Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle uv pyproject.toml without a requirements.txt lock file #11735

Merged
merged 3 commits into from
Mar 6, 2025
Merged

Handle uv pyproject.toml without a requirements.txt lock file #11735

merged 3 commits into from
Mar 6, 2025

Conversation

markhallen
Copy link
Contributor

@markhallen markhallen commented Mar 5, 2025
edited
Loading

What are you trying to accomplish?

This PR fixes the error Passed nil into T.must:

... Passed nil into T.must
... /home/dependabot/uv/lib/dependabot/uv/file_parser.rb:99:in detected_package_manager
+--------------------+
|       Errors       |
+--------------------+
| update_files_error |
+--------------------+

Contributes to #10478

Fixes beta bugs:

Anything you want to highlight for special attention from reviewers?

To fix the issue reported in the beta where pyproject.toml files were not processed in the absence of a requirements.txt file:

  • We removed the if pipcompile_in_file check on line 105 of uv/lib/dependabot/uv/file_parser.rb
  • And, removed the pipcompile_in_file method

The pip compile implementation that we borrowed from required pyproject.toml to have an accompanying lock file requirements.txt, however uv does not have this limitation.

This PR also includes some code tidy-up after the initial port from the python folder.

There are two commits:

  • Fix pyproject.toml handling and tidy up
  • Remove unused fixtures that were carried over from the python directory

How will you know you've accomplished your goal?

We replicated the error and tested the fix against https://github.com/gulfofmaine/buoy_barn using script/dependabot:

script/dependabot update uv gulfofmaine/buoy_barn -d "/app"
Reponse 
updater | 2025/03/05 14:11:19 INFO Finished job processing
updater | 2025/03/05 14:11:19 INFO Results:
updater | +---------------------------------------------------+
updater | |        Changes to Dependabot Pull Requests        |
updater | +---------+-----------------------------------------+
updater | | created | django-debug-toolbar ( from  to 5.0.1 ) |
updater | | created | geojson ( from  to 3.2.0 )              |
updater | | created | pystac ( from  to 1.12.2 )              |
updater | | created | sentry-sdk ( from  to 2.22.0 )          |
updater | | created | slack-sdk ( from  to 3.34.0 )           |
updater | | created | vcrpy ( from  to 7.0.0 )                |
updater | | created | xarray ( from  to 2025.1.2 )            |
updater | +---------+-----------------------------------------+

cc @abkfenris

Checklist

  • I have run the complete test suite to ensure all tests and linters pass.
  • I have thoroughly tested my code changes to ensure they work as expected, including adding additional tests for new functionality.
  • I have written clear and descriptive commit messages.
  • I have provided a detailed description of the changes in the pull request, including the problem it addresses, how it fixes the problem, and any relevant details about the implementation.
  • I have ensured that the code is well-documented and easy to understand.

@markhallen markhallen requested a review from a team as a code owner March 5, 2025 14:32
@markhallen
Fix pyproject.toml handling and tidy up
8825fb9 
When the pyproject.toml files was not accompanied by a requiremenst.txt file, the code would raise an exception. This is not necessary, as the pyproject.toml file can be used to install the dependencies with uv.
@markhallen
Remove unused fixtures that were carried over from the python directory
e8ebb42
@markhallen markhallen force-pushed the markhallen/handle-uv-lock-file branch from e5764ba to e8ebb42 Compare March 5, 2025 14:38
@alex
Copy link

alex commented Mar 5, 2025

Thanks!

@markhallen markhallen mentioned this pull request Mar 5, 2025
Closed
1 task
kbukum1
kbukum1 approved these changes Mar 5, 2025
View reviewed changes
Copy link
Contributor

@kbukum1 kbukum1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@abkfenris
Copy link

That looks like it matches up with some of the known outdated dependencies I've got (I didn't check everything).

I did notice that the output doesn't include the current version, but I don't know about enough of the workings of Dependabot to know where those will come from.

Also, I couldn't figure out how to quickly get things spun up to test against Buoy Barn myself, or against the private repo that I also had fail.

@markhallen
Copy link
Contributor Author

I successfully tested this to generate a PR from a pyproject.toml without a requirements.txt file. This config was failing (line 13) before the changes in this PR.

@markhallen markhallen merged commit 77f6aea into main Mar 6, 2025
60 checks passed
@markhallen markhallen deleted the markhallen/handle-uv-lock-file branch March 6, 2025 11:04
@MusicalNinjaDad
Copy link

Thanks! - I can also confirm this runs without error now on the repo referenced in my comment to #10478

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kbukum1 kbukum1 kbukum1 approved these changes

Assignees
No one assigned
Labels
L: python:uv
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@markhallen @alex @abkfenris @MusicalNinjaDad @kbukum1