Skip to content

Commit 93f0184

Browse files
jkowalleckjkowalleck
authored
fix: more resilent PEP610 parsing (#716)
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
1 parent 9975ec7 commit 93f0184

File tree

12 files changed

+323
-9
lines changed

12 files changed

+323
-9
lines changed

cyclonedx_py/_internal/utils/pep610.py

Lines changed: 12 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -62,20 +62,25 @@ class PackageSourceArchive(PackageSource):
6262
# see https://packaging.python.org/en/latest/specifications/direct-url-data-structure/#archive-urls
6363

6464
def __init__(self, url: str, subdirectory: Optional[str],
65-
hashes: Optional[Dict[str, str]]) -> None:
65+
hashes: Dict[str, str]) -> None:
6666
super().__init__(url, subdirectory)
67-
self.hashes = hashes or {}
67+
self.hashes = hashes
6868

6969
@classmethod
7070
def from_data(cls, url: str, subdirectory: Optional[str],
7171
info: Dict[str, Any]) -> 'PackageSourceArchive':
72+
hashes = {}
7273
if 'hashes' in info:
7374
hashes = info['hashes']
74-
elif 'hash' in info:
75-
hash_parts = str(info['hash']).split('=', maxsplit=1)
76-
hashes = {hash_parts[0]: hash_parts[1]}
77-
else:
78-
hashes = None
75+
elif 'hash' in info: # pragma: no cover
76+
# best effort for deprecated behaviour
77+
try:
78+
alg, val = str(info['hash']).split('=', maxsplit=1)
79+
except ValueError:
80+
# https://github.com/CycloneDX/cyclonedx-python/issues/715
81+
pass
82+
else:
83+
hashes[alg] = val
7984
return cls(url, subdirectory, hashes)
8085

8186

tests/_data/infiles/environment/with-urls/init.py

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,10 +43,16 @@ def main() -> None:
4343
).create(env_dir)
4444

4545
pip_install(
46+
# VCS
4647
'git+https://github.com/pypa/packaging.git@23.2',
48+
# named from archive
4749
'urllib3 @ https://github.com/urllib3/urllib3/archive/refs/tags/2.2.0.zip',
48-
'https://files.pythonhosted.org/packages/d9/5a/'
49-
'e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/six-1.16.0-py2.py3-none-any.whl',
50+
# unnamed wheel
51+
'https://files.pythonhosted.org/packages/d9/5a/e7c31adbe875f2abbb91bd84cf2dc52d792b5a01506781dbcf25c91daf11/'
52+
'six-1.16.0-py2.py3-none-any.whl',
53+
# sdist with hash
54+
'https://files.pythonhosted.org/packages/c0/3f/d7af728f075fb08564c5949a9c95e44352e23dee646869fa104a3b2060a3/'
55+
'tomli-2.0.1.tar.gz#sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f'
5056
)
5157

5258

tests/_data/snapshots/environment/plain_with-urls_1.0.xml.bin

Lines changed: 7 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.1.xml.bin

Lines changed: 25 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.2.json.bin

Lines changed: 35 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.2.xml.bin

Lines changed: 26 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.3.json.bin

Lines changed: 41 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.3.xml.bin

Lines changed: 29 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.4.json.bin

Lines changed: 41 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

tests/_data/snapshots/environment/plain_with-urls_1.4.xml.bin

Lines changed: 29 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)