Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Preserve pip-tools comment indents #566

Open
q0w opened this issue Mar 22, 2023 · 1 comment
Open

Preserve pip-tools comment indents #566

q0w opened this issue Mar 22, 2023 · 1 comment
Labels
bug Something isn't working component:fixes Automatic fixing help wanted Extra attention is needed upstream Items that require upstream work or coordination

Comments

@q0w
Copy link

q0w commented Mar 22, 2023

Bug description

pip-audit with --fix strips indents for pip-tools comments.

Reproduction steps

echo "sentry-sdk==1.12.1" > a.in
pip-compile -q --allow-unsafe --generate-hashes --resolver=backtracking --strip-extras a.in
cat a.txt
#
# This file is autogenerated by pip-compile with Python 3.10
# by the following command:
#
#    pip-compile --allow-unsafe --generate-hashes --resolver=backtracking --strip-extras a.in
#
certifi==2022.12.7 \
    --hash=sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3 \
    --hash=sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18
    # via sentry-sdk
sentry-sdk==1.12.1 \
    --hash=sha256:5bbe4b72de22f9ac1e67f2a4e6efe8fbd595bb59b7b223443f50fe5802a5551c \
    --hash=sha256:9f0b960694e2d8bb04db4ba6ac2a645040caef4e762c65937998ff06064f10d6
    # via -r a.in
urllib3==1.26.15 \
    --hash=sha256:8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305 \
    --hash=sha256:aa751d169e23c7479ce47a0cb0da579e3ede798f994f5816a74e4f4500dcea42
    # via sentry-sdk
    

pip-audit -r a.txt --require-hashes --fix 
cat a.txt
#
# This file is autogenerated by pip-compile with Python 3.10
# by the following command:
#
#    pip-compile --allow-unsafe --generate-hashes --resolver=backtracking --strip-extras a.in
#
certifi==2022.12.7 \
    --hash=sha256:35824b4c3a97115964b408844d64aa14db1cc518f6562e8d7261699d1350a9e3 \
    --hash=sha256:4ad3232f5e926d6718ec31cfc1fcadfde020920e278684144551c91769c7bc18
# via sentry-sdk
sentry-sdk==1.14.0 \
    --hash=sha256:5bbe4b72de22f9ac1e67f2a4e6efe8fbd595bb59b7b223443f50fe5802a5551c \
    --hash=sha256:9f0b960694e2d8bb04db4ba6ac2a645040caef4e762c65937998ff06064f10d6
# via -r a.in
urllib3==1.26.15 \
    --hash=sha256:8a388717b9476f934a21484e8c8e61875ab60644d29b9b39e11e4b9dc1c6b305 \
    --hash=sha256:aa751d169e23c7479ce47a0cb0da579e3ede798f994f5816a74e4f4500dcea42
# via sentry-sdk

Expected behavior

pip-audit does not strip indents for comments

Screenshots and logs

Platform information

  • OS name and version: Arch Linux
  • pip-audit version (pip-audit -V): pip-audit 2.5.2
  • Python version (python -V or python3 -V): Python 3.10.10
  • pip version (pip -V or pip3 -V): pip 23.0.1

Additional context
@q0w q0w added the bug-candidate Might be a bug. label Mar 22, 2023
@tetsuo-cpp
Copy link
Contributor

Thanks for reporting this @q0w!

I believe this is caused by nexB/pip-requirements-parser#4 and will require a fix there. Unfortunately, I haven't gotten around to fixing this yet.

@tetsuo-cpp tetsuo-cpp added bug Something isn't working component:fixes Automatic fixing and removed bug-candidate Might be a bug. labels Mar 22, 2023
@woodruffw woodruffw added the help wanted Extra attention is needed label Dec 5, 2023
@woodruffw woodruffw added the upstream Items that require upstream work or coordination label Dec 5, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working component:fixes Automatic fixing help wanted Extra attention is needed upstream Items that require upstream work or coordination
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@woodruffw @jleightcap @tetsuo-cpp @q0w