Skip to content

Commit

Permalink
Keep a consistant order for hashes for get_package_hashes.
Browse files Browse the repository at this point in the history 
Fixes peterbe#126
  • Loading branch information
@pcorpet
pcorpet committed Jan 5, 2022
1 parent fc8eb35 commit 192b248
Show file tree
Hide file tree
Showing 2 changed files with 46 additions and 3 deletions.
7 changes: 4 additions & 3 deletions hashin.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -246,7 +246,7 @@ def run_packages(
maybe_restriction = "" if not restriction else "; {0}".format(restriction)
new_lines = "{0}=={1}{2} \\\n".format(req, data["version"], maybe_restriction)
padding = " " * 4
for i, release in enumerate(sorted(data["hashes"], key=lambda r: r["hash"])):
for i, release in enumerate(data["hashes"], key=lambda r: r["hash"]):
new_lines += "{0}--hash={1}:{2}".format(padding, algorithm, release["hash"])
if i != len(data["hashes"]) - 1:
new_lines += " \\"
Expand Down Expand Up @@ -707,8 +707,9 @@ def get_package_hashes(
else:
raise PackageError("No releases could be found for {0}".format(version))

hashes = list(
get_releases_hashes(releases=releases, algorithm=algorithm, verbose=verbose)
hashes = sorted(
get_releases_hashes(releases=releases, algorithm=algorithm, verbose=verbose),
key=lambda r: r["hash"]
)
return {"package": package, "version": version, "hashes": hashes}

Expand Down
42 changes: 42 additions & 0 deletions tests/test_cli.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2442,6 +2442,48 @@ def mocked_get(url, **options):
hashin.get_package_hashes(package="uggamugga")


def test_get_package_hashes_consistant_order(murlopen):
def mocked_get(url, **options):
if url == "https://pypi.org/pypi/hashin/json":
return _Response(
{
"info": {"version": "0.10", "name": "hashin"},
"releases": {
"0.10": [
{
"url": "https://pypi.org/packages/3.3/p/hashin/hashin-0.10-py3-none-any.whl",
"digests": {"sha256": "bbbbb"},
},
{
"url": "https://pypi.org/packages/source/p/hashin/hashin-0.10.tar.gz",
"digests": {"sha256": "ccccc"},
},
{
"url": "https://pypi.org/packages/2.7/p/hashin/hashin-0.10-py2-none-any.whl",
"digests": {"sha256": "aaaaa"},
},
]
},
}
)

raise NotImplementedError(url)

murlopen.side_effect = mocked_get

result = hashin.get_package_hashes(
package="hashin", version="0.10", algorithm="sha256"
)

expected = {
"package": "hashin",
"version": "0.10",
"hashes": [{"hash": "aaaaa"}, {"hash": "bbbbb"}, {"hash": "ccccc"}],
}

assert result == expected


def test_with_extras_syntax(murlopen, tmpfile):
"""When you want to add the hashes of a package by using the
"extras notation". E.g `requests[security]`.
Expand Down

0 comments on commit 192b248

Please sign in to comment.