Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Pipfile without Pipfile.lock #1026

Merged
merged 2 commits into from
Apr 18, 2022
Merged

Support Pipfile without Pipfile.lock #1026

merged 2 commits into from
Apr 18, 2022

Conversation

kojiromike
Copy link
Contributor

@kojiromike kojiromike commented Apr 8, 2022
edited
Loading

As previously written, if codeql finds a Pipfile, but no Pipfile.lock, it will run pipenv install with args that require Pipfile.lock to exist. Pipfile will fail with this message:

  Usage: python -m pipenv install [OPTIONS] [PACKAGES]...
  
  ERROR:: Pipfile.lock must exist to use --keep-outdated!
  package installation with pipenv failed, see error above

This changeset enables auto_install to work with Pipfile when there is no lock. (Bonus: --skip-lock is generally a bit faster.)

Merge / deployment checklist

  • Confirm this change is backwards compatible with existing workflows.
  • Confirm the readme has been updated if necessary.
  • Confirm the changelog has been updated if necessary.

@kojiromike kojiromike requested a review from a team as a code owner April 8, 2022 02:41
@adityasharad adityasharad requested a review from a team April 11, 2022 18:12
@RasmusWL
Copy link
Member

Thanks @kojiromike 👍 I rewrote it a bit. I looked at adding a test for this, but the current test setup is a bit too inflexible 😬 (but I did test locally)

@kojiromike
Copy link
Contributor Author

Thanks @RasmusWL! Please let me know if there's anything else I can do to help.

@kojiromike
Copy link
Contributor Author

@RasmusWL sorry to bug you, but should I continue to keep the branch updated, or just wait for someone from codeql-action-reviewers to get back to this PR?

cklin
cklin approved these changes Apr 18, 2022
View reviewed changes
Copy link
Contributor

@cklin cklin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the fix!

kojiromike and others added 2 commits April 18, 2022 11:14
@kojiromike
Support Pipfile without Pipfile.lock
808c292 
As previously written, if codeql finds a `Pipfile`, but no `Pipfile.lock`, it will run `pipenv install` with args that require `Pipfile.lock` to exist. Pipfile will fail with this message:

```
  Usage: python -m pipenv install [OPTIONS] [PACKAGES]...
  
  ERROR:: Pipfile.lock must exist to use --keep-outdated!
  package installation with pipenv failed, see error above
```

This changeset enables auto_install to work with Pipfile when there is no lock. (Bonus: `--skip-lock` is generally a bit faster.)
@RasmusWL @kojiromike
python-setup: refactor Pipenv without lockfile
b9577df
@aeisenberg aeisenberg merged commit e6e3277 into github:main Apr 18, 2022
@RasmusWL
Copy link
Member

@RasmusWL sorry to bug you, but should I continue to keep the branch updated, or just wait for someone from codeql-action-reviewers to get back to this PR?

Thanks for your work on this, and your continued effort to keep the branch up to date. I would have not have expected you to put in this effort. Once someone from github/codeql-action-reviewers had given the final review, I would have expected them to use the button on this PR page to merge in newest version of default branch (main), and then enable auto-merge.

This was referenced Apr 27, 2022
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cklin cklin cklin approved these changes

@RasmusWL RasmusWL RasmusWL approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kojiromike @RasmusWL @cklin @aeisenberg