Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Project dependencies may have API risk issues #299

Open
PyDeps opened this issue Jul 15, 2022 · 0 comments
Open

Project dependencies may have API risk issues #299

PyDeps opened this issue Jul 15, 2022 · 0 comments

Comments

@PyDeps
Copy link

PyDeps commented Jul 15, 2022

Hi, In explainshell, inappropriate dependency versioning constraints can cause risks.

Below are the dependencies and version constraints that the project is using

Flask==0.12
MarkupSafe==1.0
nltk==2.0.5
nose==1.3.0
pymongo==2.6
bashlex==0.12

The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict.
The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.

After further analysis, in this project,
The version constraint of dependency Flask can be changed to >=0.10,<=0.12.5.

The above modification suggestions can reduce the dependency conflicts as much as possible,
and introduce the latest version as much as possible without calling Error in the projects.

The invocation of the current project includes all the following methods.

The calling methods from the Flask
json.loads
The calling methods from the all methods
logging.getLogger
Flask
p.text.strip
getattr
inside.append
textwrap.dedent
self._fixers
list
_flag
opts.append
logging.config.dictConfig
l.startswith
f.pre_get_raw_manpage
s.findmanpage
sm
_parsesynopsis
self.aliases.update
app.config.from_object
enumerate
_add
text.d.setdefault.append
f.pre_add_manpage
re.finditer
lines.strip
m.span
synopsis.SPLITSYNOP.match.groups
re.sub
abort
f.pre_parse_manpage
open
d.lower
BUILTINS.itervalues
any
round
str
isinstance
l.isspace
outside.append
util.pairwise
paragraph.section.lower
mockstore
f.post_classify
request.form.get
devnull.self.path.subprocess.check_output.rstrip
fixerscls.append
l.strip
urllib.urlencode
s.replace.replace
errors.ProgramDoesNotExist
sp
errors.EmptyManpage
subprocess.check_output
render_template
logger.info
self._text.splitlines
re.compile
_addwords
max
l.decode.encode
redirect
s.strip
self.extractedoption.super.__eq__
f._parents.append
d.sort
dict
self._join
p.text.index
p.text.decode
app.run
toremove.append
p.cleantext
collections.OrderedDict
text.textwrap.dedent.rstrip
newdesc.extend
names.append
opt_regex.match
p.text.rstrip
join
os.path.abspath
reversed
hasattr
self.optiontrimmer.super.__init__
gzname.rsplit
re.findall
_eatbetween
collections.namedtuple
first.split
store.paragraph
util.toposorted
opt2_regex.match
mparagraphs.append
short.append
value.strip
l.decode
txt.lstrip
m.end
f.post_parse_manpage
longest.start
mngr.edit
so
s.replace
m.group
_eatbetweenregex.match
_option
super
extract_option
self.aliases.remove
json.loads
extractname
value.lower
os.getenv
store.option
os.path.join
long.append
self._removewhitespace
d.append
ValueError
paragraph.lstrip
sorted
_parsetext
request.form.get.lower
app.route
os.path.dirname
self.tarfixer.super.__init__
r.append
self.synopsis.splitlines
helpers.convertparagraphs
os.path.basename
paragraph.splitlines
l.strip.startswith
newsuggestions.append
_section.finditer
bold
f
curr.text.rstrip
manager.manager
self.logger.info
x.insert
paragraphlines.append
_replacements.append
SPLITSYNOP.match
store.store
extractedoption
_paragraphsbetween
currpos.txt.isspace
url_for
set
paragraph.strip
s.addmanpage
s.startswith
d.setdefault
d.items
f.post_option_extraction
f.pre_classify
extract_first_line
COMPOUNDRESERVEDWORDS.setdefault
len
l.append
_convertvalue
longest.end
logger.error

@mgalgs
Could please help me check this issue?
May I pull a request to fix it?
Thank you very much.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant