75.2%   -0.1%     
=======================================
  Files        236     236             
  Lines      10325   10322      -3     
  Branches    1022    1022             
=======================================
- Hits        7775    7772      -3     
  Misses      2267    2267             
  Partials     283     283

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 1, 2024
edited
Loading

👋 Hi! It looks like you modified some files in the Detectors folder.
You may need to bump the detector versions if any of the following scenarios apply:

  • The detector detects more or fewer components than before
  • The detector generates different parent/child graph relationships than before
  • The detector generates different devDependencies values than before

If none of the above scenarios apply, feel free to ignore this comment 🙂

@tofay tofay requested a review from grvillic February 1, 2024 13:02
@cobya cobya mentioned this pull request Feb 1, 2024
Open
@cobya cobya added type:bug Bug fix of existing functionality detector:poetry The poetry detector labels Feb 1, 2024
@cobya cobya merged commit 349ef7a into main Feb 1, 2024
26 checks passed
@cobya cobya deleted the tomfay/no-poetry-categories branch February 1, 2024 18:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cobya cobya cobya approved these changes

@amitla1 amitla1 Awaiting requested review from amitla1 amitla1 is a code owner automatically assigned from microsoft/ose-component-detection-maintainers

@grvillic grvillic Awaiting requested review from grvillic

Assignees
No one assigned
Labels
detector:poetry The poetry detector type:bug Bug fix of existing functionality version:minor
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tofay @cobya @grvillic