search

phylum-dev / cli

Command line interface for the Phylum API
https://phylum.io
GNU General Public License v3.0
102 stars 10 forks source link

Directories detected as lockfiles #1177

Open kylewillmon opened 1 year ago

kylewillmon commented 1 year ago

Lockfile detection believes that directories might be lockfiles.

How To Reproduce

> mkdir requirements.txt

> ls
requirements.txt

> phylum parse
Generating lockfile for manifest "./requirements.txt" using Pip…
❗ Error: Lockfile generation failed! For details, see: https://docs.phylum.io/docs/lockfile-generation

Caused by:
    package manager exited with error code 1:

    ERROR: Could not open requirements file: [Errno 21] Is a directory: '/path/to/requirements.txt'

This error message isn't very helpful....

> mkdir Cargo.lock

> phylum parse
❗ Error: Is a directory (os error 21)
cd-work commented 1 year ago

https://github.com/phylum-dev/cli/pull/1202 as a solution was discarded, since even checking for !is_directory still causes syscalls to lookup metadata for every lockfile, even if it doesn't cause failure for the GitHub App. Since this has never caused any issues in practice, there's no reason to slow down the GitHub App.