safety icon indicating copy to clipboard operation
safety copied to clipboard

Published 20 hours ago verified publisher icon pyupio

Checking projects using Poetry >= 1.5.0 fails

Open plaa opened this issue 1 year ago • 4 comments

  • safety version: 2.3.5
  • Python version: 3.10.12
  • Operating System: MacOS Ventura

Description

Safety uses dparse to parse the poetry.lock file. Poetry deprecated and in 1.5.0 removed writing of the category field into the poetry.lock file, while dparse assumes this field to always be present. Thus safety fails with the exception Malformed poetry lock file for any project using Poetry 1.5.0 (released in May) or newer.

dparse issue: https://github.com/pyupio/dparse/issues/67

plaa avatar Aug 03 '23 09:08 plaa

@plaa, thanks for this report; in the coming month, we are releasing a 3.0 Safety version where this issue is addressed.

yeisonvargasf avatar Aug 04 '23 14:08 yeisonvargasf

@plaa, thanks for this report; in the coming month, we are releasing a 3.0 Safety version where this issue is addressed.

Great! I just ran into this same error

Corfucinas avatar Aug 06 '23 23:08 Corfucinas

We have also run into this issue.. Fix would be much appreciated!

jserpapinto avatar Nov 06 '23 11:11 jserpapinto

Hi @plaa and everyone involved,

Thank you for your patience and for bringing this issue to our attention.

We're pleased to inform you that Safety version 3 has been released, and this version addresses the issue with parsing poetry.lock files for projects using Poetry 1.5.0 or newer. The update ensures compatibility by handling the changes in the poetry.lock file structure.

Please update to Safety version 3 and test your environment. If you encounter any issues or have further questions, please let us know.

Thank you for your continued support and for helping us improve Safety!

Best Regards, The Safety Team

dylanpulver avatar Aug 07 '24 21:08 dylanpulver