search

freedomofpress / securedrop-builder

Packaging logic for building SecureDrop-related Debian packages
GNU General Public License v3.0
7 stars 11 forks source link

Normalize names per PEP503; update test fixtures #480

Closed eloquence closed 8 months ago

eloquence commented 9 months ago

Fixes #479

pyproject.toml allows dependency names to be specified in all permissible variations before they get normalized per PEP 503 in the lockfile. This wasn't previously taken into account when parsing requirements. (Dependency names can also appear inside of quotation marks, but that's already normalized when parsing the TOML.)

In principle, we shouldn't need to normalize the names we encounter in poetry.lock itself, but since the format is not supposed to be considered stable, we're erring on the side of caution.

Test plan

eloquence commented 8 months ago

Thanks @cfm , I like and accepted that change. As a nice example of CI drift, CI started failing after that due to this PR not having been rebased in a while -- have done so as well.