From 10a014aaaccbfb7f0e961aa2680e64fc426eefbc Mon Sep 17 00:00:00 2001 From: Cesar Lizarraga Date: Sat, 10 Aug 2024 15:07:25 -0500 Subject: [PATCH 01/10] Fix 180: Adding tests and files Signed-off-by: Cesar Lizarraga --- src/python_inspector/resolve_cli.py | 1 + ...le-url-env-var-except-simple-expected.json | 1085 +++++++++++++++++ tests/data/single-url-env-var-expected.json | 131 ++ tests/test_cli.py | 30 + 4 files changed, 1247 insertions(+) create mode 100644 tests/data/single-url-env-var-except-simple-expected.json create mode 100644 tests/data/single-url-env-var-expected.json diff --git a/src/python_inspector/resolve_cli.py b/src/python_inspector/resolve_cli.py index 047a8c78..19b03326 100644 --- a/src/python_inspector/resolve_cli.py +++ b/src/python_inspector/resolve_cli.py @@ -89,6 +89,7 @@ def print_version(ctx, param, value): @click.option( "--index-url", "index_urls", + envvar="PYINSP_INDEX_URL", type=str, metavar="INDEX", show_default=True, diff --git a/tests/data/single-url-env-var-except-simple-expected.json b/tests/data/single-url-env-var-except-simple-expected.json new file mode 100644 index 00000000..2089cc24 --- /dev/null +++ b/tests/data/single-url-env-var-except-simple-expected.json @@ -0,0 +1,1085 @@ +{ + "headers": { + "tool_name": "python-inspector", + "tool_homepageurl": "https://github.com/nexB/python-inspector", + "tool_version": "0.12.0", + "options": [ + "--index-url https://thirdparty.aboutcode.org/pypi/simple/", + "--json ", + "--operating-system linux", + "--python-version 38", + "--specifier flask" + ], + "notice": "Dependency tree generated with python-inspector.\npython-inspector is a free software tool from nexB Inc. and others.\nVisit https://github.com/nexB/python-inspector/ for support and download.", + "warnings": [], + "errors": [] + }, + "files": [], + "packages": [ + { + "type": "pypi", + "namespace": null, + "name": "blinker", + "version": "1.8.2", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Fast, simple object-to-object and broadcast signaling\n# Blinker\n\nBlinker provides a fast dispatching system that allows any number of\ninterested parties to subscribe to events, or \"signals\".\n\n\n## Pallets Community Ecosystem\n\n> [!IMPORTANT]\\\n> This project is part of the Pallets Community Ecosystem. Pallets is the open\n> source organization that maintains Flask; Pallets-Eco enables community\n> maintenance of related projects. If you are interested in helping maintain\n> this project, please reach out on [the Pallets Discord server][discord].\n>\n> [discord]: https://discord.gg/pallets\n\n\n## Example\n\nSignal receivers can subscribe to specific senders or receive signals\nsent by any sender.\n\n```pycon\n>>> from blinker import signal\n>>> started = signal('round-started')\n>>> def each(round):\n... print(f\"Round {round}\")\n...\n>>> started.connect(each)\n\n>>> def round_two(round):\n... print(\"This is round two.\")\n...\n>>> started.connect(round_two, sender=2)\n\n>>> for round in range(1, 4):\n... started.send(round)\n...\nRound 1!\nRound 2!\nThis is round two.\nRound 3!\n```", + "release_date": "2024-05-06T17:04:08", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Jason Kirtland", + "email": null, + "url": null + }, + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets Ecosystem ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Programming Language :: Python", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/bb/2a/10164ed1f31196a2f7f3799368a821765c62851ead0e630ab52b8e14b4d0/blinker-1.8.2-py3-none-any.whl", + "size": 9456, + "sha1": null, + "md5": "453ec9473100de91897d16e4ae568139", + "sha256": "1779309f71bf239144b9399d06ae925637cf6634cf6bd131104184531bf67c01", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets-eco/blinker/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/blinker/1.8.2/json", + "datasource_id": null, + "purl": "pkg:pypi/blinker@1.8.2" + }, + { + "type": "pypi", + "namespace": null, + "name": "blinker", + "version": "1.8.2", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Fast, simple object-to-object and broadcast signaling\n# Blinker\n\nBlinker provides a fast dispatching system that allows any number of\ninterested parties to subscribe to events, or \"signals\".\n\n\n## Pallets Community Ecosystem\n\n> [!IMPORTANT]\\\n> This project is part of the Pallets Community Ecosystem. Pallets is the open\n> source organization that maintains Flask; Pallets-Eco enables community\n> maintenance of related projects. If you are interested in helping maintain\n> this project, please reach out on [the Pallets Discord server][discord].\n>\n> [discord]: https://discord.gg/pallets\n\n\n## Example\n\nSignal receivers can subscribe to specific senders or receive signals\nsent by any sender.\n\n```pycon\n>>> from blinker import signal\n>>> started = signal('round-started')\n>>> def each(round):\n... print(f\"Round {round}\")\n...\n>>> started.connect(each)\n\n>>> def round_two(round):\n... print(\"This is round two.\")\n...\n>>> started.connect(round_two, sender=2)\n\n>>> for round in range(1, 4):\n... started.send(round)\n...\nRound 1!\nRound 2!\nThis is round two.\nRound 3!\n```", + "release_date": "2024-05-06T17:04:10", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Jason Kirtland", + "email": null, + "url": null + }, + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets Ecosystem ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Programming Language :: Python", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/1e/57/a6a1721eff09598fb01f3c7cda070c1b6a0f12d63c83236edf79a440abcc/blinker-1.8.2.tar.gz", + "size": 23161, + "sha1": null, + "md5": "ce2f9fb3bc0c0000db11f012f5f5afda", + "sha256": "8f77b09d3bf7c795e969e9486f39c2c5e9c39d4ee07424be2bc594ece9642d83", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets-eco/blinker/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/blinker/1.8.2/json", + "datasource_id": null, + "purl": "pkg:pypi/blinker@1.8.2" + }, + { + "type": "pypi", + "namespace": null, + "name": "click", + "version": "8.1.7", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Composable command line interface toolkit\n\\$ click\\_\n==========\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n $ pip install -U click\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n import click\n\n @click.command()\n @click.option(\"--count\", default=1, help=\"Number of greetings.\")\n @click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\n def hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\n if __name__ == '__main__':\n hello()\n\n.. code-block:: text\n\n $ python hello.py --count=3\n Your name: Click\n Hello, Click!\n Hello, Click!\n Hello, Click!\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, `please\ndonate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://click.palletsprojects.com/\n- Changes: https://click.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/click/\n- Source Code: https://github.com/pallets/click\n- Issue Tracker: https://github.com/pallets/click/issues\n- Chat: https://discord.gg/pallets", + "release_date": "2023-08-17T17:29:10", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": "Pallets", + "email": "contact@palletsprojects.com", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python" + ], + "homepage_url": "https://palletsprojects.com/p/click/", + "download_url": "https://files.pythonhosted.org/packages/00/2e/d53fa4befbf2cfa713304affc7ca780ce4fc1fd8710527771b58311a3229/click-8.1.7-py3-none-any.whl", + "size": 97941, + "sha1": null, + "md5": "37a41134cc8a13400234746942d5d180", + "sha256": "ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", + "sha512": null, + "bug_tracking_url": "https://github.com/pallets/click/issues/", + "code_view_url": "https://github.com/pallets/click/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "BSD-3-Clause", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/click/8.1.7/json", + "datasource_id": null, + "purl": "pkg:pypi/click@8.1.7" + }, + { + "type": "pypi", + "namespace": null, + "name": "click", + "version": "8.1.7", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Composable command line interface toolkit\n\\$ click\\_\n==========\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n $ pip install -U click\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n import click\n\n @click.command()\n @click.option(\"--count\", default=1, help=\"Number of greetings.\")\n @click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\n def hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\n if __name__ == '__main__':\n hello()\n\n.. code-block:: text\n\n $ python hello.py --count=3\n Your name: Click\n Hello, Click!\n Hello, Click!\n Hello, Click!\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, `please\ndonate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://click.palletsprojects.com/\n- Changes: https://click.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/click/\n- Source Code: https://github.com/pallets/click\n- Issue Tracker: https://github.com/pallets/click/issues\n- Chat: https://discord.gg/pallets", + "release_date": "2023-08-17T17:29:11", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": "Pallets", + "email": "contact@palletsprojects.com", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python" + ], + "homepage_url": "https://palletsprojects.com/p/click/", + "download_url": "https://files.pythonhosted.org/packages/96/d3/f04c7bfcf5c1862a2a5b845c6b2b360488cf47af55dfa79c98f6a6bf98b5/click-8.1.7.tar.gz", + "size": 336121, + "sha1": null, + "md5": "7c3b52c56fd30699f453a7dc7b42cecb", + "sha256": "ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de", + "sha512": null, + "bug_tracking_url": "https://github.com/pallets/click/issues/", + "code_view_url": "https://github.com/pallets/click/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "BSD-3-Clause", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/click/8.1.7/json", + "datasource_id": null, + "purl": "pkg:pypi/click@8.1.7" + }, + { + "type": "pypi", + "namespace": null, + "name": "flask", + "version": "3.0.3", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "A simple framework for building complex web applications.\n# Flask\n\nFlask is a lightweight [WSGI][] web application framework. It is designed\nto make getting started quick and easy, with the ability to scale up to\ncomplex applications. It began as a simple wrapper around [Werkzeug][]\nand [Jinja][], and has become one of the most popular Python web\napplication frameworks.\n\nFlask offers suggestions, but doesn't enforce any dependencies or\nproject layout. It is up to the developer to choose the tools and\nlibraries they want to use. There are many extensions provided by the\ncommunity that make adding new functionality easy.\n\n[WSGI]: https://wsgi.readthedocs.io/\n[Werkzeug]: https://werkzeug.palletsprojects.com/\n[Jinja]: https://jinja.palletsprojects.com/\n\n\n## Installing\n\nInstall and update from [PyPI][] using an installer such as [pip][]:\n\n```\n$ pip install -U Flask\n```\n\n[PyPI]: https://pypi.org/project/Flask/\n[pip]: https://pip.pypa.io/en/stable/getting-started/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route(\"/\")\ndef hello():\n return \"Hello, World!\"\n```\n\n```\n$ flask run\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Contributing\n\nFor guidance on setting up a development environment and how to make a\ncontribution to Flask, see the [contributing guidelines][].\n\n[contributing guidelines]: https://github.com/pallets/flask/blob/main/CONTRIBUTING.rst\n\n\n## Donate\n\nThe Pallets organization develops and supports Flask and the libraries\nit uses. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-04-07T19:26:08", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Framework :: Flask", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Internet :: WWW/HTTP :: WSGI", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", + "Topic :: Software Development :: Libraries :: Application Frameworks", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/61/80/ffe1da13ad9300f87c93af113edd0638c75138c42a0994becfacac078c06/flask-3.0.3-py3-none-any.whl", + "size": 101735, + "sha1": null, + "md5": "fe39440012a05441fa61d70e92d81754", + "sha256": "34e815dfaa43340d1d15a5c3a02b8476004037eb4840b34910c6e21679d288f3", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets/flask/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/flask/3.0.3/json", + "datasource_id": null, + "purl": "pkg:pypi/flask@3.0.3" + }, + { + "type": "pypi", + "namespace": null, + "name": "flask", + "version": "3.0.3", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "A simple framework for building complex web applications.\n# Flask\n\nFlask is a lightweight [WSGI][] web application framework. It is designed\nto make getting started quick and easy, with the ability to scale up to\ncomplex applications. It began as a simple wrapper around [Werkzeug][]\nand [Jinja][], and has become one of the most popular Python web\napplication frameworks.\n\nFlask offers suggestions, but doesn't enforce any dependencies or\nproject layout. It is up to the developer to choose the tools and\nlibraries they want to use. There are many extensions provided by the\ncommunity that make adding new functionality easy.\n\n[WSGI]: https://wsgi.readthedocs.io/\n[Werkzeug]: https://werkzeug.palletsprojects.com/\n[Jinja]: https://jinja.palletsprojects.com/\n\n\n## Installing\n\nInstall and update from [PyPI][] using an installer such as [pip][]:\n\n```\n$ pip install -U Flask\n```\n\n[PyPI]: https://pypi.org/project/Flask/\n[pip]: https://pip.pypa.io/en/stable/getting-started/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route(\"/\")\ndef hello():\n return \"Hello, World!\"\n```\n\n```\n$ flask run\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Contributing\n\nFor guidance on setting up a development environment and how to make a\ncontribution to Flask, see the [contributing guidelines][].\n\n[contributing guidelines]: https://github.com/pallets/flask/blob/main/CONTRIBUTING.rst\n\n\n## Donate\n\nThe Pallets organization develops and supports Flask and the libraries\nit uses. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-04-07T19:26:11", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Framework :: Flask", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Internet :: WWW/HTTP :: WSGI", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", + "Topic :: Software Development :: Libraries :: Application Frameworks", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/41/e1/d104c83026f8d35dfd2c261df7d64738341067526406b40190bc063e829a/flask-3.0.3.tar.gz", + "size": 676315, + "sha1": null, + "md5": "4658b022a07f6d8df51ef24c717fe162", + "sha256": "ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets/flask/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/flask/3.0.3/json", + "datasource_id": null, + "purl": "pkg:pypi/flask@3.0.3" + }, + { + "type": "pypi", + "namespace": null, + "name": "importlib-metadata", + "version": "8.2.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Read metadata from Python packages\n.. image:: https://img.shields.io/pypi/v/importlib_metadata.svg\n :target: https://pypi.org/project/importlib_metadata\n\n.. image:: https://img.shields.io/pypi/pyversions/importlib_metadata.svg\n\n.. image:: https://github.com/python/importlib_metadata/actions/workflows/main.yml/badge.svg\n :target: https://github.com/python/importlib_metadata/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. image:: https://readthedocs.org/projects/importlib-metadata/badge/?version=latest\n :target: https://importlib-metadata.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/importlib-metadata\n :target: https://tidelift.com/subscription/pkg/pypi-importlib-metadata?utm_source=pypi-importlib-metadata&utm_medium=readme\n\nLibrary to access the metadata for a Python package.\n\nThis package supplies third-party access to the functionality of\n`importlib.metadata `_\nincluding improvements added to subsequent Python versions.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - importlib_metadata\n - stdlib\n * - 7.0\n - 3.13\n * - 6.5\n - 3.12\n * - 4.13\n - 3.11\n * - 4.6\n - 3.10\n * - 1.4\n - 3.8\n\n\nUsage\n=====\n\nSee the `online documentation `_\nfor usage details.\n\n`Finder authors\n`_ can\nalso add support for custom package installers. See the above documentation\nfor details.\n\n\nCaveats\n=======\n\nThis project primarily supports third-party packages installed by PyPA\ntools (or other conforming packages). It does not support:\n\n- Packages in the stdlib.\n- Packages installed without metadata.\n\nProject details\n===============\n\n * Project home: https://github.com/python/importlib_metadata\n * Report bugs at: https://github.com/python/importlib_metadata/issues\n * Code hosting: https://github.com/python/importlib_metadata\n * Documentation: https://importlib-metadata.readthedocs.io/\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", + "release_date": "2024-07-24T15:22:15", + "parties": [ + { + "type": "person", + "role": "author", + "name": null, + "email": "\"Jason R. Coombs\" ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/82/47/bb25ec04985d0693da478797c3d8c1092b140f3a53ccb984fbbd38affa5b/importlib_metadata-8.2.0-py3-none-any.whl", + "size": 25920, + "sha1": null, + "md5": "984774e0de71c0caea5a37a3012d1ca6", + "sha256": "11901fa0c2f97919b288679932bb64febaeacf289d18ac84dd68cb2e74213369", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/python/importlib_metadata", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: Apache Software License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/importlib-metadata/8.2.0/json", + "datasource_id": null, + "purl": "pkg:pypi/importlib-metadata@8.2.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "importlib-metadata", + "version": "8.2.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Read metadata from Python packages\n.. image:: https://img.shields.io/pypi/v/importlib_metadata.svg\n :target: https://pypi.org/project/importlib_metadata\n\n.. image:: https://img.shields.io/pypi/pyversions/importlib_metadata.svg\n\n.. image:: https://github.com/python/importlib_metadata/actions/workflows/main.yml/badge.svg\n :target: https://github.com/python/importlib_metadata/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. image:: https://readthedocs.org/projects/importlib-metadata/badge/?version=latest\n :target: https://importlib-metadata.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/importlib-metadata\n :target: https://tidelift.com/subscription/pkg/pypi-importlib-metadata?utm_source=pypi-importlib-metadata&utm_medium=readme\n\nLibrary to access the metadata for a Python package.\n\nThis package supplies third-party access to the functionality of\n`importlib.metadata `_\nincluding improvements added to subsequent Python versions.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - importlib_metadata\n - stdlib\n * - 7.0\n - 3.13\n * - 6.5\n - 3.12\n * - 4.13\n - 3.11\n * - 4.6\n - 3.10\n * - 1.4\n - 3.8\n\n\nUsage\n=====\n\nSee the `online documentation `_\nfor usage details.\n\n`Finder authors\n`_ can\nalso add support for custom package installers. See the above documentation\nfor details.\n\n\nCaveats\n=======\n\nThis project primarily supports third-party packages installed by PyPA\ntools (or other conforming packages). It does not support:\n\n- Packages in the stdlib.\n- Packages installed without metadata.\n\nProject details\n===============\n\n * Project home: https://github.com/python/importlib_metadata\n * Report bugs at: https://github.com/python/importlib_metadata/issues\n * Code hosting: https://github.com/python/importlib_metadata\n * Documentation: https://importlib-metadata.readthedocs.io/\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", + "release_date": "2024-07-24T15:22:17", + "parties": [ + { + "type": "person", + "role": "author", + "name": null, + "email": "\"Jason R. Coombs\" ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/f6/a1/db39a513aa99ab3442010a994eef1cb977a436aded53042e69bee6959f74/importlib_metadata-8.2.0.tar.gz", + "size": 53907, + "sha1": null, + "md5": "c2119f670ff72233cdfbe4c04ab21a8a", + "sha256": "72e8d4399996132204f9a16dcc751af254a48f8d1b20b9ff0f98d4a8f901e73d", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/python/importlib_metadata", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: Apache Software License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/importlib-metadata/8.2.0/json", + "datasource_id": null, + "purl": "pkg:pypi/importlib-metadata@8.2.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "itsdangerous", + "version": "2.2.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Safely pass data to untrusted environments and back.\n# ItsDangerous\n\n... so better sign this\n\nVarious helpers to pass data to untrusted environments and to get it\nback safe and sound. Data is cryptographically signed to ensure that a\ntoken has not been tampered with.\n\nIt's possible to customize how data is serialized. Data is compressed as\nneeded. A timestamp can be added and verified automatically while\nloading a token.\n\n\n## A Simple Example\n\nHere's how you could generate a token for transmitting a user's id and\nname between web requests.\n\n```python\nfrom itsdangerous import URLSafeSerializer\nauth_s = URLSafeSerializer(\"secret key\", \"auth\")\ntoken = auth_s.dumps({\"id\": 5, \"name\": \"itsdangerous\"})\n\nprint(token)\n# eyJpZCI6NSwibmFtZSI6Iml0c2Rhbmdlcm91cyJ9.6YP6T0BaO67XP--9UzTrmurXSmg\n\ndata = auth_s.loads(token)\nprint(data[\"name\"])\n# itsdangerous\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports ItsDangerous and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-04-16T21:28:14", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/04/96/92447566d16df59b2a776c0fb82dbc4d9e07cd95062562af01e408583fc4/itsdangerous-2.2.0-py3-none-any.whl", + "size": 16234, + "sha1": null, + "md5": "22e41bfb2008481e855f1693a9df4c54", + "sha256": "c6242fc49e35958c8b15141343aa660db5fc54d4f13a1db01a3f5891b98700ef", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets/itsdangerous/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/itsdangerous/2.2.0/json", + "datasource_id": null, + "purl": "pkg:pypi/itsdangerous@2.2.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "itsdangerous", + "version": "2.2.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Safely pass data to untrusted environments and back.\n# ItsDangerous\n\n... so better sign this\n\nVarious helpers to pass data to untrusted environments and to get it\nback safe and sound. Data is cryptographically signed to ensure that a\ntoken has not been tampered with.\n\nIt's possible to customize how data is serialized. Data is compressed as\nneeded. A timestamp can be added and verified automatically while\nloading a token.\n\n\n## A Simple Example\n\nHere's how you could generate a token for transmitting a user's id and\nname between web requests.\n\n```python\nfrom itsdangerous import URLSafeSerializer\nauth_s = URLSafeSerializer(\"secret key\", \"auth\")\ntoken = auth_s.dumps({\"id\": 5, \"name\": \"itsdangerous\"})\n\nprint(token)\n# eyJpZCI6NSwibmFtZSI6Iml0c2Rhbmdlcm91cyJ9.6YP6T0BaO67XP--9UzTrmurXSmg\n\ndata = auth_s.loads(token)\nprint(data[\"name\"])\n# itsdangerous\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports ItsDangerous and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-04-16T21:28:15", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/9c/cb/8ac0172223afbccb63986cc25049b154ecfb5e85932587206f42317be31d/itsdangerous-2.2.0.tar.gz", + "size": 54410, + "sha1": null, + "md5": "a901babde35694c3577f7655010cd380", + "sha256": "e0050c0b7da1eea53ffaf149c0cfbb5c6e2e2b69c4bef22c81fa6eb73e5f6173", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets/itsdangerous/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/itsdangerous/2.2.0/json", + "datasource_id": null, + "purl": "pkg:pypi/itsdangerous@2.2.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "jinja2", + "version": "3.1.4", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "A very fast and expressive template engine.\n# Jinja\n\nJinja is a fast, expressive, extensible templating engine. Special\nplaceholders in the template allow writing code similar to Python\nsyntax. Then the template is passed data to render the final document.\n\nIt includes:\n\n- Template inheritance and inclusion.\n- Define and import macros within templates.\n- HTML templates can use autoescaping to prevent XSS from untrusted\n user input.\n- A sandboxed environment can safely render untrusted templates.\n- AsyncIO support for generating templates and calling async\n functions.\n- I18N support with Babel.\n- Templates are compiled to optimized Python code just-in-time and\n cached, or can be compiled ahead-of-time.\n- Exceptions point to the correct line in templates to make debugging\n easier.\n- Extensible filters, tests, functions, and even syntax.\n\nJinja's philosophy is that while application logic belongs in Python if\npossible, it shouldn't make the template designer's job difficult by\nrestricting functionality too much.\n\n\n## In A Nutshell\n\n.. code-block:: jinja\n\n {% extends \"base.html\" %}\n {% block title %}Members{% endblock %}\n {% block content %}\n \n {% endblock %}\n\n\n## Donate\n\nThe Pallets organization develops and supports Jinja and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-05-05T23:41:59", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Text Processing :: Markup :: HTML", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/31/80/3a54838c3fb461f6fec263ebf3a3a41771bd05190238de3486aae8540c36/jinja2-3.1.4-py3-none-any.whl", + "size": 133271, + "sha1": null, + "md5": "a5fadd0603a10249348865e85a6f57bc", + "sha256": "bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets/jinja/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/jinja2/3.1.4/json", + "datasource_id": null, + "purl": "pkg:pypi/jinja2@3.1.4" + }, + { + "type": "pypi", + "namespace": null, + "name": "jinja2", + "version": "3.1.4", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "A very fast and expressive template engine.\n# Jinja\n\nJinja is a fast, expressive, extensible templating engine. Special\nplaceholders in the template allow writing code similar to Python\nsyntax. Then the template is passed data to render the final document.\n\nIt includes:\n\n- Template inheritance and inclusion.\n- Define and import macros within templates.\n- HTML templates can use autoescaping to prevent XSS from untrusted\n user input.\n- A sandboxed environment can safely render untrusted templates.\n- AsyncIO support for generating templates and calling async\n functions.\n- I18N support with Babel.\n- Templates are compiled to optimized Python code just-in-time and\n cached, or can be compiled ahead-of-time.\n- Exceptions point to the correct line in templates to make debugging\n easier.\n- Extensible filters, tests, functions, and even syntax.\n\nJinja's philosophy is that while application logic belongs in Python if\npossible, it shouldn't make the template designer's job difficult by\nrestricting functionality too much.\n\n\n## In A Nutshell\n\n.. code-block:: jinja\n\n {% extends \"base.html\" %}\n {% block title %}Members{% endblock %}\n {% block content %}\n \n {% endblock %}\n\n\n## Donate\n\nThe Pallets organization develops and supports Jinja and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-05-05T23:42:02", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Text Processing :: Markup :: HTML", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/ed/55/39036716d19cab0747a5020fc7e907f362fbf48c984b14e62127f7e68e5d/jinja2-3.1.4.tar.gz", + "size": 240245, + "sha1": null, + "md5": "02ca9a6364c92e83d14b037bef4732bc", + "sha256": "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": "https://github.com/pallets/jinja/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/jinja2/3.1.4/json", + "datasource_id": null, + "purl": "pkg:pypi/jinja2@3.1.4" + }, + { + "type": "pypi", + "namespace": null, + "name": "markupsafe", + "version": "2.1.5", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Safely add untrusted strings to HTML/XML markup.\nMarkupSafe\n==========\n\nMarkupSafe implements a text object that escapes characters so it is\nsafe to use in HTML and XML. Characters that have special meanings are\nreplaced so that they display as the actual characters. This mitigates\ninjection attacks, meaning untrusted user input can safely be displayed\non a page.\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U MarkupSafe\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nExamples\n--------\n\n.. code-block:: pycon\n\n >>> from markupsafe import Markup, escape\n\n >>> # escape replaces special characters and wraps in Markup\n >>> escape(\"\")\n Markup('<script>alert(document.cookie);</script>')\n\n >>> # wrap in Markup to mark text \"safe\" and prevent escaping\n >>> Markup(\"Hello\")\n Markup('hello')\n\n >>> escape(Markup(\"Hello\"))\n Markup('hello')\n\n >>> # Markup is a str subclass\n >>> # methods and operators escape their arguments\n >>> template = Markup(\"Hello {name}\")\n >>> template.format(name='\"World\"')\n Markup('Hello "World"')\n\n\nDonate\n------\n\nThe Pallets organization develops and supports MarkupSafe and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://markupsafe.palletsprojects.com/\n- Changes: https://markupsafe.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/MarkupSafe/\n- Source Code: https://github.com/pallets/markupsafe/\n- Issue Tracker: https://github.com/pallets/markupsafe/issues/\n- Chat: https://discord.gg/pallets", + "release_date": "2024-02-02T16:31:01", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": "Pallets", + "email": "contact@palletsprojects.com", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Text Processing :: Markup :: HTML" + ], + "homepage_url": "https://palletsprojects.com/p/markupsafe/", + "download_url": "https://files.pythonhosted.org/packages/c7/bd/50319665ce81bb10e90d1cf76f9e1aa269ea6f7fa30ab4521f14d122a3df/MarkupSafe-2.1.5-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", + "size": 26106, + "sha1": null, + "md5": "4f97754a1154496e5bc9d3f21fb0315a", + "sha256": "fa9db3f79de01457b03d4f01b34cf91bc0048eb2c3846ff26f66687c2f6d16ab", + "sha512": null, + "bug_tracking_url": "https://github.com/pallets/markupsafe/issues/", + "code_view_url": "https://github.com/pallets/markupsafe/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "BSD-3-Clause", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/markupsafe/2.1.5/json", + "datasource_id": null, + "purl": "pkg:pypi/markupsafe@2.1.5" + }, + { + "type": "pypi", + "namespace": null, + "name": "markupsafe", + "version": "2.1.5", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Safely add untrusted strings to HTML/XML markup.\nMarkupSafe\n==========\n\nMarkupSafe implements a text object that escapes characters so it is\nsafe to use in HTML and XML. Characters that have special meanings are\nreplaced so that they display as the actual characters. This mitigates\ninjection attacks, meaning untrusted user input can safely be displayed\non a page.\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U MarkupSafe\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nExamples\n--------\n\n.. code-block:: pycon\n\n >>> from markupsafe import Markup, escape\n\n >>> # escape replaces special characters and wraps in Markup\n >>> escape(\"\")\n Markup('<script>alert(document.cookie);</script>')\n\n >>> # wrap in Markup to mark text \"safe\" and prevent escaping\n >>> Markup(\"Hello\")\n Markup('hello')\n\n >>> escape(Markup(\"Hello\"))\n Markup('hello')\n\n >>> # Markup is a str subclass\n >>> # methods and operators escape their arguments\n >>> template = Markup(\"Hello {name}\")\n >>> template.format(name='\"World\"')\n Markup('Hello "World"')\n\n\nDonate\n------\n\nThe Pallets organization develops and supports MarkupSafe and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://markupsafe.palletsprojects.com/\n- Changes: https://markupsafe.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/MarkupSafe/\n- Source Code: https://github.com/pallets/markupsafe/\n- Issue Tracker: https://github.com/pallets/markupsafe/issues/\n- Chat: https://discord.gg/pallets", + "release_date": "2024-02-02T16:31:22", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": "Pallets", + "email": "contact@palletsprojects.com", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Text Processing :: Markup :: HTML" + ], + "homepage_url": "https://palletsprojects.com/p/markupsafe/", + "download_url": "https://files.pythonhosted.org/packages/87/5b/aae44c6655f3801e81aa3eef09dbbf012431987ba564d7231722f68df02d/MarkupSafe-2.1.5.tar.gz", + "size": 19384, + "sha1": null, + "md5": "8fe7227653f2fb9b1ffe7f9f2058998a", + "sha256": "d283d37a890ba4c1ae73ffadf8046435c76e7bc2247bbb63c00bd1a709c6544b", + "sha512": null, + "bug_tracking_url": "https://github.com/pallets/markupsafe/issues/", + "code_view_url": "https://github.com/pallets/markupsafe/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "BSD-3-Clause", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/markupsafe/2.1.5/json", + "datasource_id": null, + "purl": "pkg:pypi/markupsafe@2.1.5" + }, + { + "type": "pypi", + "namespace": null, + "name": "werkzeug", + "version": "3.0.3", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "The comprehensive WSGI web application library.\n# Werkzeug\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive [WSGI][] web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n[Flask][] wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n[WSGI]: https://wsgi.readthedocs.io/en/latest/\n[Flask]: https://www.palletsprojects.com/p/flask/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom werkzeug.wrappers import Request, Response\n\n@Request.application\ndef application(request: Request) -> Response:\n return Response(\"Hello, World!\")\n\nif __name__ == \"__main__\":\n from werkzeug.serving import run_simple\n run_simple(\"127.0.0.1\", 5000, application)\n```\n\n```\n$ python -m app\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-05-05T23:10:29", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Internet :: WWW/HTTP :: WSGI", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware", + "Topic :: Software Development :: Libraries :: Application Frameworks", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/9d/6e/e792999e816d19d7fcbfa94c730936750036d65656a76a5a688b57a656c4/werkzeug-3.0.3-py3-none-any.whl", + "size": 227274, + "sha1": null, + "md5": "2e2d6eb358f117cd6a1fbf9abafe9b25", + "sha256": "fc9645dc43e03e4d630d23143a04a7f947a9a3b5727cd535fdfe155a17cc48c8", + "sha512": null, + "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", + "code_view_url": "https://github.com/pallets/werkzeug/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/werkzeug/3.0.3/json", + "datasource_id": null, + "purl": "pkg:pypi/werkzeug@3.0.3" + }, + { + "type": "pypi", + "namespace": null, + "name": "werkzeug", + "version": "3.0.3", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "The comprehensive WSGI web application library.\n# Werkzeug\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive [WSGI][] web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n[Flask][] wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n[WSGI]: https://wsgi.readthedocs.io/en/latest/\n[Flask]: https://www.palletsprojects.com/p/flask/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom werkzeug.wrappers import Request, Response\n\n@Request.application\ndef application(request: Request) -> Response:\n return Response(\"Hello, World!\")\n\nif __name__ == \"__main__\":\n from werkzeug.serving import run_simple\n run_simple(\"127.0.0.1\", 5000, application)\n```\n\n```\n$ python -m app\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", + "release_date": "2024-05-05T23:10:31", + "parties": [ + { + "type": "person", + "role": "maintainer", + "name": null, + "email": "Pallets ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Environment :: Web Environment", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Topic :: Internet :: WWW/HTTP :: Dynamic Content", + "Topic :: Internet :: WWW/HTTP :: WSGI", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", + "Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware", + "Topic :: Software Development :: Libraries :: Application Frameworks", + "Typing :: Typed" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/02/51/2e0fc149e7a810d300422ab543f87f2bcf64d985eb6f1228c4efd6e4f8d4/werkzeug-3.0.3.tar.gz", + "size": 803342, + "sha1": null, + "md5": "5955ba99c1a7466660fa9445fbabf5e2", + "sha256": "097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18", + "sha512": null, + "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", + "code_view_url": "https://github.com/pallets/werkzeug/", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/werkzeug/3.0.3/json", + "datasource_id": null, + "purl": "pkg:pypi/werkzeug@3.0.3" + }, + { + "type": "pypi", + "namespace": null, + "name": "zipp", + "version": "3.19.2", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: https://pypi.org/project/zipp\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n\n.. image:: https://github.com/jaraco/zipp/actions/workflows/main.yml/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. .. image:: https://readthedocs.org/projects/PROJECT_RTD/badge/?version=latest\n.. :target: https://PROJECT_RTD.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/zipp\n :target: https://tidelift.com/subscription/pkg/pypi-zipp?utm_source=pypi-zipp&utm_medium=readme\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.18\n - 3.13\n * - 3.16\n - 3.12\n * - 3.5\n - 3.11\n * - 3.2\n - 3.10\n * - 3.3 ??\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", + "release_date": "2024-06-04T17:21:07", + "parties": [ + { + "type": "person", + "role": "author", + "name": null, + "email": "\"Jason R. Coombs\" ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/20/38/f5c473fe9b90c8debdd29ea68d5add0289f1936d6f923b6b9cc0b931194c/zipp-3.19.2-py3-none-any.whl", + "size": 9039, + "sha1": null, + "md5": "cbc189588e0584bf9ea2b104044d3a80", + "sha256": "f091755f667055f2d02b32c53771a7a6c8b47e1fdbc4b72a8b9072b3eef8015c", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/zipp/3.19.2/json", + "datasource_id": null, + "purl": "pkg:pypi/zipp@3.19.2" + }, + { + "type": "pypi", + "namespace": null, + "name": "zipp", + "version": "3.19.2", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: https://pypi.org/project/zipp\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n\n.. image:: https://github.com/jaraco/zipp/actions/workflows/main.yml/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. .. image:: https://readthedocs.org/projects/PROJECT_RTD/badge/?version=latest\n.. :target: https://PROJECT_RTD.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/zipp\n :target: https://tidelift.com/subscription/pkg/pypi-zipp?utm_source=pypi-zipp&utm_medium=readme\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.18\n - 3.13\n * - 3.16\n - 3.12\n * - 3.5\n - 3.11\n * - 3.2\n - 3.10\n * - 3.3 ??\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", + "release_date": "2024-06-04T17:21:09", + "parties": [ + { + "type": "person", + "role": "author", + "name": null, + "email": "\"Jason R. Coombs\" ", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/d3/20/b48f58857d98dcb78f9e30ed2cfe533025e2e9827bbd36ea0a64cc00cbc1/zipp-3.19.2.tar.gz", + "size": 22922, + "sha1": null, + "md5": "2b920c3f604b1d51bf6c2e7c4af99129", + "sha256": "bf1dcf6450f873a13e952a29504887c89e6de7506209e5b1bcc3460135d4de19", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/zipp/3.19.2/json", + "datasource_id": null, + "purl": "pkg:pypi/zipp@3.19.2" + } + ], + "resolved_dependencies_graph": [ + { + "package": "pkg:pypi/blinker@1.8.2", + "dependencies": [] + }, + { + "package": "pkg:pypi/click@8.1.7", + "dependencies": [] + }, + { + "package": "pkg:pypi/flask@3.0.3", + "dependencies": [ + "pkg:pypi/blinker@1.8.2", + "pkg:pypi/click@8.1.7", + "pkg:pypi/importlib-metadata@8.2.0", + "pkg:pypi/itsdangerous@2.2.0", + "pkg:pypi/jinja2@3.1.4", + "pkg:pypi/werkzeug@3.0.3" + ] + }, + { + "package": "pkg:pypi/importlib-metadata@8.2.0", + "dependencies": [ + "pkg:pypi/zipp@3.19.2" + ] + }, + { + "package": "pkg:pypi/itsdangerous@2.2.0", + "dependencies": [] + }, + { + "package": "pkg:pypi/jinja2@3.1.4", + "dependencies": [ + "pkg:pypi/markupsafe@2.1.5" + ] + }, + { + "package": "pkg:pypi/markupsafe@2.1.5", + "dependencies": [] + }, + { + "package": "pkg:pypi/werkzeug@3.0.3", + "dependencies": [ + "pkg:pypi/markupsafe@2.1.5" + ] + }, + { + "package": "pkg:pypi/zipp@3.19.2", + "dependencies": [] + } + ] +} \ No newline at end of file diff --git a/tests/data/single-url-env-var-expected.json b/tests/data/single-url-env-var-expected.json new file mode 100644 index 00000000..fd2d8968 --- /dev/null +++ b/tests/data/single-url-env-var-expected.json @@ -0,0 +1,131 @@ +{ + "headers": { + "tool_name": "python-inspector", + "tool_homepageurl": "https://github.com/nexB/python-inspector", + "tool_version": "0.12.0", + "options": [ + "--json ", + "--operating-system linux", + "--python-version 38", + "--specifier zipp==3.8.0" + ], + "notice": "Dependency tree generated with python-inspector.\npython-inspector is a free software tool from nexB Inc. and others.\nVisit https://github.com/nexB/python-inspector/ for support and download.", + "warnings": [], + "errors": [] + }, + "files": [], + "packages": [ + { + "type": "pypi", + "namespace": null, + "name": "zipp", + "version": "3.8.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: `PyPI link`_\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n :target: `PyPI link`_\n\n.. _PyPI link: https://pypi.org/project/zipp\n\n.. image:: https://github.com/jaraco/zipp/workflows/tests/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/psf/black\n :alt: Code style: Black\n\n.. .. image:: https://readthedocs.org/projects/skeleton/badge/?version=latest\n.. :target: https://skeleton.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2022-informational\n :target: https://blog.jaraco.com/skeleton\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.5\n - 3.11\n * - 3.3\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.", + "release_date": "2022-04-03T15:07:27", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Jason R. Coombs", + "email": "jaraco@jaraco.com", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only" + ], + "homepage_url": "https://github.com/jaraco/zipp", + "download_url": "https://files.pythonhosted.org/packages/80/0e/16a7ee38617aab6a624e95948d314097cc2669edae9b02ded53309941cfc/zipp-3.8.0-py3-none-any.whl", + "size": 5369, + "sha1": null, + "md5": "da531f1b3a5c5e65470cb74729242bfc", + "sha256": "c4f6e5bbf48e74f7a38e7cc5b0480ff42b0ae5178957d564d18932525d5cf099", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/zipp/3.8.0/json", + "datasource_id": null, + "purl": "pkg:pypi/zipp@3.8.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "zipp", + "version": "3.8.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: `PyPI link`_\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n :target: `PyPI link`_\n\n.. _PyPI link: https://pypi.org/project/zipp\n\n.. image:: https://github.com/jaraco/zipp/workflows/tests/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/psf/black\n :alt: Code style: Black\n\n.. .. image:: https://readthedocs.org/projects/skeleton/badge/?version=latest\n.. :target: https://skeleton.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2022-informational\n :target: https://blog.jaraco.com/skeleton\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.5\n - 3.11\n * - 3.3\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.", + "release_date": "2022-04-03T15:07:28", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Jason R. Coombs", + "email": "jaraco@jaraco.com", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only" + ], + "homepage_url": "https://github.com/jaraco/zipp", + "download_url": "https://files.pythonhosted.org/packages/cc/3c/3e8c69cd493297003da83f26ccf1faea5dd7da7892a0a7c965ac3bcba7bf/zipp-3.8.0.tar.gz", + "size": 13344, + "sha1": null, + "md5": "8864ff5ed01cd28755cc87f1443dbc67", + "sha256": "56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/zipp/3.8.0/json", + "datasource_id": null, + "purl": "pkg:pypi/zipp@3.8.0" + } + ], + "resolved_dependencies_graph": [ + { + "package": "pkg:pypi/zipp@3.8.0", + "dependencies": [] + } + ] +} \ No newline at end of file diff --git a/tests/test_cli.py b/tests/test_cli.py index 8491ad36..49b5c66b 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -12,6 +12,7 @@ import json import os import sys +import pdb import pytest from click.testing import CliRunner @@ -160,6 +161,35 @@ def test_cli_with_multiple_index_url_and_tilde_req(): regen=REGEN_TEST_FIXTURES, ) +@pytest.mark.online +def test_cli_with_single_env_var_index_url(): + expected_file = test_env.get_test_loc("single-url-env-var-expected.json", must_exist=False) + specifier = "zipp==3.8.0" + os.environ["PYINSP_INDEX_URL"] = "https://pypi.org/simple" + check_specs_resolution( + specifier=specifier, + expected_file=expected_file, + extra_options=[], + regen=REGEN_TEST_FIXTURES + ) + os.unsetenv("PYINSP_INDEX_URL") + +@pytest.mark.online +def test_cli_with_single_env_var_index_url_except_pypi_simple(): + expected_file = test_env.get_test_loc( + "single-url-env-var-except-simple-expected.json", must_exist=False + ) + # using flask since it's not present in thirdparty + specifier = "flask" + os.environ["PYINSP_INDEX_URL"] = "https://thirdparty.aboutcode.org/pypi/simple/" + check_specs_resolution( + specifier=specifier, + expected_file=expected_file, + extra_options=[], + regen=REGEN_TEST_FIXTURES, + ) + os.unsetenv("PYINSP_INDEX_URL") + @pytest.mark.online def test_cli_with_environment_marker_and_complex_ranges(): From 094b2733fc34e1bff6d1ff7d3693e80097054edc Mon Sep 17 00:00:00 2001 From: Cesar Lizarraga Date: Tue, 13 Aug 2024 11:05:05 -0500 Subject: [PATCH 02/10] Fix 180: Add envvar to click options and add tests Signed-off-by: Cesar Lizarraga --- tests/test_cli.py | 41 +++++++++++++++++++++++++++++++++++------ 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/tests/test_cli.py b/tests/test_cli.py index 49b5c66b..a3c5933a 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -162,14 +162,19 @@ def test_cli_with_multiple_index_url_and_tilde_req(): ) @pytest.mark.online -def test_cli_with_single_env_var_index_url(): - expected_file = test_env.get_test_loc("single-url-env-var-expected.json", must_exist=False) +def test_cli_with_single_env_var_index_url_flag_override(): + # Click default is to override env vars via flag as shown here + expected_file = test_env.get_test_loc("single-url-env-var-expected.json", must_exist=True) specifier = "zipp==3.8.0" - os.environ["PYINSP_INDEX_URL"] = "https://pypi.org/simple" + os.environ["PYINSP_INDEX_URL"] = "https://thirdparty.aboutcode.org/pypi/simple/" + extra_options = [ + "--index-url", + "https://pypi.org/simple", + ] check_specs_resolution( specifier=specifier, expected_file=expected_file, - extra_options=[], + extra_options=extra_options, regen=REGEN_TEST_FIXTURES ) os.unsetenv("PYINSP_INDEX_URL") @@ -177,8 +182,7 @@ def test_cli_with_single_env_var_index_url(): @pytest.mark.online def test_cli_with_single_env_var_index_url_except_pypi_simple(): expected_file = test_env.get_test_loc( - "single-url-env-var-except-simple-expected.json", must_exist=False - ) + "single-url-env-var-except-simple-expected.json", must_exist=True) # using flask since it's not present in thirdparty specifier = "flask" os.environ["PYINSP_INDEX_URL"] = "https://thirdparty.aboutcode.org/pypi/simple/" @@ -190,6 +194,31 @@ def test_cli_with_single_env_var_index_url_except_pypi_simple(): ) os.unsetenv("PYINSP_INDEX_URL") +@pytest.mark.online +def test_cli_with_multiple_env_var_index_url_and_tilde_req(): + expected_file = test_env.get_test_loc("tilde_req-expected.json", must_exist=True) + specifier = "zipp~=3.8.0" + os.environ["PYINSP_INDEX_URL"] = "https://pypi.org/simple https://thirdparty.aboutcode.org/pypi/simple/" + check_specs_resolution( + specifier=specifier, + expected_file=expected_file, + extra_options=[], + regen=REGEN_TEST_FIXTURES, + ) + os.unsetenv("PYINSP_INDEX_URL") + +@pytest.mark.online +def test_cli_with_single_env_var_index_url(): + expected_file = test_env.get_test_loc("single-url-env-var-expected.json", must_exist=True) + specifier = "zipp==3.8.0" + os.environ["PYINSP_INDEX_URL"] = "https://pypi.org/simple" + check_specs_resolution( + specifier=specifier, + expected_file=expected_file, + extra_options=[], + regen=REGEN_TEST_FIXTURES + ) + os.unsetenv("PYINSP_INDEX_URL") @pytest.mark.online def test_cli_with_environment_marker_and_complex_ranges(): From a1212b5a38ba5a89ed0d2e5651e6d3f2c4a11ba7 Mon Sep 17 00:00:00 2001 From: Cesar Lizarraga Date: Tue, 13 Aug 2024 11:10:21 -0500 Subject: [PATCH 03/10] Fix 180: Remove jsons for env-var tests They should be able to use the same ones as the flag. Signed-off-by: Cesar Lizarraga --- ...le-url-env-var-except-simple-expected.json | 1085 ----------------- tests/data/single-url-env-var-expected.json | 131 -- 2 files changed, 1216 deletions(-) delete mode 100644 tests/data/single-url-env-var-except-simple-expected.json delete mode 100644 tests/data/single-url-env-var-expected.json diff --git a/tests/data/single-url-env-var-except-simple-expected.json b/tests/data/single-url-env-var-except-simple-expected.json deleted file mode 100644 index 2089cc24..00000000 --- a/tests/data/single-url-env-var-except-simple-expected.json +++ /dev/null @@ -1,1085 +0,0 @@ -{ - "headers": { - "tool_name": "python-inspector", - "tool_homepageurl": "https://github.com/nexB/python-inspector", - "tool_version": "0.12.0", - "options": [ - "--index-url https://thirdparty.aboutcode.org/pypi/simple/", - "--json ", - "--operating-system linux", - "--python-version 38", - "--specifier flask" - ], - "notice": "Dependency tree generated with python-inspector.\npython-inspector is a free software tool from nexB Inc. and others.\nVisit https://github.com/nexB/python-inspector/ for support and download.", - "warnings": [], - "errors": [] - }, - "files": [], - "packages": [ - { - "type": "pypi", - "namespace": null, - "name": "blinker", - "version": "1.8.2", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Fast, simple object-to-object and broadcast signaling\n# Blinker\n\nBlinker provides a fast dispatching system that allows any number of\ninterested parties to subscribe to events, or \"signals\".\n\n\n## Pallets Community Ecosystem\n\n> [!IMPORTANT]\\\n> This project is part of the Pallets Community Ecosystem. Pallets is the open\n> source organization that maintains Flask; Pallets-Eco enables community\n> maintenance of related projects. If you are interested in helping maintain\n> this project, please reach out on [the Pallets Discord server][discord].\n>\n> [discord]: https://discord.gg/pallets\n\n\n## Example\n\nSignal receivers can subscribe to specific senders or receive signals\nsent by any sender.\n\n```pycon\n>>> from blinker import signal\n>>> started = signal('round-started')\n>>> def each(round):\n... print(f\"Round {round}\")\n...\n>>> started.connect(each)\n\n>>> def round_two(round):\n... print(\"This is round two.\")\n...\n>>> started.connect(round_two, sender=2)\n\n>>> for round in range(1, 4):\n... started.send(round)\n...\nRound 1!\nRound 2!\nThis is round two.\nRound 3!\n```", - "release_date": "2024-05-06T17:04:08", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Jason Kirtland", - "email": null, - "url": null - }, - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets Ecosystem ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Programming Language :: Python", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/bb/2a/10164ed1f31196a2f7f3799368a821765c62851ead0e630ab52b8e14b4d0/blinker-1.8.2-py3-none-any.whl", - "size": 9456, - "sha1": null, - "md5": "453ec9473100de91897d16e4ae568139", - "sha256": "1779309f71bf239144b9399d06ae925637cf6634cf6bd131104184531bf67c01", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets-eco/blinker/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/blinker/1.8.2/json", - "datasource_id": null, - "purl": "pkg:pypi/blinker@1.8.2" - }, - { - "type": "pypi", - "namespace": null, - "name": "blinker", - "version": "1.8.2", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Fast, simple object-to-object and broadcast signaling\n# Blinker\n\nBlinker provides a fast dispatching system that allows any number of\ninterested parties to subscribe to events, or \"signals\".\n\n\n## Pallets Community Ecosystem\n\n> [!IMPORTANT]\\\n> This project is part of the Pallets Community Ecosystem. Pallets is the open\n> source organization that maintains Flask; Pallets-Eco enables community\n> maintenance of related projects. If you are interested in helping maintain\n> this project, please reach out on [the Pallets Discord server][discord].\n>\n> [discord]: https://discord.gg/pallets\n\n\n## Example\n\nSignal receivers can subscribe to specific senders or receive signals\nsent by any sender.\n\n```pycon\n>>> from blinker import signal\n>>> started = signal('round-started')\n>>> def each(round):\n... print(f\"Round {round}\")\n...\n>>> started.connect(each)\n\n>>> def round_two(round):\n... print(\"This is round two.\")\n...\n>>> started.connect(round_two, sender=2)\n\n>>> for round in range(1, 4):\n... started.send(round)\n...\nRound 1!\nRound 2!\nThis is round two.\nRound 3!\n```", - "release_date": "2024-05-06T17:04:10", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Jason Kirtland", - "email": null, - "url": null - }, - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets Ecosystem ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Programming Language :: Python", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/1e/57/a6a1721eff09598fb01f3c7cda070c1b6a0f12d63c83236edf79a440abcc/blinker-1.8.2.tar.gz", - "size": 23161, - "sha1": null, - "md5": "ce2f9fb3bc0c0000db11f012f5f5afda", - "sha256": "8f77b09d3bf7c795e969e9486f39c2c5e9c39d4ee07424be2bc594ece9642d83", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets-eco/blinker/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/blinker/1.8.2/json", - "datasource_id": null, - "purl": "pkg:pypi/blinker@1.8.2" - }, - { - "type": "pypi", - "namespace": null, - "name": "click", - "version": "8.1.7", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Composable command line interface toolkit\n\\$ click\\_\n==========\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n $ pip install -U click\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n import click\n\n @click.command()\n @click.option(\"--count\", default=1, help=\"Number of greetings.\")\n @click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\n def hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\n if __name__ == '__main__':\n hello()\n\n.. code-block:: text\n\n $ python hello.py --count=3\n Your name: Click\n Hello, Click!\n Hello, Click!\n Hello, Click!\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, `please\ndonate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://click.palletsprojects.com/\n- Changes: https://click.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/click/\n- Source Code: https://github.com/pallets/click\n- Issue Tracker: https://github.com/pallets/click/issues\n- Chat: https://discord.gg/pallets", - "release_date": "2023-08-17T17:29:10", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": "Pallets", - "email": "contact@palletsprojects.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python" - ], - "homepage_url": "https://palletsprojects.com/p/click/", - "download_url": "https://files.pythonhosted.org/packages/00/2e/d53fa4befbf2cfa713304affc7ca780ce4fc1fd8710527771b58311a3229/click-8.1.7-py3-none-any.whl", - "size": 97941, - "sha1": null, - "md5": "37a41134cc8a13400234746942d5d180", - "sha256": "ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/click/issues/", - "code_view_url": "https://github.com/pallets/click/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.7/json", - "datasource_id": null, - "purl": "pkg:pypi/click@8.1.7" - }, - { - "type": "pypi", - "namespace": null, - "name": "click", - "version": "8.1.7", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Composable command line interface toolkit\n\\$ click\\_\n==========\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n $ pip install -U click\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nA Simple Example\n----------------\n\n.. code-block:: python\n\n import click\n\n @click.command()\n @click.option(\"--count\", default=1, help=\"Number of greetings.\")\n @click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\n def hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\n if __name__ == '__main__':\n hello()\n\n.. code-block:: text\n\n $ python hello.py --count=3\n Your name: Click\n Hello, Click!\n Hello, Click!\n Hello, Click!\n\n\nDonate\n------\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, `please\ndonate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://click.palletsprojects.com/\n- Changes: https://click.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/click/\n- Source Code: https://github.com/pallets/click\n- Issue Tracker: https://github.com/pallets/click/issues\n- Chat: https://discord.gg/pallets", - "release_date": "2023-08-17T17:29:11", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": "Pallets", - "email": "contact@palletsprojects.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python" - ], - "homepage_url": "https://palletsprojects.com/p/click/", - "download_url": "https://files.pythonhosted.org/packages/96/d3/f04c7bfcf5c1862a2a5b845c6b2b360488cf47af55dfa79c98f6a6bf98b5/click-8.1.7.tar.gz", - "size": 336121, - "sha1": null, - "md5": "7c3b52c56fd30699f453a7dc7b42cecb", - "sha256": "ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/click/issues/", - "code_view_url": "https://github.com/pallets/click/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.7/json", - "datasource_id": null, - "purl": "pkg:pypi/click@8.1.7" - }, - { - "type": "pypi", - "namespace": null, - "name": "flask", - "version": "3.0.3", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "A simple framework for building complex web applications.\n# Flask\n\nFlask is a lightweight [WSGI][] web application framework. It is designed\nto make getting started quick and easy, with the ability to scale up to\ncomplex applications. It began as a simple wrapper around [Werkzeug][]\nand [Jinja][], and has become one of the most popular Python web\napplication frameworks.\n\nFlask offers suggestions, but doesn't enforce any dependencies or\nproject layout. It is up to the developer to choose the tools and\nlibraries they want to use. There are many extensions provided by the\ncommunity that make adding new functionality easy.\n\n[WSGI]: https://wsgi.readthedocs.io/\n[Werkzeug]: https://werkzeug.palletsprojects.com/\n[Jinja]: https://jinja.palletsprojects.com/\n\n\n## Installing\n\nInstall and update from [PyPI][] using an installer such as [pip][]:\n\n```\n$ pip install -U Flask\n```\n\n[PyPI]: https://pypi.org/project/Flask/\n[pip]: https://pip.pypa.io/en/stable/getting-started/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route(\"/\")\ndef hello():\n return \"Hello, World!\"\n```\n\n```\n$ flask run\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Contributing\n\nFor guidance on setting up a development environment and how to make a\ncontribution to Flask, see the [contributing guidelines][].\n\n[contributing guidelines]: https://github.com/pallets/flask/blob/main/CONTRIBUTING.rst\n\n\n## Donate\n\nThe Pallets organization develops and supports Flask and the libraries\nit uses. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-04-07T19:26:08", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Framework :: Flask", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Internet :: WWW/HTTP :: WSGI", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", - "Topic :: Software Development :: Libraries :: Application Frameworks", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/61/80/ffe1da13ad9300f87c93af113edd0638c75138c42a0994becfacac078c06/flask-3.0.3-py3-none-any.whl", - "size": 101735, - "sha1": null, - "md5": "fe39440012a05441fa61d70e92d81754", - "sha256": "34e815dfaa43340d1d15a5c3a02b8476004037eb4840b34910c6e21679d288f3", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets/flask/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/flask/3.0.3/json", - "datasource_id": null, - "purl": "pkg:pypi/flask@3.0.3" - }, - { - "type": "pypi", - "namespace": null, - "name": "flask", - "version": "3.0.3", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "A simple framework for building complex web applications.\n# Flask\n\nFlask is a lightweight [WSGI][] web application framework. It is designed\nto make getting started quick and easy, with the ability to scale up to\ncomplex applications. It began as a simple wrapper around [Werkzeug][]\nand [Jinja][], and has become one of the most popular Python web\napplication frameworks.\n\nFlask offers suggestions, but doesn't enforce any dependencies or\nproject layout. It is up to the developer to choose the tools and\nlibraries they want to use. There are many extensions provided by the\ncommunity that make adding new functionality easy.\n\n[WSGI]: https://wsgi.readthedocs.io/\n[Werkzeug]: https://werkzeug.palletsprojects.com/\n[Jinja]: https://jinja.palletsprojects.com/\n\n\n## Installing\n\nInstall and update from [PyPI][] using an installer such as [pip][]:\n\n```\n$ pip install -U Flask\n```\n\n[PyPI]: https://pypi.org/project/Flask/\n[pip]: https://pip.pypa.io/en/stable/getting-started/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom flask import Flask\n\napp = Flask(__name__)\n\n@app.route(\"/\")\ndef hello():\n return \"Hello, World!\"\n```\n\n```\n$ flask run\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Contributing\n\nFor guidance on setting up a development environment and how to make a\ncontribution to Flask, see the [contributing guidelines][].\n\n[contributing guidelines]: https://github.com/pallets/flask/blob/main/CONTRIBUTING.rst\n\n\n## Donate\n\nThe Pallets organization develops and supports Flask and the libraries\nit uses. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-04-07T19:26:11", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Framework :: Flask", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Internet :: WWW/HTTP :: WSGI", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", - "Topic :: Software Development :: Libraries :: Application Frameworks", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/41/e1/d104c83026f8d35dfd2c261df7d64738341067526406b40190bc063e829a/flask-3.0.3.tar.gz", - "size": 676315, - "sha1": null, - "md5": "4658b022a07f6d8df51ef24c717fe162", - "sha256": "ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets/flask/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/flask/3.0.3/json", - "datasource_id": null, - "purl": "pkg:pypi/flask@3.0.3" - }, - { - "type": "pypi", - "namespace": null, - "name": "importlib-metadata", - "version": "8.2.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Read metadata from Python packages\n.. image:: https://img.shields.io/pypi/v/importlib_metadata.svg\n :target: https://pypi.org/project/importlib_metadata\n\n.. image:: https://img.shields.io/pypi/pyversions/importlib_metadata.svg\n\n.. image:: https://github.com/python/importlib_metadata/actions/workflows/main.yml/badge.svg\n :target: https://github.com/python/importlib_metadata/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. image:: https://readthedocs.org/projects/importlib-metadata/badge/?version=latest\n :target: https://importlib-metadata.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/importlib-metadata\n :target: https://tidelift.com/subscription/pkg/pypi-importlib-metadata?utm_source=pypi-importlib-metadata&utm_medium=readme\n\nLibrary to access the metadata for a Python package.\n\nThis package supplies third-party access to the functionality of\n`importlib.metadata `_\nincluding improvements added to subsequent Python versions.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - importlib_metadata\n - stdlib\n * - 7.0\n - 3.13\n * - 6.5\n - 3.12\n * - 4.13\n - 3.11\n * - 4.6\n - 3.10\n * - 1.4\n - 3.8\n\n\nUsage\n=====\n\nSee the `online documentation `_\nfor usage details.\n\n`Finder authors\n`_ can\nalso add support for custom package installers. See the above documentation\nfor details.\n\n\nCaveats\n=======\n\nThis project primarily supports third-party packages installed by PyPA\ntools (or other conforming packages). It does not support:\n\n- Packages in the stdlib.\n- Packages installed without metadata.\n\nProject details\n===============\n\n * Project home: https://github.com/python/importlib_metadata\n * Report bugs at: https://github.com/python/importlib_metadata/issues\n * Code hosting: https://github.com/python/importlib_metadata\n * Documentation: https://importlib-metadata.readthedocs.io/\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", - "release_date": "2024-07-24T15:22:15", - "parties": [ - { - "type": "person", - "role": "author", - "name": null, - "email": "\"Jason R. Coombs\" ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/82/47/bb25ec04985d0693da478797c3d8c1092b140f3a53ccb984fbbd38affa5b/importlib_metadata-8.2.0-py3-none-any.whl", - "size": 25920, - "sha1": null, - "md5": "984774e0de71c0caea5a37a3012d1ca6", - "sha256": "11901fa0c2f97919b288679932bb64febaeacf289d18ac84dd68cb2e74213369", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/python/importlib_metadata", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: Apache Software License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/importlib-metadata/8.2.0/json", - "datasource_id": null, - "purl": "pkg:pypi/importlib-metadata@8.2.0" - }, - { - "type": "pypi", - "namespace": null, - "name": "importlib-metadata", - "version": "8.2.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Read metadata from Python packages\n.. image:: https://img.shields.io/pypi/v/importlib_metadata.svg\n :target: https://pypi.org/project/importlib_metadata\n\n.. image:: https://img.shields.io/pypi/pyversions/importlib_metadata.svg\n\n.. image:: https://github.com/python/importlib_metadata/actions/workflows/main.yml/badge.svg\n :target: https://github.com/python/importlib_metadata/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. image:: https://readthedocs.org/projects/importlib-metadata/badge/?version=latest\n :target: https://importlib-metadata.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/importlib-metadata\n :target: https://tidelift.com/subscription/pkg/pypi-importlib-metadata?utm_source=pypi-importlib-metadata&utm_medium=readme\n\nLibrary to access the metadata for a Python package.\n\nThis package supplies third-party access to the functionality of\n`importlib.metadata `_\nincluding improvements added to subsequent Python versions.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - importlib_metadata\n - stdlib\n * - 7.0\n - 3.13\n * - 6.5\n - 3.12\n * - 4.13\n - 3.11\n * - 4.6\n - 3.10\n * - 1.4\n - 3.8\n\n\nUsage\n=====\n\nSee the `online documentation `_\nfor usage details.\n\n`Finder authors\n`_ can\nalso add support for custom package installers. See the above documentation\nfor details.\n\n\nCaveats\n=======\n\nThis project primarily supports third-party packages installed by PyPA\ntools (or other conforming packages). It does not support:\n\n- Packages in the stdlib.\n- Packages installed without metadata.\n\nProject details\n===============\n\n * Project home: https://github.com/python/importlib_metadata\n * Report bugs at: https://github.com/python/importlib_metadata/issues\n * Code hosting: https://github.com/python/importlib_metadata\n * Documentation: https://importlib-metadata.readthedocs.io/\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", - "release_date": "2024-07-24T15:22:17", - "parties": [ - { - "type": "person", - "role": "author", - "name": null, - "email": "\"Jason R. Coombs\" ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/f6/a1/db39a513aa99ab3442010a994eef1cb977a436aded53042e69bee6959f74/importlib_metadata-8.2.0.tar.gz", - "size": 53907, - "sha1": null, - "md5": "c2119f670ff72233cdfbe4c04ab21a8a", - "sha256": "72e8d4399996132204f9a16dcc751af254a48f8d1b20b9ff0f98d4a8f901e73d", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/python/importlib_metadata", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: Apache Software License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/importlib-metadata/8.2.0/json", - "datasource_id": null, - "purl": "pkg:pypi/importlib-metadata@8.2.0" - }, - { - "type": "pypi", - "namespace": null, - "name": "itsdangerous", - "version": "2.2.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Safely pass data to untrusted environments and back.\n# ItsDangerous\n\n... so better sign this\n\nVarious helpers to pass data to untrusted environments and to get it\nback safe and sound. Data is cryptographically signed to ensure that a\ntoken has not been tampered with.\n\nIt's possible to customize how data is serialized. Data is compressed as\nneeded. A timestamp can be added and verified automatically while\nloading a token.\n\n\n## A Simple Example\n\nHere's how you could generate a token for transmitting a user's id and\nname between web requests.\n\n```python\nfrom itsdangerous import URLSafeSerializer\nauth_s = URLSafeSerializer(\"secret key\", \"auth\")\ntoken = auth_s.dumps({\"id\": 5, \"name\": \"itsdangerous\"})\n\nprint(token)\n# eyJpZCI6NSwibmFtZSI6Iml0c2Rhbmdlcm91cyJ9.6YP6T0BaO67XP--9UzTrmurXSmg\n\ndata = auth_s.loads(token)\nprint(data[\"name\"])\n# itsdangerous\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports ItsDangerous and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-04-16T21:28:14", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/04/96/92447566d16df59b2a776c0fb82dbc4d9e07cd95062562af01e408583fc4/itsdangerous-2.2.0-py3-none-any.whl", - "size": 16234, - "sha1": null, - "md5": "22e41bfb2008481e855f1693a9df4c54", - "sha256": "c6242fc49e35958c8b15141343aa660db5fc54d4f13a1db01a3f5891b98700ef", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets/itsdangerous/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/itsdangerous/2.2.0/json", - "datasource_id": null, - "purl": "pkg:pypi/itsdangerous@2.2.0" - }, - { - "type": "pypi", - "namespace": null, - "name": "itsdangerous", - "version": "2.2.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Safely pass data to untrusted environments and back.\n# ItsDangerous\n\n... so better sign this\n\nVarious helpers to pass data to untrusted environments and to get it\nback safe and sound. Data is cryptographically signed to ensure that a\ntoken has not been tampered with.\n\nIt's possible to customize how data is serialized. Data is compressed as\nneeded. A timestamp can be added and verified automatically while\nloading a token.\n\n\n## A Simple Example\n\nHere's how you could generate a token for transmitting a user's id and\nname between web requests.\n\n```python\nfrom itsdangerous import URLSafeSerializer\nauth_s = URLSafeSerializer(\"secret key\", \"auth\")\ntoken = auth_s.dumps({\"id\": 5, \"name\": \"itsdangerous\"})\n\nprint(token)\n# eyJpZCI6NSwibmFtZSI6Iml0c2Rhbmdlcm91cyJ9.6YP6T0BaO67XP--9UzTrmurXSmg\n\ndata = auth_s.loads(token)\nprint(data[\"name\"])\n# itsdangerous\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports ItsDangerous and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-04-16T21:28:15", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/9c/cb/8ac0172223afbccb63986cc25049b154ecfb5e85932587206f42317be31d/itsdangerous-2.2.0.tar.gz", - "size": 54410, - "sha1": null, - "md5": "a901babde35694c3577f7655010cd380", - "sha256": "e0050c0b7da1eea53ffaf149c0cfbb5c6e2e2b69c4bef22c81fa6eb73e5f6173", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets/itsdangerous/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/itsdangerous/2.2.0/json", - "datasource_id": null, - "purl": "pkg:pypi/itsdangerous@2.2.0" - }, - { - "type": "pypi", - "namespace": null, - "name": "jinja2", - "version": "3.1.4", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "A very fast and expressive template engine.\n# Jinja\n\nJinja is a fast, expressive, extensible templating engine. Special\nplaceholders in the template allow writing code similar to Python\nsyntax. Then the template is passed data to render the final document.\n\nIt includes:\n\n- Template inheritance and inclusion.\n- Define and import macros within templates.\n- HTML templates can use autoescaping to prevent XSS from untrusted\n user input.\n- A sandboxed environment can safely render untrusted templates.\n- AsyncIO support for generating templates and calling async\n functions.\n- I18N support with Babel.\n- Templates are compiled to optimized Python code just-in-time and\n cached, or can be compiled ahead-of-time.\n- Exceptions point to the correct line in templates to make debugging\n easier.\n- Extensible filters, tests, functions, and even syntax.\n\nJinja's philosophy is that while application logic belongs in Python if\npossible, it shouldn't make the template designer's job difficult by\nrestricting functionality too much.\n\n\n## In A Nutshell\n\n.. code-block:: jinja\n\n {% extends \"base.html\" %}\n {% block title %}Members{% endblock %}\n {% block content %}\n \n {% endblock %}\n\n\n## Donate\n\nThe Pallets organization develops and supports Jinja and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-05-05T23:41:59", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Text Processing :: Markup :: HTML", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/31/80/3a54838c3fb461f6fec263ebf3a3a41771bd05190238de3486aae8540c36/jinja2-3.1.4-py3-none-any.whl", - "size": 133271, - "sha1": null, - "md5": "a5fadd0603a10249348865e85a6f57bc", - "sha256": "bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets/jinja/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/jinja2/3.1.4/json", - "datasource_id": null, - "purl": "pkg:pypi/jinja2@3.1.4" - }, - { - "type": "pypi", - "namespace": null, - "name": "jinja2", - "version": "3.1.4", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "A very fast and expressive template engine.\n# Jinja\n\nJinja is a fast, expressive, extensible templating engine. Special\nplaceholders in the template allow writing code similar to Python\nsyntax. Then the template is passed data to render the final document.\n\nIt includes:\n\n- Template inheritance and inclusion.\n- Define and import macros within templates.\n- HTML templates can use autoescaping to prevent XSS from untrusted\n user input.\n- A sandboxed environment can safely render untrusted templates.\n- AsyncIO support for generating templates and calling async\n functions.\n- I18N support with Babel.\n- Templates are compiled to optimized Python code just-in-time and\n cached, or can be compiled ahead-of-time.\n- Exceptions point to the correct line in templates to make debugging\n easier.\n- Extensible filters, tests, functions, and even syntax.\n\nJinja's philosophy is that while application logic belongs in Python if\npossible, it shouldn't make the template designer's job difficult by\nrestricting functionality too much.\n\n\n## In A Nutshell\n\n.. code-block:: jinja\n\n {% extends \"base.html\" %}\n {% block title %}Members{% endblock %}\n {% block content %}\n \n {% endblock %}\n\n\n## Donate\n\nThe Pallets organization develops and supports Jinja and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-05-05T23:42:02", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Text Processing :: Markup :: HTML", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/ed/55/39036716d19cab0747a5020fc7e907f362fbf48c984b14e62127f7e68e5d/jinja2-3.1.4.tar.gz", - "size": 240245, - "sha1": null, - "md5": "02ca9a6364c92e83d14b037bef4732bc", - "sha256": "4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": "https://github.com/pallets/jinja/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/jinja2/3.1.4/json", - "datasource_id": null, - "purl": "pkg:pypi/jinja2@3.1.4" - }, - { - "type": "pypi", - "namespace": null, - "name": "markupsafe", - "version": "2.1.5", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Safely add untrusted strings to HTML/XML markup.\nMarkupSafe\n==========\n\nMarkupSafe implements a text object that escapes characters so it is\nsafe to use in HTML and XML. Characters that have special meanings are\nreplaced so that they display as the actual characters. This mitigates\ninjection attacks, meaning untrusted user input can safely be displayed\non a page.\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U MarkupSafe\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nExamples\n--------\n\n.. code-block:: pycon\n\n >>> from markupsafe import Markup, escape\n\n >>> # escape replaces special characters and wraps in Markup\n >>> escape(\"\")\n Markup('<script>alert(document.cookie);</script>')\n\n >>> # wrap in Markup to mark text \"safe\" and prevent escaping\n >>> Markup(\"Hello\")\n Markup('hello')\n\n >>> escape(Markup(\"Hello\"))\n Markup('hello')\n\n >>> # Markup is a str subclass\n >>> # methods and operators escape their arguments\n >>> template = Markup(\"Hello {name}\")\n >>> template.format(name='\"World\"')\n Markup('Hello "World"')\n\n\nDonate\n------\n\nThe Pallets organization develops and supports MarkupSafe and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://markupsafe.palletsprojects.com/\n- Changes: https://markupsafe.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/MarkupSafe/\n- Source Code: https://github.com/pallets/markupsafe/\n- Issue Tracker: https://github.com/pallets/markupsafe/issues/\n- Chat: https://discord.gg/pallets", - "release_date": "2024-02-02T16:31:01", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": "Pallets", - "email": "contact@palletsprojects.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Text Processing :: Markup :: HTML" - ], - "homepage_url": "https://palletsprojects.com/p/markupsafe/", - "download_url": "https://files.pythonhosted.org/packages/c7/bd/50319665ce81bb10e90d1cf76f9e1aa269ea6f7fa30ab4521f14d122a3df/MarkupSafe-2.1.5-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 26106, - "sha1": null, - "md5": "4f97754a1154496e5bc9d3f21fb0315a", - "sha256": "fa9db3f79de01457b03d4f01b34cf91bc0048eb2c3846ff26f66687c2f6d16ab", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/markupsafe/issues/", - "code_view_url": "https://github.com/pallets/markupsafe/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/markupsafe/2.1.5/json", - "datasource_id": null, - "purl": "pkg:pypi/markupsafe@2.1.5" - }, - { - "type": "pypi", - "namespace": null, - "name": "markupsafe", - "version": "2.1.5", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Safely add untrusted strings to HTML/XML markup.\nMarkupSafe\n==========\n\nMarkupSafe implements a text object that escapes characters so it is\nsafe to use in HTML and XML. Characters that have special meanings are\nreplaced so that they display as the actual characters. This mitigates\ninjection attacks, meaning untrusted user input can safely be displayed\non a page.\n\n\nInstalling\n----------\n\nInstall and update using `pip`_:\n\n.. code-block:: text\n\n pip install -U MarkupSafe\n\n.. _pip: https://pip.pypa.io/en/stable/getting-started/\n\n\nExamples\n--------\n\n.. code-block:: pycon\n\n >>> from markupsafe import Markup, escape\n\n >>> # escape replaces special characters and wraps in Markup\n >>> escape(\"\")\n Markup('<script>alert(document.cookie);</script>')\n\n >>> # wrap in Markup to mark text \"safe\" and prevent escaping\n >>> Markup(\"Hello\")\n Markup('hello')\n\n >>> escape(Markup(\"Hello\"))\n Markup('hello')\n\n >>> # Markup is a str subclass\n >>> # methods and operators escape their arguments\n >>> template = Markup(\"Hello {name}\")\n >>> template.format(name='\"World\"')\n Markup('Hello "World"')\n\n\nDonate\n------\n\nThe Pallets organization develops and supports MarkupSafe and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n`please donate today`_.\n\n.. _please donate today: https://palletsprojects.com/donate\n\n\nLinks\n-----\n\n- Documentation: https://markupsafe.palletsprojects.com/\n- Changes: https://markupsafe.palletsprojects.com/changes/\n- PyPI Releases: https://pypi.org/project/MarkupSafe/\n- Source Code: https://github.com/pallets/markupsafe/\n- Issue Tracker: https://github.com/pallets/markupsafe/issues/\n- Chat: https://discord.gg/pallets", - "release_date": "2024-02-02T16:31:22", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": "Pallets", - "email": "contact@palletsprojects.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Text Processing :: Markup :: HTML" - ], - "homepage_url": "https://palletsprojects.com/p/markupsafe/", - "download_url": "https://files.pythonhosted.org/packages/87/5b/aae44c6655f3801e81aa3eef09dbbf012431987ba564d7231722f68df02d/MarkupSafe-2.1.5.tar.gz", - "size": 19384, - "sha1": null, - "md5": "8fe7227653f2fb9b1ffe7f9f2058998a", - "sha256": "d283d37a890ba4c1ae73ffadf8046435c76e7bc2247bbb63c00bd1a709c6544b", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/markupsafe/issues/", - "code_view_url": "https://github.com/pallets/markupsafe/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/markupsafe/2.1.5/json", - "datasource_id": null, - "purl": "pkg:pypi/markupsafe@2.1.5" - }, - { - "type": "pypi", - "namespace": null, - "name": "werkzeug", - "version": "3.0.3", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "The comprehensive WSGI web application library.\n# Werkzeug\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive [WSGI][] web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n[Flask][] wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n[WSGI]: https://wsgi.readthedocs.io/en/latest/\n[Flask]: https://www.palletsprojects.com/p/flask/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom werkzeug.wrappers import Request, Response\n\n@Request.application\ndef application(request: Request) -> Response:\n return Response(\"Hello, World!\")\n\nif __name__ == \"__main__\":\n from werkzeug.serving import run_simple\n run_simple(\"127.0.0.1\", 5000, application)\n```\n\n```\n$ python -m app\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-05-05T23:10:29", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Internet :: WWW/HTTP :: WSGI", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware", - "Topic :: Software Development :: Libraries :: Application Frameworks", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/9d/6e/e792999e816d19d7fcbfa94c730936750036d65656a76a5a688b57a656c4/werkzeug-3.0.3-py3-none-any.whl", - "size": 227274, - "sha1": null, - "md5": "2e2d6eb358f117cd6a1fbf9abafe9b25", - "sha256": "fc9645dc43e03e4d630d23143a04a7f947a9a3b5727cd535fdfe155a17cc48c8", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", - "code_view_url": "https://github.com/pallets/werkzeug/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/3.0.3/json", - "datasource_id": null, - "purl": "pkg:pypi/werkzeug@3.0.3" - }, - { - "type": "pypi", - "namespace": null, - "name": "werkzeug", - "version": "3.0.3", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "The comprehensive WSGI web application library.\n# Werkzeug\n\n*werkzeug* German noun: \"tool\". Etymology: *werk* (\"work\"), *zeug* (\"stuff\")\n\nWerkzeug is a comprehensive [WSGI][] web application library. It began as\na simple collection of various utilities for WSGI applications and has\nbecome one of the most advanced WSGI utility libraries.\n\nIt includes:\n\n- An interactive debugger that allows inspecting stack traces and\n source code in the browser with an interactive interpreter for any\n frame in the stack.\n- A full-featured request object with objects to interact with\n headers, query args, form data, files, and cookies.\n- A response object that can wrap other WSGI applications and handle\n streaming data.\n- A routing system for matching URLs to endpoints and generating URLs\n for endpoints, with an extensible system for capturing variables\n from URLs.\n- HTTP utilities to handle entity tags, cache control, dates, user\n agents, cookies, files, and more.\n- A threaded WSGI server for use while developing applications\n locally.\n- A test client for simulating HTTP requests during testing without\n requiring running a server.\n\nWerkzeug doesn't enforce any dependencies. It is up to the developer to\nchoose a template engine, database adapter, and even how to handle\nrequests. It can be used to build all sorts of end user applications\nsuch as blogs, wikis, or bulletin boards.\n\n[Flask][] wraps Werkzeug, using it to handle the details of WSGI while\nproviding more structure and patterns for defining powerful\napplications.\n\n[WSGI]: https://wsgi.readthedocs.io/en/latest/\n[Flask]: https://www.palletsprojects.com/p/flask/\n\n\n## A Simple Example\n\n```python\n# save this as app.py\nfrom werkzeug.wrappers import Request, Response\n\n@Request.application\ndef application(request: Request) -> Response:\n return Response(\"Hello, World!\")\n\nif __name__ == \"__main__\":\n from werkzeug.serving import run_simple\n run_simple(\"127.0.0.1\", 5000, application)\n```\n\n```\n$ python -m app\n * Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Werkzeug and other\npopular packages. In order to grow the community of contributors and\nusers, and allow the maintainers to devote more time to the projects,\n[please donate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-05-05T23:10:31", - "parties": [ - { - "type": "person", - "role": "maintainer", - "name": null, - "email": "Pallets ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Environment :: Web Environment", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Topic :: Internet :: WWW/HTTP :: Dynamic Content", - "Topic :: Internet :: WWW/HTTP :: WSGI", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Application", - "Topic :: Internet :: WWW/HTTP :: WSGI :: Middleware", - "Topic :: Software Development :: Libraries :: Application Frameworks", - "Typing :: Typed" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/02/51/2e0fc149e7a810d300422ab543f87f2bcf64d985eb6f1228c4efd6e4f8d4/werkzeug-3.0.3.tar.gz", - "size": 803342, - "sha1": null, - "md5": "5955ba99c1a7466660fa9445fbabf5e2", - "sha256": "097e5bfda9f0aba8da6b8545146def481d06aa7d3266e7448e2cccf67dd8bd18", - "sha512": null, - "bug_tracking_url": "https://github.com/pallets/werkzeug/issues/", - "code_view_url": "https://github.com/pallets/werkzeug/", - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/werkzeug/3.0.3/json", - "datasource_id": null, - "purl": "pkg:pypi/werkzeug@3.0.3" - }, - { - "type": "pypi", - "namespace": null, - "name": "zipp", - "version": "3.19.2", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: https://pypi.org/project/zipp\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n\n.. image:: https://github.com/jaraco/zipp/actions/workflows/main.yml/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. .. image:: https://readthedocs.org/projects/PROJECT_RTD/badge/?version=latest\n.. :target: https://PROJECT_RTD.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/zipp\n :target: https://tidelift.com/subscription/pkg/pypi-zipp?utm_source=pypi-zipp&utm_medium=readme\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.18\n - 3.13\n * - 3.16\n - 3.12\n * - 3.5\n - 3.11\n * - 3.2\n - 3.10\n * - 3.3 ??\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", - "release_date": "2024-06-04T17:21:07", - "parties": [ - { - "type": "person", - "role": "author", - "name": null, - "email": "\"Jason R. Coombs\" ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/20/38/f5c473fe9b90c8debdd29ea68d5add0289f1936d6f923b6b9cc0b931194c/zipp-3.19.2-py3-none-any.whl", - "size": 9039, - "sha1": null, - "md5": "cbc189588e0584bf9ea2b104044d3a80", - "sha256": "f091755f667055f2d02b32c53771a7a6c8b47e1fdbc4b72a8b9072b3eef8015c", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/zipp/3.19.2/json", - "datasource_id": null, - "purl": "pkg:pypi/zipp@3.19.2" - }, - { - "type": "pypi", - "namespace": null, - "name": "zipp", - "version": "3.19.2", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: https://pypi.org/project/zipp\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n\n.. image:: https://github.com/jaraco/zipp/actions/workflows/main.yml/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v2.json\n :target: https://github.com/astral-sh/ruff\n :alt: Ruff\n\n.. .. image:: https://readthedocs.org/projects/PROJECT_RTD/badge/?version=latest\n.. :target: https://PROJECT_RTD.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2024-informational\n :target: https://blog.jaraco.com/skeleton\n\n.. image:: https://tidelift.com/badges/package/pypi/zipp\n :target: https://tidelift.com/subscription/pkg/pypi-zipp?utm_source=pypi-zipp&utm_medium=readme\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.18\n - 3.13\n * - 3.16\n - 3.12\n * - 3.5\n - 3.11\n * - 3.2\n - 3.10\n * - 3.3 ??\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.\n\nFor Enterprise\n==============\n\nAvailable as part of the Tidelift Subscription.\n\nThis project and the maintainers of thousands of other packages are working with Tidelift to deliver one enterprise subscription that covers all of the open source you use.\n\n`Learn more `_.", - "release_date": "2024-06-04T17:21:09", - "parties": [ - { - "type": "person", - "role": "author", - "name": null, - "email": "\"Jason R. Coombs\" ", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/d3/20/b48f58857d98dcb78f9e30ed2cfe533025e2e9827bbd36ea0a64cc00cbc1/zipp-3.19.2.tar.gz", - "size": 22922, - "sha1": null, - "md5": "2b920c3f604b1d51bf6c2e7c4af99129", - "sha256": "bf1dcf6450f873a13e952a29504887c89e6de7506209e5b1bcc3460135d4de19", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/zipp/3.19.2/json", - "datasource_id": null, - "purl": "pkg:pypi/zipp@3.19.2" - } - ], - "resolved_dependencies_graph": [ - { - "package": "pkg:pypi/blinker@1.8.2", - "dependencies": [] - }, - { - "package": "pkg:pypi/click@8.1.7", - "dependencies": [] - }, - { - "package": "pkg:pypi/flask@3.0.3", - "dependencies": [ - "pkg:pypi/blinker@1.8.2", - "pkg:pypi/click@8.1.7", - "pkg:pypi/importlib-metadata@8.2.0", - "pkg:pypi/itsdangerous@2.2.0", - "pkg:pypi/jinja2@3.1.4", - "pkg:pypi/werkzeug@3.0.3" - ] - }, - { - "package": "pkg:pypi/importlib-metadata@8.2.0", - "dependencies": [ - "pkg:pypi/zipp@3.19.2" - ] - }, - { - "package": "pkg:pypi/itsdangerous@2.2.0", - "dependencies": [] - }, - { - "package": "pkg:pypi/jinja2@3.1.4", - "dependencies": [ - "pkg:pypi/markupsafe@2.1.5" - ] - }, - { - "package": "pkg:pypi/markupsafe@2.1.5", - "dependencies": [] - }, - { - "package": "pkg:pypi/werkzeug@3.0.3", - "dependencies": [ - "pkg:pypi/markupsafe@2.1.5" - ] - }, - { - "package": "pkg:pypi/zipp@3.19.2", - "dependencies": [] - } - ] -} \ No newline at end of file diff --git a/tests/data/single-url-env-var-expected.json b/tests/data/single-url-env-var-expected.json deleted file mode 100644 index fd2d8968..00000000 --- a/tests/data/single-url-env-var-expected.json +++ /dev/null @@ -1,131 +0,0 @@ -{ - "headers": { - "tool_name": "python-inspector", - "tool_homepageurl": "https://github.com/nexB/python-inspector", - "tool_version": "0.12.0", - "options": [ - "--json ", - "--operating-system linux", - "--python-version 38", - "--specifier zipp==3.8.0" - ], - "notice": "Dependency tree generated with python-inspector.\npython-inspector is a free software tool from nexB Inc. and others.\nVisit https://github.com/nexB/python-inspector/ for support and download.", - "warnings": [], - "errors": [] - }, - "files": [], - "packages": [ - { - "type": "pypi", - "namespace": null, - "name": "zipp", - "version": "3.8.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: `PyPI link`_\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n :target: `PyPI link`_\n\n.. _PyPI link: https://pypi.org/project/zipp\n\n.. image:: https://github.com/jaraco/zipp/workflows/tests/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/psf/black\n :alt: Code style: Black\n\n.. .. image:: https://readthedocs.org/projects/skeleton/badge/?version=latest\n.. :target: https://skeleton.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2022-informational\n :target: https://blog.jaraco.com/skeleton\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.5\n - 3.11\n * - 3.3\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.", - "release_date": "2022-04-03T15:07:27", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Jason R. Coombs", - "email": "jaraco@jaraco.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only" - ], - "homepage_url": "https://github.com/jaraco/zipp", - "download_url": "https://files.pythonhosted.org/packages/80/0e/16a7ee38617aab6a624e95948d314097cc2669edae9b02ded53309941cfc/zipp-3.8.0-py3-none-any.whl", - "size": 5369, - "sha1": null, - "md5": "da531f1b3a5c5e65470cb74729242bfc", - "sha256": "c4f6e5bbf48e74f7a38e7cc5b0480ff42b0ae5178957d564d18932525d5cf099", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/zipp/3.8.0/json", - "datasource_id": null, - "purl": "pkg:pypi/zipp@3.8.0" - }, - { - "type": "pypi", - "namespace": null, - "name": "zipp", - "version": "3.8.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Backport of pathlib-compatible object wrapper for zip files\n.. image:: https://img.shields.io/pypi/v/zipp.svg\n :target: `PyPI link`_\n\n.. image:: https://img.shields.io/pypi/pyversions/zipp.svg\n :target: `PyPI link`_\n\n.. _PyPI link: https://pypi.org/project/zipp\n\n.. image:: https://github.com/jaraco/zipp/workflows/tests/badge.svg\n :target: https://github.com/jaraco/zipp/actions?query=workflow%3A%22tests%22\n :alt: tests\n\n.. image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/psf/black\n :alt: Code style: Black\n\n.. .. image:: https://readthedocs.org/projects/skeleton/badge/?version=latest\n.. :target: https://skeleton.readthedocs.io/en/latest/?badge=latest\n\n.. image:: https://img.shields.io/badge/skeleton-2022-informational\n :target: https://blog.jaraco.com/skeleton\n\n\nA pathlib-compatible Zipfile object wrapper. Official backport of the standard library\n`Path object `_.\n\n\nCompatibility\n=============\n\nNew features are introduced in this third-party library and later merged\ninto CPython. The following table indicates which versions of this library\nwere contributed to different versions in the standard library:\n\n.. list-table::\n :header-rows: 1\n\n * - zipp\n - stdlib\n * - 3.5\n - 3.11\n * - 3.3\n - 3.9\n * - 1.0\n - 3.8\n\n\nUsage\n=====\n\nUse ``zipp.Path`` in place of ``zipfile.Path`` on any Python.", - "release_date": "2022-04-03T15:07:28", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Jason R. Coombs", - "email": "jaraco@jaraco.com", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3 :: Only" - ], - "homepage_url": "https://github.com/jaraco/zipp", - "download_url": "https://files.pythonhosted.org/packages/cc/3c/3e8c69cd493297003da83f26ccf1faea5dd7da7892a0a7c965ac3bcba7bf/zipp-3.8.0.tar.gz", - "size": 13344, - "sha1": null, - "md5": "8864ff5ed01cd28755cc87f1443dbc67", - "sha256": "56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/zipp/3.8.0/json", - "datasource_id": null, - "purl": "pkg:pypi/zipp@3.8.0" - } - ], - "resolved_dependencies_graph": [ - { - "package": "pkg:pypi/zipp@3.8.0", - "dependencies": [] - } - ] -} \ No newline at end of file From c34aaa91d24366805bdde4ab9473b54226041963 Mon Sep 17 00:00:00 2001 From: Cesar Lizarraga Date: Tue, 13 Aug 2024 11:28:10 -0500 Subject: [PATCH 04/10] Fix 180: Remove pdb import for debugging Signed-off-by: Cesar Lizarraga --- tests/test_cli.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/test_cli.py b/tests/test_cli.py index a3c5933a..ff23ab62 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -12,7 +12,6 @@ import json import os import sys -import pdb import pytest from click.testing import CliRunner From d9305470e7bf799edaa49a25d2f93441985a3217 Mon Sep 17 00:00:00 2001 From: Cesar Lizarraga Date: Wed, 27 Nov 2024 15:21:03 -0600 Subject: [PATCH 05/10] Fix 180: PYPI_SIMPLE_INDEX should be at the end not the beginning Adjust for too long filenames where there's basic auth aka: https://username:password@URL --- src/python_inspector/api.py | 4 ++-- src/python_inspector/utils_pypi.py | 10 ++++++++++ 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/python_inspector/api.py b/src/python_inspector/api.py index ce98ff31..ac44e320 100644 --- a/src/python_inspector/api.py +++ b/src/python_inspector/api.py @@ -146,8 +146,8 @@ def resolve_dependencies( files = [] - if PYPI_SIMPLE_URL not in index_urls: - index_urls = tuple([PYPI_SIMPLE_URL]) + tuple(index_urls) + # if PYPI_SIMPLE_URL not in index_urls: + # index_urls = tuple(index_urls) + tuple([PYPI_SIMPLE_URL]) # requirements for req_file in requirement_files: diff --git a/src/python_inspector/utils_pypi.py b/src/python_inspector/utils_pypi.py index 2af5d57f..84722dbb 100644 --- a/src/python_inspector/utils_pypi.py +++ b/src/python_inspector/utils_pypi.py @@ -1593,6 +1593,16 @@ def fetch_links( name using the `index_url` of this repository. """ package_url = f"{self.index_url}/{normalized_name}" + if len(package_url) >= 256: + base64_re = re.compile(f"https://(.*:.*)@(.*){normalized_name}") + match = base64_re.search(self.index_url) + if match: + auth = match.group(1) + username = auth.split(":")[0] + token = auth,split(":")[1] + remainder = match.group(2) + new_index_url = f"https://{username}:{token}@{remainder}" + package_url = f"{new_index_url}/{normalized_name}" text = CACHE.get( path_or_url=package_url, credentials=self.credentials, From 056a825bef941ea27ca66c307b30ce7687057a10 Mon Sep 17 00:00:00 2001 From: Cesar Lizarraga Date: Sat, 30 Nov 2024 14:05:26 -0600 Subject: [PATCH 06/10] Fix 180: check for base_url_parts and give wheel its repo credentials Signed-off-by: Cesar Lizarraga Fix 180: Add env var for netrc file --- src/python_inspector/api.py | 4 ++-- src/python_inspector/resolve_cli.py | 2 ++ src/python_inspector/utils_pypi.py | 34 +++++++++++++++-------------- 3 files changed, 22 insertions(+), 18 deletions(-) diff --git a/src/python_inspector/api.py b/src/python_inspector/api.py index ac44e320..ee858175 100644 --- a/src/python_inspector/api.py +++ b/src/python_inspector/api.py @@ -146,8 +146,8 @@ def resolve_dependencies( files = [] - # if PYPI_SIMPLE_URL not in index_urls: - # index_urls = tuple(index_urls) + tuple([PYPI_SIMPLE_URL]) + if PYPI_SIMPLE_URL not in index_urls: + index_urls = tuple(index_urls) + tuple([PYPI_SIMPLE_URL]) # requirements for req_file in requirement_files: diff --git a/src/python_inspector/resolve_cli.py b/src/python_inspector/resolve_cli.py index 19b03326..3fbff9ad 100644 --- a/src/python_inspector/resolve_cli.py +++ b/src/python_inspector/resolve_cli.py @@ -121,6 +121,7 @@ def print_version(ctx, param, value): "--netrc", "netrc_file", type=click.Path(exists=True, readable=True, path_type=str, dir_okay=False), + envvar="PYINSP_NETRC_FILE", metavar="NETRC-FILE", hidden=True, required=False, @@ -162,6 +163,7 @@ def print_version(ctx, param, value): ) @click.option( "--verbose", + envvar="PYINSP_VERBOSE", is_flag=True, help="Enable verbose debug output.", ) diff --git a/src/python_inspector/utils_pypi.py b/src/python_inspector/utils_pypi.py index 84722dbb..263e412a 100644 --- a/src/python_inspector/utils_pypi.py +++ b/src/python_inspector/utils_pypi.py @@ -16,6 +16,7 @@ import shutil import tempfile import time + from collections import defaultdict from typing import List from typing import NamedTuple @@ -27,6 +28,7 @@ import attr import packageurl import requests + from bs4 import BeautifulSoup from commoncode import fileutils from commoncode.hash import multi_checksums @@ -215,7 +217,6 @@ def get_python_dot_version(version): class DistributionNotFound(Exception): pass - def download_wheel( name, version, @@ -252,6 +253,7 @@ def download_wheel( ) continue for wheel in supported_and_valid_wheels: + wheel.credentials = repo.credentials fetched_wheel_filename = wheel.download( dest_dir=dest_dir, verbose=verbose, @@ -1130,7 +1132,8 @@ def to_filename(self): pyvers = ".".join(self.python_versions) abis = ".".join(self.abis) plats = ".".join(self.platforms) - return f"{self.name}-{self.version}{build}-{pyvers}-{abis}-{plats}.whl" + name = f"{self.name}-{self.version}{build}-{pyvers}-{abis}-{plats}.whl" + return name def is_pure(self): """ @@ -1593,16 +1596,6 @@ def fetch_links( name using the `index_url` of this repository. """ package_url = f"{self.index_url}/{normalized_name}" - if len(package_url) >= 256: - base64_re = re.compile(f"https://(.*:.*)@(.*){normalized_name}") - match = base64_re.search(self.index_url) - if match: - auth = match.group(1) - username = auth.split(":")[0] - token = auth,split(":")[1] - remainder = match.group(2) - new_index_url = f"https://{username}:{token}@{remainder}" - package_url = f"{new_index_url}/{normalized_name}" text = CACHE.get( path_or_url=package_url, credentials=self.credentials, @@ -1645,7 +1638,10 @@ def resolve_relative_url(package_url, url): path = urlunparse( ("", "", url_parts.path, url_parts.params, url_parts.query, url_parts.fragment) ) - resolved_url_parts = base_url_parts._replace(path=path) + if base_url_parts.path != "": + resolved_url_parts = base_url_parts._replace(path=base_url_parts.path + "/" + path) + else: + resolved_url_parts = base_url_parts._replace(path=path) url = urlunparse(resolved_url_parts) return url @@ -1688,6 +1684,8 @@ def get( True otherwise as treat as binary. `path_or_url` can be a path or a URL to a file. """ + + cache_key = quote_plus(path_or_url.strip("/")) cached = os.path.join(self.directory, cache_key) @@ -1792,21 +1790,25 @@ def get_remote_file_content( if verbose: echo_func(f"DOWNLOADING: {url}") - auth = None + if TRACE: + print(f"DOWNLOADING: {url}") + if credentials: auth = (credentials.get("login"), credentials.get("password")) + else: + auth = None stream = requests.get( url, allow_redirects=True, stream=True, headers=headers, - auth=auth, + auth=auth ) with stream as response: status = response.status_code - if status != requests.codes.ok: # NOQA + if status != requests.codes.ok: # NOQA if status == 429 and _delay < 20: # too many requests: start some exponential delay increased_delay = (_delay * 2) or 1 From 5860569b61a37d76f9b759459b775179d116efab Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 2 May 2025 22:53:53 +0200 Subject: [PATCH 07/10] Use PYINSP for env var prefix Signed-off-by: Philippe Ombredanne --- src/python_inspector/settings.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/python_inspector/settings.py b/src/python_inspector/settings.py index 5786bb11..ce1f424c 100644 --- a/src/python_inspector/settings.py +++ b/src/python_inspector/settings.py @@ -18,13 +18,13 @@ class Settings(BaseSettings): """ Reference: https://docs.pydantic.dev/latest/concepts/pydantic_settings/ A settings object: use it with an .env file and/or environment variables all prefixed with - PYTHON_INSPECTOR_ + PYINSP_ """ model_config = SettingsConfigDict( env_file=".env", env_file_encoding="utf-8", - env_prefix="PYTHON_INSPECTOR_", + env_prefix="PYINSP_", case_sensitive=True, extra="allow", ) From 6a49b2b01e47fb632d04058898add532505c4470 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 21 May 2025 10:29:31 +0200 Subject: [PATCH 08/10] Update test exceptations Signed-off-by: Philippe Ombredanne --- tests/data/azure-devops.req-310-expected.json | 54 ++--- tests/data/azure-devops.req-312-expected.json | 54 ++--- tests/data/azure-devops.req-313-expected.json | 54 ++--- tests/data/azure-devops.req-38-expected.json | 26 +-- ...e-requirements-ignore-errors-expected.json | 127 ++++++++--- .../insecure-setup/setup.py-expected.json | 200 +++++++++++++++++- .../resolved_deps/autobahn-310-expected.json | 6 +- .../resolved_deps/flask-310-expected.json | 6 +- .../resolved_deps/flask-310-win-expected.json | 6 +- tests/data/test-api-expected.json | 30 ++- tests/data/test-api-pdt-expected.json | 28 ++- tests/data/test-api-with-prefer-source.json | 30 ++- tests/data/test-api-with-python-311.json | 30 ++- 13 files changed, 434 insertions(+), 217 deletions(-) diff --git a/tests/data/azure-devops.req-310-expected.json b/tests/data/azure-devops.req-310-expected.json index 4f73a272..805e0152 100644 --- a/tests/data/azure-devops.req-310-expected.json +++ b/tests/data/azure-devops.req-310-expected.json @@ -524,12 +524,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:41", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:47", "parties": [ { "type": "person", @@ -547,22 +547,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/7e/d4/7ebdbd03970677812aac39c869717059dbb71a4cfc033ca6e5221787892c/click-8.1.8-py3-none-any.whl", - "size": 98188, + "download_url": "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", + "size": 102215, "sha1": null, - "md5": "7dc0eee374f3bb75bcce4c9dd4222f5f", - "sha256": "63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2", + "md5": "aeead16d8bed93caa7107ac87b1e5ec8", + "sha256": "61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -570,20 +566,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", "namespace": null, "name": "cryptography", - "version": "44.0.3", + "version": "45.0.2", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-02T19:35:18", + "release_date": "2025-05-18T02:45:59", "parties": [ { "type": "person", @@ -617,11 +613,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/f7/c8/e5c5d0e1364d3346a5747cdcd7ecbb23ca87e6dea4f942a44e88be349f06/cryptography-44.0.3-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 4170876, + "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560535, "sha1": null, - "md5": "5b325fcc479d9d537df71ef8b41d3643", - "sha256": "192ed30fac1728f7587c6f4613c29c584abdc565d7417c13904708db10206645", + "md5": "947cb34eecccafe70b2313042598a793", + "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -629,11 +625,7 @@ "copyright": null, "license_expression": null, "declared_license": { - "license": "Apache-2.0 OR BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: Apache Software License", - "License :: OSI Approved :: BSD License" - ] + "license": "Apache-2.0 OR BSD-3-Clause" }, "notice_text": null, "source_packages": [], @@ -642,9 +634,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/44.0.3/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@44.0.3" + "purl": "pkg:pypi/cryptography@45.0.2" }, { "type": "pypi", @@ -1335,7 +1327,7 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.34.0", - "pkg:pypi/cryptography@44.0.3", + "pkg:pypi/cryptography@45.0.2", "pkg:pypi/isodate@0.7.2", "pkg:pypi/typing-extensions@4.13.2" ] @@ -1355,11 +1347,11 @@ "dependencies": [] }, { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { - "package": "pkg:pypi/cryptography@44.0.3", + "package": "pkg:pypi/cryptography@45.0.2", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] diff --git a/tests/data/azure-devops.req-312-expected.json b/tests/data/azure-devops.req-312-expected.json index b766f0c6..95a0e2fe 100644 --- a/tests/data/azure-devops.req-312-expected.json +++ b/tests/data/azure-devops.req-312-expected.json @@ -524,12 +524,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:41", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:47", "parties": [ { "type": "person", @@ -547,22 +547,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/7e/d4/7ebdbd03970677812aac39c869717059dbb71a4cfc033ca6e5221787892c/click-8.1.8-py3-none-any.whl", - "size": 98188, + "download_url": "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", + "size": 102215, "sha1": null, - "md5": "7dc0eee374f3bb75bcce4c9dd4222f5f", - "sha256": "63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2", + "md5": "aeead16d8bed93caa7107ac87b1e5ec8", + "sha256": "61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -570,20 +566,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", "namespace": null, "name": "cryptography", - "version": "44.0.3", + "version": "45.0.2", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-02T19:35:18", + "release_date": "2025-05-18T02:45:59", "parties": [ { "type": "person", @@ -617,11 +613,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/f7/c8/e5c5d0e1364d3346a5747cdcd7ecbb23ca87e6dea4f942a44e88be349f06/cryptography-44.0.3-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 4170876, + "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560535, "sha1": null, - "md5": "5b325fcc479d9d537df71ef8b41d3643", - "sha256": "192ed30fac1728f7587c6f4613c29c584abdc565d7417c13904708db10206645", + "md5": "947cb34eecccafe70b2313042598a793", + "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -629,11 +625,7 @@ "copyright": null, "license_expression": null, "declared_license": { - "license": "Apache-2.0 OR BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: Apache Software License", - "License :: OSI Approved :: BSD License" - ] + "license": "Apache-2.0 OR BSD-3-Clause" }, "notice_text": null, "source_packages": [], @@ -642,9 +634,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/44.0.3/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@44.0.3" + "purl": "pkg:pypi/cryptography@45.0.2" }, { "type": "pypi", @@ -1335,7 +1327,7 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.34.0", - "pkg:pypi/cryptography@44.0.3", + "pkg:pypi/cryptography@45.0.2", "pkg:pypi/isodate@0.7.2", "pkg:pypi/typing-extensions@4.13.2" ] @@ -1355,11 +1347,11 @@ "dependencies": [] }, { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { - "package": "pkg:pypi/cryptography@44.0.3", + "package": "pkg:pypi/cryptography@45.0.2", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] diff --git a/tests/data/azure-devops.req-313-expected.json b/tests/data/azure-devops.req-313-expected.json index 004862e7..a8d46436 100644 --- a/tests/data/azure-devops.req-313-expected.json +++ b/tests/data/azure-devops.req-313-expected.json @@ -524,12 +524,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:41", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:47", "parties": [ { "type": "person", @@ -547,22 +547,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/7e/d4/7ebdbd03970677812aac39c869717059dbb71a4cfc033ca6e5221787892c/click-8.1.8-py3-none-any.whl", - "size": 98188, + "download_url": "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", + "size": 102215, "sha1": null, - "md5": "7dc0eee374f3bb75bcce4c9dd4222f5f", - "sha256": "63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2", + "md5": "aeead16d8bed93caa7107ac87b1e5ec8", + "sha256": "61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -570,20 +566,20 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", "namespace": null, "name": "cryptography", - "version": "44.0.3", + "version": "45.0.2", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-02T19:35:18", + "release_date": "2025-05-18T02:45:59", "parties": [ { "type": "person", @@ -617,11 +613,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/f7/c8/e5c5d0e1364d3346a5747cdcd7ecbb23ca87e6dea4f942a44e88be349f06/cryptography-44.0.3-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 4170876, + "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560535, "sha1": null, - "md5": "5b325fcc479d9d537df71ef8b41d3643", - "sha256": "192ed30fac1728f7587c6f4613c29c584abdc565d7417c13904708db10206645", + "md5": "947cb34eecccafe70b2313042598a793", + "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -629,11 +625,7 @@ "copyright": null, "license_expression": null, "declared_license": { - "license": "Apache-2.0 OR BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: Apache Software License", - "License :: OSI Approved :: BSD License" - ] + "license": "Apache-2.0 OR BSD-3-Clause" }, "notice_text": null, "source_packages": [], @@ -642,9 +634,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/44.0.3/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@44.0.3" + "purl": "pkg:pypi/cryptography@45.0.2" }, { "type": "pypi", @@ -1335,7 +1327,7 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.34.0", - "pkg:pypi/cryptography@44.0.3", + "pkg:pypi/cryptography@45.0.2", "pkg:pypi/isodate@0.7.2", "pkg:pypi/typing-extensions@4.13.2" ] @@ -1355,11 +1347,11 @@ "dependencies": [] }, { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { - "package": "pkg:pypi/cryptography@44.0.3", + "package": "pkg:pypi/cryptography@45.0.2", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] diff --git a/tests/data/azure-devops.req-38-expected.json b/tests/data/azure-devops.req-38-expected.json index 502808a8..4e267db8 100644 --- a/tests/data/azure-devops.req-38-expected.json +++ b/tests/data/azure-devops.req-38-expected.json @@ -579,12 +579,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "44.0.3", + "version": "45.0.2", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-02T19:34:54", + "release_date": "2025-05-18T02:45:59", "parties": [ { "type": "person", @@ -618,11 +618,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/ae/01/80de3bec64627207d030f47bf3536889efee8913cd363e78ca9a09b13c8e/cryptography-44.0.3-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", - "size": 4171040, + "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560535, "sha1": null, - "md5": "acf701983bcf454f95cb1b49c9cf412a", - "sha256": "58968d331425a6f9eedcee087f77fd3c927c88f55368f43ff7e0a19891f2642c", + "md5": "947cb34eecccafe70b2313042598a793", + "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -630,11 +630,7 @@ "copyright": null, "license_expression": null, "declared_license": { - "license": "Apache-2.0 OR BSD-3-Clause", - "classifiers": [ - "License :: OSI Approved :: Apache Software License", - "License :: OSI Approved :: BSD License" - ] + "license": "Apache-2.0 OR BSD-3-Clause" }, "notice_text": null, "source_packages": [], @@ -643,9 +639,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/44.0.3/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@44.0.3" + "purl": "pkg:pypi/cryptography@45.0.2" }, { "type": "pypi", @@ -1341,7 +1337,7 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.33.0", - "pkg:pypi/cryptography@44.0.3", + "pkg:pypi/cryptography@45.0.2", "pkg:pypi/isodate@0.7.2", "pkg:pypi/typing-extensions@4.13.2" ] @@ -1365,7 +1361,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@44.0.3", + "package": "pkg:pypi/cryptography@45.0.2", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] diff --git a/tests/data/example-requirements-ignore-errors-expected.json b/tests/data/example-requirements-ignore-errors-expected.json index 9a797f66..42911592 100644 --- a/tests/data/example-requirements-ignore-errors-expected.json +++ b/tests/data/example-requirements-ignore-errors-expected.json @@ -107,12 +107,12 @@ "type": "pypi", "namespace": null, "name": "exceptiongroup", - "version": "1.2.2", + "version": "1.3.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "Backport of PEP 654 (exception groups)\n.. image:: https://github.com/agronholm/exceptiongroup/actions/workflows/test.yml/badge.svg\n :target: https://github.com/agronholm/exceptiongroup/actions/workflows/test.yml\n :alt: Build Status\n.. image:: https://coveralls.io/repos/github/agronholm/exceptiongroup/badge.svg?branch=main\n :target: https://coveralls.io/github/agronholm/exceptiongroup?branch=main\n :alt: Code Coverage\n\nThis is a backport of the ``BaseExceptionGroup`` and ``ExceptionGroup`` classes from\nPython 3.11.\n\nIt contains the following:\n\n* The ``exceptiongroup.BaseExceptionGroup`` and ``exceptiongroup.ExceptionGroup``\n classes\n* A utility function (``exceptiongroup.catch()``) for catching exceptions possibly\n nested in an exception group\n* Patches to the ``TracebackException`` class that properly formats exception groups\n (installed on import)\n* An exception hook that handles formatting of exception groups through\n ``TracebackException`` (installed on import)\n* Special versions of some of the functions from the ``traceback`` module, modified to\n correctly handle exception groups even when monkey patching is disabled, or blocked by\n another custom exception hook:\n\n * ``traceback.format_exception()``\n * ``traceback.format_exception_only()``\n * ``traceback.print_exception()``\n * ``traceback.print_exc()``\n* A backported version of ``contextlib.suppress()`` from Python 3.12.1 which also\n handles suppressing exceptions inside exception groups\n\nIf this package is imported on Python 3.11 or later, the built-in implementations of the\nexception group classes are used instead, ``TracebackException`` is not monkey patched\nand the exception hook won't be installed.\n\nSee the `standard library documentation`_ for more information on exception groups.\n\n.. _standard library documentation: https://docs.python.org/3/library/exceptions.html\n\nCatching exceptions\n===================\n\nDue to the lack of the ``except*`` syntax introduced by `PEP 654`_ in earlier Python\nversions, you need to use ``exceptiongroup.catch()`` to catch exceptions that are\npotentially nested inside an exception group. This function returns a context manager\nthat calls the given handler for any exceptions matching the sole argument.\n\nThe argument to ``catch()`` must be a dict (or any ``Mapping``) where each key is either\nan exception class or an iterable of exception classes. Each value must be a callable\nthat takes a single positional argument. The handler will be called at most once, with\nan exception group as an argument which will contain all the exceptions that are any\nof the given types, or their subclasses. The exception group may contain nested groups\ncontaining more matching exceptions.\n\nThus, the following Python 3.11+ code:\n\n.. code-block:: python\n\n try:\n ...\n except* (ValueError, KeyError) as excgroup:\n for exc in excgroup.exceptions:\n print('Caught exception:', type(exc))\n except* RuntimeError:\n print('Caught runtime error')\n\nwould be written with this backport like this:\n\n.. code-block:: python\n\n from exceptiongroup import BaseExceptionGroup, catch\n\n def value_key_err_handler(excgroup: BaseExceptionGroup) -> None:\n for exc in excgroup.exceptions:\n print('Caught exception:', type(exc))\n\n def runtime_err_handler(exc: BaseExceptionGroup) -> None:\n print('Caught runtime error')\n\n with catch({\n (ValueError, KeyError): value_key_err_handler,\n RuntimeError: runtime_err_handler\n }):\n ...\n\n**NOTE**: Just like with ``except*``, you cannot handle ``BaseExceptionGroup`` or\n``ExceptionGroup`` with ``catch()``.\n\nSuppressing exceptions\n======================\n\nThis library contains a backport of the ``contextlib.suppress()`` context manager from\nPython 3.12.1. It allows you to selectively ignore certain exceptions, even when they're\ninside exception groups:\n\n.. code-block:: python\n\n from exceptiongroup import suppress\n\n with suppress(RuntimeError):\n raise ExceptionGroup(\"\", [RuntimeError(\"boo\")])\n\nNotes on monkey patching\n========================\n\nTo make exception groups render properly when an unhandled exception group is being\nprinted out, this package does two things when it is imported on any Python version\nearlier than 3.11:\n\n#. The ``traceback.TracebackException`` class is monkey patched to store extra\n information about exception groups (in ``__init__()``) and properly format them (in\n ``format()``)\n#. An exception hook is installed at ``sys.excepthook``, provided that no other hook is\n already present. This hook causes the exception to be formatted using\n ``traceback.TracebackException`` rather than the built-in rendered.\n\nIf ``sys.exceptionhook`` is found to be set to something else than the default when\n``exceptiongroup`` is imported, no monkeypatching is done at all.\n\nTo prevent the exception hook and patches from being installed, set the environment\nvariable ``EXCEPTIONGROUP_NO_PATCH`` to ``1``.\n\nFormatting exception groups\n---------------------------\n\nNormally, the monkey patching applied by this library on import will cause exception\ngroups to be printed properly in tracebacks. But in cases when the monkey patching is\nblocked by a third party exception hook, or monkey patching is explicitly disabled,\nyou can still manually format exceptions using the special versions of the ``traceback``\nfunctions, like ``format_exception()``, listed at the top of this page. They work just\nlike their counterparts in the ``traceback`` module, except that they use a separately\npatched subclass of ``TracebackException`` to perform the rendering.\n\nParticularly in cases where a library installs its own exception hook, it is recommended\nto use these special versions to do the actual formatting of exceptions/tracebacks.\n\n.. _PEP 654: https://www.python.org/dev/peps/pep-0654/", - "release_date": "2024-07-12T22:25:58", + "release_date": "2025-05-10T17:42:49", "parties": [ { "type": "person", @@ -130,11 +130,11 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/02/cc/b7e31358aac6ed1ef2bb790a9746ac2c69bcb3c8588b41616914eb106eaf/exceptiongroup-1.2.2-py3-none-any.whl", - "size": 16453, + "download_url": "https://files.pythonhosted.org/packages/36/f4/c6e662dade71f56cd2f3735141b265c3c79293c109549c1e6933b0651ffc/exceptiongroup-1.3.0-py3-none-any.whl", + "size": 16674, "sha1": null, - "md5": "59d2b950145f615193c5ccb02795fdef", - "sha256": "3111b9d131c238bec2f8f516e123e14ba243563fb135d3fe885990585aa7795b", + "md5": "23ce45ace6329e74ea58448cb6fc4a5b", + "sha256": "4d111e6e0c13d0644cad6ddaa7ed0261a0b36971f6d23e7ec9b4b9097da78a10", "sha512": null, "bug_tracking_url": "https://github.com/agronholm/exceptiongroup/issues", "code_view_url": null, @@ -153,9 +153,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/exceptiongroup/1.2.2/json", + "api_data_url": "https://pypi.org/pypi/exceptiongroup/1.3.0/json", "datasource_id": null, - "purl": "pkg:pypi/exceptiongroup@1.2.2" + "purl": "pkg:pypi/exceptiongroup@1.3.0" }, { "type": "pypi", @@ -289,18 +289,18 @@ "type": "pypi", "namespace": null, "name": "pluggy", - "version": "1.5.0", + "version": "1.6.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "plugin and hook calling mechanisms for python\n====================================================\npluggy - A minimalist production ready plugin system\n====================================================\n\n|pypi| |conda-forge| |versions| |github-actions| |gitter| |black| |codecov|\n\nThis is the core framework used by the `pytest`_, `tox`_, and `devpi`_ projects.\n\nPlease `read the docs`_ to learn more!\n\nA definitive example\n====================\n.. code-block:: python\n\n import pluggy\n\n hookspec = pluggy.HookspecMarker(\"myproject\")\n hookimpl = pluggy.HookimplMarker(\"myproject\")\n\n\n class MySpec:\n \"\"\"A hook specification namespace.\"\"\"\n\n @hookspec\n def myhook(self, arg1, arg2):\n \"\"\"My special little hook that you can customize.\"\"\"\n\n\n class Plugin_1:\n \"\"\"A hook implementation namespace.\"\"\"\n\n @hookimpl\n def myhook(self, arg1, arg2):\n print(\"inside Plugin_1.myhook()\")\n return arg1 + arg2\n\n\n class Plugin_2:\n \"\"\"A 2nd hook implementation namespace.\"\"\"\n\n @hookimpl\n def myhook(self, arg1, arg2):\n print(\"inside Plugin_2.myhook()\")\n return arg1 - arg2\n\n\n # create a manager and add the spec\n pm = pluggy.PluginManager(\"myproject\")\n pm.add_hookspecs(MySpec)\n\n # register plugins\n pm.register(Plugin_1())\n pm.register(Plugin_2())\n\n # call our ``myhook`` hook\n results = pm.hook.myhook(arg1=1, arg2=2)\n print(results)\n\n\nRunning this directly gets us::\n\n $ python docs/examples/toy-example.py\n inside Plugin_2.myhook()\n inside Plugin_1.myhook()\n [-1, 3]\n\n\n.. badges\n\n.. |pypi| image:: https://img.shields.io/pypi/v/pluggy.svg\n :target: https://pypi.org/pypi/pluggy\n\n.. |versions| image:: https://img.shields.io/pypi/pyversions/pluggy.svg\n :target: https://pypi.org/pypi/pluggy\n\n.. |github-actions| image:: https://github.com/pytest-dev/pluggy/workflows/main/badge.svg\n :target: https://github.com/pytest-dev/pluggy/actions\n\n.. |conda-forge| image:: https://img.shields.io/conda/vn/conda-forge/pluggy.svg\n :target: https://anaconda.org/conda-forge/pytest\n\n.. |gitter| image:: https://badges.gitter.im/pytest-dev/pluggy.svg\n :alt: Join the chat at https://gitter.im/pytest-dev/pluggy\n :target: https://gitter.im/pytest-dev/pluggy?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge\n\n.. |black| image:: https://img.shields.io/badge/code%20style-black-000000.svg\n :target: https://github.com/ambv/black\n\n.. |codecov| image:: https://codecov.io/gh/pytest-dev/pluggy/branch/master/graph/badge.svg\n :target: https://codecov.io/gh/pytest-dev/pluggy\n :alt: Code coverage Status\n\n.. links\n.. _pytest:\n http://pytest.org\n.. _tox:\n https://tox.readthedocs.org\n.. _devpi:\n http://doc.devpi.net\n.. _read the docs:\n https://pluggy.readthedocs.io/en/latest/\n\n\nSupport pluggy\n--------------\n\n`Open Collective`_ is an online funding platform for open and transparent communities.\nIt provides tools to raise money and share your finances in full transparency.\n\nIt is the platform of choice for individuals and companies that want to make one-time or\nmonthly donations directly to the project.\n\n``pluggy`` is part of the ``pytest-dev`` project, see more details in the `pytest collective`_.\n\n.. _Open Collective: https://opencollective.com\n.. _pytest collective: https://opencollective.com/pytest", - "release_date": "2024-04-20T21:34:40", + "release_date": "2025-05-15T12:30:06", "parties": [ { "type": "person", "role": "author", - "name": "Holger Krekel", - "email": "holger@merlinux.eu", + "name": null, + "email": "Holger Krekel ", "url": null } ], @@ -314,7 +314,8 @@ "Programming Language :: Python :: 3 :: Only", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", - "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", "Programming Language :: Python :: 3.9", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", @@ -322,12 +323,12 @@ "Topic :: Software Development :: Testing", "Topic :: Utilities" ], - "homepage_url": "https://github.com/pytest-dev/pluggy", - "download_url": "https://files.pythonhosted.org/packages/88/5f/e351af9a41f866ac3f1fac4ca0613908d9a41741cfcf2228f4ad853b697d/pluggy-1.5.0-py3-none-any.whl", - "size": 20556, + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/54/20/4d324d65cc6d9205fabedc306948156824eb9f0ee1633355a8f7ec5c66bf/pluggy-1.6.0-py3-none-any.whl", + "size": 20538, "sha1": null, - "md5": "07349a98333a31cbb6ef8f7a17905c77", - "sha256": "44e1ad92c8ca002de6377e165f3e0f1be63266ab4d554740532335b9d75ea669", + "md5": "e107bd9fd0c26746617d74bac26fa0c5", + "sha256": "e920276dd6813095e9377c0bc5566d94c932c33b27a3e3945d8389c374dd4746", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -347,9 +348,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/pluggy/1.5.0/json", + "api_data_url": "https://pypi.org/pypi/pluggy/1.6.0/json", "datasource_id": null, - "purl": "pkg:pypi/pluggy@1.5.0" + "purl": "pkg:pypi/pluggy@1.6.0" }, { "type": "pypi", @@ -476,12 +477,84 @@ "api_data_url": "https://pypi.org/pypi/tomli/2.2.1/json", "datasource_id": null, "purl": "pkg:pypi/tomli@2.2.1" + }, + { + "type": "pypi", + "namespace": null, + "name": "typing-extensions", + "version": "4.13.2", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Backported and Experimental Type Hints for Python 3.8+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", + "release_date": "2025-04-10T14:19:03", + "parties": [ + { + "type": "person", + "role": "author", + "name": null, + "email": "\"Guido van Rossum, Jukka Lehtosalo, \u0141ukasz Langa, Michael Lee\" ", + "url": null + } + ], + "keywords": [ + "annotations", + "backport", + "checker", + "checking", + "function", + "hinting", + "hints", + "type", + "typechecking", + "typehinting", + "typehints", + "typing", + "Development Status :: 5 - Production/Stable", + "Environment :: Console", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3 :: Only", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Topic :: Software Development" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", + "size": 45806, + "sha1": null, + "md5": "0d9ada689b5a7c88163dd4c3417b8cc8", + "sha256": "a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", + "sha512": null, + "bug_tracking_url": "https://github.com/python/typing_extensions/issues", + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": "PSF-2.0", + "declared_license": {}, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.13.2/json", + "datasource_id": null, + "purl": "pkg:pypi/typing-extensions@4.13.2" } ], "resolved_dependencies_graph": [ { - "package": "pkg:pypi/exceptiongroup@1.2.2", - "dependencies": [] + "package": "pkg:pypi/exceptiongroup@1.3.0", + "dependencies": [ + "pkg:pypi/typing-extensions@4.13.2" + ] }, { "package": "pkg:pypi/iniconfig@2.1.0", @@ -496,22 +569,26 @@ "dependencies": [] }, { - "package": "pkg:pypi/pluggy@1.5.0", + "package": "pkg:pypi/pluggy@1.6.0", "dependencies": [] }, { "package": "pkg:pypi/pytest@8.3.5", "dependencies": [ - "pkg:pypi/exceptiongroup@1.2.2", + "pkg:pypi/exceptiongroup@1.3.0", "pkg:pypi/iniconfig@2.1.0", "pkg:pypi/packaging@25.0", - "pkg:pypi/pluggy@1.5.0", + "pkg:pypi/pluggy@1.6.0", "pkg:pypi/tomli@2.2.1" ] }, { "package": "pkg:pypi/tomli@2.2.1", "dependencies": [] + }, + { + "package": "pkg:pypi/typing-extensions@4.13.2", + "dependencies": [] } ] } \ No newline at end of file diff --git a/tests/data/insecure-setup/setup.py-expected.json b/tests/data/insecure-setup/setup.py-expected.json index bc11151d..65279116 100644 --- a/tests/data/insecure-setup/setup.py-expected.json +++ b/tests/data/insecure-setup/setup.py-expected.json @@ -5,7 +5,7 @@ "tool_version": "0.13.0", "options": [ "--analyze-setup-py-insecurely", - "--index-url https://thirdparty.aboutcode.org/pypi/simple/", + "--index-url https://pypi.org/simple", "--json ", "--operating-system linux", "--python-version 27", @@ -122,20 +122,204 @@ ] } ], - "packages": [], + "packages": [ + { + "type": "pypi", + "namespace": null, + "name": "isodate", + "version": "0.7.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "An ISO 8601 date/time/duration parser and formatter\nISO 8601 date/time parser\n=========================\n\n.. image:: https://travis-ci.org/gweis/isodate.svg?branch=master\n :target: https://travis-ci.org/gweis/isodate\n :alt: Travis-CI\n.. image:: https://coveralls.io/repos/gweis/isodate/badge.svg?branch=master\n :target: https://coveralls.io/r/gweis/isodate?branch=master\n :alt: Coveralls\n.. image:: https://img.shields.io/pypi/v/isodate.svg\n :target: https://pypi.python.org/pypi/isodate/\n :alt: Latest Version\n.. image:: https://img.shields.io/pypi/l/isodate.svg\n :target: https://pypi.python.org/pypi/isodate/\n :alt: License\n\n\nThis module implements ISO 8601 date, time and duration parsing.\nThe implementation follows ISO8601:2004 standard, and implements only\ndate/time representations mentioned in the standard. If something is not\nmentioned there, then it is treated as non existent, and not as an allowed\noption.\n\nFor instance, ISO8601:2004 never mentions 2 digit years. So, it is not\nintended by this module to support 2 digit years. (while it may still\nbe valid as ISO date, because it is not explicitly forbidden.)\nAnother example is, when no time zone information is given for a time,\nthen it should be interpreted as local time, and not UTC.\n\nAs this module maps ISO 8601 dates/times to standard Python data types, like\n*date*, *time*, *datetime* and *timedelta*, it is not possible to convert\nall possible ISO 8601 dates/times. For instance, dates before 0001-01-01 are\nnot allowed by the Python *date* and *datetime* classes. Additionally\nfractional seconds are limited to microseconds. That means if the parser finds\nfor instance nanoseconds it will round it down to microseconds.\n\nDocumentation\n-------------\n\nThe following parsing methods are available.\n * parse_time:\n parses an ISO 8601 time string into a *time* object\n * parse_date:\n parses an ISO 8601 date string into a *date* object\n * parse_datetime:\n parses an ISO 8601 date-time string into a *datetime* object\n * parse_duration:\n parses an ISO 8601 duration string into a *timedelta* or *Duration*\n object.\n * parse_tzinfo:\n parses the time zone info part of an ISO 8601 string into a\n *tzinfo* object.\n\nAs ISO 8601 allows to define durations in years and months, and *timedelta*\ndoes not handle years and months, this module provides a *Duration* class,\nwhich can be used almost like a *timedelta* object (with some limitations).\nHowever, a *Duration* object can be converted into a *timedelta* object.\n\nThere are also ISO formatting methods for all supported data types. Each\n*xxx_isoformat* method accepts a format parameter. The default format is\nalways the ISO 8601 expanded format. This is the same format used by\n*datetime.isoformat*:\n\n * time_isoformat:\n Intended to create ISO time strings with default format\n *hh:mm:ssZ*.\n * date_isoformat:\n Intended to create ISO date strings with default format\n *yyyy-mm-dd*.\n * datetime_isoformat:\n Intended to create ISO date-time strings with default format\n *yyyy-mm-ddThh:mm:ssZ*.\n * duration_isoformat:\n Intended to create ISO duration strings with default format\n *PnnYnnMnnDTnnHnnMnnS*.\n * tz_isoformat:\n Intended to create ISO time zone strings with default format\n *hh:mm*.\n * strftime:\n A re-implementation mostly compatible with Python's *strftime*, but\n supports only those format strings, which can also be used for dates\n prior 1900. This method also understands how to format *datetime* and\n *Duration* instances.\n\nInstallation\n------------\n\nThis module can easily be installed with Python standard installation methods.\n\nUse *pip install isodate*.\n\nLimitations\n-----------\n\n * The parser accepts several date/time representation which should be invalid\n according to ISO 8601 standard.\n\n 1. for date and time together, this parser accepts a mixture of basic and extended format.\n e.g. the date could be in basic format, while the time is accepted in extended format.\n It also allows short dates and times in date-time strings.\n 2. For incomplete dates, the first day is chosen. e.g. 19th century results in a date of\n 1901-01-01.\n 3. negative *Duration* and *timedelta* value are not fully supported yet.\n\nFurther information\n-------------------\n\nThe doc strings and unit tests should provide rather detailed information about\nthe methods and their limitations.\n\nThe source release provides a *setup.py* script,\nwhich can be used to run the unit tests included.\n\nSource code is available at ``_.\n\n\nCHANGES\n=======\n\n0.7.1 (unreleased)\n------------------\n\n- no changes yet\n\n\n0.7.0 (2024-10-08)\n------------------\n\n- drop end of life python versions\n- Don't match garbage characters at the end of parsed strings #16 (Gabriel de Perthuis)\n\n\nPotentially breaking changes:\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n- Fractional seconds are cut off to microseconds (always round down)\n- Allow control over return type of parse_duration #64 (Felix Claessen)\n\n\n0.6.1 (2021-12-13)\n------------------\n\n- support python 3.10 (Hugo van Kemenade)\n- last version to support py 2.7\n\n\n0.6.0 (2017-10-13)\n------------------\n\n- support incomplete month date (Fabien Loffredo)\n- rely on duck typing when doing duration maths\n- support ':' as separator in fractional time zones (usrenmae)\n\n\n0.5.4 (2015-08-06)\n------------------\n\n- Fix parsing of Periods (Fabien Bochu)\n- Make Duration objects hashable (Geoffrey Fairchild)\n- Add multiplication to duration (Reinoud Elhorst)\n\n\n0.5.1 (2014-11-07)\n------------------\n\n- fixed pickling of Duration objects\n- raise ISO8601Error when there is no 'T' separator in datetime strings (Adrian Coveney)\n\n\n0.5.0 (2014-02-23)\n------------------\n\n- ISO8601Error are subclasses of ValueError now (Michael Hrivnak)\n- improve compatibility across various python variants and versions\n- raise exceptions when using fractional years and months in date\n maths with durations\n- renamed method todatetime on Duraction objects to totimedelta\n\n\n0.4.9 (2012-10-30)\n------------------\n\n- support pickling FixedOffset instances\n- make sure parsed fractional seconds are in microseconds\n- add leading zeros when formattig microseconds (Jarom Loveridge)\n\n\n0.4.8 (2012-05-04)\n------------------\n\n- fixed incompatibility of unittests with python 2.5 and 2.6 (runs fine on 2.7\n and 3.2)\n\n\n0.4.7 (2012-01-26)\n------------------\n\n- fixed tzinfo formatting (never pass None into tzinfo.utcoffset())\n\n\n0.4.6 (2012-01-06)\n------------------\n\n- added Python 3 compatibility via 2to3\n\n0.4.5 (2012-01-06)\n------------------\n\n- made setuptools dependency optional\n\n0.4.4 (2011-04-16)\n------------------\n\n- Fixed formatting of microseconds for datetime objects\n\n0.4.3 (2010-10-29)\n------------------\n\n- Fixed problem with %P formatting and fractions (supplied by David Brooks)\n\n0.4.2 (2010-10-28)\n------------------\n\n- Implemented unary - for Duration (supplied by David Brooks)\n- Output fractional seconds with '%P' format. (partly supplied by David Brooks)\n\n0.4.1 (2010-10-13)\n------------------\n\n- fixed bug in comparison between timedelta and Duration.\n- fixed precision problem with microseconds (reported by Tommi Virtanen)\n\n0.4.0 (2009-02-09)\n------------------\n\n- added method to parse ISO 8601 time zone strings\n- added methods to create ISO 8601 conforming strings\n\n0.3.0 (2009-1-05)\n------------------\n\n- Initial release\n\n\nTODOs\n=====\n\nThis to do list contains some thoughts and ideas about missing features, and\nparts to think about, whether to implement them or not. This list is probably\nnot complete.\n\nMissing features:\n-----------------\n\n * time formatting does not allow to create fractional representations.\n * parser for ISO intervals.\n * currently microseconds are always padded to a length of 6 characters.\n trailing 0s should be optional\n\nDocumentation:\n--------------\n\n * parse_datetime:\n - complete documentation to show what this function allows, but ISO forbids.\n and vice verse.\n - support other separators between date and time than 'T'\n\n * parse_date:\n - yeardigits should be always greater than 4\n - dates before 0001-01-01 are not supported\n\n * parse_duration:\n - alternative formats are not fully supported due to parse_date restrictions\n - standard duration format is fully supported but not very restrictive.\n\n * Duration:\n - support fractional years and month in calculations\n - implement w3c order relation? (``_)\n - refactor to have duration mathematics only at one place.\n - localize __str__ method (does timedelta do this?)\n - when is a Duration negative?\n - normalize Durations. months [00-12] and years ]-inf,+inf[", + "release_date": "2024-10-08T02:38:58", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Gerhard Weis", + "email": null, + "url": null + } + ], + "keywords": [ + "Development Status :: 4 - Beta", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: Implementation :: CPython", + "Programming Language :: Python :: Implementation :: PyPy", + "Topic :: Internet", + "Topic :: Software Development :: Libraries :: Python Modules" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/9b/40/32ce777053517be3032bb2ab3bb216959071ee0c16c761879e75c34a323e/isodate-0.7.0.tar.gz", + "size": 29597, + "sha1": null, + "md5": "06c2886cc00cdfc4ec1f36c1d590bc06", + "sha256": "c6332cf456314b85cc3b6ea2c45a6fa417cb1fddb361f6d2ed8f4f69e843c6d1", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "Copyright (c) 2021, Hugo van Kemenade and contributors Copyright (c) 2009-2018, Gerhard Weis and contributors Copyright (c) 2009, Gerhard Weis All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/isodate/0.7.0/json", + "datasource_id": null, + "purl": "pkg:pypi/isodate@0.7.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "pyparsing", + "version": "2.4.7", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Python parsing module\nPyParsing -- A Python Parsing Module\n====================================\n\n|Build Status|\n\nIntroduction\n============\n\nThe pyparsing module is an alternative approach to creating and\nexecuting simple grammars, vs. the traditional lex/yacc approach, or the\nuse of regular expressions. The pyparsing module provides a library of\nclasses that client code uses to construct the grammar directly in\nPython code.\n\n*[Since first writing this description of pyparsing in late 2003, this\ntechnique for developing parsers has become more widespread, under the\nname Parsing Expression Grammars - PEGs. See more information on PEGs at*\nhttps://en.wikipedia.org/wiki/Parsing_expression_grammar *.]*\n\nHere is a program to parse ``\"Hello, World!\"`` (or any greeting of the form\n``\"salutation, addressee!\"``):\n\n.. code:: python\n\n from pyparsing import Word, alphas\n greet = Word(alphas) + \",\" + Word(alphas) + \"!\"\n hello = \"Hello, World!\"\n print(hello, \"->\", greet.parseString(hello))\n\nThe program outputs the following::\n\n Hello, World! -> ['Hello', ',', 'World', '!']\n\nThe Python representation of the grammar is quite readable, owing to the\nself-explanatory class names, and the use of '+', '|' and '^' operator\ndefinitions.\n\nThe parsed results returned from ``parseString()`` can be accessed as a\nnested list, a dictionary, or an object with named attributes.\n\nThe pyparsing module handles some of the problems that are typically\nvexing when writing text parsers:\n\n- extra or missing whitespace (the above program will also handle ``\"Hello,World!\"``, ``\"Hello , World !\"``, etc.)\n- quoted strings\n- embedded comments\n\nThe examples directory includes a simple SQL parser, simple CORBA IDL\nparser, a config file parser, a chemical formula parser, and a four-\nfunction algebraic notation parser, among many others.\n\nDocumentation\n=============\n\nThere are many examples in the online docstrings of the classes\nand methods in pyparsing. You can find them compiled into online docs\nat https://pyparsing-docs.readthedocs.io/en/latest/. Additional\ndocumentation resources and project info are listed in the online\nGitHub wiki, at https://github.com/pyparsing/pyparsing/wiki. An\nentire directory of examples is at\nhttps://github.com/pyparsing/pyparsing/tree/master/examples.\n\nLicense\n=======\n\nMIT License. See header of pyparsing.py\n\nHistory\n=======\n\nSee CHANGES file.\n\n.. |Build Status| image:: https://travis-ci.org/pyparsing/pyparsing.svg?branch=master\n :target: https://travis-ci.org/pyparsing/pyparsing", + "release_date": "2020-04-05T22:21:22", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Paul McGuire", + "email": "ptmcg@users.sourceforge.net", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Intended Audience :: Information Technology", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 2.6", + "Programming Language :: Python :: 2.7", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.3", + "Programming Language :: Python :: 3.4", + "Programming Language :: Python :: 3.5", + "Programming Language :: Python :: 3.6", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8" + ], + "homepage_url": "https://github.com/pyparsing/pyparsing/", + "download_url": "https://files.pythonhosted.org/packages/8a/bb/488841f56197b13700afd5658fc279a2025a39e22449b7cf29864669b15d/pyparsing-2.4.7-py2.py3-none-any.whl", + "size": 67842, + "sha1": null, + "md5": "dbfd0a241aad2595f43377ec7f1836ea", + "sha256": "ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "MIT License", + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/pyparsing/2.4.7/json", + "datasource_id": null, + "purl": "pkg:pypi/pyparsing@2.4.7" + }, + { + "type": "pypi", + "namespace": null, + "name": "six", + "version": "1.17.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Python 2 and 3 compatibility utilities\n.. image:: https://img.shields.io/pypi/v/six.svg\n :target: https://pypi.org/project/six/\n :alt: six on PyPI\n\n.. image:: https://readthedocs.org/projects/six/badge/?version=latest\n :target: https://six.readthedocs.io/\n :alt: six's documentation on Read the Docs\n\n.. image:: https://img.shields.io/badge/license-MIT-green.svg\n :target: https://github.com/benjaminp/six/blob/master/LICENSE\n :alt: MIT License badge\n\nSix is a Python 2 and 3 compatibility library. It provides utility functions\nfor smoothing over the differences between the Python versions with the goal of\nwriting Python code that is compatible on both Python versions. See the\ndocumentation for more information on what is provided.\n\nSix supports Python 2.7 and 3.3+. It is contained in only one Python\nfile, so it can be easily copied into your project. (The copyright and license\nnotice must be retained.)\n\nOnline documentation is at https://six.readthedocs.io/.\n\nBugs can be reported to https://github.com/benjaminp/six. The code can also\nbe found there.", + "release_date": "2024-12-04T17:35:26", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Benjamin Peterson", + "email": "benjamin@python.org", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 3", + "Topic :: Software Development :: Libraries", + "Topic :: Utilities" + ], + "homepage_url": "https://github.com/benjaminp/six", + "download_url": "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", + "size": 11050, + "sha1": null, + "md5": "090bac7d568f9c1f64b671de641ccdee", + "sha256": "4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "MIT", + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/six/1.17.0/json", + "datasource_id": null, + "purl": "pkg:pypi/six@1.17.0" + } + ], "resolved_dependencies_graph": [ { - "package": "pkg:pypi/isodate@0.6.1", - "dependencies": [ - "pkg:pypi/six@1.16.0" - ] + "package": "pkg:pypi/isodate@0.7.0", + "dependencies": [] }, { - "package": "pkg:pypi/pyparsing@3.0.9", + "package": "pkg:pypi/pyparsing@2.4.7", "dependencies": [] }, { - "package": "pkg:pypi/six@1.16.0", + "package": "pkg:pypi/six@1.17.0", "dependencies": [] } ] diff --git a/tests/data/resolved_deps/autobahn-310-expected.json b/tests/data/resolved_deps/autobahn-310-expected.json index 0e4bbc24..ad910251 100644 --- a/tests/data/resolved_deps/autobahn-310-expected.json +++ b/tests/data/resolved_deps/autobahn-310-expected.json @@ -5,7 +5,7 @@ "dependencies": [ "pkg:pypi/cryptography@43.0.3", "pkg:pypi/hyperlink@21.0.0", - "pkg:pypi/setuptools@80.1.0", + "pkg:pypi/setuptools@80.8.0", "pkg:pypi/txaio@23.1.1" ] }, @@ -36,7 +36,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/setuptools@80.1.0", + "package": "pkg:pypi/setuptools@80.8.0", "dependencies": [] }, { @@ -51,7 +51,7 @@ "pkg:pypi/hyperlink@21.0.0", "pkg:pypi/idna@3.10", "pkg:pypi/pycparser@2.22", - "pkg:pypi/setuptools@80.1.0", + "pkg:pypi/setuptools@80.8.0", "pkg:pypi/txaio@23.1.1" ] ] \ No newline at end of file diff --git a/tests/data/resolved_deps/flask-310-expected.json b/tests/data/resolved_deps/flask-310-expected.json index 7216782a..cc88a552 100644 --- a/tests/data/resolved_deps/flask-310-expected.json +++ b/tests/data/resolved_deps/flask-310-expected.json @@ -1,13 +1,13 @@ [ [ { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { "package": "pkg:pypi/flask@2.1.2", "dependencies": [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/itsdangerous@2.2.0", "pkg:pypi/jinja2@3.1.6", "pkg:pypi/werkzeug@3.1.3" @@ -35,7 +35,7 @@ } ], [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/flask@2.1.2", "pkg:pypi/itsdangerous@2.2.0", "pkg:pypi/jinja2@3.1.6", diff --git a/tests/data/resolved_deps/flask-310-win-expected.json b/tests/data/resolved_deps/flask-310-win-expected.json index af954aa0..a8f45499 100644 --- a/tests/data/resolved_deps/flask-310-win-expected.json +++ b/tests/data/resolved_deps/flask-310-win-expected.json @@ -1,7 +1,7 @@ [ [ { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [ "pkg:pypi/colorama@0.4.6" ] @@ -13,7 +13,7 @@ { "package": "pkg:pypi/flask@2.1.2", "dependencies": [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/itsdangerous@2.2.0", "pkg:pypi/jinja2@3.1.6", "pkg:pypi/werkzeug@3.1.3" @@ -41,7 +41,7 @@ } ], [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/colorama@0.4.6", "pkg:pypi/flask@2.1.2", "pkg:pypi/itsdangerous@2.2.0", diff --git a/tests/data/test-api-expected.json b/tests/data/test-api-expected.json index f105ce7a..9236c0c8 100644 --- a/tests/data/test-api-expected.json +++ b/tests/data/test-api-expected.json @@ -5,12 +5,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:41", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:47", "parties": [ { "type": "person", @@ -28,22 +28,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/7e/d4/7ebdbd03970677812aac39c869717059dbb71a4cfc033ca6e5221787892c/click-8.1.8-py3-none-any.whl", - "size": 98188, + "download_url": "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", + "size": 102215, "sha1": null, - "md5": "7dc0eee374f3bb75bcce4c9dd4222f5f", - "sha256": "63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2", + "md5": "aeead16d8bed93caa7107ac87b1e5ec8", + "sha256": "61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -51,9 +47,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", @@ -354,13 +350,13 @@ ], "resolution": [ { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { "package": "pkg:pypi/flask@2.1.2", "dependencies": [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/itsdangerous@2.2.0", "pkg:pypi/jinja2@3.1.6", "pkg:pypi/werkzeug@3.1.3" diff --git a/tests/data/test-api-pdt-expected.json b/tests/data/test-api-pdt-expected.json index 7ad8a8c8..12f53983 100644 --- a/tests/data/test-api-pdt-expected.json +++ b/tests/data/test-api-pdt-expected.json @@ -5,12 +5,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:41", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:47", "parties": [ { "type": "person", @@ -28,22 +28,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/7e/d4/7ebdbd03970677812aac39c869717059dbb71a4cfc033ca6e5221787892c/click-8.1.8-py3-none-any.whl", - "size": 98188, + "download_url": "https://files.pythonhosted.org/packages/85/32/10bb5764d90a8eee674e9dc6f4db6a0ab47c8c4d0d83c27f7c39ac415a4d/click-8.2.1-py3-none-any.whl", + "size": 102215, "sha1": null, - "md5": "7dc0eee374f3bb75bcce4c9dd4222f5f", - "sha256": "63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2", + "md5": "aeead16d8bed93caa7107ac87b1e5ec8", + "sha256": "61a3265b914e850b85317d0b3109c7f8cd35a670f963866005d6ef1d5175a12b", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -51,9 +47,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", @@ -361,7 +357,7 @@ { "key": "click", "package_name": "click", - "installed_version": "8.1.8", + "installed_version": "8.2.1", "dependencies": [] }, { diff --git a/tests/data/test-api-with-prefer-source.json b/tests/data/test-api-with-prefer-source.json index 957b9ea5..80b32323 100644 --- a/tests/data/test-api-with-prefer-source.json +++ b/tests/data/test-api-with-prefer-source.json @@ -5,12 +5,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:44", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:49", "parties": [ { "type": "person", @@ -28,22 +28,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/b9/2e/0090cbf739cee7d23781ad4b89a9894a41538e4fcf4c31dcdd705b78eb8b/click-8.1.8.tar.gz", - "size": 226593, + "download_url": "https://files.pythonhosted.org/packages/60/6c/8ca2efa64cf75a977a0d7fac081354553ebe483345c734fb6b6515d96bbc/click-8.2.1.tar.gz", + "size": 286342, "sha1": null, - "md5": "b52ee8e6c33d88a2b4626e6a6002245d", - "sha256": "ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a", + "md5": "438cfd4974584ae4f960ffeab32e8991", + "sha256": "27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -51,9 +47,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", @@ -354,13 +350,13 @@ ], "resolution": [ { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { "package": "pkg:pypi/flask@2.1.2", "dependencies": [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/itsdangerous@2.2.0", "pkg:pypi/jinja2@3.1.6", "pkg:pypi/werkzeug@3.1.3" diff --git a/tests/data/test-api-with-python-311.json b/tests/data/test-api-with-python-311.json index 957b9ea5..80b32323 100644 --- a/tests/data/test-api-with-python-311.json +++ b/tests/data/test-api-with-python-311.json @@ -5,12 +5,12 @@ "type": "pypi", "namespace": null, "name": "click", - "version": "8.1.8", + "version": "8.2.1", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate", - "release_date": "2024-12-21T18:38:44", + "description": "Composable command line interface toolkit\n# $ click_\n\nClick is a Python package for creating beautiful command line interfaces\nin a composable way with as little code as necessary. It's the \"Command\nLine Interface Creation Kit\". It's highly configurable but comes with\nsensible defaults out of the box.\n\nIt aims to make the process of writing command line tools quick and fun\nwhile also preventing any frustration caused by the inability to\nimplement an intended CLI API.\n\nClick in three points:\n\n- Arbitrary nesting of commands\n- Automatic help page generation\n- Supports lazy loading of subcommands at runtime\n\n\n## A Simple Example\n\n```python\nimport click\n\n@click.command()\n@click.option(\"--count\", default=1, help=\"Number of greetings.\")\n@click.option(\"--name\", prompt=\"Your name\", help=\"The person to greet.\")\ndef hello(count, name):\n \"\"\"Simple program that greets NAME for a total of COUNT times.\"\"\"\n for _ in range(count):\n click.echo(f\"Hello, {name}!\")\n\nif __name__ == '__main__':\n hello()\n```\n\n```\n$ python hello.py --count=3\nYour name: Click\nHello, Click!\nHello, Click!\nHello, Click!\n```\n\n\n## Donate\n\nThe Pallets organization develops and supports Click and other popular\npackages. In order to grow the community of contributors and users, and\nallow the maintainers to devote more time to the projects, [please\ndonate today][].\n\n[please donate today]: https://palletsprojects.com/donate\n\n## Contributing\n\nSee our [detailed contributing documentation][contrib] for many ways to\ncontribute, including reporting issues, requesting features, asking or answering\nquestions, and making PRs.\n\n[contrib]: https://palletsprojects.com/contributing/", + "release_date": "2025-05-20T23:19:49", "parties": [ { "type": "person", @@ -28,22 +28,18 @@ "Typing :: Typed" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/b9/2e/0090cbf739cee7d23781ad4b89a9894a41538e4fcf4c31dcdd705b78eb8b/click-8.1.8.tar.gz", - "size": 226593, + "download_url": "https://files.pythonhosted.org/packages/60/6c/8ca2efa64cf75a977a0d7fac081354553ebe483345c734fb6b6515d96bbc/click-8.2.1.tar.gz", + "size": 286342, "sha1": null, - "md5": "b52ee8e6c33d88a2b4626e6a6002245d", - "sha256": "ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a", + "md5": "438cfd4974584ae4f960ffeab32e8991", + "sha256": "27c491cc05d968d271d5a1db13e3b5a184636d9d930f148c50b038f0d0646202", "sha512": null, "bug_tracking_url": null, "code_view_url": "https://github.com/pallets/click/", "vcs_url": null, "copyright": null, - "license_expression": null, - "declared_license": { - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, + "license_expression": "BSD-3-Clause", + "declared_license": {}, "notice_text": null, "source_packages": [], "file_references": [], @@ -51,9 +47,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/click/8.1.8/json", + "api_data_url": "https://pypi.org/pypi/click/8.2.1/json", "datasource_id": null, - "purl": "pkg:pypi/click@8.1.8" + "purl": "pkg:pypi/click@8.2.1" }, { "type": "pypi", @@ -354,13 +350,13 @@ ], "resolution": [ { - "package": "pkg:pypi/click@8.1.8", + "package": "pkg:pypi/click@8.2.1", "dependencies": [] }, { "package": "pkg:pypi/flask@2.1.2", "dependencies": [ - "pkg:pypi/click@8.1.8", + "pkg:pypi/click@8.2.1", "pkg:pypi/itsdangerous@2.2.0", "pkg:pypi/jinja2@3.1.6", "pkg:pypi/werkzeug@3.1.3" From 8e809df969e957f461c5b7f8a4a14ae543d8e7af Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 21 May 2025 13:08:10 +0200 Subject: [PATCH 09/10] Ensure stable order of index URLs Signed-off-by: Philippe Ombredanne --- src/python_inspector/api.py | 3 +- src/python_inspector/utils.py | 17 ++ .../insecure-setup/setup.py-expected.json | 200 +----------------- 3 files changed, 27 insertions(+), 193 deletions(-) diff --git a/src/python_inspector/api.py b/src/python_inspector/api.py index 24e314b8..201338ea 100644 --- a/src/python_inspector/api.py +++ b/src/python_inspector/api.py @@ -42,6 +42,7 @@ from python_inspector.resolution import get_reqs_insecurely from python_inspector.resolution import get_requirements_from_python_manifest from python_inspector.utils import Candidate +from python_inspector.utils import unique from python_inspector.utils_pypi import PLATFORMS_BY_OS from python_inspector.utils_pypi import Environment from python_inspector.utils_pypi import PypiSimpleRepository @@ -336,7 +337,7 @@ def get_index_urls(index_urls: Tuple, extra_data: Dict) -> Tuple: index_urls = (*index_urls, *tuple(extra_index_urls)) if isinstance(index_url, str): index_urls = (*index_urls, *tuple([index_url])) - return tuple(set(index_urls)) + return tuple(unique(index_urls)) resolver_api = resolve_dependencies diff --git a/src/python_inspector/utils.py b/src/python_inspector/utils.py index a7df84b6..1548ac0b 100644 --- a/src/python_inspector/utils.py +++ b/src/python_inspector/utils.py @@ -101,3 +101,20 @@ def remove_test_data_dir_variable_prefix(path, placeholder=""): return cleaned.replace("\\", "/") else: return placeholder + + +def unique(sequence): + """ + Return a list of unique items found in sequence. Preserve the original sequence order. + Items must be hashable. + For example: + >>> unique([1, 5, 3, 5]) + [1, 5, 3] + """ + seen = set() + deduped = [] + for item in sequence: + if item not in seen: + deduped.append(item) + seen.add(item) + return deduped diff --git a/tests/data/insecure-setup/setup.py-expected.json b/tests/data/insecure-setup/setup.py-expected.json index 65279116..bc11151d 100644 --- a/tests/data/insecure-setup/setup.py-expected.json +++ b/tests/data/insecure-setup/setup.py-expected.json @@ -5,7 +5,7 @@ "tool_version": "0.13.0", "options": [ "--analyze-setup-py-insecurely", - "--index-url https://pypi.org/simple", + "--index-url https://thirdparty.aboutcode.org/pypi/simple/", "--json ", "--operating-system linux", "--python-version 27", @@ -122,204 +122,20 @@ ] } ], - "packages": [ - { - "type": "pypi", - "namespace": null, - "name": "isodate", - "version": "0.7.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "An ISO 8601 date/time/duration parser and formatter\nISO 8601 date/time parser\n=========================\n\n.. image:: https://travis-ci.org/gweis/isodate.svg?branch=master\n :target: https://travis-ci.org/gweis/isodate\n :alt: Travis-CI\n.. image:: https://coveralls.io/repos/gweis/isodate/badge.svg?branch=master\n :target: https://coveralls.io/r/gweis/isodate?branch=master\n :alt: Coveralls\n.. image:: https://img.shields.io/pypi/v/isodate.svg\n :target: https://pypi.python.org/pypi/isodate/\n :alt: Latest Version\n.. image:: https://img.shields.io/pypi/l/isodate.svg\n :target: https://pypi.python.org/pypi/isodate/\n :alt: License\n\n\nThis module implements ISO 8601 date, time and duration parsing.\nThe implementation follows ISO8601:2004 standard, and implements only\ndate/time representations mentioned in the standard. If something is not\nmentioned there, then it is treated as non existent, and not as an allowed\noption.\n\nFor instance, ISO8601:2004 never mentions 2 digit years. So, it is not\nintended by this module to support 2 digit years. (while it may still\nbe valid as ISO date, because it is not explicitly forbidden.)\nAnother example is, when no time zone information is given for a time,\nthen it should be interpreted as local time, and not UTC.\n\nAs this module maps ISO 8601 dates/times to standard Python data types, like\n*date*, *time*, *datetime* and *timedelta*, it is not possible to convert\nall possible ISO 8601 dates/times. For instance, dates before 0001-01-01 are\nnot allowed by the Python *date* and *datetime* classes. Additionally\nfractional seconds are limited to microseconds. That means if the parser finds\nfor instance nanoseconds it will round it down to microseconds.\n\nDocumentation\n-------------\n\nThe following parsing methods are available.\n * parse_time:\n parses an ISO 8601 time string into a *time* object\n * parse_date:\n parses an ISO 8601 date string into a *date* object\n * parse_datetime:\n parses an ISO 8601 date-time string into a *datetime* object\n * parse_duration:\n parses an ISO 8601 duration string into a *timedelta* or *Duration*\n object.\n * parse_tzinfo:\n parses the time zone info part of an ISO 8601 string into a\n *tzinfo* object.\n\nAs ISO 8601 allows to define durations in years and months, and *timedelta*\ndoes not handle years and months, this module provides a *Duration* class,\nwhich can be used almost like a *timedelta* object (with some limitations).\nHowever, a *Duration* object can be converted into a *timedelta* object.\n\nThere are also ISO formatting methods for all supported data types. Each\n*xxx_isoformat* method accepts a format parameter. The default format is\nalways the ISO 8601 expanded format. This is the same format used by\n*datetime.isoformat*:\n\n * time_isoformat:\n Intended to create ISO time strings with default format\n *hh:mm:ssZ*.\n * date_isoformat:\n Intended to create ISO date strings with default format\n *yyyy-mm-dd*.\n * datetime_isoformat:\n Intended to create ISO date-time strings with default format\n *yyyy-mm-ddThh:mm:ssZ*.\n * duration_isoformat:\n Intended to create ISO duration strings with default format\n *PnnYnnMnnDTnnHnnMnnS*.\n * tz_isoformat:\n Intended to create ISO time zone strings with default format\n *hh:mm*.\n * strftime:\n A re-implementation mostly compatible with Python's *strftime*, but\n supports only those format strings, which can also be used for dates\n prior 1900. This method also understands how to format *datetime* and\n *Duration* instances.\n\nInstallation\n------------\n\nThis module can easily be installed with Python standard installation methods.\n\nUse *pip install isodate*.\n\nLimitations\n-----------\n\n * The parser accepts several date/time representation which should be invalid\n according to ISO 8601 standard.\n\n 1. for date and time together, this parser accepts a mixture of basic and extended format.\n e.g. the date could be in basic format, while the time is accepted in extended format.\n It also allows short dates and times in date-time strings.\n 2. For incomplete dates, the first day is chosen. e.g. 19th century results in a date of\n 1901-01-01.\n 3. negative *Duration* and *timedelta* value are not fully supported yet.\n\nFurther information\n-------------------\n\nThe doc strings and unit tests should provide rather detailed information about\nthe methods and their limitations.\n\nThe source release provides a *setup.py* script,\nwhich can be used to run the unit tests included.\n\nSource code is available at ``_.\n\n\nCHANGES\n=======\n\n0.7.1 (unreleased)\n------------------\n\n- no changes yet\n\n\n0.7.0 (2024-10-08)\n------------------\n\n- drop end of life python versions\n- Don't match garbage characters at the end of parsed strings #16 (Gabriel de Perthuis)\n\n\nPotentially breaking changes:\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n- Fractional seconds are cut off to microseconds (always round down)\n- Allow control over return type of parse_duration #64 (Felix Claessen)\n\n\n0.6.1 (2021-12-13)\n------------------\n\n- support python 3.10 (Hugo van Kemenade)\n- last version to support py 2.7\n\n\n0.6.0 (2017-10-13)\n------------------\n\n- support incomplete month date (Fabien Loffredo)\n- rely on duck typing when doing duration maths\n- support ':' as separator in fractional time zones (usrenmae)\n\n\n0.5.4 (2015-08-06)\n------------------\n\n- Fix parsing of Periods (Fabien Bochu)\n- Make Duration objects hashable (Geoffrey Fairchild)\n- Add multiplication to duration (Reinoud Elhorst)\n\n\n0.5.1 (2014-11-07)\n------------------\n\n- fixed pickling of Duration objects\n- raise ISO8601Error when there is no 'T' separator in datetime strings (Adrian Coveney)\n\n\n0.5.0 (2014-02-23)\n------------------\n\n- ISO8601Error are subclasses of ValueError now (Michael Hrivnak)\n- improve compatibility across various python variants and versions\n- raise exceptions when using fractional years and months in date\n maths with durations\n- renamed method todatetime on Duraction objects to totimedelta\n\n\n0.4.9 (2012-10-30)\n------------------\n\n- support pickling FixedOffset instances\n- make sure parsed fractional seconds are in microseconds\n- add leading zeros when formattig microseconds (Jarom Loveridge)\n\n\n0.4.8 (2012-05-04)\n------------------\n\n- fixed incompatibility of unittests with python 2.5 and 2.6 (runs fine on 2.7\n and 3.2)\n\n\n0.4.7 (2012-01-26)\n------------------\n\n- fixed tzinfo formatting (never pass None into tzinfo.utcoffset())\n\n\n0.4.6 (2012-01-06)\n------------------\n\n- added Python 3 compatibility via 2to3\n\n0.4.5 (2012-01-06)\n------------------\n\n- made setuptools dependency optional\n\n0.4.4 (2011-04-16)\n------------------\n\n- Fixed formatting of microseconds for datetime objects\n\n0.4.3 (2010-10-29)\n------------------\n\n- Fixed problem with %P formatting and fractions (supplied by David Brooks)\n\n0.4.2 (2010-10-28)\n------------------\n\n- Implemented unary - for Duration (supplied by David Brooks)\n- Output fractional seconds with '%P' format. (partly supplied by David Brooks)\n\n0.4.1 (2010-10-13)\n------------------\n\n- fixed bug in comparison between timedelta and Duration.\n- fixed precision problem with microseconds (reported by Tommi Virtanen)\n\n0.4.0 (2009-02-09)\n------------------\n\n- added method to parse ISO 8601 time zone strings\n- added methods to create ISO 8601 conforming strings\n\n0.3.0 (2009-1-05)\n------------------\n\n- Initial release\n\n\nTODOs\n=====\n\nThis to do list contains some thoughts and ideas about missing features, and\nparts to think about, whether to implement them or not. This list is probably\nnot complete.\n\nMissing features:\n-----------------\n\n * time formatting does not allow to create fractional representations.\n * parser for ISO intervals.\n * currently microseconds are always padded to a length of 6 characters.\n trailing 0s should be optional\n\nDocumentation:\n--------------\n\n * parse_datetime:\n - complete documentation to show what this function allows, but ISO forbids.\n and vice verse.\n - support other separators between date and time than 'T'\n\n * parse_date:\n - yeardigits should be always greater than 4\n - dates before 0001-01-01 are not supported\n\n * parse_duration:\n - alternative formats are not fully supported due to parse_date restrictions\n - standard duration format is fully supported but not very restrictive.\n\n * Duration:\n - support fractional years and month in calculations\n - implement w3c order relation? (``_)\n - refactor to have duration mathematics only at one place.\n - localize __str__ method (does timedelta do this?)\n - when is a Duration negative?\n - normalize Durations. months [00-12] and years ]-inf,+inf[", - "release_date": "2024-10-08T02:38:58", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Gerhard Weis", - "email": null, - "url": null - } - ], - "keywords": [ - "Development Status :: 4 - Beta", - "Intended Audience :: Developers", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.10", - "Programming Language :: Python :: 3.11", - "Programming Language :: Python :: 3.12", - "Programming Language :: Python :: 3.13", - "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: Implementation :: CPython", - "Programming Language :: Python :: Implementation :: PyPy", - "Topic :: Internet", - "Topic :: Software Development :: Libraries :: Python Modules" - ], - "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/9b/40/32ce777053517be3032bb2ab3bb216959071ee0c16c761879e75c34a323e/isodate-0.7.0.tar.gz", - "size": 29597, - "sha1": null, - "md5": "06c2886cc00cdfc4ec1f36c1d590bc06", - "sha256": "c6332cf456314b85cc3b6ea2c45a6fa417cb1fddb361f6d2ed8f4f69e843c6d1", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "Copyright (c) 2021, Hugo van Kemenade and contributors Copyright (c) 2009-2018, Gerhard Weis and contributors Copyright (c) 2009, Gerhard Weis All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ", - "classifiers": [ - "License :: OSI Approved :: BSD License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/isodate/0.7.0/json", - "datasource_id": null, - "purl": "pkg:pypi/isodate@0.7.0" - }, - { - "type": "pypi", - "namespace": null, - "name": "pyparsing", - "version": "2.4.7", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Python parsing module\nPyParsing -- A Python Parsing Module\n====================================\n\n|Build Status|\n\nIntroduction\n============\n\nThe pyparsing module is an alternative approach to creating and\nexecuting simple grammars, vs. the traditional lex/yacc approach, or the\nuse of regular expressions. The pyparsing module provides a library of\nclasses that client code uses to construct the grammar directly in\nPython code.\n\n*[Since first writing this description of pyparsing in late 2003, this\ntechnique for developing parsers has become more widespread, under the\nname Parsing Expression Grammars - PEGs. See more information on PEGs at*\nhttps://en.wikipedia.org/wiki/Parsing_expression_grammar *.]*\n\nHere is a program to parse ``\"Hello, World!\"`` (or any greeting of the form\n``\"salutation, addressee!\"``):\n\n.. code:: python\n\n from pyparsing import Word, alphas\n greet = Word(alphas) + \",\" + Word(alphas) + \"!\"\n hello = \"Hello, World!\"\n print(hello, \"->\", greet.parseString(hello))\n\nThe program outputs the following::\n\n Hello, World! -> ['Hello', ',', 'World', '!']\n\nThe Python representation of the grammar is quite readable, owing to the\nself-explanatory class names, and the use of '+', '|' and '^' operator\ndefinitions.\n\nThe parsed results returned from ``parseString()`` can be accessed as a\nnested list, a dictionary, or an object with named attributes.\n\nThe pyparsing module handles some of the problems that are typically\nvexing when writing text parsers:\n\n- extra or missing whitespace (the above program will also handle ``\"Hello,World!\"``, ``\"Hello , World !\"``, etc.)\n- quoted strings\n- embedded comments\n\nThe examples directory includes a simple SQL parser, simple CORBA IDL\nparser, a config file parser, a chemical formula parser, and a four-\nfunction algebraic notation parser, among many others.\n\nDocumentation\n=============\n\nThere are many examples in the online docstrings of the classes\nand methods in pyparsing. You can find them compiled into online docs\nat https://pyparsing-docs.readthedocs.io/en/latest/. Additional\ndocumentation resources and project info are listed in the online\nGitHub wiki, at https://github.com/pyparsing/pyparsing/wiki. An\nentire directory of examples is at\nhttps://github.com/pyparsing/pyparsing/tree/master/examples.\n\nLicense\n=======\n\nMIT License. See header of pyparsing.py\n\nHistory\n=======\n\nSee CHANGES file.\n\n.. |Build Status| image:: https://travis-ci.org/pyparsing/pyparsing.svg?branch=master\n :target: https://travis-ci.org/pyparsing/pyparsing", - "release_date": "2020-04-05T22:21:22", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Paul McGuire", - "email": "ptmcg@users.sourceforge.net", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Intended Audience :: Information Technology", - "Operating System :: OS Independent", - "Programming Language :: Python", - "Programming Language :: Python :: 2", - "Programming Language :: Python :: 2.6", - "Programming Language :: Python :: 2.7", - "Programming Language :: Python :: 3", - "Programming Language :: Python :: 3.3", - "Programming Language :: Python :: 3.4", - "Programming Language :: Python :: 3.5", - "Programming Language :: Python :: 3.6", - "Programming Language :: Python :: 3.7", - "Programming Language :: Python :: 3.8" - ], - "homepage_url": "https://github.com/pyparsing/pyparsing/", - "download_url": "https://files.pythonhosted.org/packages/8a/bb/488841f56197b13700afd5658fc279a2025a39e22449b7cf29864669b15d/pyparsing-2.4.7-py2.py3-none-any.whl", - "size": 67842, - "sha1": null, - "md5": "dbfd0a241aad2595f43377ec7f1836ea", - "sha256": "ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "MIT License", - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/pyparsing/2.4.7/json", - "datasource_id": null, - "purl": "pkg:pypi/pyparsing@2.4.7" - }, - { - "type": "pypi", - "namespace": null, - "name": "six", - "version": "1.17.0", - "qualifiers": {}, - "subpath": null, - "primary_language": "Python", - "description": "Python 2 and 3 compatibility utilities\n.. image:: https://img.shields.io/pypi/v/six.svg\n :target: https://pypi.org/project/six/\n :alt: six on PyPI\n\n.. image:: https://readthedocs.org/projects/six/badge/?version=latest\n :target: https://six.readthedocs.io/\n :alt: six's documentation on Read the Docs\n\n.. image:: https://img.shields.io/badge/license-MIT-green.svg\n :target: https://github.com/benjaminp/six/blob/master/LICENSE\n :alt: MIT License badge\n\nSix is a Python 2 and 3 compatibility library. It provides utility functions\nfor smoothing over the differences between the Python versions with the goal of\nwriting Python code that is compatible on both Python versions. See the\ndocumentation for more information on what is provided.\n\nSix supports Python 2.7 and 3.3+. It is contained in only one Python\nfile, so it can be easily copied into your project. (The copyright and license\nnotice must be retained.)\n\nOnline documentation is at https://six.readthedocs.io/.\n\nBugs can be reported to https://github.com/benjaminp/six. The code can also\nbe found there.", - "release_date": "2024-12-04T17:35:26", - "parties": [ - { - "type": "person", - "role": "author", - "name": "Benjamin Peterson", - "email": "benjamin@python.org", - "url": null - } - ], - "keywords": [ - "Development Status :: 5 - Production/Stable", - "Intended Audience :: Developers", - "Programming Language :: Python :: 2", - "Programming Language :: Python :: 3", - "Topic :: Software Development :: Libraries", - "Topic :: Utilities" - ], - "homepage_url": "https://github.com/benjaminp/six", - "download_url": "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", - "size": 11050, - "sha1": null, - "md5": "090bac7d568f9c1f64b671de641ccdee", - "sha256": "4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", - "sha512": null, - "bug_tracking_url": null, - "code_view_url": null, - "vcs_url": null, - "copyright": null, - "license_expression": null, - "declared_license": { - "license": "MIT", - "classifiers": [ - "License :: OSI Approved :: MIT License" - ] - }, - "notice_text": null, - "source_packages": [], - "file_references": [], - "extra_data": {}, - "dependencies": [], - "repository_homepage_url": null, - "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/six/1.17.0/json", - "datasource_id": null, - "purl": "pkg:pypi/six@1.17.0" - } - ], + "packages": [], "resolved_dependencies_graph": [ { - "package": "pkg:pypi/isodate@0.7.0", - "dependencies": [] + "package": "pkg:pypi/isodate@0.6.1", + "dependencies": [ + "pkg:pypi/six@1.16.0" + ] }, { - "package": "pkg:pypi/pyparsing@2.4.7", + "package": "pkg:pypi/pyparsing@3.0.9", "dependencies": [] }, { - "package": "pkg:pypi/six@1.17.0", + "package": "pkg:pypi/six@1.16.0", "dependencies": [] } ] From 1dcd761437098464e320fb87d5656ace660c5178 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Tue, 3 Jun 2025 10:08:29 +0200 Subject: [PATCH 10/10] Update test expectations Signed-off-by: Philippe Ombredanne --- tests/data/azure-devops.req-310-expected.json | 46 ++-- tests/data/azure-devops.req-312-expected.json | 46 ++-- tests/data/azure-devops.req-313-expected.json | 46 ++-- tests/data/azure-devops.req-38-expected.json | 20 +- ...e-requirements-ignore-errors-expected.json | 127 +++++++++-- .../insecure-setup/setup.py-expected.json | 200 +++++++++++++++++- .../resolved_deps/autobahn-310-expected.json | 6 +- .../data/resolved_deps/flask-39-expected.json | 6 +- tests/test_cli.py | 9 + 9 files changed, 390 insertions(+), 116 deletions(-) diff --git a/tests/data/azure-devops.req-310-expected.json b/tests/data/azure-devops.req-310-expected.json index 805e0152..472c2370 100644 --- a/tests/data/azure-devops.req-310-expected.json +++ b/tests/data/azure-devops.req-310-expected.json @@ -574,12 +574,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "45.0.2", + "version": "45.0.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-18T02:45:59", + "release_date": "2025-05-25T14:16:51", "parties": [ { "type": "person", @@ -613,11 +613,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", - "size": 4560535, + "download_url": "https://files.pythonhosted.org/packages/f5/b4/51417d0cc01802304c1984d76e9592f15e4801abd44ef7ba657060520bf0/cryptography-45.0.3-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560038, "sha1": null, - "md5": "947cb34eecccafe70b2313042598a793", - "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", + "md5": "895f405f8548c6d156a23c615cb8e20f", + "sha256": "232954730c362638544758a8160c4ee1b832dc011d2c41a306ad8f7cccc5bb0b", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -634,9 +634,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.3/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@45.0.2" + "purl": "pkg:pypi/cryptography@45.0.3" }, { "type": "pypi", @@ -1166,12 +1166,12 @@ "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.13.2", + "version": "4.14.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.8+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", - "release_date": "2025-04-10T14:19:03", + "description": "Backported and Experimental Type Hints for Python 3.9+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", + "release_date": "2025-06-02T14:52:10", "parties": [ { "type": "person", @@ -1204,16 +1204,16 @@ "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", "Programming Language :: Python :: 3.13", - "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.14", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", - "size": 45806, + "download_url": "https://files.pythonhosted.org/packages/69/e0/552843e0d356fbb5256d21449fa957fa4eff3bbc135a74a691ee70c7c5da/typing_extensions-4.14.0-py3-none-any.whl", + "size": 43839, "sha1": null, - "md5": "0d9ada689b5a7c88163dd4c3417b8cc8", - "sha256": "a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", + "md5": "d27a9ceff49d98145c50076842fca792", + "sha256": "a1514509136dd0b477638fc68d6a91497af5076466ad0fa6c338e44e359944af", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -1228,9 +1228,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.13.2/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.14.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.13.2" + "purl": "pkg:pypi/typing-extensions@4.14.0" }, { "type": "pypi", @@ -1314,7 +1314,7 @@ "dependencies": [ "pkg:pypi/requests@2.32.3", "pkg:pypi/six@1.17.0", - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -1327,9 +1327,9 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.34.0", - "pkg:pypi/cryptography@45.0.2", + "pkg:pypi/cryptography@45.0.3", "pkg:pypi/isodate@0.7.2", - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -1351,7 +1351,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@45.0.2", + "package": "pkg:pypi/cryptography@45.0.3", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] @@ -1403,7 +1403,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/typing-extensions@4.13.2", + "package": "pkg:pypi/typing-extensions@4.14.0", "dependencies": [] }, { diff --git a/tests/data/azure-devops.req-312-expected.json b/tests/data/azure-devops.req-312-expected.json index 95a0e2fe..f9c2dbea 100644 --- a/tests/data/azure-devops.req-312-expected.json +++ b/tests/data/azure-devops.req-312-expected.json @@ -574,12 +574,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "45.0.2", + "version": "45.0.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-18T02:45:59", + "release_date": "2025-05-25T14:16:51", "parties": [ { "type": "person", @@ -613,11 +613,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", - "size": 4560535, + "download_url": "https://files.pythonhosted.org/packages/f5/b4/51417d0cc01802304c1984d76e9592f15e4801abd44ef7ba657060520bf0/cryptography-45.0.3-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560038, "sha1": null, - "md5": "947cb34eecccafe70b2313042598a793", - "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", + "md5": "895f405f8548c6d156a23c615cb8e20f", + "sha256": "232954730c362638544758a8160c4ee1b832dc011d2c41a306ad8f7cccc5bb0b", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -634,9 +634,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.3/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@45.0.2" + "purl": "pkg:pypi/cryptography@45.0.3" }, { "type": "pypi", @@ -1166,12 +1166,12 @@ "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.13.2", + "version": "4.14.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.8+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", - "release_date": "2025-04-10T14:19:03", + "description": "Backported and Experimental Type Hints for Python 3.9+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", + "release_date": "2025-06-02T14:52:10", "parties": [ { "type": "person", @@ -1204,16 +1204,16 @@ "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", "Programming Language :: Python :: 3.13", - "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.14", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", - "size": 45806, + "download_url": "https://files.pythonhosted.org/packages/69/e0/552843e0d356fbb5256d21449fa957fa4eff3bbc135a74a691ee70c7c5da/typing_extensions-4.14.0-py3-none-any.whl", + "size": 43839, "sha1": null, - "md5": "0d9ada689b5a7c88163dd4c3417b8cc8", - "sha256": "a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", + "md5": "d27a9ceff49d98145c50076842fca792", + "sha256": "a1514509136dd0b477638fc68d6a91497af5076466ad0fa6c338e44e359944af", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -1228,9 +1228,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.13.2/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.14.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.13.2" + "purl": "pkg:pypi/typing-extensions@4.14.0" }, { "type": "pypi", @@ -1314,7 +1314,7 @@ "dependencies": [ "pkg:pypi/requests@2.32.3", "pkg:pypi/six@1.17.0", - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -1327,9 +1327,9 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.34.0", - "pkg:pypi/cryptography@45.0.2", + "pkg:pypi/cryptography@45.0.3", "pkg:pypi/isodate@0.7.2", - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -1351,7 +1351,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@45.0.2", + "package": "pkg:pypi/cryptography@45.0.3", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] @@ -1403,7 +1403,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/typing-extensions@4.13.2", + "package": "pkg:pypi/typing-extensions@4.14.0", "dependencies": [] }, { diff --git a/tests/data/azure-devops.req-313-expected.json b/tests/data/azure-devops.req-313-expected.json index a8d46436..65dc9e11 100644 --- a/tests/data/azure-devops.req-313-expected.json +++ b/tests/data/azure-devops.req-313-expected.json @@ -574,12 +574,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "45.0.2", + "version": "45.0.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-18T02:45:59", + "release_date": "2025-05-25T14:16:51", "parties": [ { "type": "person", @@ -613,11 +613,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", - "size": 4560535, + "download_url": "https://files.pythonhosted.org/packages/f5/b4/51417d0cc01802304c1984d76e9592f15e4801abd44ef7ba657060520bf0/cryptography-45.0.3-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560038, "sha1": null, - "md5": "947cb34eecccafe70b2313042598a793", - "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", + "md5": "895f405f8548c6d156a23c615cb8e20f", + "sha256": "232954730c362638544758a8160c4ee1b832dc011d2c41a306ad8f7cccc5bb0b", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -634,9 +634,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.3/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@45.0.2" + "purl": "pkg:pypi/cryptography@45.0.3" }, { "type": "pypi", @@ -1166,12 +1166,12 @@ "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.13.2", + "version": "4.14.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.8+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", - "release_date": "2025-04-10T14:19:03", + "description": "Backported and Experimental Type Hints for Python 3.9+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", + "release_date": "2025-06-02T14:52:10", "parties": [ { "type": "person", @@ -1204,16 +1204,16 @@ "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", "Programming Language :: Python :: 3.13", - "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.14", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", - "size": 45806, + "download_url": "https://files.pythonhosted.org/packages/69/e0/552843e0d356fbb5256d21449fa957fa4eff3bbc135a74a691ee70c7c5da/typing_extensions-4.14.0-py3-none-any.whl", + "size": 43839, "sha1": null, - "md5": "0d9ada689b5a7c88163dd4c3417b8cc8", - "sha256": "a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", + "md5": "d27a9ceff49d98145c50076842fca792", + "sha256": "a1514509136dd0b477638fc68d6a91497af5076466ad0fa6c338e44e359944af", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -1228,9 +1228,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.13.2/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.14.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.13.2" + "purl": "pkg:pypi/typing-extensions@4.14.0" }, { "type": "pypi", @@ -1314,7 +1314,7 @@ "dependencies": [ "pkg:pypi/requests@2.32.3", "pkg:pypi/six@1.17.0", - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -1327,9 +1327,9 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.34.0", - "pkg:pypi/cryptography@45.0.2", + "pkg:pypi/cryptography@45.0.3", "pkg:pypi/isodate@0.7.2", - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -1351,7 +1351,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@45.0.2", + "package": "pkg:pypi/cryptography@45.0.3", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] @@ -1403,7 +1403,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/typing-extensions@4.13.2", + "package": "pkg:pypi/typing-extensions@4.14.0", "dependencies": [] }, { diff --git a/tests/data/azure-devops.req-38-expected.json b/tests/data/azure-devops.req-38-expected.json index 4e267db8..5dd355c8 100644 --- a/tests/data/azure-devops.req-38-expected.json +++ b/tests/data/azure-devops.req-38-expected.json @@ -579,12 +579,12 @@ "type": "pypi", "namespace": null, "name": "cryptography", - "version": "45.0.2", + "version": "45.0.3", "qualifiers": {}, "subpath": null, "primary_language": "Python", "description": "cryptography is a package which provides cryptographic recipes and primitives to Python developers.\npyca/cryptography\n=================\n\n.. image:: https://img.shields.io/pypi/v/cryptography.svg\n :target: https://pypi.org/project/cryptography/\n :alt: Latest Version\n\n.. image:: https://readthedocs.org/projects/cryptography/badge/?version=latest\n :target: https://cryptography.io\n :alt: Latest Docs\n\n.. image:: https://github.com/pyca/cryptography/workflows/CI/badge.svg?branch=main\n :target: https://github.com/pyca/cryptography/actions?query=workflow%3ACI+branch%3Amain\n\n\n``cryptography`` is a package which provides cryptographic recipes and\nprimitives to Python developers. Our goal is for it to be your \"cryptographic\nstandard library\". It supports Python 3.7+ and PyPy3 7.3.11+.\n\n``cryptography`` includes both high level recipes and low level interfaces to\ncommon cryptographic algorithms such as symmetric ciphers, message digests, and\nkey derivation functions. For example, to encrypt something with\n``cryptography``'s high level symmetric encryption recipe:\n\n.. code-block:: pycon\n\n >>> from cryptography.fernet import Fernet\n >>> # Put this somewhere safe!\n >>> key = Fernet.generate_key()\n >>> f = Fernet(key)\n >>> token = f.encrypt(b\"A really secret message. Not for prying eyes.\")\n >>> token\n b'...'\n >>> f.decrypt(token)\n b'A really secret message. Not for prying eyes.'\n\nYou can find more information in the `documentation`_.\n\nYou can install ``cryptography`` with:\n\n.. code-block:: console\n\n $ pip install cryptography\n\nFor full details see `the installation documentation`_.\n\nDiscussion\n~~~~~~~~~~\n\nIf you run into bugs, you can file them in our `issue tracker`_.\n\nWe maintain a `cryptography-dev`_ mailing list for development discussion.\n\nYou can also join ``#pyca`` on ``irc.libera.chat`` to ask questions or get\ninvolved.\n\nSecurity\n~~~~~~~~\n\nNeed to report a security issue? Please consult our `security reporting`_\ndocumentation.\n\n\n.. _`documentation`: https://cryptography.io/\n.. _`the installation documentation`: https://cryptography.io/en/latest/installation/\n.. _`issue tracker`: https://github.com/pyca/cryptography/issues\n.. _`cryptography-dev`: https://mail.python.org/mailman/listinfo/cryptography-dev\n.. _`security reporting`: https://cryptography.io/en/latest/security/", - "release_date": "2025-05-18T02:45:59", + "release_date": "2025-05-25T14:16:51", "parties": [ { "type": "person", @@ -618,11 +618,11 @@ "Topic :: Security :: Cryptography" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/b9/d4/75d2375a20d80aa262a8adee77bf56950e9292929e394b9fae2481803f11/cryptography-45.0.2-cp37-abi3-musllinux_1_2_x86_64.whl", - "size": 4560535, + "download_url": "https://files.pythonhosted.org/packages/f5/b4/51417d0cc01802304c1984d76e9592f15e4801abd44ef7ba657060520bf0/cryptography-45.0.3-cp37-abi3-musllinux_1_2_x86_64.whl", + "size": 4560038, "sha1": null, - "md5": "947cb34eecccafe70b2313042598a793", - "sha256": "c0c000c1a09f069632d8a9eb3b610ac029fcc682f1d69b758e625d6ee713f4ed", + "md5": "895f405f8548c6d156a23c615cb8e20f", + "sha256": "232954730c362638544758a8160c4ee1b832dc011d2c41a306ad8f7cccc5bb0b", "sha512": null, "bug_tracking_url": null, "code_view_url": null, @@ -639,9 +639,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/cryptography/45.0.2/json", + "api_data_url": "https://pypi.org/pypi/cryptography/45.0.3/json", "datasource_id": null, - "purl": "pkg:pypi/cryptography@45.0.2" + "purl": "pkg:pypi/cryptography@45.0.3" }, { "type": "pypi", @@ -1337,7 +1337,7 @@ "package": "pkg:pypi/azure-storage-blob@12.25.1", "dependencies": [ "pkg:pypi/azure-core@1.33.0", - "pkg:pypi/cryptography@45.0.2", + "pkg:pypi/cryptography@45.0.3", "pkg:pypi/isodate@0.7.2", "pkg:pypi/typing-extensions@4.13.2" ] @@ -1361,7 +1361,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/cryptography@45.0.2", + "package": "pkg:pypi/cryptography@45.0.3", "dependencies": [ "pkg:pypi/cffi@1.17.1" ] diff --git a/tests/data/example-requirements-ignore-errors-expected.json b/tests/data/example-requirements-ignore-errors-expected.json index 42911592..36f0b426 100644 --- a/tests/data/example-requirements-ignore-errors-expected.json +++ b/tests/data/example-requirements-ignore-errors-expected.json @@ -352,16 +352,91 @@ "datasource_id": null, "purl": "pkg:pypi/pluggy@1.6.0" }, + { + "type": "pypi", + "namespace": null, + "name": "pygments", + "version": "2.19.1", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Pygments\n~~~~~~~~\n\nPygments is a syntax highlighting package written in Python.\n\nIt is a generic syntax highlighter suitable for use in code hosting, forums,\nwikis or other applications that need to prettify source code. Highlights\nare:\n\n* a wide range of over 500 languages and other text formats is supported\n* special attention is paid to details, increasing quality by a fair amount\n* support for new languages and formats are added easily\n* a number of output formats, presently HTML, LaTeX, RTF, SVG, all image\n formats that PIL supports and ANSI sequences\n* it is usable as a command-line tool and as a library\n\nCopyright 2006-2025 by the Pygments team, see ``AUTHORS``.\nLicensed under the BSD, see ``LICENSE`` for details.", + "release_date": "2025-01-06T17:26:25", + "parties": [ + { + "type": "person", + "role": "author", + "name": null, + "email": "Georg Brandl ", + "url": null + }, + { + "type": "person", + "role": "maintainer", + "name": "Matth\u00e4us G. Chajdas", + "email": "Georg Brandl , Jean Abou Samra ", + "url": null + } + ], + "keywords": [ + "syntax highlighting", + "Development Status :: 6 - Mature", + "Intended Audience :: Developers", + "Intended Audience :: End Users/Desktop", + "Intended Audience :: System Administrators", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: Implementation :: CPython", + "Programming Language :: Python :: Implementation :: PyPy", + "Topic :: Text Processing :: Filters", + "Topic :: Utilities" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/8a/0b/9fcc47d19c48b59121088dd6da2488a49d5f72dacf8262e2790a1d2c7d15/pygments-2.19.1-py3-none-any.whl", + "size": 1225293, + "sha1": null, + "md5": "794747e68f6a2c85e86a8a49e4abb285", + "sha256": "9ea1544ad55cecf4b8242fab6dd35a93bbce657034b0611ee383099054ab6d8c", + "sha512": null, + "bug_tracking_url": "https://github.com/pygments/pygments/issues", + "code_view_url": "https://github.com/pygments/pygments", + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "BSD-2-Clause", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/pygments/2.19.1/json", + "datasource_id": null, + "purl": "pkg:pypi/pygments@2.19.1" + }, { "type": "pypi", "namespace": null, "name": "pytest", - "version": "8.3.5", + "version": "8.4.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "pytest: simple powerful testing with Python\n.. image:: https://github.com/pytest-dev/pytest/raw/main/doc/en/img/pytest_logo_curves.svg\n :target: https://docs.pytest.org/en/stable/\n :align: center\n :height: 200\n :alt: pytest\n\n\n------\n\n.. image:: https://img.shields.io/pypi/v/pytest.svg\n :target: https://pypi.org/project/pytest/\n\n.. image:: https://img.shields.io/conda/vn/conda-forge/pytest.svg\n :target: https://anaconda.org/conda-forge/pytest\n\n.. image:: https://img.shields.io/pypi/pyversions/pytest.svg\n :target: https://pypi.org/project/pytest/\n\n.. image:: https://codecov.io/gh/pytest-dev/pytest/branch/main/graph/badge.svg\n :target: https://codecov.io/gh/pytest-dev/pytest\n :alt: Code coverage Status\n\n.. image:: https://github.com/pytest-dev/pytest/actions/workflows/test.yml/badge.svg\n :target: https://github.com/pytest-dev/pytest/actions?query=workflow%3Atest\n\n.. image:: https://results.pre-commit.ci/badge/github/pytest-dev/pytest/main.svg\n :target: https://results.pre-commit.ci/latest/github/pytest-dev/pytest/main\n :alt: pre-commit.ci status\n\n.. image:: https://www.codetriage.com/pytest-dev/pytest/badges/users.svg\n :target: https://www.codetriage.com/pytest-dev/pytest\n\n.. image:: https://readthedocs.org/projects/pytest/badge/?version=latest\n :target: https://pytest.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n\n.. image:: https://img.shields.io/badge/Discord-pytest--dev-blue\n :target: https://discord.com/invite/pytest-dev\n :alt: Discord\n\n.. image:: https://img.shields.io/badge/Libera%20chat-%23pytest-orange\n :target: https://web.libera.chat/#pytest\n :alt: Libera chat\n\n\nThe ``pytest`` framework makes it easy to write small tests, yet\nscales to support complex functional testing for applications and libraries.\n\nAn example of a simple test:\n\n.. code-block:: python\n\n # content of test_sample.py\n def inc(x):\n return x + 1\n\n\n def test_answer():\n assert inc(3) == 5\n\n\nTo execute it::\n\n $ pytest\n ============================= test session starts =============================\n collected 1 items\n\n test_sample.py F\n\n ================================== FAILURES ===================================\n _________________________________ test_answer _________________________________\n\n def test_answer():\n > assert inc(3) == 5\n E assert 4 == 5\n E + where 4 = inc(3)\n\n test_sample.py:5: AssertionError\n ========================== 1 failed in 0.04 seconds ===========================\n\n\nDue to ``pytest``'s detailed assertion introspection, only plain ``assert`` statements are used. See `getting-started `_ for more examples.\n\n\nFeatures\n--------\n\n- Detailed info on failing `assert statements `_ (no need to remember ``self.assert*`` names)\n\n- `Auto-discovery\n `_\n of test modules and functions\n\n- `Modular fixtures `_ for\n managing small or parametrized long-lived test resources\n\n- Can run `unittest `_ (or trial)\n test suites out of the box\n\n- Python 3.8+ or PyPy3\n\n- Rich plugin architecture, with over 1300+ `external plugins `_ and thriving community\n\n\nDocumentation\n-------------\n\nFor full documentation, including installation, tutorials and PDF documents, please see https://docs.pytest.org/en/stable/.\n\n\nBugs/Requests\n-------------\n\nPlease use the `GitHub issue tracker `_ to submit bugs or request features.\n\n\nChangelog\n---------\n\nConsult the `Changelog `__ page for fixes and enhancements of each version.\n\n\nSupport pytest\n--------------\n\n`Open Collective`_ is an online funding platform for open and transparent communities.\nIt provides tools to raise money and share your finances in full transparency.\n\nIt is the platform of choice for individuals and companies that want to make one-time or\nmonthly donations directly to the project.\n\nSee more details in the `pytest collective`_.\n\n.. _Open Collective: https://opencollective.com\n.. _pytest collective: https://opencollective.com/pytest\n\n\npytest for enterprise\n---------------------\n\nAvailable as part of the Tidelift Subscription.\n\nThe maintainers of pytest and thousands of other packages are working with Tidelift to deliver commercial support and\nmaintenance for the open source dependencies you use to build your applications.\nSave time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use.\n\n`Learn more. `_\n\nSecurity\n^^^^^^^^\n\npytest has never been associated with a security vulnerability, but in any case, to report a\nsecurity vulnerability please use the `Tidelift security contact `_.\nTidelift will coordinate the fix and disclosure.\n\n\nLicense\n-------\n\nCopyright Holger Krekel and others, 2004.\n\nDistributed under the terms of the `MIT`_ license, pytest is free and open source software.\n\n.. _`MIT`: https://github.com/pytest-dev/pytest/blob/main/LICENSE", - "release_date": "2025-03-02T12:54:52", + "description": "pytest: simple powerful testing with Python\n.. image:: https://github.com/pytest-dev/pytest/raw/main/doc/en/img/pytest_logo_curves.svg\n :target: https://docs.pytest.org/en/stable/\n :align: center\n :height: 200\n :alt: pytest\n\n\n------\n\n.. image:: https://img.shields.io/pypi/v/pytest.svg\n :target: https://pypi.org/project/pytest/\n\n.. image:: https://img.shields.io/conda/vn/conda-forge/pytest.svg\n :target: https://anaconda.org/conda-forge/pytest\n\n.. image:: https://img.shields.io/pypi/pyversions/pytest.svg\n :target: https://pypi.org/project/pytest/\n\n.. image:: https://codecov.io/gh/pytest-dev/pytest/branch/main/graph/badge.svg\n :target: https://codecov.io/gh/pytest-dev/pytest\n :alt: Code coverage Status\n\n.. image:: https://github.com/pytest-dev/pytest/actions/workflows/test.yml/badge.svg\n :target: https://github.com/pytest-dev/pytest/actions?query=workflow%3Atest\n\n.. image:: https://results.pre-commit.ci/badge/github/pytest-dev/pytest/main.svg\n :target: https://results.pre-commit.ci/latest/github/pytest-dev/pytest/main\n :alt: pre-commit.ci status\n\n.. image:: https://www.codetriage.com/pytest-dev/pytest/badges/users.svg\n :target: https://www.codetriage.com/pytest-dev/pytest\n\n.. image:: https://readthedocs.org/projects/pytest/badge/?version=latest\n :target: https://pytest.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n\n.. image:: https://img.shields.io/badge/Discord-pytest--dev-blue\n :target: https://discord.com/invite/pytest-dev\n :alt: Discord\n\n.. image:: https://img.shields.io/badge/Libera%20chat-%23pytest-orange\n :target: https://web.libera.chat/#pytest\n :alt: Libera chat\n\n\nThe ``pytest`` framework makes it easy to write small tests, yet\nscales to support complex functional testing for applications and libraries.\n\nAn example of a simple test:\n\n.. code-block:: python\n\n # content of test_sample.py\n def inc(x):\n return x + 1\n\n\n def test_answer():\n assert inc(3) == 5\n\n\nTo execute it::\n\n $ pytest\n ============================= test session starts =============================\n collected 1 items\n\n test_sample.py F\n\n ================================== FAILURES ===================================\n _________________________________ test_answer _________________________________\n\n def test_answer():\n > assert inc(3) == 5\n E assert 4 == 5\n E + where 4 = inc(3)\n\n test_sample.py:5: AssertionError\n ========================== 1 failed in 0.04 seconds ===========================\n\n\nDue to ``pytest``'s detailed assertion introspection, only plain ``assert`` statements are used. See `getting-started `_ for more examples.\n\n\nFeatures\n--------\n\n- Detailed info on failing `assert statements `_ (no need to remember ``self.assert*`` names)\n\n- `Auto-discovery\n `_\n of test modules and functions\n\n- `Modular fixtures `_ for\n managing small or parametrized long-lived test resources\n\n- Can run `unittest `_ (or trial)\n test suites out of the box\n\n- Python 3.9+ or PyPy3\n\n- Rich plugin architecture, with over 1300+ `external plugins `_ and thriving community\n\n\nDocumentation\n-------------\n\nFor full documentation, including installation, tutorials and PDF documents, please see https://docs.pytest.org/en/stable/.\n\n\nBugs/Requests\n-------------\n\nPlease use the `GitHub issue tracker `_ to submit bugs or request features.\n\n\nChangelog\n---------\n\nConsult the `Changelog `__ page for fixes and enhancements of each version.\n\n\nSupport pytest\n--------------\n\n`Open Collective`_ is an online funding platform for open and transparent communities.\nIt provides tools to raise money and share your finances in full transparency.\n\nIt is the platform of choice for individuals and companies that want to make one-time or\nmonthly donations directly to the project.\n\nSee more details in the `pytest collective`_.\n\n.. _Open Collective: https://opencollective.com\n.. _pytest collective: https://opencollective.com/pytest\n\n\npytest for enterprise\n---------------------\n\nAvailable as part of the Tidelift Subscription.\n\nThe maintainers of pytest and thousands of other packages are working with Tidelift to deliver commercial support and\nmaintenance for the open source dependencies you use to build your applications.\nSave time, reduce risk, and improve code health, while paying the maintainers of the exact dependencies you use.\n\n`Learn more. `_\n\nSecurity\n^^^^^^^^\n\npytest has never been associated with a security vulnerability, but in any case, to report a\nsecurity vulnerability please use the `Tidelift security contact `_.\nTidelift will coordinate the fix and disclosure.\n\n\nLicense\n-------\n\nCopyright Holger Krekel and others, 2004.\n\nDistributed under the terms of the `MIT`_ license, pytest is free and open source software.\n\n.. _`MIT`: https://github.com/pytest-dev/pytest/blob/main/LICENSE", + "release_date": "2025-06-02T17:36:27", "parties": [ { "type": "person", @@ -384,18 +459,19 @@ "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", - "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.14", "Programming Language :: Python :: 3.9", "Topic :: Software Development :: Libraries", "Topic :: Software Development :: Testing", "Topic :: Utilities" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/30/3d/64ad57c803f1fa1e963a7946b6e0fea4a70df53c1a7fed304586539c2bac/pytest-8.3.5-py3-none-any.whl", - "size": 343634, + "download_url": "https://files.pythonhosted.org/packages/2f/de/afa024cbe022b1b318a3d224125aa24939e99b4ff6f22e0ba639a2eaee47/pytest-8.4.0-py3-none-any.whl", + "size": 363797, "sha1": null, - "md5": "7ce75916908b7b41f087b13afbe5614c", - "sha256": "c69214aa47deac29fad6c2a4f590b9c4a9fdb16a403176fe154b79c0b4d4d820", + "md5": "e3ae70dc3edd90a392d9061ba2c8d6e6", + "sha256": "f40f825768ad76c0977cbacdf1fd37c6f7a468e460ea6a0636078f8972d4517e", "sha512": null, "bug_tracking_url": "https://github.com/pytest-dev/pytest/issues", "code_view_url": "https://github.com/pytest-dev/pytest", @@ -415,9 +491,9 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/pytest/8.3.5/json", + "api_data_url": "https://pypi.org/pypi/pytest/8.4.0/json", "datasource_id": null, - "purl": "pkg:pypi/pytest@8.3.5" + "purl": "pkg:pypi/pytest@8.4.0" }, { "type": "pypi", @@ -482,12 +558,12 @@ "type": "pypi", "namespace": null, "name": "typing-extensions", - "version": "4.13.2", + "version": "4.14.0", "qualifiers": {}, "subpath": null, "primary_language": "Python", - "description": "Backported and Experimental Type Hints for Python 3.8+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", - "release_date": "2025-04-10T14:19:03", + "description": "Backported and Experimental Type Hints for Python 3.9+\n# Typing Extensions\n\n[![Chat at https://gitter.im/python/typing](https://badges.gitter.im/python/typing.svg)](https://gitter.im/python/typing)\n\n[Documentation](https://typing-extensions.readthedocs.io/en/latest/#) \u2013\n[PyPI](https://pypi.org/project/typing-extensions/)\n\n## Overview\n\nThe `typing_extensions` module serves two related purposes:\n\n- Enable use of new type system features on older Python versions. For example,\n `typing.TypeGuard` is new in Python 3.10, but `typing_extensions` allows\n users on previous Python versions to use it too.\n- Enable experimentation with new type system PEPs before they are accepted and\n added to the `typing` module.\n\n`typing_extensions` is treated specially by static type checkers such as\nmypy and pyright. Objects defined in `typing_extensions` are treated the same\nway as equivalent forms in `typing`.\n\n`typing_extensions` uses\n[Semantic Versioning](https://semver.org/). The\nmajor version will be incremented only for backwards-incompatible changes.\nTherefore, it's safe to depend\non `typing_extensions` like this: `typing_extensions >=x.y, <(x+1)`,\nwhere `x.y` is the first version that includes all features you need.\n\n## Included items\n\nSee [the documentation](https://typing-extensions.readthedocs.io/en/latest/#) for a\ncomplete listing of module contents.\n\n## Contributing\n\nSee [CONTRIBUTING.md](https://github.com/python/typing_extensions/blob/main/CONTRIBUTING.md)\nfor how to contribute to `typing_extensions`.", + "release_date": "2025-06-02T14:52:10", "parties": [ { "type": "person", @@ -520,16 +596,16 @@ "Programming Language :: Python :: 3.11", "Programming Language :: Python :: 3.12", "Programming Language :: Python :: 3.13", - "Programming Language :: Python :: 3.8", + "Programming Language :: Python :: 3.14", "Programming Language :: Python :: 3.9", "Topic :: Software Development" ], "homepage_url": null, - "download_url": "https://files.pythonhosted.org/packages/8b/54/b1ae86c0973cc6f0210b53d508ca3641fb6d0c56823f288d108bc7ab3cc8/typing_extensions-4.13.2-py3-none-any.whl", - "size": 45806, + "download_url": "https://files.pythonhosted.org/packages/69/e0/552843e0d356fbb5256d21449fa957fa4eff3bbc135a74a691ee70c7c5da/typing_extensions-4.14.0-py3-none-any.whl", + "size": 43839, "sha1": null, - "md5": "0d9ada689b5a7c88163dd4c3417b8cc8", - "sha256": "a439e7c04b49fec3e5d3e2beaa21755cadbbdc391694e28ccdd36ca4a1408f8c", + "md5": "d27a9ceff49d98145c50076842fca792", + "sha256": "a1514509136dd0b477638fc68d6a91497af5076466ad0fa6c338e44e359944af", "sha512": null, "bug_tracking_url": "https://github.com/python/typing_extensions/issues", "code_view_url": null, @@ -544,16 +620,16 @@ "dependencies": [], "repository_homepage_url": null, "repository_download_url": null, - "api_data_url": "https://pypi.org/pypi/typing-extensions/4.13.2/json", + "api_data_url": "https://pypi.org/pypi/typing-extensions/4.14.0/json", "datasource_id": null, - "purl": "pkg:pypi/typing-extensions@4.13.2" + "purl": "pkg:pypi/typing-extensions@4.14.0" } ], "resolved_dependencies_graph": [ { "package": "pkg:pypi/exceptiongroup@1.3.0", "dependencies": [ - "pkg:pypi/typing-extensions@4.13.2" + "pkg:pypi/typing-extensions@4.14.0" ] }, { @@ -573,12 +649,17 @@ "dependencies": [] }, { - "package": "pkg:pypi/pytest@8.3.5", + "package": "pkg:pypi/pygments@2.19.1", + "dependencies": [] + }, + { + "package": "pkg:pypi/pytest@8.4.0", "dependencies": [ "pkg:pypi/exceptiongroup@1.3.0", "pkg:pypi/iniconfig@2.1.0", "pkg:pypi/packaging@25.0", "pkg:pypi/pluggy@1.6.0", + "pkg:pypi/pygments@2.19.1", "pkg:pypi/tomli@2.2.1" ] }, @@ -587,7 +668,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/typing-extensions@4.13.2", + "package": "pkg:pypi/typing-extensions@4.14.0", "dependencies": [] } ] diff --git a/tests/data/insecure-setup/setup.py-expected.json b/tests/data/insecure-setup/setup.py-expected.json index bc11151d..65279116 100644 --- a/tests/data/insecure-setup/setup.py-expected.json +++ b/tests/data/insecure-setup/setup.py-expected.json @@ -5,7 +5,7 @@ "tool_version": "0.13.0", "options": [ "--analyze-setup-py-insecurely", - "--index-url https://thirdparty.aboutcode.org/pypi/simple/", + "--index-url https://pypi.org/simple", "--json ", "--operating-system linux", "--python-version 27", @@ -122,20 +122,204 @@ ] } ], - "packages": [], + "packages": [ + { + "type": "pypi", + "namespace": null, + "name": "isodate", + "version": "0.7.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "An ISO 8601 date/time/duration parser and formatter\nISO 8601 date/time parser\n=========================\n\n.. image:: https://travis-ci.org/gweis/isodate.svg?branch=master\n :target: https://travis-ci.org/gweis/isodate\n :alt: Travis-CI\n.. image:: https://coveralls.io/repos/gweis/isodate/badge.svg?branch=master\n :target: https://coveralls.io/r/gweis/isodate?branch=master\n :alt: Coveralls\n.. image:: https://img.shields.io/pypi/v/isodate.svg\n :target: https://pypi.python.org/pypi/isodate/\n :alt: Latest Version\n.. image:: https://img.shields.io/pypi/l/isodate.svg\n :target: https://pypi.python.org/pypi/isodate/\n :alt: License\n\n\nThis module implements ISO 8601 date, time and duration parsing.\nThe implementation follows ISO8601:2004 standard, and implements only\ndate/time representations mentioned in the standard. If something is not\nmentioned there, then it is treated as non existent, and not as an allowed\noption.\n\nFor instance, ISO8601:2004 never mentions 2 digit years. So, it is not\nintended by this module to support 2 digit years. (while it may still\nbe valid as ISO date, because it is not explicitly forbidden.)\nAnother example is, when no time zone information is given for a time,\nthen it should be interpreted as local time, and not UTC.\n\nAs this module maps ISO 8601 dates/times to standard Python data types, like\n*date*, *time*, *datetime* and *timedelta*, it is not possible to convert\nall possible ISO 8601 dates/times. For instance, dates before 0001-01-01 are\nnot allowed by the Python *date* and *datetime* classes. Additionally\nfractional seconds are limited to microseconds. That means if the parser finds\nfor instance nanoseconds it will round it down to microseconds.\n\nDocumentation\n-------------\n\nThe following parsing methods are available.\n * parse_time:\n parses an ISO 8601 time string into a *time* object\n * parse_date:\n parses an ISO 8601 date string into a *date* object\n * parse_datetime:\n parses an ISO 8601 date-time string into a *datetime* object\n * parse_duration:\n parses an ISO 8601 duration string into a *timedelta* or *Duration*\n object.\n * parse_tzinfo:\n parses the time zone info part of an ISO 8601 string into a\n *tzinfo* object.\n\nAs ISO 8601 allows to define durations in years and months, and *timedelta*\ndoes not handle years and months, this module provides a *Duration* class,\nwhich can be used almost like a *timedelta* object (with some limitations).\nHowever, a *Duration* object can be converted into a *timedelta* object.\n\nThere are also ISO formatting methods for all supported data types. Each\n*xxx_isoformat* method accepts a format parameter. The default format is\nalways the ISO 8601 expanded format. This is the same format used by\n*datetime.isoformat*:\n\n * time_isoformat:\n Intended to create ISO time strings with default format\n *hh:mm:ssZ*.\n * date_isoformat:\n Intended to create ISO date strings with default format\n *yyyy-mm-dd*.\n * datetime_isoformat:\n Intended to create ISO date-time strings with default format\n *yyyy-mm-ddThh:mm:ssZ*.\n * duration_isoformat:\n Intended to create ISO duration strings with default format\n *PnnYnnMnnDTnnHnnMnnS*.\n * tz_isoformat:\n Intended to create ISO time zone strings with default format\n *hh:mm*.\n * strftime:\n A re-implementation mostly compatible with Python's *strftime*, but\n supports only those format strings, which can also be used for dates\n prior 1900. This method also understands how to format *datetime* and\n *Duration* instances.\n\nInstallation\n------------\n\nThis module can easily be installed with Python standard installation methods.\n\nUse *pip install isodate*.\n\nLimitations\n-----------\n\n * The parser accepts several date/time representation which should be invalid\n according to ISO 8601 standard.\n\n 1. for date and time together, this parser accepts a mixture of basic and extended format.\n e.g. the date could be in basic format, while the time is accepted in extended format.\n It also allows short dates and times in date-time strings.\n 2. For incomplete dates, the first day is chosen. e.g. 19th century results in a date of\n 1901-01-01.\n 3. negative *Duration* and *timedelta* value are not fully supported yet.\n\nFurther information\n-------------------\n\nThe doc strings and unit tests should provide rather detailed information about\nthe methods and their limitations.\n\nThe source release provides a *setup.py* script,\nwhich can be used to run the unit tests included.\n\nSource code is available at ``_.\n\n\nCHANGES\n=======\n\n0.7.1 (unreleased)\n------------------\n\n- no changes yet\n\n\n0.7.0 (2024-10-08)\n------------------\n\n- drop end of life python versions\n- Don't match garbage characters at the end of parsed strings #16 (Gabriel de Perthuis)\n\n\nPotentially breaking changes:\n^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n\n- Fractional seconds are cut off to microseconds (always round down)\n- Allow control over return type of parse_duration #64 (Felix Claessen)\n\n\n0.6.1 (2021-12-13)\n------------------\n\n- support python 3.10 (Hugo van Kemenade)\n- last version to support py 2.7\n\n\n0.6.0 (2017-10-13)\n------------------\n\n- support incomplete month date (Fabien Loffredo)\n- rely on duck typing when doing duration maths\n- support ':' as separator in fractional time zones (usrenmae)\n\n\n0.5.4 (2015-08-06)\n------------------\n\n- Fix parsing of Periods (Fabien Bochu)\n- Make Duration objects hashable (Geoffrey Fairchild)\n- Add multiplication to duration (Reinoud Elhorst)\n\n\n0.5.1 (2014-11-07)\n------------------\n\n- fixed pickling of Duration objects\n- raise ISO8601Error when there is no 'T' separator in datetime strings (Adrian Coveney)\n\n\n0.5.0 (2014-02-23)\n------------------\n\n- ISO8601Error are subclasses of ValueError now (Michael Hrivnak)\n- improve compatibility across various python variants and versions\n- raise exceptions when using fractional years and months in date\n maths with durations\n- renamed method todatetime on Duraction objects to totimedelta\n\n\n0.4.9 (2012-10-30)\n------------------\n\n- support pickling FixedOffset instances\n- make sure parsed fractional seconds are in microseconds\n- add leading zeros when formattig microseconds (Jarom Loveridge)\n\n\n0.4.8 (2012-05-04)\n------------------\n\n- fixed incompatibility of unittests with python 2.5 and 2.6 (runs fine on 2.7\n and 3.2)\n\n\n0.4.7 (2012-01-26)\n------------------\n\n- fixed tzinfo formatting (never pass None into tzinfo.utcoffset())\n\n\n0.4.6 (2012-01-06)\n------------------\n\n- added Python 3 compatibility via 2to3\n\n0.4.5 (2012-01-06)\n------------------\n\n- made setuptools dependency optional\n\n0.4.4 (2011-04-16)\n------------------\n\n- Fixed formatting of microseconds for datetime objects\n\n0.4.3 (2010-10-29)\n------------------\n\n- Fixed problem with %P formatting and fractions (supplied by David Brooks)\n\n0.4.2 (2010-10-28)\n------------------\n\n- Implemented unary - for Duration (supplied by David Brooks)\n- Output fractional seconds with '%P' format. (partly supplied by David Brooks)\n\n0.4.1 (2010-10-13)\n------------------\n\n- fixed bug in comparison between timedelta and Duration.\n- fixed precision problem with microseconds (reported by Tommi Virtanen)\n\n0.4.0 (2009-02-09)\n------------------\n\n- added method to parse ISO 8601 time zone strings\n- added methods to create ISO 8601 conforming strings\n\n0.3.0 (2009-1-05)\n------------------\n\n- Initial release\n\n\nTODOs\n=====\n\nThis to do list contains some thoughts and ideas about missing features, and\nparts to think about, whether to implement them or not. This list is probably\nnot complete.\n\nMissing features:\n-----------------\n\n * time formatting does not allow to create fractional representations.\n * parser for ISO intervals.\n * currently microseconds are always padded to a length of 6 characters.\n trailing 0s should be optional\n\nDocumentation:\n--------------\n\n * parse_datetime:\n - complete documentation to show what this function allows, but ISO forbids.\n and vice verse.\n - support other separators between date and time than 'T'\n\n * parse_date:\n - yeardigits should be always greater than 4\n - dates before 0001-01-01 are not supported\n\n * parse_duration:\n - alternative formats are not fully supported due to parse_date restrictions\n - standard duration format is fully supported but not very restrictive.\n\n * Duration:\n - support fractional years and month in calculations\n - implement w3c order relation? (``_)\n - refactor to have duration mathematics only at one place.\n - localize __str__ method (does timedelta do this?)\n - when is a Duration negative?\n - normalize Durations. months [00-12] and years ]-inf,+inf[", + "release_date": "2024-10-08T02:38:58", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Gerhard Weis", + "email": null, + "url": null + } + ], + "keywords": [ + "Development Status :: 4 - Beta", + "Intended Audience :: Developers", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.10", + "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.12", + "Programming Language :: Python :: 3.13", + "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: Implementation :: CPython", + "Programming Language :: Python :: Implementation :: PyPy", + "Topic :: Internet", + "Topic :: Software Development :: Libraries :: Python Modules" + ], + "homepage_url": null, + "download_url": "https://files.pythonhosted.org/packages/9b/40/32ce777053517be3032bb2ab3bb216959071ee0c16c761879e75c34a323e/isodate-0.7.0.tar.gz", + "size": 29597, + "sha1": null, + "md5": "06c2886cc00cdfc4ec1f36c1d590bc06", + "sha256": "c6332cf456314b85cc3b6ea2c45a6fa417cb1fddb361f6d2ed8f4f69e843c6d1", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "Copyright (c) 2021, Hugo van Kemenade and contributors Copyright (c) 2009-2018, Gerhard Weis and contributors Copyright (c) 2009, Gerhard Weis All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ", + "classifiers": [ + "License :: OSI Approved :: BSD License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/isodate/0.7.0/json", + "datasource_id": null, + "purl": "pkg:pypi/isodate@0.7.0" + }, + { + "type": "pypi", + "namespace": null, + "name": "pyparsing", + "version": "2.4.7", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Python parsing module\nPyParsing -- A Python Parsing Module\n====================================\n\n|Build Status|\n\nIntroduction\n============\n\nThe pyparsing module is an alternative approach to creating and\nexecuting simple grammars, vs. the traditional lex/yacc approach, or the\nuse of regular expressions. The pyparsing module provides a library of\nclasses that client code uses to construct the grammar directly in\nPython code.\n\n*[Since first writing this description of pyparsing in late 2003, this\ntechnique for developing parsers has become more widespread, under the\nname Parsing Expression Grammars - PEGs. See more information on PEGs at*\nhttps://en.wikipedia.org/wiki/Parsing_expression_grammar *.]*\n\nHere is a program to parse ``\"Hello, World!\"`` (or any greeting of the form\n``\"salutation, addressee!\"``):\n\n.. code:: python\n\n from pyparsing import Word, alphas\n greet = Word(alphas) + \",\" + Word(alphas) + \"!\"\n hello = \"Hello, World!\"\n print(hello, \"->\", greet.parseString(hello))\n\nThe program outputs the following::\n\n Hello, World! -> ['Hello', ',', 'World', '!']\n\nThe Python representation of the grammar is quite readable, owing to the\nself-explanatory class names, and the use of '+', '|' and '^' operator\ndefinitions.\n\nThe parsed results returned from ``parseString()`` can be accessed as a\nnested list, a dictionary, or an object with named attributes.\n\nThe pyparsing module handles some of the problems that are typically\nvexing when writing text parsers:\n\n- extra or missing whitespace (the above program will also handle ``\"Hello,World!\"``, ``\"Hello , World !\"``, etc.)\n- quoted strings\n- embedded comments\n\nThe examples directory includes a simple SQL parser, simple CORBA IDL\nparser, a config file parser, a chemical formula parser, and a four-\nfunction algebraic notation parser, among many others.\n\nDocumentation\n=============\n\nThere are many examples in the online docstrings of the classes\nand methods in pyparsing. You can find them compiled into online docs\nat https://pyparsing-docs.readthedocs.io/en/latest/. Additional\ndocumentation resources and project info are listed in the online\nGitHub wiki, at https://github.com/pyparsing/pyparsing/wiki. An\nentire directory of examples is at\nhttps://github.com/pyparsing/pyparsing/tree/master/examples.\n\nLicense\n=======\n\nMIT License. See header of pyparsing.py\n\nHistory\n=======\n\nSee CHANGES file.\n\n.. |Build Status| image:: https://travis-ci.org/pyparsing/pyparsing.svg?branch=master\n :target: https://travis-ci.org/pyparsing/pyparsing", + "release_date": "2020-04-05T22:21:22", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Paul McGuire", + "email": "ptmcg@users.sourceforge.net", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Intended Audience :: Information Technology", + "Operating System :: OS Independent", + "Programming Language :: Python", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 2.6", + "Programming Language :: Python :: 2.7", + "Programming Language :: Python :: 3", + "Programming Language :: Python :: 3.3", + "Programming Language :: Python :: 3.4", + "Programming Language :: Python :: 3.5", + "Programming Language :: Python :: 3.6", + "Programming Language :: Python :: 3.7", + "Programming Language :: Python :: 3.8" + ], + "homepage_url": "https://github.com/pyparsing/pyparsing/", + "download_url": "https://files.pythonhosted.org/packages/8a/bb/488841f56197b13700afd5658fc279a2025a39e22449b7cf29864669b15d/pyparsing-2.4.7-py2.py3-none-any.whl", + "size": 67842, + "sha1": null, + "md5": "dbfd0a241aad2595f43377ec7f1836ea", + "sha256": "ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "MIT License", + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/pyparsing/2.4.7/json", + "datasource_id": null, + "purl": "pkg:pypi/pyparsing@2.4.7" + }, + { + "type": "pypi", + "namespace": null, + "name": "six", + "version": "1.17.0", + "qualifiers": {}, + "subpath": null, + "primary_language": "Python", + "description": "Python 2 and 3 compatibility utilities\n.. image:: https://img.shields.io/pypi/v/six.svg\n :target: https://pypi.org/project/six/\n :alt: six on PyPI\n\n.. image:: https://readthedocs.org/projects/six/badge/?version=latest\n :target: https://six.readthedocs.io/\n :alt: six's documentation on Read the Docs\n\n.. image:: https://img.shields.io/badge/license-MIT-green.svg\n :target: https://github.com/benjaminp/six/blob/master/LICENSE\n :alt: MIT License badge\n\nSix is a Python 2 and 3 compatibility library. It provides utility functions\nfor smoothing over the differences between the Python versions with the goal of\nwriting Python code that is compatible on both Python versions. See the\ndocumentation for more information on what is provided.\n\nSix supports Python 2.7 and 3.3+. It is contained in only one Python\nfile, so it can be easily copied into your project. (The copyright and license\nnotice must be retained.)\n\nOnline documentation is at https://six.readthedocs.io/.\n\nBugs can be reported to https://github.com/benjaminp/six. The code can also\nbe found there.", + "release_date": "2024-12-04T17:35:26", + "parties": [ + { + "type": "person", + "role": "author", + "name": "Benjamin Peterson", + "email": "benjamin@python.org", + "url": null + } + ], + "keywords": [ + "Development Status :: 5 - Production/Stable", + "Intended Audience :: Developers", + "Programming Language :: Python :: 2", + "Programming Language :: Python :: 3", + "Topic :: Software Development :: Libraries", + "Topic :: Utilities" + ], + "homepage_url": "https://github.com/benjaminp/six", + "download_url": "https://files.pythonhosted.org/packages/b7/ce/149a00dd41f10bc29e5921b496af8b574d8413afcd5e30dfa0ed46c2cc5e/six-1.17.0-py2.py3-none-any.whl", + "size": 11050, + "sha1": null, + "md5": "090bac7d568f9c1f64b671de641ccdee", + "sha256": "4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274", + "sha512": null, + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "license_expression": null, + "declared_license": { + "license": "MIT", + "classifiers": [ + "License :: OSI Approved :: MIT License" + ] + }, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [], + "repository_homepage_url": null, + "repository_download_url": null, + "api_data_url": "https://pypi.org/pypi/six/1.17.0/json", + "datasource_id": null, + "purl": "pkg:pypi/six@1.17.0" + } + ], "resolved_dependencies_graph": [ { - "package": "pkg:pypi/isodate@0.6.1", - "dependencies": [ - "pkg:pypi/six@1.16.0" - ] + "package": "pkg:pypi/isodate@0.7.0", + "dependencies": [] }, { - "package": "pkg:pypi/pyparsing@3.0.9", + "package": "pkg:pypi/pyparsing@2.4.7", "dependencies": [] }, { - "package": "pkg:pypi/six@1.16.0", + "package": "pkg:pypi/six@1.17.0", "dependencies": [] } ] diff --git a/tests/data/resolved_deps/autobahn-310-expected.json b/tests/data/resolved_deps/autobahn-310-expected.json index ad910251..088bac40 100644 --- a/tests/data/resolved_deps/autobahn-310-expected.json +++ b/tests/data/resolved_deps/autobahn-310-expected.json @@ -5,7 +5,7 @@ "dependencies": [ "pkg:pypi/cryptography@43.0.3", "pkg:pypi/hyperlink@21.0.0", - "pkg:pypi/setuptools@80.8.0", + "pkg:pypi/setuptools@80.9.0", "pkg:pypi/txaio@23.1.1" ] }, @@ -36,7 +36,7 @@ "dependencies": [] }, { - "package": "pkg:pypi/setuptools@80.8.0", + "package": "pkg:pypi/setuptools@80.9.0", "dependencies": [] }, { @@ -51,7 +51,7 @@ "pkg:pypi/hyperlink@21.0.0", "pkg:pypi/idna@3.10", "pkg:pypi/pycparser@2.22", - "pkg:pypi/setuptools@80.8.0", + "pkg:pypi/setuptools@80.9.0", "pkg:pypi/txaio@23.1.1" ] ] \ No newline at end of file diff --git a/tests/data/resolved_deps/flask-39-expected.json b/tests/data/resolved_deps/flask-39-expected.json index 96d5bf35..d3345b2d 100644 --- a/tests/data/resolved_deps/flask-39-expected.json +++ b/tests/data/resolved_deps/flask-39-expected.json @@ -17,7 +17,7 @@ { "package": "pkg:pypi/importlib-metadata@8.7.0", "dependencies": [ - "pkg:pypi/zipp@3.21.0" + "pkg:pypi/zipp@3.22.0" ] }, { @@ -41,7 +41,7 @@ ] }, { - "package": "pkg:pypi/zipp@3.21.0", + "package": "pkg:pypi/zipp@3.22.0", "dependencies": [] } ], @@ -53,6 +53,6 @@ "pkg:pypi/jinja2@3.1.6", "pkg:pypi/markupsafe@3.0.2", "pkg:pypi/werkzeug@3.1.3", - "pkg:pypi/zipp@3.21.0" + "pkg:pypi/zipp@3.22.0" ] ] \ No newline at end of file diff --git a/tests/test_cli.py b/tests/test_cli.py index feeb696d..b7dcc507 100644 --- a/tests/test_cli.py +++ b/tests/test_cli.py @@ -28,6 +28,15 @@ setup_test_env.test_data_dir = os.path.join(os.path.dirname(__file__), "data", "setup") +def clear_environ(): + for k, v in os.environ.items(): + if k == "PYINSP_REGEN_TEST_FIXTURES": + continue + if "PYINSP" in k: + print(f"deleting: {k}: {v}") + os.unsetenv(k) + + @pytest.mark.online def test_cli_with_default_urls(): expected_file = test_env.get_test_loc("default-url-expected.json", must_exist=False)