Skip to content

dt-url-markdown #148

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 6 commits into from
Aug 27, 2025
Merged

dt-url-markdown #148

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
f886689
Updated version to 1.31.5. Added DT url to markdown summary.
Alex-1089 Aug 26, 2025
fdc9475
updated protobuf api definitions
eeisegn Aug 27, 2025
a08a5a2
add missing grpc dependency
eeisegn Aug 27, 2025
648ccff
increase arg limit to 6
eeisegn Aug 27, 2025
5de294c
fix linter issues
eeisegn Aug 27, 2025
81022f6
update declared components
eeisegn Aug 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
### Added
- Upcoming changes...

## [1.31.5] - 2025-08-27
### Added
- Added jira markdown option for DT
- Added Dependency Track project link to markdown summary
- Updated protobuf client definitions
- Added date field to `scanoss-py comp versions` response

## [1.31.4] - 2025-08-20
### Added
- Added support for empty dependency track project policy checks
Expand Down Expand Up @@ -648,3 +655,4 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
[1.31.2]: https://github.com/scanoss/scanoss.py/compare/v1.31.1...v1.31.2
[1.31.3]: https://github.com/scanoss/scanoss.py/compare/v1.31.2...v1.31.3
[1.31.4]: https://github.com/scanoss/scanoss.py/compare/v1.31.3...v1.31.4
[1.31.5]: https://github.com/scanoss/scanoss.py/compare/v1.31.4...v1.31.5
2 changes: 1 addition & 1 deletion src/scanoss/__init__.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,4 +22,4 @@
THE SOFTWARE.
"""

__version__ = '1.31.4'
__version__ = '1.31.5'
69 changes: 47 additions & 22 deletions src/scanoss/api/common/v2/scanoss_common_pb2.py
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 20 additions & 0 deletions src/scanoss/api/common/v2/scanoss_common_pb2_grpc.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,24 @@
# Generated by the gRPC Python protocol compiler plugin. DO NOT EDIT!
"""Client and server classes corresponding to protobuf-defined services."""
import grpc
import warnings


GRPC_GENERATED_VERSION = '1.73.1'
GRPC_VERSION = grpc.__version__
_version_not_supported = False

try:
from grpc._utilities import first_version_is_lower
_version_not_supported = first_version_is_lower(GRPC_VERSION, GRPC_GENERATED_VERSION)
except ImportError:
_version_not_supported = True

if _version_not_supported:
raise RuntimeError(
f'The grpc package installed is at version {GRPC_VERSION},'
+ f' but the generated code in scanoss/api/common/v2/scanoss_common_pb2_grpc.py depends on'
+ f' grpcio>={GRPC_GENERATED_VERSION}.'
+ f' Please upgrade your grpc module to grpcio>={GRPC_GENERATED_VERSION}'
+ f' or downgrade your generated code using grpcio-tools<={GRPC_VERSION}.'
)
Comment on lines +7 to +24
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

gRPC version gate requires packaging alignment

Import-time RuntimeError for grpcio < 1.73.1 is fine, but ensure packaging enforces grpcio>=1.73.1 to avoid breaking downstreams unexpectedly. Consider also pinning protobuf>=6.31.0 to match pb2 files in this PR.

Run to confirm dependency declarations:

🏁 Script executed:

#!/bin/bash
set -euo pipefail
fd -a pyproject.toml || true
fd -a setup.cfg || true
fd -a setup.py || true
files=$(fd -a pyproject.toml setup.cfg setup.py | tr '\n' ' ' || true)
[ -n "$files" ] && rg -n -i "grpcio|protobuf" $files || true

Length of output: 390

🏁 Script executed:

#!/bin/bash
set -euo pipefail

for file in pyproject.toml setup.cfg; do
  if [ -f "$file" ]; then
    echo "==> $file <=="
    grep -n -E "grpcio|protobuf" "$file" || echo "No matches"
  fi
done

Length of output: 410

Ensure packaging aligns with the gRPC version gate

The runtime guard raises on grpcio < 1.73.1, but setup.cfg currently only requires grpcio > 1.42.0 (and protobuf > 3.19.1). You must bump these in your install requirements so downstream installs can’t slip into an unsupported grpcio version.

• In setup.cfg, under [options] install_requires, change:

grpcio>1.42.0
protobuf>3.19.1

to something like:

grpcio>=1.73.1
protobuf>=6.31.0

• Verify that no other packaging file (e.g. pyproject.toml) overrides or adds conflicting grpcio/protobuf constraints.
• After bumping, run pip install . in a clean virtualenv and import the generated module to confirm no runtime errors.

🤖 Prompt for AI Agents 
In src/scanoss/api/common/v2/scanoss_common_pb2_grpc.py around lines 7-24 the
generated module enforces grpcio>=1.73.1 at runtime but setup.cfg currently
permits grpcio>1.42.0 and protobuf>3.19.1; update packaging to prevent
installing unsupported grpc versions by changing the install_requires in
setup.cfg under [options] to grpcio>=1.73.1 and protobuf>=6.31.0 (or other
matching minimums), check pyproject.toml or any other packaging files for
conflicting constraints and align them, then verify in a clean virtualenv by
running pip install . and importing the generated module to confirm no runtime
RuntimeError.

Loading
Loading