search

microsoft / component-detection

Scans your project to determine what components you use
MIT License
412 stars 87 forks source link

Poetry detector throwing errors when parsing git components #974

Closed annaowens closed 7 months ago

annaowens commented 7 months ago

The Poetry detector is throwing an error when trying to parse a git component that has a valid hash in a poetry.lock file.

poetry.lock snippet: 

[package.source]
reference = "0dbbae1b5be08ad584d0a46ca8546463c285342a"
type = "git"
url = "https://github.com/galaunay/flake8-mypy.git"

CD output: 

##[error]There was an unexpected error: 
System.ArgumentNullException: Property CommitHash of component type Git is required (Parameter 'CommitHash')
   at Microsoft.ComponentDetection.Contracts.TypedComponent.TypedComponent.ValidateRequiredInput(String input, String fieldName, String componentType)
   at Microsoft.ComponentDetection.Contracts.TypedComponent.GitComponent..ctor(Uri repositoryUrl, String commitHash)
   at Microsoft.ComponentDetection.Detectors.Poetry.PoetryComponentDetector.<>c__DisplayClass13_0.<OnFileFoundAsync>b__0(PoetryPackage package)
   at System.Collections.Generic.List`1.ForEach(Action`1 action)
   at Microsoft.ComponentDetection.Detectors.Poetry.PoetryComponentDetector.OnFileFoundAsync(ProcessRequest processRequest, IDictionary`2 detectorArgs)
   at Microsoft.ComponentDetection.Contracts.FileComponentDetector.<>c__DisplayClass49_0.<<ProcessAsync>b__0>d.MoveNext()

Believe the issue is happening here: https://github.com/microsoft/component-detection/blob/main/src/Microsoft.ComponentDetection.Detectors/poetry/PoetryComponentDetector.cs#L61

AB#2140203

annaowens commented 7 months ago

Closing this issue, regenerating the poetry.lock to generate the resolved_reference field fixed the issue.

[package.source]
type = "git"
url = "https://github.com/galaunay/flake8-mypy.git"
reference = "0dbbae1b5"
resolved_reference = "0dbbae1b5be08ad584d0a46ca8546463c285342a"