-
Notifications
You must be signed in to change notification settings - Fork 19
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getting graph from requirements.txt
#247
Comments
This has been merged, but has not been released. Once
There are some limitations with the way requirements.txt currently works. For example, requirements.txt has no way of signaling what the current name of the library is so we assume that it's the name of the repository. This approach breaks down for python monorepos and could definitely use some improvements. We also support |
Why the library name is needed? This project is a plain Django website. I'd prefer to specify path to the dependencies list explicitly. Otherwise I don't see how |
| Why the library name is needed? This project is a plain Django website. You only need the library name if you're trying to find all consumers of a library. For example, show me all projects that are using | I'd prefer to specify path to the dependencies list explicitly. This breaks from common patterns seen in every other language. Keep in mind, this project supports languages other than python. I do think there is room to improve the support for python (specifically around requirements.txt) but it's such a small* edge case compared to every other language that provides canonical library/application names in their manifest files. (e.g. | Otherwise I don't see how deps can discover that the correct file is requirements/base.txt and not requirements.txt. You bring up a good point here. Right now, depscloud makes assumptions about the way dependencies are defined (e.g. using common file names). We don't support non-standard approaches (such as |
Trying to find out which on the packages in
Is it possible to separate |
We already kinda do this. When a repository is cloned, we call a My thought was a |
Are those extractors integrated into I am thinking about a way to invoke them from command line and pass includes as params. |
Those are server-side in the extractor service. There is a little bit of complexity in the way that the indexer process sends data to the server that could probably be simplified (i.e. needing to account for both unix and windows based file paths). The extractor is responsible for normalizing those paths to unix to simplify some of matching logic in the extractor.. Some of those internal interfaces could definitely be improved and made configurable to handle more company-specific variants. Since the expectation is that companies. |
Perhaps I should try to run the |
I found I could run the $ podman run -it depscloud/extractor -h
> @depscloud/extractor@0.3.5 start
> node lib/main.js "-h"
extractor undefined
USAGE
main.js
OPTIONS
--bind-address <bindAddress> the ip address to bind to optional
--http-port <port> the port to run http on optional
--grpc-port <port> the port to bind to optional
--port <port> the port to bind to optional
--tls-key <key> the path to the private key used for TLS optional
--tls-cert <cert> the path to the certificate used for TLS optional
--tls-ca <ca> the path to the certificate authority used for TLS optional
--disable-manifests <manifest> the manifests to disable support for optional
--log-level <level> configures the level at with logs are written optional
--log-format <format> configures the format of the logs (console / json) optional
GLOBAL OPTIONS
-h, --help Display help
-V, --version Display version
--no-color Disable colors
--quiet Quiet mode - only displays warn and error messages
-v, --verbose Verbose mode - will also output debug messages |
I could definitely use some better guides for folks, but one of the easier things to do might be to pull this up in something like docker or kubernetes. These guides outline how to deploy the subsystem, update the configuration, and inspect the API. You should be able to follow these and use your user name Docker Guide - https://deps.cloud/docs/deploy/docker/ |
I've already tried to use extractor from the container. The guides could help to patch the binaries to be self-sufficient, so that people can discover what they can do without referencing to docs. This mean adding server independent CLI that produces JSON or CSV with the results, and request the missing params from the user. The stumbling block for me personally is understanding how to add subcommands with params in Go CLI programs. Each time I tried it was quite non-trivial and barely readable if you haven't spent a day or two with some CLI framework that was used. |
With #237 in place, how to use
deps
to get a graph from myrequirements/base.txt
?I don't see any
deps
options to feed that in.The text was updated successfully, but these errors were encountered: