fixed bug no version detected in pre-commit installation #1283
Conversation
daniel-mohr
requested review from
ericwb,
lukehinds and
sigmavirus24
as code owners
for more information, see https://pre-commit.ci
| # running bandit inside pre-commit we do not get a version here, workaround: | ||
| if __version__ == "0.0.0": | ||
| __version__ = "latest" |
There was a problem hiding this comment.
This seems a bit hacky. I'd rather we get to the root cause on why the semver doesn't get into pre-commit.
There was a problem hiding this comment.
I agree. This seems like a bug where this is hiding that bug rather than fixing it.
There was a problem hiding this comment.
My guess is this is a pbr problem. If we switched to a more modern build-system we might not have this bug at all.
There was a problem hiding this comment.
Yes, this is a workaround.
After init_repo follows pre-commit clone_strategy and does something like this:
p="$(mktemp -d --tmpdir "$HOME"/.cache/pre-commit/)"
cd "$p"
git init .
git init
git remote add origin https://github.com/PyCQA/bandit
git fetch origin 1.8.5 --depth=1
git checkout FETCH_HEADAnd the repo has no version info. Neither the working tree nor the .git contains the version. Tags were not fetched.
I think a clean solution here would be to define the version in setup.cfg or setup.py -- or with more modern build systems that would probably be pyproject.toml or so.
cf. #1280
Unfortunately,
metadata.version("bandit")does not return a meaningful version (returning the string "0.0.0") whenbanditis installed and used viapre-commit.This PR provides a workaround to ensure
banditfunctions correctly within thepre-commitenvironment.pre-commitdoes not seem to provide the right environment for version detection. The use of 'latest' ensures compatibility, even if this is more of a workaround than a perfect solution.