-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
662 duplicates are not supported in requirements.txt when run with disable pip #749
662 duplicates are not supported in requirements.txt when run with disable pip #749
Conversation
Thanks for the patch @mathbou! I'll review this today. |
…uirements.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
It's been a while here, is there anything that prevent us to go further with this PR ? @woodruffw |
…ents.txt-when-run-with---disable-pip
Nope, I've just been delayed in reviews, sorry 😅. I'll do another pass on this today. (Thank you very much for keeping this PR alive and conflict-free!) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @mathbou, this looks good to me!
Could you add a CHANGELOG entry describing the bugfix here? The other entries in the file should serve as a reference for our preferred entry format 🙂
@woodruffw I updated the changelog, feel free to change it if it's not clear enough |
…ents.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
…uirements.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
…ents.txt-when-run-with---disable-pip
Signed-off-by: William Woodruff <[email protected]>
Signed-off-by: William Woodruff <[email protected]>
Thanks for your hard work and patience here @mathbou! |
Recently, I run in the same problem described in #662. To avoid this, I propose a finer check for duplicates based on both name and specifier.
As stated in the issue, when the
--disable-pip
flag is used, we could consider that a full requirement resolution has been made. Knowing that, as long as specifiers matches, having duplicates is not a problem. If they don't match, we raise an error like before.On the side, I also add a small fix for stdout/stderr reading in
pip_audit/_subprocess.py
. I don't know if it's specific to windows, but the fact that a size was specified, I had the process hanging indefinitely.