-
Notifications
You must be signed in to change notification settings - Fork 172
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update pylint and ignore error from removed rule #406
Update pylint and ignore error from removed rule #406
Conversation
12be2d5
to
4cbd86e
Compare
There's no pylint version 2.6.2, although they have the release on Github, it looks like it was a mistag, and 2.6.2 is actually 2.6.1, which doesn't include the vulnerability fix. Maybe you meant to use 2.7.0? That version actually has the security fix. http://pylint.pycqa.org/en/latest/whatsnew/changelog.html#what-s-new-in-pylint-2-7-0 |
Hi @joaopslins , Thanks for the info about 2.7.0. Yes, it looks like the data on Snyk is not correct. I'll update the PR shortly. |
No worries, thank you for creating the PR. I'm having the same issue here. Hope this gets merged soon. |
Would love to see this merged in... it allows the latest |
Another reason to upgrade: pylint <= 2.5 on Python 3.9 does not support subscripting on |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
@@ -30,9 +30,9 @@ | |||
"pycodestyle<2.7.0,>=2.6.0", | |||
"pep8-naming>=0.3.3,<=0.10.0", | |||
"pydocstyle>=2.0.0", | |||
"pylint==2.5.3", | |||
"pylint==2.7.2", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"pylint==2.7.2", | |
"pylint==2.8.3", |
astroid is pinned to 2.5.6 in pylint 2.8.3 and will stay pinned in future versionso I don't know what to do with the astroid version line 35, but the easiest would be to use pylint's version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One additional comment - is there any specific reason that prospector is pinning 2.8.3/2.7.2? It seems like prospector is pretty widely compatible, so it might increase user flexibility to unpin asteroid, and change the pylint version to something like:
pylint>=2.5.3,<2.9
This would increase user flexibility, allowing users requiring a fixed pylint/asteroid version to specify exactly (unless there are actually breaking changes).
Can this be merged? This is going to be more and more of an issue as the adoption of 3.9 increases. Does anybody know of a better-maintained fork of this project? |
Close in favor of #421 |
Update pylint 2.5.3 -> 2.7.2
Update astroid 2.4.1 -> 2.5.1
Drop python 3.5 because astroid 2.5.1 does not support it.
Pylint 2.7.2 contains security fix for a vulnerability.
Description
This change ignores
UnknownMessageError
to support running on other versions of pylint.Motivation and Context
At the moment prospector cannot run checks with the pylint 2.6.1+ due to the error:
mixed-indentation
was removed pylint 2.6.1.How Has This Been Tested?
I've tested the change by running it on the prospector code base and by running tox on macOS 11.2.1.
Types of changes
Checklist: