search

pyupio / dparse

A parser for Python dependency files
MIT License
61 stars 23 forks source link

Prevent Python 2 installations #46

Closed pquentin closed 4 years ago

pquentin commented 4 years ago

Can you please add python_requires=">=3.5" in your own setup.py file? We mistakenly installed the safety package with Python 2.7, and it started failing a few days ago due to an infinite recursion in yield_lines. Installing safety (and dparse) with Python 3 fixed the problem.

Thanks!

andy-maier commented 4 years ago

The safety package ran fine on Python 2.7 until dparse 0.5.0 introduced the infinite recursion.

May I suggest that the solution to an infinite recursion problem is not to exclude the platform on which it occurs, but to fix the issue. I am well aware that CPython 2.7 is no longer supported by the PSF, but it is still in widespread use, and a security relevant package like safety should make its version support decisions based on actual usage. At least these are my 2 cents ...

For now, we will pin dparse to <0.5.0 on python 2.7.

Here is a traceback:

safety check -r minimum-constraints.txt --full-report
Traceback (most recent call last):
  File "/Users/maiera/virtualenvs/pywbemtools27/bin/safety", line 8, in <module>
    sys.exit(cli())
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/click/core.py", line 829, in __call__
    return self.main(*args, **kwargs)
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/click/core.py", line 782, in main
    rv = self.invoke(ctx)
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/click/core.py", line 1259, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/click/core.py", line 1066, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/click/core.py", line 610, in invoke
    return callback(*args, **kwargs)
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/safety/cli.py", line 59, in check
    packages = list(itertools.chain.from_iterable(read_requirements(f, resolve=True) for f in files))
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/safety/util.py", line 80, in read_requirements
    req, = parse_line(parseable_line)
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/dparse/parser.py", line 62, in setuptools_parse_requirements_backport
    for line in lines:
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/dparse/parser.py", line 58, in yield_lines
    for s in yield_lines(ss):
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/dparse/parser.py", line 58, in yield_lines
    for s in yield_lines(ss):
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/dparse/parser.py", line 58, in yield_lines
    for s in yield_lines(ss):
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/dparse/parser.py", line 58, in yield_lines

  ...

    for s in yield_lines(ss):
  File "/Users/maiera/virtualenvs/pywbemtools27/lib/python2.7/site-packages/dparse/parser.py", line 50, in yield_lines
    if isinstance(strs, str):
RuntimeError: maximum recursion depth exceeded while calling a Python object
rafaelpivato commented 4 years ago

Thanks for bringing that out.

Added requirement with 5c707969a479f4b28e70ceff2078afcda7c59db9 -- Should be releasing soon.