Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix Poetry not using system git #5688

Merged
merged 2 commits into from
Sep 12, 2022
Merged

fix Poetry not using system git #5688

merged 2 commits into from
Sep 12, 2022

Conversation

jakecoffman
Copy link
Member

fixes #5655

Poetry recently released 1.2.0 which uses dulwich, a pure Python implementation of Git. Like other ecosystems, we actually want to use the system Git with Dependabot so the Git shim will rewrite URLs to be HTTPS.

But also, in #5655 we are probably seeing a bug in dulwich that doesn't honor proxy authentication settings in the http_proxy environment variables. I tested this change locally and it fixed my reproduction repo.

@jakecoffman jakecoffman requested a review from a team as a code owner September 12, 2022 17:50
pavera
pavera reviewed Sep 12, 2022
View reviewed changes
Copy link
Contributor

@pavera pavera left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As this config option was added in poetry 1.2.0 and we still support poetry 1.1.15 for python 3.6 compat, I think we'll need to conditionally alter this command based on python version.

jeffwidman
jeffwidman approved these changes Sep 12, 2022
View reviewed changes
python/lib/dependabot/python/file_updater/poetry_file_updater.rb
@@ -177,6 +177,11 @@ def updated_lockfile_content_for(pyproject_content)
"#{NativeHelpers.python_requirements_path}")
end

# use system git instead of the pure Python dulwich
unless python_version&.start_with?("3.6")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤦 so looking forward to dropping 3.6 and then we don't have to maintain these...

@jakecoffman jakecoffman merged commit e02b625 into main Sep 12, 2022
@jakecoffman jakecoffman deleted the jakecoffman/poetry-git branch September 12, 2022 20:58
@diguid diguid mentioned this pull request Sep 28, 2022
Closed
1 task
@pavera pavera mentioned this pull request Oct 31, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeffwidman jeffwidman jeffwidman approved these changes

@pavera pavera pavera approved these changes

@jurre jurre jurre approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Dependabot is not updating any dependencies, seeing 407 errors
4 participants
@jakecoffman @jeffwidman @pavera @jurre