Skip to content

lockfiles: add Pipfile.lock parser

Warren Gifford requested to merge m/pipfile into main

Created by: mpimenov

There are several popular tools that manage dependencies of python code. "Poetry" was the first one for which we supported their format when doing the search for package dependencies. This commit adds another one, "Pipenv", with their Pipfile.lock format.

Also made a test for the poetry.lock files more strict.

Also separated tests for different dependencies sources into several calls to a helper. Since the tests are run sequentially and for each source we are waiting for 1 minute before reporting failure, this may worsen the time of a failed build. But for a successful build no change was observed, currently it takes ~2m 50s on Buildkite for "dev/gqltest -long".

Resolves https://github.com/sourcegraph/sourcegraph/issues/35041

Co-authored-by: Stefan Hengl [email protected]

Test plan: backend-integration on Buildkite.

Merge request reports

Loading