Always stringify collection requirement versions

Before this change, whenever a numeric version was specified in
`requirements.yml`, the YAML parser would read it as `int` or `float`
which would leak straight down into the dependency resolver. This
patch makes an unconditional conversion of that data into `str`
right before constructing `Requirement` objects.

Fixes #79109
Fixes #78067
pull/81694/head
Sviatoslav Sydorenko 1 year ago
parent 6f65397871
commit f25437a821
No known key found for this signature in database
GPG Key ID: 9345E8FEA89CA455

@ -310,6 +310,8 @@ class _ComputedReqKindsMixin:
def from_requirement_dict(cls, collection_req, art_mgr, validate_signature_options=True): def from_requirement_dict(cls, collection_req, art_mgr, validate_signature_options=True):
req_name = collection_req.get('name', None) req_name = collection_req.get('name', None)
req_version = collection_req.get('version', '*') req_version = collection_req.get('version', '*')
if req_version is not None:
req_version = str(req_version)
req_type = collection_req.get('type') req_type = collection_req.get('type')
# TODO: decide how to deprecate the old src API behavior # TODO: decide how to deprecate the old src API behavior
req_source = collection_req.get('source', None) req_source = collection_req.get('source', None)

Loading…
Cancel
Save