def test_unpinned_hash_checking(self, data):
"""Make sure prepare_files() raises an error when a requirement is not
version-pinned in hash-checking mode.
"""
reqset = RequirementSet()
# Test that there must be exactly 1 specifier:
reqset.add_requirement(
list(process_line('simple --hash=sha256:a90427ae31f5d1d0d7ec06ee97'
'd9fcf2d0fc9a786985250c1c83fd68df5911dd',
'file',
1))[0])
# Test that the operator must be ==:
reqset.add_requirement(list(process_line(
'simple2>1.0 --hash=sha256:3ad45e1e9aa48b4462af0'
'123f6a7e44a9115db1ef945d4d92c123dfe21815a06',
'file',
2))[0])
finder = PackageFinder([data.find_links], [], session=PipSession())
resolver = self._basic_resolver(finder)
assert_raises_regexp(
HashErrors,
# Make sure all failing requirements are listed:
r'versions pinned with ==. These do not:\n'
r' simple .* \(from -r file \(line 1\)\)\n'
r' simple2>1.0 .* \(from -r file \(line 2\)\)',
resolver.resolve,
reqset)
def test_yield_editable_requirement(self):
url = 'git+https://url#egg=SomeProject'
line = '-e %s' % url
filename = 'filename'
comes_from = '-r %s (line %s)' % (filename, 1)
req = InstallRequirement.from_editable(url, comes_from=comes_from)
assert repr(list(process_line(line, filename, 1))[0]) == repr(req)
def test_yield_line_requirement_with_spaces_in_specifier(self):
line = 'SomeProject >= 2'
filename = 'filename'
comes_from = '-r %s (line %s)' % (filename, 1)
req = InstallRequirement.from_line(line, comes_from=comes_from)
assert repr(list(process_line(line, filename, 1))[0]) == repr(req)
assert str(req.req.specifier) == '>=2'
def test_options_on_a_requirement_line(self):
line = 'SomeProject --install-option=yo1 --install-option yo2 '\
'--global-option="yo3" --global-option "yo4"'
filename = 'filename'
req = list(process_line(line, filename, 1))[0]
assert req.options == {
'global_options': ['yo3', 'yo4'],
'install_options': ['yo1', 'yo2']}
def test_yield_line_constraint(self):
line = 'SomeProject'
filename = 'filename'
comes_from = '-c %s (line %s)' % (filename, 1)
req = InstallRequirement.from_line(
line, comes_from=comes_from, constraint=True)
found_req = list(process_line(line, filename, 1, constraint=True))[0]
assert repr(found_req) == repr(req)
assert found_req.constraint is True
def test_yield_editable_constraint(self):
url = 'git+https://url#egg=SomeProject'
line = '-e %s' % url
filename = 'filename'
comes_from = '-c %s (line %s)' % (filename, 1)
req = InstallRequirement.from_editable(
url, comes_from=comes_from, constraint=True)
found_req = list(process_line(line, filename, 1, constraint=True))[0]
assert repr(found_req) == repr(req)
assert found_req.constraint is True
def test_missing_hash_checking(self, data):
"""Make sure prepare_files() raises an error when a requirement has no
hash in implicit hash-checking mode.
"""
reqset = RequirementSet()
# No flags here. This tests that detection of later flags nonetheless
# requires earlier packages to have hashes:
reqset.add_requirement(
list(process_line('blessings==1.0', 'file', 1))[0])
# This flag activates --require-hashes mode:
reqset.add_requirement(
list(process_line('tracefront==0.1 --hash=sha256:somehash',
'file',
2))[0])
# This hash should be accepted because it came from the reqs file, not
# from the internet:
reqset.add_requirement(
list(process_line('https://pypi.python.org/packages/source/m/more-'
'itertools/more-itertools-1.0.tar.gz#md5=b21850c'
'3cfa7efbb70fd662ab5413bdd', 'file', 3))[0])
# The error text should list this as a URL and not `peep==3.1.1`:
reqset.add_requirement(
list(process_line('https://pypi.python.org/packages/source/p/peep/'
'peep-3.1.1.tar.gz',
'file',
4))[0])
finder = PackageFinder([],
['https://pypi.python.org/simple'],
session=PipSession())
resolver = self._basic_resolver(finder)
assert_raises_regexp(
HashErrors,
r'Hashes are required in --require-hashes mode, but they are '
r'missing .*\n'
r' https://pypi\.python\.org/packages/source/p/peep/peep'
r'-3\.1\.1\.tar\.gz --hash=sha256:[0-9a-f]+\n'
r' blessings==1.0 --hash=sha256:[0-9a-f]+\n'
r'THESE PACKAGES DO NOT MATCH THE HASHES.*\n'
r' tracefront==0.1 .*:\n'
r' Expected sha256 somehash\n'
r' Got [0-9a-f]+$',
resolver.resolve,
reqset)
def test_hashed_deps_on_require_hashes(self, data):
"""Make sure hashed dependencies get installed when --require-hashes
is on.
(We actually just check that no "not all dependencies are hashed!"
error gets raised while preparing; there is no reason to expect
installation to then fail, as the code paths are the same as ever.)
"""
reqset = RequirementSet()
reqset.add_requirement(next(process_line(
'TopoRequires2==0.0.1 ' # requires TopoRequires
'--hash=sha256:eaf9a01242c9f2f42cf2bd82a6a848cd'
'e3591d14f7896bdbefcf48543720c970',
'file', 1)))
reqset.add_requirement(next(process_line(
'TopoRequires==0.0.1 '
'--hash=sha256:d6dd1e22e60df512fdcf3640ced3039b3b02a56ab2cee81ebcb'
'3d0a6d4e8bfa6',
'file', 2)))
def test_nested_constraints_file(self, monkeypatch):
line = '-c another_file'
req = InstallRequirement.from_line('SomeProject')
import pip._internal.req.req_file
def stub_parse_requirements(req_url, finder, comes_from, options,
session, wheel_cache, constraint):
return [(req, constraint)]
parse_requirements_stub = stub(call=stub_parse_requirements)
monkeypatch.setattr(pip._internal.req.req_file, 'parse_requirements',
parse_requirements_stub.call)
assert list(process_line(line, 'filename', 1)) == [(req, True)]
def test_unsupported_hashes(self, data):
"""VCS and dir links should raise errors when --require-hashes is
on.
In addition, complaints about the type of requirement (VCS or dir)
should trump the presence or absence of a hash.
"""
reqset = RequirementSet(require_hashes=True)
reqset.add_requirement(
list(process_line(
'git+git://github.com/pypa/pip-test-package --hash=sha256:123',
'file',
1))[0])
dir_path = data.packages.join('FSPkg')
reqset.add_requirement(
list(process_line(
'file://%s' % (dir_path,),
'file',
2))[0])
finder = PackageFinder([data.find_links], [], session=PipSession())
resolver = self._basic_resolver(finder)
sep = os.path.sep
if sep == '\\':
sep = '\\\\' # This needs to be escaped for the regex
assert_raises_regexp(
HashErrors,
r"Can't verify hashes for these requirements because we don't "
r"have a way to hash version control repositories:\n"
r" git\+git://github\.com/pypa/pip-test-package \(from -r file "
r"\(line 1\)\)\n"
r"Can't verify hashes for these file:// requirements because they "
r"point to directories:\n"
r" file://.*{sep}data{sep}packages{sep}FSPkg "
r"\(from -r file \(line 2\)\)".format(sep=sep),
resolver.resolve,
reqset)
def test_relative_local_nested_req_files(self, finder, monkeypatch):
"""
Test a relative nested req file path is joined with the req file dir
"""
req_file = os.path.normpath('/path/req_file.txt')
def parse(*args, **kwargs):
return iter([])
mock_parse = Mock()
mock_parse.side_effect = parse
monkeypatch.setattr(pip._internal.req.req_file, 'parse_requirements',
mock_parse)
list(process_line("-r reqs.txt", req_file, 1, finder=finder))
call = mock_parse.mock_calls[0]
assert call[1][0] == os.path.normpath('/path/reqs.txt')
def test_absolute_local_nested_req_files(self, finder, monkeypatch):
"""
Test an absolute nested req file path
"""
req_file = '/path/req_file.txt'
def parse(*args, **kwargs):
return iter([])
mock_parse = Mock()
mock_parse.side_effect = parse
monkeypatch.setattr(pip._internal.req.req_file, 'parse_requirements',
mock_parse)
list(process_line("-r /other/reqs.txt", req_file, 1, finder=finder))
call = mock_parse.mock_calls[0]
assert call[1][0] == '/other/reqs.txt'
def parse_requirement_line(line, filename, line_number, session, finder):
"""Parse a requirement line and return an InstallRequirement instance.
:param line: One line from a requirements.txt file.
:param filename: Path to a requirements.txt file.
:param line_number: The integer line number of the current line.
:param session: Instance of pip.download.PipSession.
:param finder: Instance of pip.download.PackageFinder.
"""
if not line:
return None
reqs = list(req_file.process_line(
line, filename, line_number, session=session, finder=finder))
return reqs[0] if len(reqs) > 0 else None
def test_missing_hash_with_require_hashes(self, data):
"""Setting --require-hashes explicitly should raise errors if hashes
are missing.
"""
reqset = RequirementSet(require_hashes=True)
reqset.add_requirement(
list(process_line('simple==1.0', 'file', 1))[0])
finder = PackageFinder([data.find_links], [], session=PipSession())
resolver = self._basic_resolver(finder)
assert_raises_regexp(
HashErrors,
r'Hashes are required in --require-hashes mode, but they are '
r'missing .*\n'
r' simple==1.0 --hash=sha256:393043e672415891885c9a2a0929b1af95'
r'fb866d6ca016b42d2e6ce53619b653$',
resolver.resolve,
reqset)
def test_unhashed_deps_on_require_hashes(self, data):
"""Make sure unhashed, unpinned, or otherwise unrepeatable
dependencies get complained about when --require-hashes is on."""
reqset = RequirementSet()
finder = PackageFinder([data.find_links], [], session=PipSession())
resolver = self._basic_resolver(finder)
reqset.add_requirement(next(process_line(
'TopoRequires2==0.0.1 ' # requires TopoRequires
'--hash=sha256:eaf9a01242c9f2f42cf2bd82a6a848cd'
'e3591d14f7896bdbefcf48543720c970',
'file', 1)))
assert_raises_regexp(
HashErrors,
r'In --require-hashes mode, all requirements must have their '
r'versions pinned.*\n'
r' TopoRequires from .*$',
resolver.resolve,
reqset)
def test_relative_local_find_links(self, finder, monkeypatch):
"""
Test a relative find_links path is joined with the req file directory
"""
# Make sure the test also passes on windows
req_file = os.path.normcase(os.path.abspath(
os.path.normpath('/path/req_file.txt')))
nested_link = os.path.normcase(os.path.abspath(
os.path.normpath('/path/rel_path')))
exists_ = os.path.exists
def exists(path):
if path == nested_link:
return True
else:
exists_(path)
monkeypatch.setattr(os.path, 'exists', exists)
list(process_line("--find-links=rel_path", req_file, 1,
finder=finder))
assert finder.find_links == [nested_link]
def test_hash_mismatch(self, data):
"""A hash mismatch should raise an error."""
file_url = path_to_url(
(data.packages / 'simple-1.0.tar.gz').abspath)
reqset = RequirementSet(require_hashes=True)
reqset.add_requirement(
list(process_line('%s --hash=sha256:badbad' % file_url,
'file',
1))[0])
finder = PackageFinder([data.find_links], [], session=PipSession())
resolver = self._basic_resolver(finder)
assert_raises_regexp(
HashErrors,
r'THESE PACKAGES DO NOT MATCH THE HASHES.*\n'
r' file:///.*/data/packages/simple-1\.0\.tar\.gz .*:\n'
r' Expected sha256 badbad\n'
r' Got 393043e672415891885c9a2a0929b1af95fb866d'
r'6ca016b42d2e6ce53619b653$',
resolver.resolve,
reqset)
def test_hash_options(self):
"""Test the --hash option: mostly its value storage.
Make sure it reads and preserve multiple hashes.
"""
line = ('SomeProject --hash=sha256:2cf24dba5fb0a30e26e83b2ac5b9e29e1b1'
'61e5c1fa7425e73043362938b9824 '
'--hash=sha384:59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c'
'3553bcdb9c666fa90125a3c79f90397bdf5f6a13de828684f '
'--hash=sha256:486ea46224d1bb4fb680f34f7c9ad96a8f24ec88be73ea8'
'e5a6c65260e9cb8a7')
filename = 'filename'
req = list(process_line(line, filename, 1))[0]
assert req.options == {'hashes': {
'sha256': ['2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e730433'
'62938b9824',
'486ea46224d1bb4fb680f34f7c9ad96a8f24ec88be73ea8e5a6c65'
'260e9cb8a7'],
'sha384': ['59e1748777448c69de6b800d7a33bbfb9ff1b463e44354c3553bcd'
'b9c666fa90125a3c79f90397bdf5f6a13de828684f']}}
def test_yield_pep440_line_requirement(self):
line = 'SomeProject @ https://url/SomeProject-py2-py3-none-any.whl'
filename = 'filename'
comes_from = '-r %s (line %s)' % (filename, 1)
req = install_req_from_line(line, comes_from=comes_from)
assert repr(list(process_line(line, filename, 1))[0]) == repr(req)
def test_noop_always_unzip(self, finder):
# noop, but confirm it can be set
list(process_line("--always-unzip", "file", 1, finder=finder))
def test_set_finder_extra_index_urls(self, finder):
list(process_line("--extra-index-url=url", "file", 1, finder=finder))
assert finder.index_urls == ['url']
def test_set_finder_no_index(self, finder):
list(process_line("--no-index", "file", 1, finder=finder))
assert finder.index_urls == []
def test_parser_error(self):
with pytest.raises(RequirementsFileParseError):
list(process_line("--bogus", "file", 1))
def test_set_finder_no_index(self, finder):
list(process_line("--no-index", "file", 1, finder=finder))
assert finder.index_urls == []
def test_set_finder_find_links(self, finder):
list(process_line("--find-links=url", "file", 1, finder=finder))
assert finder.find_links == ['url']
def test_variant1(self, finder):
list(process_line("-i url", "file", 1, finder=finder))
assert finder.index_urls == ['url']
def test_set_finder_allow_all_prereleases(self, finder):
list(process_line("--pre", "file", 1, finder=finder))
assert finder.allow_all_prereleases
def test_variant1(self, finder):
list(process_line("-i url", "file", 1, finder=finder))
assert finder.index_urls == ['url']
def test_noop_always_unzip(self, finder):
# noop, but confirm it can be set
list(process_line("--always-unzip", "file", 1, finder=finder))
def test_set_isolated(self, options):
line = 'SomeProject'
filename = 'filename'
options.isolated_mode = True
result = process_line(line, filename, 1, options=options)
assert list(result)[0].isolated
def get_processed_req_from_line(line, fname='file', lineno=1):
req = list(process_line(line, fname, lineno))[0]
req.is_direct = True
return req
def test_set_finder_trusted_host(self, finder):
list(process_line("--trusted-host=url", "file", 1, finder=finder))
assert finder.secure_origins == [('*', 'url', '*')]
def test_set_isolated(self, options):
line = 'SomeProject'
filename = 'filename'
options.isolated_mode = True
result = process_line(line, filename, 1, options=options)
assert list(result)[0].isolated
def test_only_one_req_per_line(self):
# pkg_resources raises the ValueError
with pytest.raises(InstallationError):
list(process_line("req1 req2", "file", 1))
def test_set_finder_find_links(self, finder):
list(process_line("--find-links=url", "file", 1, finder=finder))
assert finder.find_links == ['url']
def test_yield_line_requirement(self):
line = 'SomeProject'
filename = 'filename'
comes_from = '-r %s (line %s)' % (filename, 1)
req = InstallRequirement.from_line(line, comes_from=comes_from)
assert repr(list(process_line(line, filename, 1))[0]) == repr(req)
def test_set_finder_trusted_host(self, finder):
list(process_line("--trusted-host=url", "file", 1, finder=finder))
assert finder.secure_origins == [('*', 'url', '*')]
def test_yield_line_requirement(self):
line = 'SomeProject'
filename = 'filename'
comes_from = '-r %s (line %s)' % (filename, 1)
req = install_req_from_line(line, comes_from=comes_from)
assert repr(list(process_line(line, filename, 1))[0]) == repr(req)
def test_set_finder_allow_all_prereleases(self, finder):
list(process_line("--pre", "file", 1, finder=finder))
assert finder.allow_all_prereleases
def test_only_one_req_per_line(self):
# pkg_resources raises the ValueError
with pytest.raises(InstallationError):
list(process_line("req1 req2", "file", 1))
def test_variant5(self, finder):
list(process_line("--index-url='url'", "file", 1, finder=finder))
assert finder.index_urls == ['url']
def test_parser_non_offending_line(self):
try:
list(process_line('pkg==1.0.0 --hash=sha256:somehash', 'file', 1))
except RequirementsFileParseError:
pytest.fail('Reported offending line where it should not.')
def test_set_finder_process_dependency_links(self, finder):
list(process_line(
"--process-dependency-links", "file", 1, finder=finder))
assert finder.process_dependency_links
def test_parser_offending_line(self):
line = 'pkg==1.0.0 --hash=somehash'
with pytest.raises(RequirementsFileParseError) as err:
list(process_line(line, 'file', 1))
assert line in str(err.value)
def test_variant5(self, finder):
list(process_line("--index-url='url'", "file", 1, finder=finder))
assert finder.index_urls == ['url']
def test_set_finder_extra_index_urls(self, finder):
list(process_line("--extra-index-url=url", "file", 1, finder=finder))
assert finder.index_urls == ['url']
