search

madpah / requirements-parser

A Pip requirements file parser.
https://requirements-parser.readthedocs.io
Apache License 2.0
125 stars 41 forks source link

Requirements parser package includes files outside the package directory. #66

Closed jenshnielsen closed 6 months ago

jenshnielsen commented 2 years ago

See the attached example of uninstalling requirements-parser

Notice that authors.rst, license and readme.md are uninstalled from the top level dir outside the requirements package. This is problematic since these files are very likely to collide with other projects 

Found existing installation: requirements-parser 0.5.0
Uninstalling requirements-parser-0.5.0:
  Would remove:
    c:\users\jenielse\miniconda3\envs\qcodespip\lib\site-packages\authors.rst
    c:\users\jenielse\miniconda3\envs\qcodespip\lib\site-packages\license
    c:\users\jenielse\miniconda3\envs\qcodespip\lib\site-packages\readme.md
    c:\users\jenielse\miniconda3\envs\qcodespip\lib\site-packages\requirements\*
    c:\users\jenielse\miniconda3\envs\qcodespip\lib\site-packages\requirements_parser-0.5.0.dist-info\*
Proceed (Y/n)? y
  Successfully uninstalled requirements-parser-0.5.0
FlorentJeannot commented 2 years ago

Hi,

It looks like a limitation of poetry: https://github.com/python-poetry/poetry/issues/4494

I tried the following configuration from this link https://github.com/chaoss/grimoirelab-toolkit/issues/44#issuecomment-927710018:

include = [
    { path = "AUTHORS.rst", format = "sdist" },
    { path = "LICENSE", format = "sdist" },
    { path = "README.md", format = "sdist" },
]

It does remove the files at the source directory, but AUTHORS.rst is missing for both wheel and sdist file. LICENSE is correctly found in site-packages/requirements_parser-0.5.0.dist-info/LICENSE and README is in site-packages/requirements_parser-0.5.0.dist-info/METADATA.

It looks like it could be packaged correctly if the project was using setuptools directly with a custom configuration, instead of relying on poetry for that. https://wheel.readthedocs.io/en/stable/user_guide.html#including-license-files-in-the-generated-wheel-file

@madpah Any suggestion? Could it be packaged without AUTHORS.rst as a quick fix? If so, I can open a PR for that.

gavin09 commented 2 years ago

I have the same issue when I try to update the Debian package[1] to 0.0.5. 

E: python3-requirement-parser: unknown-file-in-python-module-directory [usr/lib/python3/dist-packages/AUTHORS.rst]
E: python3-requirement-parser: unknown-file-in-python-module-directory [usr/lib/python3/dist-packages/LICENSE]
E: python3-requirement-parser: unknown-file-in-python-module-directory [usr/lib/python3/dist-packages/README.md]
I: python3-requirement-parser: extra-license-file [usr/lib/python3/dist-packages/LICENSE]
I: python3-requirement-parser: package-contains-documentation-outside-usr-share-doc [usr/lib/python3/dist-packages/AUTHORS.rst]
I: python3-requirement-parser: package-contains-documentation-outside-usr-share-doc [usr/lib/python3/dist-packages/LICENSE]  
I: python3-requirement-parser: package-contains-documentation-outside-usr-share-doc [usr/lib/python3/dist-packages/README.md]

The solution provided by @FlorentJeannoto fixes the messages above.

[1] https://packages.debian.org/sid/python3-requirement-parser

jkowalleck commented 1 year ago

build backend has not proper functionality for it, yet. a fix depends on https://github.com/python-poetry/poetry/issues/8441