-
Notifications
You must be signed in to change notification settings - Fork 2
103 lines (94 loc) · 3.5 KB
/
test-future.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
---
name: test-future
# This workflow detects breakage against upcoming releases of dependencies
# even in the absence of activity in Graylint's own repository.
on: # yamllint disable-line rule:truthy
schedule:
- cron: "05 20 * * 6"
jobs:
test-future:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
ref: 'main'
fetch-depth: 0
- uses: actions/setup-python@v5
with:
python-version: '3.x'
- name: Install dependencies
run: |
# strict dependency resolution added in pip 20.3
# CVE-2021-3572 fixed in pip 21.1
python -m pip install --upgrade 'pip>=21.1'
pip install \
--constraint=constraints-future.txt \
--upgrade \
--upgrade-strategy=eager \
-e '.[test]' packaging setuptools
- name: Test with pytest
run: |
pytest
- name: Note a possible dependency incompatibility and required actions
if: failure()
shell: python
run: |
import json
import os
import urllib.request
from importlib.metadata import version
from packaging.requirements import InvalidRequirement, Requirement
from packaging.version import Version
from pathlib import Path
from setuptools.config.setupcfg import read_configuration
from textwrap import dedent
setup_cfg = read_configuration("setup.cfg")
for constraint in setup_cfg["options"]["install_requires"]:
try:
requirement = Requirement(constraint)
except InvalidRequirement:
continue
if any(
specifier.operator in ["<", "<=", "~="]
for specifier in requirement.specifier
):
continue
linenum, line = next(
(_, l) for _, l in enumerate(Path("setup.cfg").open())
if l.strip() == constraint
)
end_column = len(line)
column = end_column - len(line.strip())
response = urllib.request.urlopen(
f'https://pypi.org/pypi/{requirement.name}/json'
).read().decode()
latest_version = max(
Version(s)
for s in json.loads(response)['releases'].keys()
)
print(
dedent(
f"""
### :x: Future dependency incompatibility? :x:
You could add a maximum version constraint for a dependency on
`setup.cfg` line {linenum+1}, e.g.
`{constraint},<={latest_version}`
See [#382](/akaihola/darker/issues/382)
for more information
"""
),
file=open(os.getenv("GITHUB_STEP_SUMMARY"), "a"),
)
print(
"::notice "
"file=setup.cfg,"
f"line={linenum+1},"
f"col={column},"
f"endColumn={end_column},"
"title=Future dependency incompatibility?::"
"You could add a maximum version constraint for a dependency "
f"here, e.g. {constraint},<={latest_version}"
)
break
else:
raise RuntimeError(">= line not found in setup.cfg")