sschuberth
commented
7 months ago I created a PR at nexB/python-inspector#163 .
❤️ for that!
I would be happy if there is some feedback on the PR so we can get that into ORT asap
Sure, we'll usually upgrade to newly released python-inspector versions quickly. Let's keep this issue open as a reminder to do that.
I was testing out ORT on a couple of projects and noticed that it was rather slow to analyse a poetry based python project (https://github.com/netomi/otterdog). The project has a lock file so I was assuming that the dependency resolution should be rather fast.
After some debugging, it turns out that ORT calls python-inspector on the requirements file that is exported from poetry:
but as you can see from the log, it takes a while for python-inspector to resolve the dependencies although they are all pinned (from the lock file).
Digging into the code of python-inspector, I figured various performance improvements that could relatively easily be applied. I created a PR at https://github.com/nexB/python-inspector/pull/163 .
Running this version of python-inspector with ORT on the same project, leads to far better results (see timestamps):
with the exact same output. When you have multiple scopes defined in your project (in my case I have 5), this improvement can really sum up, I could bring the analysis from 2min down to 30s.
I would be happy if there is some feedback on the PR so we can get that into ORT asap, as I am currently investigating the ability of ORT running license checks automatically via GitHub actions and everything that speeds up the analysis is greatly appreciated.