Analyzer

class dependency_comb.analyzer.DependenciesAnalyzer(cachedir=None, api_pause=1, api_timeout=None, api_chunk=None, logger=None, ignores=None)

Bases: RequirementParser

Analyzer to get and compute package informations from Pypi for requirements.

This will need to make 2 requests to get needed informations for each package since the package detail endpoint from new “JSON API” has releases informations but it is deprecated in profit of the Legacy API.

Legacy API (also known as the “Simple API”) return either a HTML or JSON response, depending value of request header “Accept:”.

PACKAGE_DETAIL_ENDPOINT

Template string to build URL to the Pypi JSON API to get package details.

Type:

string

PACKAGE_RELEASES_ENDPOINT

Template string to build URL to the Pypi Legacy API to get package releases.

Type:

string

request_headers()

Define the custom headers to use in requests to the API.

Returns:

Dictionnary of headers to use in a request.

Return type:

dict

endpoint_package_detail(name)

Request package detail API endpoint for given package name.

Parameters:

name (string) – The package name to search for.

Returns:

Response object from request.

Return type:

requests.Response

endpoint_releases_detail(name)

Request package releases API endpoint for given package name.

Parameters:

name (string) – The package name to search for.

Returns:

Response object from request.

Return type:

requests.Response

get_cache_or_request(name, filename, method, label)

Helper to search for a cache before making request if there is none.

Parameters:

• name (string) – The package name to search for.

• filename (string) – Filename to write cache. It should include the label to ensure they won’t overwrite each other.

• method (callable) – Callable that will perform a request to get JSON payload. The callable is expected to accept a single argument which is a package name to request.

• label (string) – Label of informations kind. Commonly it is detail or releases.

Returns:

Returned payload from API or from stored cache.

Return type:

dict

format_releases_payload(payload)

Format package release payload to an useful one.

This means we just need each version with its uploading date, everything else is useless from this application view.

Note

Version data is only available from the files, since release tarball is standardized well enough we naively parsing the file name to extract the version number.

Parameters:

payload (dict) – The package releases payload as returned from Legacy API endpoint. For true we just need about the files item from this dict.

Returns:

List of dictionnaries for all version, each one contain the number and published_at items.

Return type:

list

get_package_data(name)

Get package informations (detail and releases)

Parameters:

name (string) – The package name to search for.

Returns:

A dictionnary that contain all useful package informations (detail and releases).

Return type:

dict

compute_package_releases(name, data)

Build a list of released versions from API patched with some values in useful types.

Parameters:

• name (string) – Parsed package name.

• data (dict) – Dictionnary of package data as retrieved from API.

Returns:

List of dictionnary for computed releases.

Return type:

list

get_latest_specified_release(specifiers, releases)

Get the latest release that match given specifiers on given release list.

Pre releases are always ignored.

Parameters:

• specifiers (packaging.SpecifierSet) – Version specifiers to match against releases.

• releases (list) – List of dict for releases as built from DependenciesAnalyzer.compute_package_releases().

Returns:

Dictionnary of release data taken from given releases if it matched specifier. Else returns a null value.

Return type:

dict

compute_lateness(target, versions)

Compute version lateness for a given version target.

Lateness is only about version higher than targeted version and that are not build releases or pre releases

Parameters:

• target (string or packaging.version.Version) – The targeted version to check against package released versions. If a string it will be coerced to a Version object.

• versions (list) – List of dictionnaries (as computed from build_package_informations()) for all existing release versions.

Returns:

A list of tuples for all existing version higher

than given target release version. Tuple first item is the version number (as a Version object and second item is its release publishing datetime.

Return type:

list

get_package_urls(data)

This should try to get the relevant URLs from package metadatas.

However the project_urls item from package metadatas is not normalized enough to quickly get relevant infos so here we should try to get them.

Parameters:

• data (dict) – Dictionnary of package informations as returned from

• Analyzer.get_package_data().

Returns:

A dictionnary that contains useful URLs.

Return type:

dict

build_package_informations(requirement)

Compute and set informations in a PackageRequirement object.

Parameters:

requirement (PackageRequirement) – The package object for to search informations from Pypi.

Returns:

The package object.

Return type:

PackageRequirement

inspect(requirements, environment=None, strict=False, basepath=None)

Inspect given requirement to get their informations.

Parameters:

requirements (string or Path) – Either a Path object for a file to open or directly requirements content as a string.

Keyword Arguments:

• environment (dict) – Optionnal dictionnary of environment variables to use

• resolution. (with possible specifier marker)

• strict (boolean) – If True only the valid requirements (see dependency_comb.package.PackageRequirement.is_valid) are returned. Default is False, all requirements are returned and you need to check their status yourself if needed.

• basepath (Path) – A directory path where to search for requirement inclusions (directive -r foo.txt) from requirements file.

Returns:

Iterator of PackageRequirement objects for given requirements.

Return type:

iterator