From 83d9b79c8f7d36cf5c4117ab3398d1f99c7d707b Mon Sep 17 00:00:00 2001 From: Arkadiusz Bokowy Date: Tue, 10 Aug 2021 20:30:44 +0200 Subject: [PATCH] Mention setup.cfg support in the README file Fixes #44 --- .github/workflows/pythoncheck.yml | 1 - README.rst | 10 +++++----- src/flake8_requirements/checker.py | 13 ++++++++----- 3 files changed, 13 insertions(+), 11 deletions(-) diff --git a/.github/workflows/pythoncheck.yml b/.github/workflows/pythoncheck.yml index ed21e67..266cf36 100644 --- a/.github/workflows/pythoncheck.yml +++ b/.github/workflows/pythoncheck.yml @@ -1,7 +1,6 @@ name: Check Python Package on: push: - branches: [ master ] pull_request: branches: [ master ] jobs: diff --git a/README.rst b/README.rst index 5cdd359..6711eb2 100644 --- a/README.rst +++ b/README.rst @@ -13,11 +13,11 @@ Important notice ---------------- In order to collect project's dependencies, this checker evaluates Python code from the -``setup.py`` file stored in the project's root directory. Code evaluation is done with the -`eval() `_ function. As a fall-back -method, this checker also tries to load dependencies from the ``pyproject.toml`` file from -the `poetry `_ tool section, or from the ``requirements.txt`` -text file in the project's root directory. +``setup.py`` file stored in the project's root directory. Code evaluation is done with the `eval() +`_ function. As a fall-back method, this +checker also tries to load dependencies, in order, from the ``setup.cfg``, the ``pyproject.toml`` +file from the `poetry `_ tool section, or from the +``requirements.txt`` text file in the project's root directory. At this point it is very important to be aware of the consequences of the above approach. One might inject malicious code into the ``setup.py`` file, which will be executed by this checker. diff --git a/src/flake8_requirements/checker.py b/src/flake8_requirements/checker.py index e874795..7aed7a5 100644 --- a/src/flake8_requirements/checker.py +++ b/src/flake8_requirements/checker.py @@ -18,7 +18,7 @@ from .modules import STDLIB_PY3 # NOTE: Changing this number will alter package version as well. -__version__ = "1.5.0" +__version__ = "1.5.1" __license__ = "MIT" LOG = getLogger('flake8.plugin.requirements') @@ -346,8 +346,8 @@ def add_options(cls, manager): "Specify the name (location) of the requirements text file. " "Unless an absolute path is given, the file will be searched " "relative to the project's root directory. If this option is " - "given, requirements from setup.py or pyproject.toml will not" - " be taken into account." + "given, requirements from setup.py, setup.cfg or " + "pyproject.toml will not be taken into account." ), **kw ) @@ -466,8 +466,11 @@ def resolve_requirement(cls, requirement, max_depth=0, path=None): if option in ("-r", "--requirement"): # Error out if we need to recurse deeper than allowed. if max_depth <= 0: - msg = "Cannot resolve {}: beyond max depth" - raise RuntimeError(msg.format(requirement)) + msg = ( + "Cannot resolve {}: " + "Beyond max depth (--requirements-max-depth={})") + raise RuntimeError(msg.format( + requirement, cls.requirements_max_depth)) resolved = [] # Error out if requirements file cannot be opened. with open(os.path.join(path or cls.root_dir, requirement)) as f: