-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Correct exit status when explicitly excluded deps are unused #153
Conversation
Hi and thanks for this @sanmai-NL! I would just like to have a test added for this before merging this change. I can look into this later tonight at earliest. |
Hi again, can you please explain what you mean here? I just added this test, which means to fail (exit code 1) if you:
This is basically like running the following command in this repo: $ creosote --exclude-deps nonexistentdependency
Found dependencies in pyproject.toml: distlib, dotty-dict, loguru, pip-requirements-parser, toml
Excluded dependencies not found in virtual environment: nonexistentdependency
Oh no, bloated venv! 🤢 🪣
Unused dependencies found: nonexistentdependency
echo $?
1
As you can see, this test fails this PR, which makes me wonder what behavior you are expecting. |
@sanmai-NL I'm going to close this. Please feel free to reopen if you think I'm wrong to close this. |
I‘m speaking of product as your user's package, rather than project (frequent misnomer in the OSS world). @fredrikaverpil Furthermore, whether a package is installed in the venv, should be left out of consideration (i.e., not be a criterion in your algorithm, written in your last post). What matters is what the product specificies in terms of deps. Only when checking against de facto deps of the product iff globally installed packages and iff the product specific venv is disabled, you would perhaps want to assume the dep is satisfied (with a warning). Again, this is not related to functionality of Creosote as unused dep finder, only for *. |
Okay, I see. I think you have a point, so I am reopening this issue. I'm not sure I see how this can be beneficial in your case, but I trust you have a use case where you need this. To me, this would be a misconfiguration of creosote, but like you say not necessarily a defect that warrants a non-zero exit code and a failing CI check. Most often with CI, you don't look at the logs every time you run the checks. If your checks passes, you assume everything was fine. By failing when there is a misconfiguration, this will bring attention to the fact that you likely forgot to update your I don't think I want to introduce different error codes here. I would then rather introduce a commandline option which can toggle this behavior. Since I personally would like a failure by default, I'm now contemplating whether to add in a CLI argument that can ignore excluded-but-unused dependencies. This means you would have to specify this command line argument in your setup, so to get the behavior you desire. Do you think this is a good tradeoff? |
My use case is that we have default templates for Python products and want to exclude known problematic deps from our default Creosote config, whether they are specified as deps in specific Python products or not. |
In any case, the message 'Unused dependencies found' is incorrect if an excluded dep is indeed unused, but also unspecified. |
Let's continue this in #161 |
Why is the change needed?
The exit status is incorrect when excluded deps are detected.
What was done in this PR?
Are there any concerns, side-effects, additional notes?
Checklist, when applicable