search

aboutcode-org / python-inspector

Inspect Python code and PyPI package manifests. Resolve Python dependencies.
22 stars 19 forks source link

Python Inspector does not support comments in `.netrc` files #107

Open nnobelis opened 1 year ago

nnobelis commented 1 year ago

Running Python-inspector version 0.9.3 on Debian Stable.

Using this .netrc file 

machine example.com login foo password bar
#machine github.com login foo password bar   
default login foo password bar

python-inspector crashes:

❯ python-inspector --python-version 310 --operating-system linux --json-pdt /tmp/output.json --analyze-setup-py-insecurely --setup-py setup.py --verbose
Resolving dependencies...
Using netrc file /home/nino/.netrc
Traceback (most recent call last):
  File "/home/linuxbrew/.linuxbrew/opt/python@3.10/lib/python3.10/site-packages/python_inspector/resolve_cli.py", line 247, in resolve_dependencies
    resolution_result: Dict = resolver_api(
  File "/home/linuxbrew/.linuxbrew/opt/python@3.10/lib/python3.10/site-packages/python_inspector/api.py", line 131, in resolve_dependencies
    netrc = Netrc(file=netrc_file)
  File "/home/linuxbrew/.linuxbrew/opt/python@3.10/lib/python3.10/site-packages/tinynetrc.py", line 44, in __init__
    self._netrc = netrc.netrc(file)
  File "/home/linuxbrew/.linuxbrew/opt/python@3.10/lib/python3.10/netrc.py", line 31, in __init__
    self._parse(file, fp, default_netrc)
  File "/home/linuxbrew/.linuxbrew/opt/python@3.10/lib/python3.10/netrc.py", line 66, in _parse
    raise NetrcParseError(
netrc.NetrcParseError: bad toplevel token 'github.com' (/home/nino/.netrc, line 2)
pombredanne commented 1 year ago

Thanks! that's not in the spec (there is no spec anyway per https://daniel.haxx.se/blog/2022/05/31/netrc-pains/ ) but this is common enough based on https://github.com/bazelbuild/bazel/pull/10337 and also in cURL https://github.com/curl/curl/pull/1723/

nnobelis commented 1 year ago

Yes it is not present here too: https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html

However the editor nano put syntax highlighting on the comments of the .netrc file. So yeah, this is a common practice.

nnobelis commented 1 year ago

Any update on this ticket ?

pombredanne commented 1 year ago

@nnobelis still working on it, I should have something by the end of this week!

TG1999 commented 1 year ago

@nnobelis please try https://pypi.org/project/python-inspector/0.9.5/ and let us know if this fixes the above issue.

nnobelis commented 2 months ago

@pombredanne @TG1999

Running again into this error with python inspector 0.12.0:

Resolving dependencies...
Using netrc file /home/nino/.netrc
Traceback (most recent call last):
  File "/home/nino/.local/lib/python3.10/site-packages/python_inspector/resolve_cli.py", line 259, in resolve_dependencies
    resolution_result: Dict = resolver_api(
  File "/home/nino/.local/lib/python3.10/site-packages/python_inspector/api.py", line 141, in resolve_dependencies
    parsed_netrc = netrc(netrc_file)
  File "/usr/lib/python3.10/netrc.py", line 31, in __init__
    self._parse(file, fp, default_netrc)
  File "/usr/lib/python3.10/netrc.py", line 66, in _parse
    raise NetrcParseError(
netrc.NetrcParseError: bad toplevel token 'github.com' (/home/nino/.netrc, line 2)

Is there a regression ?

pombredanne commented 2 months ago

@nnobelis Can you paste your .netrc? (sanitized of course) We use the standard library .netrc parser.

nnobelis commented 2 months ago 
machine example.com login foo password bar
#machine github.com login foo password bar   
default login foo password bar

This example fails for me.