pyodide-lock 0.1.0__tar.gz

pyodide_lock-0.1.0/.codecov.yml

@@ -0,0 +1 @@
+comment: false

pyodide_lock-0.1.0/.github/workflows/main.yml

@@ -0,0 +1,53 @@
+
+name: CI
+on: ["push", "pull_request"]
+
+permissions:
+  contents: read
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up Python 3.10
+      uses: actions/setup-python@v3
+      with:
+        python-version: "3.10"
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        pip install -e ".[dev]"
+    - name: Build
+      run: |
+        pyproject-build
+    - name: Test with pytest
+      run: |
+        pytest --cov=. --cov-report=xml
+    - name: Upload coverage
+      uses: codecov/codecov-action@v3
+      with:
+        token: ${{ secrets.CODECOV_TOKEN }}
+
+  deploy:
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags')
+    environment: PyPi-deploy
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.12
+      - name: Install requirements and build wheel
+        shell: bash -l {0}
+        run: |
+          python -m pip install build twine
+          python -m build .
+      - name: Publish package
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          user: __token__
+          password: ${{ secrets.PYPI_API_TOKEN }}

pyodide_lock-0.1.0/.gitignore

@@ -0,0 +1,4 @@
+__pycache__
+.coverage
+.hypothesis
+dist/

pyodide_lock-0.1.0/.pre-commit-config.yaml

@@ -0,0 +1,48 @@
+default_language_version:
+  python: "3.12"
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: "v5.0.0"
+    hooks:
+      - id: check-added-large-files
+      - id: check-case-conflict
+      - id: check-merge-conflict
+      - id: check-symlinks
+      - id: check-yaml
+      - id: debug-statements
+      - id: end-of-file-fixer
+      - id: mixed-line-ending
+      - id: trailing-whitespace
+
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: "v0.11.4"
+    hooks:
+      - id: ruff
+        args: [--fix]
+
+  - repo: https://github.com/psf/black
+    rev: "25.1.0"
+    hooks:
+      - id: black
+
+  - repo: https://github.com/pre-commit/pygrep-hooks
+    rev: "v1.10.0"
+    hooks:
+      - id: python-use-type-annotations
+        exclude: docs/sphinx_pyodide/tests/test_directives\.py
+
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: "v0.10.0.1"
+    hooks:
+      - id: shellcheck
+
+  - repo: https://github.com/pre-commit/mirrors-mypy
+    rev: "v1.15.0"
+    hooks:
+      - id: mypy
+        args: []
+        additional_dependencies:
+          - pydantic
+
+ci:
+  autoupdate_schedule: "quarterly"

pyodide_lock-0.1.0/CHANGELOG.md

@@ -0,0 +1,79 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## Unreleased
+
+## [0.1.0] - 2025-08-16
+
+No functional changes. pyodide-lock is no longer an alpha version.
+
+## [0.1.0a8] - 2024-09-17
+
+### Added
+
+- Support stable ABI (`abi3`) wheels in lock file.
+  [#32](https://github.com/pyodide/pyodide-lock/pull/32)
+
+## [0.1.0a7] - 2024-08-08
+
+### Added
+
+- `shared_library` key is removed from the lock file.
+  [#31](https://github.com/pyodide/pyodide-lock/pull/31)
+
+## [0.1.0a6] - 2024-04-03
+
+### Added
+
+- The `info` field now contains an optional `abi_version`.
+  [#27](https://github.com/pyodide/pyodide-lock/pull/27)
+
+## [0.1.0a5] - 2024-04-03
+
+### Changed
+
+- `pydantic >= 2.0` is now required.
+  [#26](https://github.com/pyodide/pyodide-lock/pull/26)
+
+## [0.1.0a4] - 2023-11-17
+
+### Added
+
+- Pinned to `pydantic >=1.10.2,<2`
+  [#23](https://github.com/pyodide/pyodide-lock/pull/23)
+
+- Added `PackageSpec.from_wheel` for generating a package spec from a `.whl` file
+  [#18](https://github.com/pyodide/pyodide-lock/pull/18)
+
+- Added `parse_top_level_import_name` for finding importable names in `.whl` files
+  [#17](https://github.com/pyodide/pyodide-lock/pull/17)
+
+- Added `pyodide lockfile add_wheels` CLI command.
+  [#20](https://github.com/pyodide/pyodide-lock/pull/20)
+
+## [0.1.0a3] - 2023-09-15
+
+### Fixed
+
+- Fixed package home/issues URL metadata in `pyproject.toml`
+  [#15](https://github.com/pyodide/pyodide-lock/pull/15)
+
+- Fixed `PyodideLockSpec.to_json` to not add newlines to the output by default.
+  [#12](https://github.com/pyodide/pyodide-lock/pull/12)
+
+## [0.1.0a2] - 2023-07-21
+
+### Added
+
+- Add `check_wheel_filenames` method to `PyodideLockSpec` that checks that the
+  package name in version are consistent between the wheel filename and the
+  corresponding pyodide-lock.json fields
+  [#11](https://github.com/pyodide/pyodide-lock/pull/11)
+
+## [0.1.0a1] - 2023-06-23
+
+Initial release

pyodide_lock-0.1.0/LICENSE

@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2023, Roman Yurchak
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

pyodide_lock-0.1.0/PKG-INFO

@@ -0,0 +1,65 @@
+Metadata-Version: 2.4
+Name: pyodide-lock
+Version: 0.1.0
+Summary: Tooling to manage the `pyodide-lock.json` file
+Project-URL: Homepage, https://github.com/pyodide/pyodide-lock
+Project-URL: Bug Tracker, https://github.com/pyodide/pyodide-lock/issues
+Author: Pyodide developers
+License-File: LICENSE
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Requires-Python: >=3.10
+Requires-Dist: pydantic>=2
+Provides-Extra: cli
+Requires-Dist: typer; extra == 'cli'
+Provides-Extra: dev
+Requires-Dist: build; extra == 'dev'
+Requires-Dist: packaging; extra == 'dev'
+Requires-Dist: pkginfo; extra == 'dev'
+Requires-Dist: pytest; extra == 'dev'
+Requires-Dist: pytest-cov; extra == 'dev'
+Requires-Dist: typer; extra == 'dev'
+Requires-Dist: wheel; extra == 'dev'
+Provides-Extra: wheel
+Requires-Dist: packaging; extra == 'wheel'
+Requires-Dist: pkginfo; extra == 'wheel'
+Description-Content-Type: text/markdown
+
+# pyodide-lock
+
+[![PyPI Latest Release](https://img.shields.io/pypi/v/pyodide-lock.svg)](https://pypi.org/project/pyodide-lock/)
+![GHA](https://github.com/pyodide/pyodide-lock/actions/workflows/main.yml/badge.svg)
+[![codecov](https://codecov.io/gh/pyodide/pyodide-lock/branch/main/graph/badge.svg?token=T0UEJW2F2P)](https://codecov.io/gh/pyodide/pyodide-lock)
+
+Tooling to manage the `pyodide-lock.json` file.
+
+Note: the API of this package is still being iterated on and may change completely
+before the 0.1 release.
+
+The `pyodide-lock` file is used to lock the versions of the packages that are
+used in a given Pyodide application. Packages included in `pyodide-lock.json`
+will be auto-loaded at import time, when using `pyodide.runPythonAsync` or
+running in JupyterLite or PyScript, and do not need to be explicitly installed
+with micropip.
+
+## Installation
+
+```bash
+pip install pyodide-lock
+```
+
+## Python API
+
+To parsing and write the `pyodide-lock.json` (formerly `repodata.json`) file:
+```py
+from pyodide_lock import PyodideLockSpec
+
+lock_spec = PyodideLockSpec.from_json("pyodide-lock.json")
+# Make some changes
+lock_spec.to_json("pyodide-lock.json")
+```
+
+## License
+
+BSD-3-Clause License

pyodide_lock-0.1.0/README.md

@@ -0,0 +1,37 @@
+# pyodide-lock
+
+[![PyPI Latest Release](https://img.shields.io/pypi/v/pyodide-lock.svg)](https://pypi.org/project/pyodide-lock/)
+![GHA](https://github.com/pyodide/pyodide-lock/actions/workflows/main.yml/badge.svg)
+[![codecov](https://codecov.io/gh/pyodide/pyodide-lock/branch/main/graph/badge.svg?token=T0UEJW2F2P)](https://codecov.io/gh/pyodide/pyodide-lock)
+
+Tooling to manage the `pyodide-lock.json` file.
+
+Note: the API of this package is still being iterated on and may change completely
+before the 0.1 release.
+
+The `pyodide-lock` file is used to lock the versions of the packages that are
+used in a given Pyodide application. Packages included in `pyodide-lock.json`
+will be auto-loaded at import time, when using `pyodide.runPythonAsync` or
+running in JupyterLite or PyScript, and do not need to be explicitly installed
+with micropip.
+
+## Installation
+
+```bash
+pip install pyodide-lock
+```
+
+## Python API
+
+To parsing and write the `pyodide-lock.json` (formerly `repodata.json`) file:
+```py
+from pyodide_lock import PyodideLockSpec
+
+lock_spec = PyodideLockSpec.from_json("pyodide-lock.json")
+# Make some changes
+lock_spec.to_json("pyodide-lock.json")
+```
+
+## License
+
+BSD-3-Clause License

pyodide_lock-0.1.0/pyodide_lock/__init__.py

@@ -0,0 +1,9 @@
+from .spec import InfoSpec, PackageSpec, PyodideLockSpec
+from .utils import parse_top_level_import_name
+
+__all__ = [
+    "PyodideLockSpec",
+    "PackageSpec",
+    "InfoSpec",
+    "parse_top_level_import_name",
+]

pyodide_lock-0.1.0/pyodide_lock/cli.py

@@ -0,0 +1,57 @@
+from pathlib import Path
+
+import typer
+
+from .spec import PyodideLockSpec
+from .utils import add_wheels_to_spec
+
+main = typer.Typer(help="manipulate pyodide-lock.json lockfiles.")
+
+
+@main.command()
+def add_wheels(
+    wheels: list[Path],
+    ignore_missing_dependencies: bool = typer.Option(
+        help="If this is true, dependencies "
+        "which are not in the original lockfile or "
+        "the added wheels will be added to the lockfile. "
+        "Warning: This will allow a broken lockfile to "
+        "be created.",
+        default=False,
+    ),
+    input: Path = typer.Option(
+        help="Source lockfile", default=Path("pyodide-lock.json")
+    ),
+    output: Path = typer.Option(
+        help="Updated lockfile", default=Path("pyodide-lock-new.json")
+    ),
+    base_path: Path = typer.Option(
+        help="Base path for wheels - wheel file "
+        "names will be created relative to this path.",
+        default=None,
+    ),
+    wheel_url: str = typer.Option(
+        help="Base url which will be appended to the wheel location."
+        "Use this if you are hosting these wheels on a different "
+        "server to core pyodide packages",
+        default="",
+    ),
+):
+    """Add a set of package wheels to an existing pyodide-lock.json and
+    write it out to pyodide-lock-new.json
+
+    Each package in the wheel will be added to the output lockfile,
+    including resolution of dependencies in the lock file. By default
+    this will fail if a dependency isn't available in either the
+    existing lock file, or in the set of new wheels.
+
+    """
+    sp = PyodideLockSpec.from_json(input)
+    sp = add_wheels_to_spec(
+        sp,
+        wheels,
+        base_path=base_path,
+        base_url=wheel_url,
+        ignore_missing_dependencies=ignore_missing_dependencies,
+    )
+    sp.to_json(output)

pyodide_lock-0.1.0/pyodide_lock/spec.py

@@ -0,0 +1,88 @@
+import json
+from pathlib import Path
+from typing import Literal
+
+from pydantic import BaseModel, ConfigDict, Field
+
+
+class InfoSpec(BaseModel):
+    arch: Literal["wasm32", "wasm64"] = "wasm32"
+    platform: str
+    version: str
+    python: str
+    abi_version: str | None = None
+    model_config = ConfigDict(extra="forbid")
+
+
+class PackageSpec(BaseModel):
+    name: str
+    version: str
+    file_name: str = Field(
+        description="Path (or URL) to wheel.",
+    )
+    install_dir: str
+    sha256: str = ""
+    package_type: Literal[
+        "package", "cpython_module", "shared_library", "static_library"
+    ] = "package"
+    imports: list[str] = []
+    depends: list[str] = []
+    unvendored_tests: bool = False
+    # This field is deprecated and will not be included in the output
+    shared_library: bool = Field(default=False, exclude=True)
+    model_config = ConfigDict(extra="forbid")
+
+
+class PyodideLockSpec(BaseModel):
+    """A specification for the pyodide-lock.json file."""
+
+    info: InfoSpec
+    packages: dict[str, PackageSpec]
+    model_config = ConfigDict(extra="forbid")
+
+    @classmethod
+    def from_json(cls, path: Path) -> "PyodideLockSpec":
+        """Read the lock spec from a json file."""
+        with path.open("r", encoding="utf-8") as fh:
+            data = json.load(fh)
+        return cls(**data)
+
+    def to_json(self, path: Path, indent: int | None = None) -> None:
+        """Write the lock spec to a json file."""
+        with path.open("w", encoding="utf-8") as fh:
+            model_dict = self.model_dump()
+            json_str = json.dumps(model_dict, indent=indent, sort_keys=True)
+            fh.write(json_str)
+
+    def check_wheel_filenames(self) -> None:
+        """Check that the package name and version are consistent in wheel filenames"""
+        from packaging.utils import (
+            canonicalize_name,
+            canonicalize_version,
+            parse_wheel_filename,
+        )
+
+        errors: dict[str, list[str]] = {}
+        for name, spec in self.packages.items():
+            if not spec.file_name.endswith(".whl"):
+                continue
+            name_in_wheel, ver, _, _ = parse_wheel_filename(spec.file_name)
+            if canonicalize_name(name_in_wheel) != canonicalize_name(spec.name):
+                errors.setdefault(name, []).append(
+                    f"Package name in wheel filename {name_in_wheel!r} "
+                    f"does not match {spec.name!r}"
+                )
+            if canonicalize_version(ver) != canonicalize_version(spec.version):
+                errors.setdefault(name, []).append(
+                    f"Version in the wheel filename {canonicalize_version(ver)!r} "
+                    f"does not match package version "
+                    f"{canonicalize_version(spec.version)!r}"
+                )
+        if errors:
+            error_msg = "check_wheel_filenames failed:\n"
+
+            error_msg += "  - " + "\n  - ".join(
+                f"{name}:\n    - " + "\n    - ".join(errs)
+                for name, errs in errors.items()
+            )
+            raise ValueError(error_msg)