Run snyk checks on requirements, but only for python 2.7 #40
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- snyk needs to check requirements.txt, so add one, but be warned it isn't actually used as part of installing this project's dependencies; see setup.py - setup.py needs ipaddress for all python 2.x and python <3.3, but we're only testing 3.x for versions 3.3 or greater. Therefore only check 2.7 since we'd expect the same snyk result for all python 2.x versions.
oschwald
requested changes
Sep 18, 2018
.travis.yml
Outdated
| - pip install coverage coveralls | ||
| - if [[ $TRAVIS_PYTHON_VERSION == '3.6' ]]; then pip install pylint yapf; fi | ||
| - if [[ $TRAVIS_PYTHON_VERSION == '3.7' ]]; then pip install pylint yapf; fi | ||
| - if [[ $TRAVIS_PYTHON_VERSION == '2.6' ]]; then pip install unittest2; fi |
Member
There was a problem hiding this comment.
If we drop 2.6, we should remove this.
requirements.txt
Outdated
| @@ -0,0 +1,4 @@ | |||
| # NOTE: This project does not use requirements.txt, it uses setup.py. | |||
Member
There was a problem hiding this comment.
I suspect some tooling will use this and it will cause issues. Why can't we just install it manually for Travis?
oschwald
reviewed
Sep 18, 2018
oschwald
requested changes
Sep 18, 2018
Member
oschwald
left a comment
oschwald
left a comment
There was a problem hiding this comment.
Looks good. Two small changes.
setup.py
Outdated
| requirements.append('ipaddress') | ||
| if os.environ.get('SNYK_TOKEN'): | ||
| f = open('requirements.txt', 'w') | ||
| [f.write(r + '\n') for r in requirements] |
Member
There was a problem hiding this comment.
Using list comprehension to get a postfix for doesn't seem very Pythonic. Could you rewrite this as a normal for loop?
Member
There was a problem hiding this comment.
Also, you don't close the file. This doesn't matter too much, but something like:
with open('requirements.txt', 'w') as f:
for r in requirements:
f.write(r + '\n')
Might be better.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
isn't actually used as part of installing this project's dependencies;
see setup.py
only testing 3.x for versions 3.3 or greater. Therefore only check 2.7
since we'd expect the same snyk result for all python 2.x versions.