Compare commits
1 Commits
step35/161
...
step35/107
| Author | SHA1 | Date | |
|---|---|---|---|
|
2fa8c2dea3 |
@@ -1,271 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
"""dependency_freshness.py - Compare installed dependencies against latest PyPI versions.
|
||||
|
||||
Identify packages that are more than 2 major versions behind.
|
||||
Outputs a human-readable report by default or JSON with --json flag.
|
||||
"""
|
||||
|
||||
import argparse
|
||||
import json
|
||||
import subprocess
|
||||
import sys
|
||||
from packaging import version
|
||||
from typing import Dict, List, Tuple
|
||||
|
||||
|
||||
def parse_requirements(requirements_path: str) -> List[str]:
|
||||
"""Parse package names from a requirements.txt file."""
|
||||
packages = []
|
||||
try:
|
||||
with open(requirements_path, 'r') as f:
|
||||
for line in f:
|
||||
line = line.strip()
|
||||
if not line or line.startswith('#'):
|
||||
continue
|
||||
pkg_name = line
|
||||
for delim in ['[', '>', '<', '=', '!', ';', '@']:
|
||||
if delim in pkg_name:
|
||||
pkg_name = pkg_name.split(delim)[0]
|
||||
pkg_name = pkg_name.strip()
|
||||
if pkg_name:
|
||||
packages.append(pkg_name.lower())
|
||||
except FileNotFoundError:
|
||||
print(f"Warning: requirements file not found: {requirements_path}", file=sys.stderr)
|
||||
return packages
|
||||
|
||||
|
||||
def get_installed_packages() -> Dict[str, str]:
|
||||
"""Get all installed packages via pip list --format=json."""
|
||||
try:
|
||||
result = subprocess.run(
|
||||
[sys.executable, '-m', 'pip', 'list', '--format=json'],
|
||||
capture_output=True, text=True, check=True
|
||||
)
|
||||
packages = json.loads(result.stdout)
|
||||
return {pkg['name'].lower(): pkg['version'] for pkg in packages}
|
||||
except subprocess.CalledProcessError as e:
|
||||
print(f"Error running pip list: {e}", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
except json.JSONDecodeError as e:
|
||||
print(f"Error parsing pip output: {e}", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
def get_outdated_packages() -> Dict[str, dict]:
|
||||
"""Get outdated packages via pip list --outdated --format=json."""
|
||||
try:
|
||||
result = subprocess.run(
|
||||
[sys.executable, '-m', 'pip', 'list', '--outdated', '--format=json'],
|
||||
capture_output=True, text=True, check=True
|
||||
)
|
||||
outdated_list = json.loads(result.stdout)
|
||||
outdated = {}
|
||||
for pkg in outdated_list:
|
||||
name = pkg['name'].lower()
|
||||
outdated[name] = {
|
||||
'installed': pkg.get('version', ''),
|
||||
'latest': pkg.get('latest_version', ''),
|
||||
'latest_filetype': pkg.get('latest_filetype', '')
|
||||
}
|
||||
return outdated
|
||||
except subprocess.CalledProcessError as e:
|
||||
print(f"Error running pip list --outdated: {e}", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
except json.JSONDecodeError as e:
|
||||
print(f"Error parsing pip outdated output: {e}", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
|
||||
def get_major_version(v: str) -> int:
|
||||
"""Extract major version number from a version string."""
|
||||
try:
|
||||
parsed = version.parse(v)
|
||||
if hasattr(parsed, 'major'):
|
||||
return int(parsed.major)
|
||||
parts = str(v).split('.')
|
||||
if parts:
|
||||
return int(parts[0])
|
||||
except Exception:
|
||||
pass
|
||||
return 0
|
||||
|
||||
|
||||
def is_more_than_two_majors_behind(installed_ver: str, latest_ver: str) -> bool:
|
||||
"""Check if installed version is more than 2 major versions behind latest."""
|
||||
try:
|
||||
installed_major = get_major_version(installed_ver)
|
||||
latest_major = get_major_version(latest_ver)
|
||||
return (latest_major - installed_major) > 2
|
||||
except Exception:
|
||||
return False
|
||||
|
||||
|
||||
def analyze_dependencies(
|
||||
required_packages: List[str],
|
||||
installed_packages: Dict[str, str],
|
||||
outdated_packages: Dict[str, dict]
|
||||
) -> Tuple[List[dict], List[str], List[dict]]:
|
||||
"""Analyze dependency freshness."""
|
||||
very_outdated = []
|
||||
missing = []
|
||||
outdated_but_not_critical = []
|
||||
|
||||
for pkg in required_packages:
|
||||
if pkg not in installed_packages:
|
||||
missing.append(pkg)
|
||||
continue
|
||||
|
||||
installed_ver = installed_packages[pkg]
|
||||
if pkg not in outdated_packages:
|
||||
continue
|
||||
|
||||
latest_ver = outdated_packages[pkg]['latest']
|
||||
if is_more_than_two_majors_behind(installed_ver, latest_ver):
|
||||
very_outdated.append({
|
||||
'package': pkg,
|
||||
'installed': installed_ver,
|
||||
'latest': latest_ver,
|
||||
'major_diff': get_major_version(latest_ver) - get_major_version(installed_ver)
|
||||
})
|
||||
else:
|
||||
outdated_but_not_critical.append({
|
||||
'package': pkg,
|
||||
'installed': installed_ver,
|
||||
'latest': latest_ver,
|
||||
'major_diff': get_major_version(latest_ver) - get_major_version(installed_ver)
|
||||
})
|
||||
|
||||
return very_outdated, missing, outdated_but_not_critical
|
||||
|
||||
|
||||
def generate_human_report(
|
||||
very_outdated: List[dict],
|
||||
missing: List[str],
|
||||
outdated_but_not_critical: List[dict],
|
||||
requirements_path: str
|
||||
) -> str:
|
||||
"""Generate a human-readable staleness report."""
|
||||
lines = []
|
||||
lines.append("=" * 60)
|
||||
lines.append("DEPENDENCY FRESHNESS REPORT")
|
||||
lines.append("=" * 60)
|
||||
lines.append(f"Requirements file: {requirements_path}")
|
||||
total = len(very_outdated) + len(missing) + len(outdated_but_not_critical)
|
||||
lines.append(f"Total dependencies checked: {total}")
|
||||
lines.append(f"Very outdated (>2 major versions behind): {len(very_outdated)}")
|
||||
lines.append(f"Outdated but within 2 major versions: {len(outdated_but_not_critical)}")
|
||||
lines.append(f"Missing (not installed): {len(missing)}")
|
||||
lines.append("")
|
||||
|
||||
if very_outdated:
|
||||
lines.append("!!! VERY OUTDATED PACKAGES (consider updating):")
|
||||
lines.append("-" * 60)
|
||||
for pkg_info in very_outdated:
|
||||
lines.append(f" {pkg_info['package']}")
|
||||
lines.append(f" Installed: {pkg_info['installed']}")
|
||||
lines.append(f" Latest: {pkg_info['latest']}")
|
||||
lines.append(f" Major diff: {pkg_info['major_diff']}")
|
||||
lines.append("")
|
||||
else:
|
||||
lines.append("✓ No packages more than 2 major versions behind.")
|
||||
lines.append("")
|
||||
|
||||
if outdated_but_not_critical:
|
||||
lines.append(f"Outdated packages (within 2 major versions):")
|
||||
lines.append("-" * 60)
|
||||
for pkg_info in outdated_but_not_critical:
|
||||
lines.append(f" {pkg_info['package']}: {pkg_info['installed']} -> {pkg_info['latest']} (major diff: {pkg_info['major_diff']})")
|
||||
lines.append("")
|
||||
|
||||
if missing:
|
||||
lines.append(f"Missing packages (not installed):")
|
||||
lines.append("-" * 60)
|
||||
for pkg in missing:
|
||||
lines.append(f" {pkg}")
|
||||
lines.append("")
|
||||
|
||||
lines.append("=" * 60)
|
||||
lines.append("For full details, run: python3 -m pip list --outdated")
|
||||
lines.append("=" * 60)
|
||||
|
||||
return "\n".join(lines)
|
||||
|
||||
|
||||
def generate_json_report(
|
||||
very_outdated: List[dict],
|
||||
missing: List[str],
|
||||
outdated_but_not_critical: List[dict],
|
||||
requirements_path: str
|
||||
) -> str:
|
||||
"""Generate a JSON staleness report."""
|
||||
report = {
|
||||
'requirements_file': requirements_path,
|
||||
'summary': {
|
||||
'total_dependencies': len(very_outdated) + len(missing) + len(outdated_but_not_critical),
|
||||
'very_outdated_count': len(very_outdated),
|
||||
'outdated_within_threshold_count': len(outdated_but_not_critical),
|
||||
'missing_count': len(missing)
|
||||
},
|
||||
'very_outdated': very_outdated,
|
||||
'outdated_within_threshold': outdated_but_not_critical,
|
||||
'missing': missing
|
||||
}
|
||||
return json.dumps(report, indent=2)
|
||||
|
||||
|
||||
def main():
|
||||
parser = argparse.ArgumentParser(
|
||||
description='Check dependency freshness against PyPI latest versions.'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--requirements', '-r',
|
||||
default='requirements.txt',
|
||||
help='Path to requirements.txt file (default: requirements.txt)'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--json',
|
||||
action='store_true',
|
||||
help='Output report as JSON instead of human-readable text'
|
||||
)
|
||||
parser.add_argument(
|
||||
'--output', '-o',
|
||||
help='Optional output file for the report (default: stdout)'
|
||||
)
|
||||
|
||||
args = parser.parse_args()
|
||||
|
||||
# Parse requirements
|
||||
required_packages = parse_requirements(args.requirements)
|
||||
if not required_packages:
|
||||
print("No packages found in requirements file.", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
# Get installed and outdated package data
|
||||
installed_packages = get_installed_packages()
|
||||
outdated_packages = get_outdated_packages()
|
||||
|
||||
# Analyze dependencies
|
||||
very_outdated, missing, outdated_but_not_critical = analyze_dependencies(
|
||||
required_packages, installed_packages, outdated_packages
|
||||
)
|
||||
|
||||
# Generate report
|
||||
if args.json:
|
||||
report = generate_json_report(very_outdated, missing, outdated_but_not_critical, args.requirements)
|
||||
else:
|
||||
report = generate_human_report(very_outdated, missing, outdated_but_not_critical, args.requirements)
|
||||
|
||||
# Output report
|
||||
if args.output:
|
||||
with open(args.output, 'w') as f:
|
||||
f.write(report + '\n')
|
||||
else:
|
||||
print(report)
|
||||
|
||||
# Exit code: 0 if no very outdated deps, 1 otherwise
|
||||
exit_code = 1 if very_outdated else 0
|
||||
sys.exit(exit_code)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
308
scripts/dependency_inventory.py
Normal file
308
scripts/dependency_inventory.py
Normal file
@@ -0,0 +1,308 @@
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
Dependency Inventory — Scan repos and list third-party dependencies.
|
||||
|
||||
Reads: package.json, requirements.txt, go.mod, Cargo.toml, pyproject.toml
|
||||
Extracts: package name, version constraint, source file/repo
|
||||
Outputs: JSON (default) or markdown table
|
||||
|
||||
Usage:
|
||||
python3 scripts/dependency_inventory.py --repos-dir ~/repos/
|
||||
python3 scripts/dependency_inventory.py --repos ~/repo1,~/repo2 --format markdown
|
||||
"""
|
||||
|
||||
import argparse
|
||||
import json
|
||||
import os
|
||||
import re
|
||||
import sys
|
||||
from pathlib import Path
|
||||
from typing import Dict, List, Any, Optional
|
||||
|
||||
# Mapping of file pattern to canonical parser name
|
||||
MANIFEST_PATTERNS = {
|
||||
'requirements.txt': 'requirements',
|
||||
'package.json': 'npm',
|
||||
'pyproject.toml': 'pyproject',
|
||||
'go.mod': 'go',
|
||||
'Cargo.toml': 'cargo',
|
||||
}
|
||||
|
||||
# Parser registry
|
||||
PARSERS = {}
|
||||
|
||||
|
||||
def register_parser(name: str):
|
||||
"""Decorator to register a parser function."""
|
||||
def decorator(fn):
|
||||
PARSERS[name] = fn
|
||||
return fn
|
||||
return decorator
|
||||
|
||||
|
||||
# ─── Parsers ────────────────────────────────────────────────────────────────
|
||||
|
||||
@register_parser('requirements')
|
||||
def parse_requirements(content: str) -> List[Dict[str, str]]:
|
||||
"""Parse requirements.txt — one requirement per line."""
|
||||
deps = []
|
||||
for line in content.splitlines():
|
||||
line = line.strip()
|
||||
if not line or line.startswith('#'):
|
||||
continue
|
||||
pkg_spec = re.split(r'[ ;#]', line)[0].strip()
|
||||
if '>=' in pkg_spec:
|
||||
name, ver = pkg_spec.split('>=', 1)
|
||||
elif '==' in pkg_spec:
|
||||
name, ver = pkg_spec.split('==', 1)
|
||||
elif '<=' in pkg_spec:
|
||||
name, ver = pkg_spec.split('<=', 1)
|
||||
elif '~=' in pkg_spec:
|
||||
name, ver = pkg_spec.split('~=', 1)
|
||||
elif '>' in pkg_spec:
|
||||
name, ver = pkg_spec.split('>', 1)
|
||||
elif '<' in pkg_spec:
|
||||
name, ver = pkg_spec.split('<', 1)
|
||||
elif '=' in pkg_spec:
|
||||
name, ver = pkg_spec.split('=', 1)
|
||||
else:
|
||||
name, ver = pkg_spec, ''
|
||||
deps.append({
|
||||
'package': name.strip(),
|
||||
'version': ver.strip(),
|
||||
'constraint': line[len(name):].strip()
|
||||
})
|
||||
return deps
|
||||
|
||||
|
||||
@register_parser('npm')
|
||||
def parse_package_json(content: str) -> List[Dict[str, str]]:
|
||||
"""Parse package.json dependencies."""
|
||||
try:
|
||||
data = json.loads(content)
|
||||
except json.JSONDecodeError:
|
||||
return []
|
||||
deps = []
|
||||
for section in ('dependencies', 'devDependencies', 'peerDependencies', 'optionalDependencies'):
|
||||
for name, ver in data.get(section, {}).items():
|
||||
deps.append({
|
||||
'package': name,
|
||||
'version': ver,
|
||||
'constraint': ver,
|
||||
'type': section
|
||||
})
|
||||
return deps
|
||||
|
||||
|
||||
@register_parser('pyproject')
|
||||
def parse_pyproject_toml(content: str) -> List[Dict[str, str]]:
|
||||
"""Parse pyproject.toml [project] dependencies."""
|
||||
deps = []
|
||||
in_deps = False
|
||||
dep_buffer = ''
|
||||
for line in content.splitlines():
|
||||
stripped = line.strip()
|
||||
if stripped.startswith('dependencies = ['):
|
||||
in_deps = True
|
||||
remainder = stripped.split('=', 1)[1].strip()
|
||||
dep_buffer = remainder[1:] if remainder.startswith('[') else remainder
|
||||
continue
|
||||
if in_deps:
|
||||
if stripped.startswith(']'):
|
||||
in_deps = False
|
||||
continue
|
||||
dep_buffer += ' ' + line
|
||||
dep_buffer = dep_buffer.strip().rstrip(',')
|
||||
for match in re.finditer(r'"([^"]+)"', dep_buffer):
|
||||
spec = match.group(1)
|
||||
m = re.match(r'^([a-zA-Z0-9_.-]+)\s*([<>=!~]+)?\s*(.*)$', spec)
|
||||
if m:
|
||||
name, op, ver = m.groups()
|
||||
deps.append({
|
||||
'package': name,
|
||||
'version': (ver or '').strip(),
|
||||
'constraint': spec
|
||||
})
|
||||
return deps
|
||||
|
||||
|
||||
@register_parser('go')
|
||||
def parse_go_mod(content: str) -> List[Dict[str, str]]:
|
||||
"""Parse go.mod — require statements."""
|
||||
deps = []
|
||||
for line in content.splitlines():
|
||||
line = line.strip()
|
||||
if line.startswith('require ') and not line.startswith('require ('):
|
||||
parts = line.split()
|
||||
if len(parts) >= 3:
|
||||
mod, ver = parts[1], parts[2]
|
||||
deps.append({'package': mod, 'version': ver, 'constraint': ver})
|
||||
elif line.startswith('\t') and '/' in line:
|
||||
parts = line.strip().split()
|
||||
if len(parts) >= 2:
|
||||
mod, ver = parts[0], parts[1]
|
||||
deps.append({'package': mod, 'version': ver, 'constraint': ver})
|
||||
return deps
|
||||
|
||||
|
||||
@register_parser('cargo')
|
||||
def parse_cargo_toml(content: str) -> List[Dict[str, str]]:
|
||||
"""Parse [dependencies] section from Cargo.toml."""
|
||||
deps = []
|
||||
in_deps = False
|
||||
for line in content.splitlines():
|
||||
stripped = line.strip()
|
||||
if stripped in ('[dependencies]', '[dependencies]'):
|
||||
in_deps = True
|
||||
continue
|
||||
if stripped.startswith('['):
|
||||
in_deps = False
|
||||
continue
|
||||
if in_deps and '=' in stripped:
|
||||
name_part, ver_part = stripped.split('=', 1)
|
||||
name = name_part.strip()
|
||||
ver = ver_part.strip().strip('"').strip("'")
|
||||
deps.append({'package': name, 'version': ver, 'constraint': ver})
|
||||
return deps
|
||||
|
||||
|
||||
# ─── File Discovery ─────────────────────────────────────────────────────────
|
||||
|
||||
def find_manifest_files(root: Path) -> Dict[str, List[Path]]:
|
||||
"""Find all manifest files under root."""
|
||||
found = {k: [] for k in MANIFEST_PATTERNS}
|
||||
for pattern in MANIFEST_PATTERNS:
|
||||
for path in root.rglob(pattern):
|
||||
if not any(skip in str(path) for skip in ('.git', 'node_modules', '__pycache__', '.venv', 'venv')):
|
||||
found[pattern].append(path)
|
||||
return found
|
||||
|
||||
|
||||
# ─── Main Scanner ────────────────────────────────────────────────────────────
|
||||
|
||||
def scan_repo(repo_path: Path) -> Dict[str, Any]:
|
||||
"""Scan a single repo directory for dependency manifests."""
|
||||
repo_name = repo_path.name
|
||||
found = find_manifest_files(repo_path)
|
||||
all_deps: List[Dict[str, str]] = []
|
||||
files_scanned = 0
|
||||
|
||||
for pattern, paths in found.items():
|
||||
parser_name = MANIFEST_PATTERNS[pattern]
|
||||
# Map parser_name to function
|
||||
if parser_name == 'requirements':
|
||||
parser = parse_requirements
|
||||
elif parser_name == 'npm':
|
||||
parser = parse_package_json
|
||||
elif parser_name == 'pyproject':
|
||||
parser = parse_pyproject_toml
|
||||
elif parser_name == 'go':
|
||||
parser = parse_go_mod
|
||||
elif parser_name == 'cargo':
|
||||
parser = parse_cargo_toml
|
||||
else:
|
||||
continue
|
||||
|
||||
for fp in paths:
|
||||
try:
|
||||
content = fp.read_text(encoding='utf-8', errors='replace')
|
||||
files_scanned += 1
|
||||
rel = fp.relative_to(repo_path)
|
||||
for dep in parser(content):
|
||||
dep['source'] = pattern
|
||||
dep['file'] = str(rel)
|
||||
dep['repo'] = repo_name
|
||||
all_deps.append(dep)
|
||||
except Exception as e:
|
||||
print(f" [WARN] Could not parse {fp}: {e}", file=sys.stderr)
|
||||
|
||||
return {
|
||||
'repo': repo_name,
|
||||
'path': str(repo_path),
|
||||
'files_scanned': files_scanned,
|
||||
'dependencies': all_deps,
|
||||
'dependency_count': len(all_deps),
|
||||
}
|
||||
|
||||
|
||||
def scan_repos(repos: List[Path]) -> Dict[str, Any]:
|
||||
"""Scan multiple repos and aggregate."""
|
||||
results = {}
|
||||
total_deps = 0
|
||||
total_files = 0
|
||||
for repo in repos:
|
||||
if not repo.is_dir():
|
||||
print(f"[WARN] Skipping {repo}: not a directory", file=sys.stderr)
|
||||
continue
|
||||
print(f"Scanning {repo.name}...", file=sys.stderr)
|
||||
result = scan_repo(repo)
|
||||
results[repo.name] = result
|
||||
total_deps += result['dependency_count']
|
||||
total_files += result['files_scanned']
|
||||
return {
|
||||
'repos': results,
|
||||
'summary': {
|
||||
'total_repos': len(results),
|
||||
'total_files_scanned': total_files,
|
||||
'total_dependencies': total_deps,
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
# ─── Output ─────────────────────────────────────────────────────────────────
|
||||
|
||||
def output_json(data: Dict[str, Any], out_path: Optional[Path] = None) -> None:
|
||||
text = json.dumps(data, indent=2)
|
||||
if out_path:
|
||||
out_path.write_text(text)
|
||||
print(f"Written: {out_path}", file=sys.stderr)
|
||||
else:
|
||||
print(text)
|
||||
|
||||
|
||||
def output_markdown(data: Dict[str, Any], out_path: Optional[Path] = None) -> None:
|
||||
lines = []
|
||||
lines.append("# Dependency Inventory")
|
||||
lines.append("\nGenerated: *(TODO: add timestamp)*")
|
||||
lines.append(f"\n**Summary:** {data['summary']['total_dependencies']} dependencies across {data['summary']['total_repos']} repos")
|
||||
lines.append("")
|
||||
lines.append("| Repo | File | Package | Version |")
|
||||
lines.append("|------|------|---------|---------|")
|
||||
for repo_name, rdata in sorted(data['repos'].items()):
|
||||
for dep in sorted(rdata['dependencies'], key=lambda d: d['package']):
|
||||
lines.append(f"| {repo_name} | {dep['file']} | {dep['package']} | {dep['version']} |")
|
||||
text = '\n'.join(lines) + '\n'
|
||||
if out_path:
|
||||
out_path.write_text(text)
|
||||
print(f"Written: {out_path}", file=sys.stderr)
|
||||
else:
|
||||
print(text)
|
||||
|
||||
|
||||
# ─── CLI Entry ────────────────────────────────────────────────────────────────
|
||||
|
||||
def main():
|
||||
parser = argparse.ArgumentParser(description="Generate org-wide dependency inventory")
|
||||
parser.add_argument('--repos-dir', help='Directory containing multiple repos')
|
||||
parser.add_argument('--repos', help='Comma-separated list of repo paths')
|
||||
parser.add_argument('--output', '-o', help='Output file (default: stdout)')
|
||||
parser.add_argument('--format', choices=['json', 'markdown'], default='json',
|
||||
help='Output format (default: json)')
|
||||
args = parser.parse_args()
|
||||
if args.repos:
|
||||
repo_paths = [Path(p.strip()).expanduser() for p in args.repos.split(',')]
|
||||
elif args.repos_dir:
|
||||
base = Path(args.repos_dir).expanduser()
|
||||
repo_paths = [p for p in base.iterdir() if p.is_dir() and not p.name.startswith('.')]
|
||||
else:
|
||||
repo_paths = [Path(__file__).resolve().parent.parent]
|
||||
out_path = Path(args.output).expanduser() if args.output else None
|
||||
data = scan_repos(repo_paths)
|
||||
if args.format == 'json':
|
||||
output_json(data, out_path)
|
||||
else:
|
||||
output_markdown(data, out_path)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
main()
|
||||
@@ -1,179 +0,0 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Tests for scripts/dependency_freshness.py — 9.7 Dependency Freshness."""
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
from unittest.mock import patch, MagicMock
|
||||
|
||||
# Import target module
|
||||
sys.path.insert(0, os.path.dirname(__file__) or ".")
|
||||
import importlib.util
|
||||
spec = importlib.util.spec_from_file_location(
|
||||
"dependency_freshness",
|
||||
os.path.join(os.path.dirname(__file__) or ".", "dependency_freshness.py")
|
||||
)
|
||||
mod = importlib.util.module_from_spec(spec)
|
||||
spec.loader.exec_module(mod)
|
||||
|
||||
parse_requirements = mod.parse_requirements
|
||||
get_major_version = mod.get_major_version
|
||||
is_more_than_two_majors_behind = mod.is_more_than_two_majors_behind
|
||||
analyze_dependencies = mod.analyze_dependencies
|
||||
|
||||
|
||||
def test_parse_requirements_simple():
|
||||
"""Parse a simple package line."""
|
||||
import tempfile
|
||||
with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', delete=False) as f:
|
||||
f.write("requests\n")
|
||||
tmp = f.name
|
||||
try:
|
||||
pkgs = parse_requirements(tmp)
|
||||
assert pkgs == ["requests"], f"got {pkgs}"
|
||||
print("PASS: test_parse_requirements_simple")
|
||||
finally:
|
||||
os.unlink(tmp)
|
||||
|
||||
|
||||
def test_parse_requirements_with_specifiers():
|
||||
"""Parse lines with version specifiers."""
|
||||
import tempfile
|
||||
with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', delete=False) as f:
|
||||
f.write("pytest>=8,<9\n")
|
||||
f.write("aiohttp>=3.8\n")
|
||||
tmp = f.name
|
||||
try:
|
||||
pkgs = parse_requirements(tmp)
|
||||
assert pkgs == ["pytest", "aiohttp"], f"got {pkgs}"
|
||||
print("PASS: test_parse_requirements_with_specifiers")
|
||||
finally:
|
||||
os.unlink(tmp)
|
||||
|
||||
|
||||
def test_parse_requirements_ignores_comments_and_blanks():
|
||||
"""Comments and blank lines are skipped."""
|
||||
import tempfile
|
||||
with tempfile.NamedTemporaryFile(mode='w', suffix='.txt', delete=False) as f:
|
||||
f.write("# This is a comment\n")
|
||||
f.write("\n")
|
||||
f.write(" \n")
|
||||
f.write("numpy\n")
|
||||
f.write("# another comment\n")
|
||||
tmp = f.name
|
||||
try:
|
||||
pkgs = parse_requirements(tmp)
|
||||
assert pkgs == ["numpy"], f"got {pkgs}"
|
||||
print("PASS: test_parse_requirements_ignores_comments_and_blanks")
|
||||
finally:
|
||||
os.unlink(tmp)
|
||||
|
||||
|
||||
def test_get_major_version_normal():
|
||||
"""Extract major version from typical semantic strings."""
|
||||
assert get_major_version("1.2.3") == 1
|
||||
assert get_major_version("3.4.5") == 3
|
||||
assert get_major_version("0.11.0") == 0
|
||||
print("PASS: test_get_major_version_normal")
|
||||
|
||||
|
||||
def test_get_major_version_with_rc():
|
||||
"""Prerelease versions still yield major number."""
|
||||
assert get_major_version("2.0.0rc1") == 2
|
||||
assert get_major_version("1.0.0a1") == 1
|
||||
print("PASS: test_get_major_version_with_rc")
|
||||
|
||||
|
||||
def test_is_more_than_two_majors_behind():
|
||||
"""Difference >2 triggers True; <=2 triggers False."""
|
||||
assert is_more_than_two_majors_behind("1.2.3", "4.0.0") is True
|
||||
assert is_more_than_two_majors_behind("3.9.0", "4.0.0") is False
|
||||
assert is_more_than_two_majors_behind("2.1.0", "5.2.0") is True
|
||||
assert is_more_than_two_majors_behind("8.0.0", "9.0.0") is False
|
||||
assert is_more_than_two_majors_behind("4.0.0", "4.0.0") is False
|
||||
print("PASS: test_is_more_than_two_majors_behind")
|
||||
|
||||
|
||||
def test_analyze_dependencies_very_outdated():
|
||||
"""Flag packages more than 2 major versions behind."""
|
||||
required = ["pkg_a", "pkg_b"]
|
||||
installed = {"pkg_a": "1.0.0", "pkg_b": "3.5.2"}
|
||||
outdated = {
|
||||
"pkg_a": {"installed": "1.0.0", "latest": "4.0.0"},
|
||||
"pkg_b": {"installed": "3.5.2", "latest": "4.0.0"},
|
||||
}
|
||||
very_out, missing, outdated_ok = analyze_dependencies(required, installed, outdated)
|
||||
assert len(very_out) == 1 and very_out[0]["package"] == "pkg_a"
|
||||
assert len(missing) == 0
|
||||
assert len(outdated_ok) == 1 and outdated_ok[0]["package"] == "pkg_b"
|
||||
print("PASS: test_analyze_dependencies_very_outdated")
|
||||
|
||||
|
||||
def test_analyze_dependencies_missing():
|
||||
"""Detect packages not installed at all."""
|
||||
required = ["pkg_a", "pkg_missing"]
|
||||
installed = {"pkg_a": "2.0.0"}
|
||||
outdated = {"pkg_a": {"installed": "2.0.0", "latest": "3.0.0"}}
|
||||
very_out, missing, outdated_ok = analyze_dependencies(required, installed, outdated)
|
||||
assert "pkg_missing" in missing
|
||||
assert len(very_out) == 0
|
||||
assert len(outdated_ok) == 1
|
||||
print("PASS: test_analyze_dependencies_missing")
|
||||
|
||||
|
||||
def test_analyze_dependencies_up_to_date():
|
||||
"""Packages up-to-date are not flagged."""
|
||||
required = ["pkg_good"]
|
||||
installed = {"pkg_good": "5.0.0"}
|
||||
outdated = {}
|
||||
very_out, missing, outdated_ok = analyze_dependencies(required, installed, outdated)
|
||||
assert len(very_out) == 0
|
||||
assert len(missing) == 0
|
||||
assert len(outdated_ok) == 0
|
||||
print("PASS: test_analyze_dependencies_up_to_date")
|
||||
|
||||
|
||||
def test_generate_human_report_contains_very_outdated():
|
||||
"""Human report includes very outdated packages."""
|
||||
very_out = [
|
||||
{"package": "oldpkg", "installed": "1.0", "latest": "4.0", "major_diff": 3}
|
||||
]
|
||||
missing = []
|
||||
outdated_ok = []
|
||||
report = mod.generate_human_report(very_out, missing, outdated_ok, "requirements.txt")
|
||||
assert "oldpkg" in report
|
||||
assert "Installed: 1.0" in report
|
||||
assert "Latest: 4.0" in report
|
||||
assert "Major diff: 3" in report
|
||||
print("PASS: test_generate_human_report_contains_very_outdated")
|
||||
|
||||
|
||||
def test_generate_json_report_structure():
|
||||
"""JSON report contains required keys."""
|
||||
very_out = [{"package": "oldpkg", "installed": "1.0", "latest": "4.0", "major_diff": 3}]
|
||||
missing = ["missing_pkg"]
|
||||
outdated_ok = []
|
||||
report_json = mod.generate_json_report(very_out, missing, outdated_ok, "requirements.txt")
|
||||
data = json.loads(report_json)
|
||||
assert "summary" in data
|
||||
assert data["summary"]["very_outdated_count"] == 1
|
||||
assert data["summary"]["missing_count"] == 1
|
||||
assert "very_outdated" in data
|
||||
assert "missing" in data
|
||||
print("PASS: test_generate_json_report_structure")
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
print("Running dependency_freshness test suite...")
|
||||
test_parse_requirements_simple()
|
||||
test_parse_requirements_with_specifiers()
|
||||
test_parse_requirements_ignores_comments_and_blanks()
|
||||
test_get_major_version_normal()
|
||||
test_get_major_version_with_rc()
|
||||
test_is_more_than_two_majors_behind()
|
||||
test_analyze_dependencies_very_outdated()
|
||||
test_analyze_dependencies_missing()
|
||||
test_analyze_dependencies_up_to_date()
|
||||
test_generate_human_report_contains_very_outdated()
|
||||
test_generate_json_report_structure()
|
||||
print("ALL TESTS PASSED.")
|
||||
52
tests/test_dependency_inventory.py
Normal file
52
tests/test_dependency_inventory.py
Normal file
@@ -0,0 +1,52 @@
|
||||
"""
|
||||
Tests for scripts/dependency_inventory.py
|
||||
"""
|
||||
|
||||
import unittest
|
||||
import json
|
||||
from pathlib import Path
|
||||
import sys
|
||||
|
||||
sys.path.insert(0, str(Path(__file__).parent.parent))
|
||||
|
||||
from scripts.dependency_inventory import (
|
||||
parse_requirements,
|
||||
parse_package_json,
|
||||
parse_pyproject_toml,
|
||||
scan_repo,
|
||||
)
|
||||
|
||||
|
||||
class TestParseRequirements(unittest.TestCase):
|
||||
def test_parses_simple_requirement(self):
|
||||
result = parse_requirements("requests>=2.33.0")
|
||||
self.assertEqual(len(result), 1)
|
||||
self.assertEqual(result[0]["package"], "requests")
|
||||
|
||||
def test_parses_version_range(self):
|
||||
result = parse_requirements("pytest>=8,<9")
|
||||
self.assertEqual(result[0]["package"], "pytest")
|
||||
|
||||
|
||||
class TestParsePackageJson(unittest.TestCase):
|
||||
def test_parses_dependencies(self):
|
||||
content = json.dumps({"name": "test", "dependencies": {"react": "^18.2.0"}})
|
||||
result = parse_package_json(content)
|
||||
self.assertTrue(any(d["package"] == "react" for d in result))
|
||||
|
||||
|
||||
class TestParsePyprojectToml(unittest.TestCase):
|
||||
def test_parses_project_dependencies(self):
|
||||
content = "\n[project]\nname = \"test\"\ndependencies = [\n \"openai>=2.21.0,<3\",\n]"
|
||||
result = parse_pyproject_toml(content)
|
||||
self.assertEqual(len(result), 1)
|
||||
|
||||
|
||||
class TestScanRepo(unittest.TestCase):
|
||||
def test_scans_local_repo(self):
|
||||
result = scan_repo(Path(__file__).resolve().parents[1])
|
||||
self.assertGreater(result["dependency_count"], 0)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
unittest.main()
|
||||
Reference in New Issue
Block a user