Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replace toml with tomli #829

Merged
merged 3 commits into from
Mar 25, 2022
Merged

Replace toml with tomli #829

merged 3 commits into from
Mar 25, 2022

Conversation

mkniewallner
Copy link
Contributor

Resolves #828

Replace toml with tomli for parsing bandit options defined in pyproject.toml.

The reason for requiring at least 1.1.0 is because support for text files has been deprecated in 1.2.0 then removed in 2.0.0, and support for binary files has only been added in 1.1.0, so this ensures that users have 1.1.0+, to reliably be able to read binary files.

As tomli only reads binary files, it is required to open the file using rb flags, which also impacts the format passed to safe_load for YAML files, but PyYAML accepts both binary and text files, so this still works as expected, though this may slow down a bit parsing time.

@mkniewallner
Copy link
Contributor Author

As python/cpython#31498 has been merged, I also added d40fed8 to only require tomli on Python < 3.11, and updated the import so that tomli is imported as tomllib, to reflect the fact that this will be the main way to import the parser.

Note that tomllib will only be in Python 3.11 in the next pre-release, 3.11.0a7, so if we prefer to wait for that, or maybe an RC, before considering it, I would be happy to drop this second commit and make a follow up PR later on.

test-requirements.txt Outdated Show resolved Hide resolved
Copy link
Member

@ericwb ericwb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ericwb ericwb merged commit 5a8f105 into PyCQA:main Mar 25, 2022
@mkniewallner mkniewallner deleted the replace-toml-with-tomli branch April 13, 2022 20:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Replace toml dependency with tomli
2 participants