✨ exhaustive dependencies in sync

#51
juftin · Jan 2, 2024 · 99767d9 · 99767d9
1 parent cd8106e
commit 99767d9
Show file tree

Hide file tree

Showing 17 changed files with 321 additions and 44 deletions.
diff --git a/README.md b/README.md
@@ -15,6 +15,7 @@
   <a href="https://pypi.python.org/pypi/hatch-pip-compile/"><img src="https://img.shields.io/pypi/pyversions/hatch-pip-compile" alt="PyPI - Python Version"></a>
   <a href="https://github.com/juftin/hatch-pip-compile/blob/main/LICENSE"><img src="https://img.shields.io/github/license/juftin/hatch-pip-compile?color=blue&label=License" alt="GitHub License"></a>
   <a href="https://github.com/pypa/hatch"><img src="https://img.shields.io/badge/%F0%9F%A5%9A-Hatch-4051b5.svg" alt="Hatch project"></a>
+  <a href="https://github.com/jazzband/pip-tools"><img src="https://jazzband.co/static/img/badge.svg" alt="Pip Tools project"></a>
   <a href="https://github.com/astral-sh/ruff"><img src="https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json" alt="Ruff"></a>
   <a href="https://github.com/pre-commit/pre-commit"><img src="https://img.shields.io/badge/pre--commit-enabled-lightgreen?logo=pre-commit" alt="pre-commit"></a>
   <a href="https://github.com/semantic-release/semantic-release"><img src="https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg" alt="semantic-release"></a>

diff --git a/hatch_pip_compile/lock.py b/hatch_pip_compile/lock.py
@@ -13,6 +13,7 @@
 from hatch.env.virtual import VirtualEnv
 from packaging.requirements import Requirement
 from packaging.version import Version
+from piptools._compat.pip_compat import PipSession, parse_requirements
 
 from hatch_pip_compile.exceptions import LockFileError
 
@@ -65,9 +66,9 @@ def process_lock(self, lockfile: pathlib.Path) -> None:
         new_text = prefix + "\n\n" + cleaned_input_file
         lockfile.write_text(new_text)
 
-    def read_requirements(self) -> List[Requirement]:
+    def read_header_requirements(self) -> List[Requirement]:
         """
-        Read requirements from lock file
+        Read requirements from lock file header
         """
         lock_file_text = self.lock_file.read_text()
         parsed_requirements = []
@@ -138,7 +139,7 @@ def compare_requirements(self, requirements: Iterable[Requirement]) -> bool:
         requirements : Iterable[Requirement]
             List of requirements to compare against the lock file
         """
-        lock_requirements = self.read_requirements()
+        lock_requirements = self.read_header_requirements()
         return set(requirements) == set(lock_requirements)
 
     def compare_constraint_sha(self, sha: str) -> bool:
@@ -151,10 +152,20 @@ def compare_constraint_sha(self, sha: str) -> bool:
             return False
         return match.group(1).strip() == sha.strip()
 
-    def get_hash(self) -> Optional[str]:
+    def get_file_content_hash(self) -> str:
         """
         Get hash of lock file
         """
-        if not self.lock_file.exists():
-            return None
         return hashlib.sha256(self.lock_file.read_bytes()).hexdigest()
+
+    def read_lock_requirements(self) -> List[Requirement]:
+        """
+        Read all requirements from lock file
+        """
+        if not self.dependencies:
+            return []
+        install_requirements = parse_requirements(
+            str(self.lock_file),
+            session=PipSession(),
+        )
+        return [ireq.req for ireq in install_requirements]
diff --git a/hatch_pip_compile/plugin.py b/hatch_pip_compile/plugin.py
@@ -99,7 +99,7 @@ def dependency_hash(self) -> str:
         if not self.dependencies:
             return hatch_hash
         else:
-            lockfile_hash = self.piptools_lock.get_hash()
+            lockfile_hash = self.piptools_lock.get_file_content_hash()
             return hashlib.sha256(f"{hatch_hash}-{lockfile_hash}".encode()).hexdigest()
 
     def install_pip_tools(self) -> None:
@@ -232,9 +232,7 @@ def lockfile_up_to_date(self) -> bool:
             return False
         elif self.dependencies and self.piptools_lock_file.exists():
             if self.piptools_constraints_file:
-                current_sha = hashlib.sha256(
-                    self.piptools_constraints_file.read_bytes()
-                ).hexdigest()
+                current_sha = self.constraint_env.piptools_lock.get_file_content_hash()
                 sha_match = self.piptools_lock.compare_constraint_sha(sha=current_sha)
                 if sha_match is False:
                     return False
@@ -252,7 +250,12 @@ def dependencies_in_sync(self):
         if not self.lockfile_up_to_date:
             return False
         else:
-            return super().dependencies_in_sync()
+            with self.safe_activation():
+                return dependencies_in_sync(
+                    self.piptools_lock.read_lock_requirements(),
+                    sys_path=self.virtual_env.sys_path,
+                    environment=self.virtual_env.environment,
+                )
 
     def sync_dependencies(self) -> None:
         """

diff --git a/pyproject.toml b/pyproject.toml
@@ -20,7 +20,8 @@ classifiers = [
   "Programming Language :: Python :: Implementation :: PyPy"
 ]
 dependencies = [
-  "hatch>=1.7.0"
+  "hatch>=1.7.0,<2",
+  "pip-tools>=6"
 ]
 description = "hatch plugin to use pip-compile to manage project dependencies"
 dynamic = ["version"]

diff --git a/requirements.txt b/requirements.txt
@@ -1,18 +1,22 @@
 #
 # This file is autogenerated by hatch-pip-compile with Python 3.11
 #
-# - hatch>=1.7.0
+# - hatch<2,>=1.7.0
+# - pip-tools>=6
 #
 
 anyio==4.2.0
     # via httpx
+build==1.0.3
+    # via pip-tools
 certifi==2023.11.17
     # via
     #   httpcore
     #   httpx
 click==8.1.7
     # via
     #   hatch
+    #   pip-tools
     #   userpath
 distlib==0.3.8
     # via virtualenv
@@ -28,7 +32,7 @@ hatchling==1.21.0
     # via hatch
 httpcore==1.0.2
     # via httpx
-httpx==0.25.2
+httpx==0.26.0
     # via hatch
 hyperlink==21.0.0
     # via hatch
@@ -51,12 +55,15 @@ more-itertools==10.1.0
     # via jaraco-classes
 packaging==23.2
     # via
+    #   build
     #   hatch
     #   hatchling
 pathspec==0.12.1
     # via hatchling
 pexpect==4.9.0
     # via hatch
+pip-tools==7.3.0
+    # via hatch.envs.default
 platformdirs==4.1.0
     # via
     #   hatch
@@ -67,6 +74,8 @@ ptyprocess==0.7.0
     # via pexpect
 pygments==2.17.2
     # via rich
+pyproject-hooks==1.0.0
+    # via build
 rich==13.7.0
     # via hatch
 shellingham==1.5.4
@@ -85,7 +94,13 @@ userpath==1.9.1
     # via hatch
 virtualenv==20.25.0
     # via hatch
+wheel==0.42.0
+    # via pip-tools
 zipp==3.17.0
     # via importlib-metadata
 zstandard==0.22.0
     # via hatch
+
+# The following packages are considered to be unsafe in a requirements file:
+# pip
+# setuptools
diff --git a/requirements/requirements-docs.txt b/requirements/requirements-docs.txt
@@ -1,7 +1,7 @@
 #
 # This file is autogenerated by hatch-pip-compile with Python 3.11
 #
-# [constraints] requirements.txt (SHA256: 7b84213e35a035caf05934f59f047bf3d12cf93d8623fa26893a37d9c4a2a552)
+# [constraints] requirements.txt (SHA256: c35b3dbe45b9e92f70bc4bf2e94c9dab6f1be8776b4640691b48e78864a8dcff)
 #
 # - markdown-callouts
 # - markdown-exec
@@ -13,7 +13,8 @@
 # - mkdocstrings
 # - mkdocstrings-python
 # - pymdown-extensions
-# - hatch>=1.7.0
+# - hatch<2,>=1.7.0
+# - pip-tools>=6
 #
 
 anyio==4.2.0
@@ -22,6 +23,10 @@ anyio==4.2.0
     #   httpx
 babel==2.14.0
     # via mkdocs-material
+build==1.0.3
+    # via
+    #   -c requirements.txt
+    #   pip-tools
 certifi==2023.11.17
     # via
     #   -c requirements.txt
@@ -36,6 +41,7 @@ click==8.1.7
     #   hatch
     #   mkdocs
     #   mkdocstrings
+    #   pip-tools
     #   userpath
 colorama==0.4.6
     # via
@@ -73,7 +79,7 @@ httpcore==1.0.2
     # via
     #   -c requirements.txt
     #   httpx
-httpx==0.25.2
+httpx==0.26.0
     # via
     #   -c requirements.txt
     #   hatch
@@ -166,6 +172,7 @@ more-itertools==10.1.0
 packaging==23.2
     # via
     #   -c requirements.txt
+    #   build
     #   hatch
     #   hatchling
     #   mkdocs
@@ -180,6 +187,10 @@ pexpect==4.9.0
     # via
     #   -c requirements.txt
     #   hatch
+pip-tools==7.3.0
+    # via
+    #   -c requirements.txt
+    #   hatch.envs.docs
 platformdirs==4.1.0
     # via
     #   -c requirements.txt
@@ -206,6 +217,10 @@ pymdown-extensions==10.5
     #   markdown-exec
     #   mkdocs-material
     #   mkdocstrings
+pyproject-hooks==1.0.0
+    # via
+    #   -c requirements.txt
+    #   build
 python-dateutil==2.8.2
     # via ghp-import
 pyyaml==6.0.1
@@ -258,6 +273,10 @@ virtualenv==20.25.0
     #   hatch
 watchdog==3.0.0
     # via mkdocs
+wheel==0.42.0
+    # via
+    #   -c requirements.txt
+    #   pip-tools
 zipp==3.17.0
     # via
     #   -c requirements.txt
@@ -266,3 +285,7 @@ zstandard==0.22.0
     # via
     #   -c requirements.txt
     #   hatch
+
+# The following packages are considered to be unsafe in a requirements file:
+# pip
+# setuptools
diff --git a/requirements/requirements-matrix.py3.10.txt b/requirements/requirements-matrix.py3.10.txt
@@ -1,18 +1,23 @@
 #
 # This file is autogenerated by hatch-pip-compile with Python 3.10
 #
-# [constraints] requirements.txt (SHA256: 7b84213e35a035caf05934f59f047bf3d12cf93d8623fa26893a37d9c4a2a552)
+# [constraints] requirements.txt (SHA256: c35b3dbe45b9e92f70bc4bf2e94c9dab6f1be8776b4640691b48e78864a8dcff)
 #
 # - pytest
 # - pytest-cov
 # - tomlkit
-# - hatch>=1.7.0
+# - hatch<2,>=1.7.0
+# - pip-tools>=6
 #
 
 anyio==4.2.0
     # via
     #   -c requirements.txt
     #   httpx
+build==1.0.3
+    # via
+    #   -c requirements.txt
+    #   pip-tools
 certifi==2023.11.17
     # via
     #   -c requirements.txt
@@ -22,6 +27,7 @@ click==8.1.7
     # via
     #   -c requirements.txt
     #   hatch
+    #   pip-tools
     #   userpath
 coverage==7.3.3
     # via
@@ -59,7 +65,7 @@ httpcore==1.0.2
     # via
     #   -c requirements.txt
     #   httpx
-httpx==0.25.2
+httpx==0.26.0
     # via
     #   -c requirements.txt
     #   hatch
@@ -102,6 +108,7 @@ more-itertools==10.1.0
 packaging==23.2
     # via
     #   -c requirements.txt
+    #   build
     #   hatch
     #   hatchling
     #   pytest
@@ -113,6 +120,10 @@ pexpect==4.9.0
     # via
     #   -c requirements.txt
     #   hatch
+pip-tools==7.3.0
+    # via
+    #   -c requirements.txt
+    #   hatch.envs.matrix.py3.10
 platformdirs==4.1.0
     # via
     #   -c requirements.txt
@@ -131,6 +142,10 @@ pygments==2.17.2
     # via
     #   -c requirements.txt
     #   rich
+pyproject-hooks==1.0.0
+    # via
+    #   -c requirements.txt
+    #   build
 pytest==7.4.3
     # via
     #   hatch.envs.matrix.py3.10
@@ -152,8 +167,11 @@ sniffio==1.3.0
     #   httpx
 tomli==2.0.1
     # via
+    #   build
     #   coverage
     #   hatchling
+    #   pip-tools
+    #   pyproject-hooks
     #   pytest
 tomli-w==1.0.0
     # via
@@ -178,6 +196,10 @@ virtualenv==20.25.0
     # via
     #   -c requirements.txt
     #   hatch
+wheel==0.42.0
+    # via
+    #   -c requirements.txt
+    #   pip-tools
 zipp==3.17.0
     # via
     #   -c requirements.txt
@@ -186,3 +208,7 @@ zstandard==0.22.0
     # via
     #   -c requirements.txt
     #   hatch
+
+# The following packages are considered to be unsafe in a requirements file:
+# pip
+# setuptools