Skip to content

Commit 8e1b23f

Browse files
DOlufemiDOlufemi
authored
feat(OSM-2442): upgrade parser for poetry v2 support (#264)
1 parent 1164e86 commit 8e1b23f

File tree

8 files changed

+979
-1
lines changed

8 files changed

+979
-1
lines changed

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
"@snyk/cli-interface": "^2.11.2",
2828
"@snyk/dep-graph": "^1.28.1",
2929
"shescape": "1.6.1",
30-
"snyk-poetry-lockfile-parser": "^1.8.1",
30+
"snyk-poetry-lockfile-parser": "^1.9.0",
3131
"tmp": "0.2.3"
3232
},
3333
"devDependencies": {

test/fixtures/poetry-v2-project/poetry.lock

Lines changed: 106 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

test/fixtures/poetry-v2-project/pyproject.toml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
[project]
2+
name = "out-of-sync"
3+
version = "0.1.0"
4+
description = ""
5+
authors = [
6+
{name = "Your Name",email = "[email protected]"}
7+
]
8+
readme = "README.md"
9+
requires-python = ">=3.9"
10+
dependencies = [
11+
"jinja2 (>=3.1.2)",
12+
"isOdd (>=0.1.2)",
13+
]
14+
[build-system]
15+
requires = ["poetry-core>=3.6"]
16+
build-backend = "poetry.core.masonry.api"

test/system/inspect.spec.ts

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -834,6 +834,42 @@ describe('inspect', () => {
834834

835835
expect(result.dependencyGraph.equals(expected)).toBeTruthy();
836836
});
837+
it('should return expected dependencies for poetry-v2-app', async () => {
838+
const workspace = 'poetry-v2-app';
839+
testUtils.chdirWorkspaces(workspace);
840+
841+
const result = await inspect('.', FILENAMES.poetry.lockfile);
842+
expect(result).toMatchObject({
843+
plugin: {
844+
name: 'snyk-python-plugin',
845+
runtime: expect.any(String), // any version of Python
846+
targetFile: FILENAMES.poetry.manifest,
847+
},
848+
package: null, // no dep-tree
849+
dependencyGraph: {}, // match any dep-graph (equality checked below)
850+
});
851+
852+
const builder = new DepGraphBuilder(
853+
{ name: 'poetry' },
854+
{ name: 'poetry-fixtures-project', version: '0.1.0' }
855+
);
856+
const expected = builder
857+
.addPkgNode({ name: 'jinja2', version: '3.1.5' }, 'jinja2', {
858+
labels: { scope: 'prod' },
859+
})
860+
.connectDep(builder.rootNodeId, 'jinja2')
861+
.addPkgNode({ name: 'markupsafe', version: '3.0.2' }, 'markupsafe', {
862+
labels: { scope: 'prod', pkgIdProvenance: '[email protected]' },
863+
})
864+
.connectDep('jinja2', 'markupsafe')
865+
.addPkgNode({ name: 'isodd', version: '0.1.2' }, 'isodd', {
866+
labels: { scope: 'prod', pkgIdProvenance: '[email protected]' },
867+
})
868+
.connectDep(builder.rootNodeId, 'isodd')
869+
.build();
870+
871+
expect(result.dependencyGraph.equals(expected)).toBeTruthy();
872+
});
837873

838874
it('should return expected dependencies for poetry-optional-dependencies', async () => {
839875
const workspace = 'poetry-app-optional-dependencies';
@@ -853,6 +889,25 @@ describe('inspect', () => {
853889

854890
compareTransitiveLines(result.dependencyGraph, expected);
855891
});
892+
893+
it('should return expected dependencies for poetry-v2-app-optional-dependencies', async () => {
894+
const workspace = 'poetry-v2-app-optional-dependencies';
895+
testUtils.chdirWorkspaces(workspace);
896+
897+
const result = await inspect('.', FILENAMES.poetry.lockfile);
898+
899+
const expected = [
900+
{
901+
pkg: {
902+
name: 'opentelemetry-distro',
903+
version: '0.35b0',
904+
},
905+
directDeps: ['opentelemetry-distro'],
906+
},
907+
];
908+
909+
compareTransitiveLines(result.dependencyGraph, expected);
910+
});
856911
});
857912

858913
it('should return correct target file for poetry project when relative path to poetry lock file is passed', async () => {
@@ -865,6 +920,16 @@ describe('inspect', () => {
865920
expect(result.plugin.targetFile).toEqual(expectedTargetFile);
866921
});
867922

923+
it('should return correct target file for poetry v2 project when relative path to poetry lock file is passed', async () => {
924+
const dirname = 'test/fixtures/poetry-v2-project';
925+
const manifestFilePath = `${dirname}/poetry.lock`;
926+
927+
const result = await inspect('.', manifestFilePath);
928+
929+
const expectedTargetFile = `${dirname}/pyproject.toml`;
930+
expect(result.plugin.targetFile).toEqual(expectedTargetFile);
931+
});
932+
868933
describe('Pipfile projects', () => {
869934
const mockedExecuteSync = jest.spyOn(subProcess, 'executeSync');
870935
const mockedExecute = jest.spyOn(subProcess, 'execute');

0 commit comments

Comments
 (0)