Add unversioned shebangs check #30
Conversation
|
I'll review it. Could you fix the Travis failure in the meantime? |
hroncok
left a comment
hroncok
left a comment
There was a problem hiding this comment.
Added a lot of nitpicking comments, but generally this looks good.
Please document the new dependency in the README (it talks about dependencies on several places).
Adding the required Fedora package (python2-libarchive-c) to the Docker image will also make the Travis run a bit faster, because the dependency will not by installed in the first integration test, but together with all other required packages. Please adjust the Dockerfile accordingly.
setup.py
Outdated
| install_requires=['libarchive-c'], | ||
| setup_requires=['setuptools', 'pytest-runner'], | ||
| tests_require=['pytest', 'pyyaml'], | ||
| tests_require=['pytest', 'pyyaml', 'libarchive-c'], |
There was a problem hiding this comment.
Is it necessary to repeat stuff from install_requires here?
tox.ini
Outdated
| deps = | ||
| pytest | ||
| pyyaml | ||
| libarchive-c |
There was a problem hiding this comment.
Is Python 3 libarchive-c actually needed to run the integration tests? Note that the integration tests are run by Python 3, but they call the runtask command and that runs on Python 2. I think that listing the package here is not needed, but I haven't tried it without.
There was a problem hiding this comment.
Seems to work without this.
| FORBIDDEN_SHEBANGS = ['#!/usr/bin/python', '#!/usr/bin/env python'] | ||
|
|
||
| if sys.version > '3': | ||
| def to_bytes(s): |
There was a problem hiding this comment.
This is Python 2:
>>> 'aaa'.encode()
'aaa'This is Python 3:
>>> 'aaa'.encode()
b'aaa'Why don't just use that? It seems to have the same effect.
|
|
||
|
|
||
| def matches(line, query): | ||
| return line == query or line.startswith(query + b' ') |
There was a problem hiding this comment.
I'd say explicitly in the docstring that this operates on bytes to avoid confusion in the future.
| try: | ||
| first_line = next(entry.get_blocks(), '').splitlines()[0] | ||
| except IndexError: | ||
| continue |
There was a problem hiding this comment.
Please indicate in the comment what's happening. Something like:
continue # empty file| log.debug("\n\nPROBLEM RPMS: {}".format(problem_rpms)) | ||
| for package, pkg_summary in problem_rpms.items(): | ||
| for shebang, scripts in pkg_summary.items(): | ||
| if scripts: |
There was a problem hiding this comment.
Now if you start with an empty dict in get_scripts_summary(), you will not need this if.
| outcome = 'FAILED' | ||
| shebang_message += \ | ||
| '{}\n * Scripts containing `{}` shebang:\n {}'.format( | ||
| package, shebang, '\n '.join(scripts)) |
There was a problem hiding this comment.
Sort the scripts for deterministic output and easier testing in the future.
| ) | ||
| from taskotron_python_versions.common import Package | ||
|
|
||
| fixtures_dir = os.path.dirname( |
There was a problem hiding this comment.
See pkg and gpkg functions from common and use them instead please. That would make your code more consistent with other tests.
They work like this:
gpkg('tracer*') # -> Package('../fixtures/tracer-0.6.9-2.fc25.noarch.rpm')
gpkg('tracer*').path # -> '../fixtures/tracer-0.6.9-2.fc25.noarch.rpm'
pkg('tracer-0.6.9-2.fc25.noarch.rpm') # -> '../fixtures/tracer-0.6.9-2.fc25.noarch.rpm'(Untested, but at least they work similarly to this.)
| '#!/usr/bin/python', {'/usr/bin/tracer'}), | ||
| ('python3-django-1.10.7-1.fc26.noarch.rpm', '#!/usr/bin/env python', | ||
| {'/usr/lib/python3.6/site-packages/django/bin/django-admin.py', | ||
| '/usr/lib/python3.6/site-packages/django/conf/project_template/manage.py-tpl'}), |
There was a problem hiding this comment.
Note that this is a template and the shebang there is probably intentional, but that is probably not important right now.
| @pytest.mark.parametrize(('path', 'expected'), ( | ||
| ('tracer-0.6.9-2.fc25.noarch.rpm', | ||
| {'#!/usr/bin/python': {'/usr/bin/tracer'}, | ||
| '#!/usr/bin/env python': set()}), |
There was a problem hiding this comment.
This will need to be updated once the empty sets will not be there at all.
|
Plase add commits (do not squash), so it's easier for me to check what has changed. Later, we can squash the PR once approved. |
| author='Miro Hrončok, Iryna Shcherbina, Michal Cyprian', | ||
| author_email='mhroncok@redhat.com, ishcherb@redhat.com, mcyprian@redhat.com', | ||
| author_email=('mhroncok@redhat.com, ishcherb@redhat.com,' | ||
| 'mcyprian@redhat.com'), |
There was a problem hiding this comment.
There's a missing space now and the string is: 'mhroncok@redhat.com, ishcherb@redhat.com,mcyprian@redhat.com'
mcyprian
force-pushed
the
unversioned_shebangs
branch
from
1ee943d to
8874c6f
Compare
|
Thanks for the review @hroncok, I've tried to make all the changes you requested. |
|
|
||
| from .common import log, write_to_artifact | ||
|
|
||
| MESSAGE = """These RPMs contains problematic shebang in some of the scripts: |
There was a problem hiding this comment.
nitpick:) contains -> contain
mcyprian
force-pushed
the
unversioned_shebangs
branch
2 times, most recently
from
10259c0 to
affc096
Compare
hroncok
left a comment
hroncok
left a comment
There was a problem hiding this comment.
Once more PR form me mcyprian#2 and we can squash and merge.
This check searches for #!/usr/bin/python and /usr/bin/env python shebangs inside RPM packages. If some of these shebangs is present, check fails and the complete list of problematic files is stored into the log. Resolves fedora-python#28.
mcyprian
force-pushed
the
unversioned_shebangs
branch
from
132ddd0 to
c2b8df0
Compare
|
Thanks. |
3 participants
This check searches for #!/usr/bin/python and /usr/bin/env python shebangs inside RPMs. If some of these shebangs is present, check fails and the complete list of problematic files is stored into the log.
Unit and integration tests included.