Default category to main for poetry

Changelog.md

@@ -1,5 +1,8 @@
 # FOSSA CLI Changelog
 
+## v3.8.2
+- Poetry: Defaults `category` to `main` if not present in lockfile. ([#1211](https://github.com/fossas/fossa-cli/pull/1211))
+
 ## v3.8.1
 - Setup.py: Fixes an defect with `setup.py` parser, caused by failing to account for line comments or backslash. ([#1191](https://github.com/fossas/fossa-cli/pull/1191))
 - Installation: `install-latest.sh` now directs `curl` and `wget` to pass `Cache-Control: no-cache` headers to the server. ([#1206](https://github.com/fossas/fossa-cli/pull/1206))

docs/references/strategies/languages/python/poetry.md

@@ -16,7 +16,7 @@ We parse `pyproject.toml` to find direct dependencies and their [version constra
 If `poetry.lock` file is discovered, following will be analyzed from lockfile to supplement the analyses:
 
 - `[package.dependencies]` - package's dependencies
-- `package.category` - package's environment (dev, test, etc.)
+- `package.category` - package's environment (dev, test, etc.). If not present, defaults to `main`.
 - `package.name` - name of the package
 - `package.version` - resolved version of the package
 

src/Strategy/Python/Poetry/Common.hs

@@ -202,7 +202,14 @@ toMap pkgs = Map.fromList $ (\x -> (canonicalPkgName x, toDependency x)) <$> (fi
 
     toDepEnvironment :: PoetryLockPackage -> DepEnvironment
     toDepEnvironment pkg = case poetryLockPackageCategory pkg of
-      "dev" -> EnvDevelopment
-      "main" -> EnvProduction
-      "test" -> EnvTesting
-      other -> EnvOther other
+      Just category -> case category of
+        "dev" -> EnvDevelopment
+        "main" -> EnvProduction
+        "test" -> EnvTesting
+        other -> EnvOther other
+      Nothing -> defaultDepEnvironment
+
+    defaultDepEnvironment :: DepEnvironment
+    -- Poetry made this field optional. When not present, it defaults to `main`, which maps to `EnvProduction`.
+    -- https://github.com/python-poetry/poetry/pull/7637
+    defaultDepEnvironment = EnvProduction

src/Strategy/Python/Poetry/PoetryLock.hs

@@ -29,8 +29,10 @@ newtype PackageName = PackageName {unPackageName :: Text} deriving (Eq, Ord, Sho
 poetryLockCodec :: TomlCodec PoetryLock
 poetryLockCodec =
   PoetryLock
-    <$> Toml.list poetryLockPackageCodec "package" .= poetryLockPackages
-    <*> Toml.table poetryMetadataCodec "metadata" .= poetryLockMetadata
+    <$> Toml.list poetryLockPackageCodec "package"
+      .= poetryLockPackages
+    <*> Toml.table poetryMetadataCodec "metadata"
+      .= poetryLockMetadata
 
 -- | Metadata of poetry lock file.
 data PoetryMetadata = PoetryMetadata
@@ -43,9 +45,12 @@ data PoetryMetadata = PoetryMetadata
 poetryMetadataCodec :: TomlCodec PoetryMetadata
 poetryMetadataCodec =
   PoetryMetadata
-    <$> Toml.text "lock-version" .= poetryMetadataLockVersion
-    <*> Toml.text "content-hash" .= poetryMetadataContentHash
-    <*> Toml.text "python-versions" .= poetryMetadataPythonVersions
+    <$> Toml.text "lock-version"
+      .= poetryMetadataLockVersion
+    <*> Toml.text "content-hash"
+      .= poetryMetadataContentHash
+    <*> Toml.text "python-versions"
+      .= poetryMetadataPythonVersions
 
 -- | A PoetryLockPackageSource represents [package.source] field in poetry.lock.
 -- Source indicates from where the package was retrieved.
@@ -61,7 +66,7 @@ data PoetryLockPackageSource = PoetryLockPackageSource
 data PoetryLockPackage = PoetryLockPackage
   { poetryLockPackageName :: PackageName
   , poetryLockPackageVersion :: Text
-  , poetryLockPackageCategory :: Text
+  , poetryLockPackageCategory :: Maybe Text
   , poetryLockPackageOptional :: Bool
   , poetryLockPackagePythonVersions :: Text
   , poetryLockPackageDependencies :: Map Text PoetryLockDependencySpec
@@ -72,21 +77,32 @@ data PoetryLockPackage = PoetryLockPackage
 poetryLockPackageCodec :: TomlCodec PoetryLockPackage
 poetryLockPackageCodec =
   PoetryLockPackage
-    <$> Toml.diwrap (Toml.text "name") .= poetryLockPackageName
-    <*> Toml.text "version" .= poetryLockPackageVersion
-    <*> Toml.text "category" .= poetryLockPackageCategory
-    <*> Toml.bool "optional" .= poetryLockPackageOptional
-    <*> Toml.text "python-versions" .= poetryLockPackagePythonVersions
-    <*> Toml.tableMap Toml._KeyText poetryLockPackagePoetryLockDependencySpecCodec "dependencies" .= poetryLockPackageDependencies
-    <*> Toml.dioptional (Toml.table poetryLockPackageSourceCodec "source") .= poetryLockPackageSource
+    <$> Toml.diwrap (Toml.text "name")
+      .= poetryLockPackageName
+    <*> Toml.text "version"
+      .= poetryLockPackageVersion
+    <*> Toml.dioptional (Toml.text "category")
+      .= poetryLockPackageCategory
+    <*> Toml.bool "optional"
+      .= poetryLockPackageOptional
+    <*> Toml.text "python-versions"
+      .= poetryLockPackagePythonVersions
+    <*> Toml.tableMap Toml._KeyText poetryLockPackagePoetryLockDependencySpecCodec "dependencies"
+      .= poetryLockPackageDependencies
+    <*> Toml.dioptional (Toml.table poetryLockPackageSourceCodec "source")
+      .= poetryLockPackageSource
 
 poetryLockPackageSourceCodec :: TomlCodec PoetryLockPackageSource
 poetryLockPackageSourceCodec =
   PoetryLockPackageSource
-    <$> Toml.text "type" .= poetryLockPackageSourceType
-    <*> Toml.text "url" .= poetryLockPackageSourceUrl
-    <*> Toml.dioptional (Toml.text "reference") .= poetryLockPackageSourceReference
-    <*> Toml.dioptional (Toml.text "resolved_reference") .= poetryLockPackageSourceResolvedReference
+    <$> Toml.text "type"
+      .= poetryLockPackageSourceType
+    <*> Toml.text "url"
+      .= poetryLockPackageSourceUrl
+    <*> Toml.dioptional (Toml.text "reference")
+      .= poetryLockPackageSourceReference
+    <*> Toml.dioptional (Toml.text "resolved_reference")
+      .= poetryLockPackageSourceResolvedReference
 
 data PoetryLockDependencySpec
   = TextVersion Text
@@ -102,7 +118,8 @@ newtype ObjectVersion = ObjectVersion
 objectVersionCodec :: TomlCodec ObjectVersion
 objectVersionCodec =
   ObjectVersion
-    <$> Toml.text "version" .= unObjectVersion
+    <$> Toml.text "version"
+      .= unObjectVersion
 
 matchTextVersion :: PoetryLockDependencySpec -> Maybe Text
 matchTextVersion (TextVersion version) = Just version

test/Python/Poetry/CommonSpec.hs

@@ -111,7 +111,7 @@ notSupportedPoetryLockDependency =
   PoetryLockPackage
     { poetryLockPackageName = PackageName "pkgSourcedFromFile"
     , poetryLockPackageVersion = "1.1.0"
-    , poetryLockPackageCategory = "main"
+    , poetryLockPackageCategory = Just "main"
     , poetryLockPackageOptional = False
     , poetryLockPackageDependencies = Map.empty
     , poetryLockPackagePythonVersions = "*"
@@ -184,7 +184,7 @@ spec = do
         [ PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgOne"
             , poetryLockPackageVersion = "1.21.0"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Just "main"
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies =
                 Map.fromList
@@ -216,7 +216,7 @@ spec = do
           [ PoetryLockPackage
               { poetryLockPackageName = PackageName "pkgWithGitSource"
               , poetryLockPackageVersion = "5.22.0.post0"
-              , poetryLockPackageCategory = "main"
+              , poetryLockPackageCategory = Just "main"
               , poetryLockPackageOptional = False
               , poetryLockPackageDependencies = Map.empty
               , poetryLockPackagePythonVersions = "*"
@@ -243,7 +243,7 @@ spec = do
           [ PoetryLockPackage
               { poetryLockPackageName = PackageName "pkgSourcedFromUrl"
               , poetryLockPackageVersion = "3.92.1"
-              , poetryLockPackageCategory = "main"
+              , poetryLockPackageCategory = Just "main"
               , poetryLockPackageOptional = False
               , poetryLockPackageDependencies = Map.empty
               , poetryLockPackagePythonVersions = "*"
@@ -270,7 +270,7 @@ spec = do
           [ PoetryLockPackage
               { poetryLockPackageName = PackageName "pkgSourcedFromFile"
               , poetryLockPackageVersion = "1.21.0"
-              , poetryLockPackageCategory = "main"
+              , poetryLockPackageCategory = Just "main"
               , poetryLockPackageOptional = False
               , poetryLockPackageDependencies = Map.empty
               , poetryLockPackagePythonVersions = "*"
@@ -285,7 +285,7 @@ spec = do
           [ PoetryLockPackage
               { poetryLockPackageName = PackageName "myprivatepkg"
               , poetryLockPackageVersion = "0.0.1"
-              , poetryLockPackageCategory = "main"
+              , poetryLockPackageCategory = Just "main"
               , poetryLockPackageOptional = False
               , poetryLockPackageDependencies = Map.empty
               , poetryLockPackagePythonVersions = ">=3.6"

test/Python/Poetry/PoetryLockSpec.hs

@@ -35,7 +35,7 @@ expectedPoetryLock =
         [ PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgWithGitSource"
             , poetryLockPackageVersion = "5.22.0.post0"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Just "some_other_category"
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = "*"
@@ -51,7 +51,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgSourcedFromFile"
             , poetryLockPackageVersion = "1.21.0"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Just "main"
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = "*"
@@ -67,7 +67,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgSourcedFromUrl"
             , poetryLockPackageVersion = "3.92.1"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Nothing
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = "*"
@@ -83,7 +83,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgOne"
             , poetryLockPackageVersion = "1.21.0"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Nothing
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies =
                 Map.fromList
@@ -103,7 +103,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgOneChildofOne"
             , poetryLockPackageVersion = "11.4"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Nothing
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = "*"
@@ -112,7 +112,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgTwoChildofOne"
             , poetryLockPackageVersion = "5.4"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Nothing
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = "*"
@@ -121,7 +121,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "pkgThreeChildofOne"
             , poetryLockPackageVersion = "1.6.1"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Nothing
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = "*"
@@ -130,7 +130,7 @@ expectedPoetryLock =
         , PoetryLockPackage
             { poetryLockPackageName = PackageName "myprivatepkg"
             , poetryLockPackageVersion = "0.0.1"
-            , poetryLockPackageCategory = "main"
+            , poetryLockPackageCategory = Nothing
             , poetryLockPackageOptional = False
             , poetryLockPackageDependencies = Map.empty
             , poetryLockPackagePythonVersions = ">=3.6"

test/Python/PoetrySpec.hs

@@ -36,7 +36,7 @@ candidatePoetryLock =
     [ PoetryLockPackage
         { poetryLockPackageName = PackageName "flow_pipes"
         , poetryLockPackageVersion = "1.21.0"
-        , poetryLockPackageCategory = "main"
+        , poetryLockPackageCategory = Just "main"
         , poetryLockPackageOptional = False
         , poetryLockPackageDependencies = Map.fromList [("flow_pipes_gravity", TextVersion "^1.1")]
         , poetryLockPackagePythonVersions = "*"
@@ -45,7 +45,7 @@ candidatePoetryLock =
     , PoetryLockPackage
         { poetryLockPackageName = PackageName "flow_pipes_gravity"
         , poetryLockPackageVersion = "1.1.1"
-        , poetryLockPackageCategory = "main"
+        , poetryLockPackageCategory = Just "main"
         , poetryLockPackageOptional = False
         , poetryLockPackageDependencies = Map.empty
         , poetryLockPackagePythonVersions = "*"
@@ -83,7 +83,7 @@ spec = do
                 [ PoetryLockPackage
                     { poetryLockPackageName = PackageName "somePkg"
                     , poetryLockPackageVersion = "1.21.0"
-                    , poetryLockPackageCategory = "main"
+                    , poetryLockPackageCategory = Just "main"
                     , poetryLockPackageOptional = False
                     , poetryLockPackageDependencies = Map.empty
                     , poetryLockPackagePythonVersions = "*"
@@ -99,7 +99,7 @@ spec = do
                   [ PoetryLockPackage
                       { poetryLockPackageName = PackageName "somePkg"
                       , poetryLockPackageVersion = "1.21.0"
-                      , poetryLockPackageCategory = "main"
+                      , poetryLockPackageCategory = Just "main"
                       , poetryLockPackageOptional = False
                       , poetryLockPackageDependencies = Map.fromList [("pkgOneChildOne", TextVersion "*")]
                       , poetryLockPackagePythonVersions = "*"
@@ -108,7 +108,7 @@ spec = do
                   , PoetryLockPackage
                       { poetryLockPackageName = PackageName "pkgOneChildOne"
                       , poetryLockPackageVersion = "1.22.0"
-                      , poetryLockPackageCategory = "main"
+                      , poetryLockPackageCategory = Just "main"
                       , poetryLockPackageOptional = False
                       , poetryLockPackageDependencies = Map.empty
                       , poetryLockPackagePythonVersions = "*"