Project dependencies may have API risk issues
PyDeps opened this issue · comments
Hi, In explainshell, inappropriate dependency versioning constraints can cause risks.
Below are the dependencies and version constraints that the project is using
Flask==0.12
MarkupSafe==1.0
nltk==2.0.5
nose==1.3.0
pymongo==2.6
bashlex==0.12
The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict.
The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.
After further analysis, in this project,
The version constraint of dependency Flask can be changed to >=0.10,<=0.12.5.
The above modification suggestions can reduce the dependency conflicts as much as possible,
and introduce the latest version as much as possible without calling Error in the projects.
The invocation of the current project includes all the following methods.
The calling methods from the Flask
json.loads
The calling methods from the all methods
logging.getLogger Flask p.text.strip getattr inside.append textwrap.dedent self._fixers list _flag opts.append logging.config.dictConfig l.startswith f.pre_get_raw_manpage s.findmanpage sm _parsesynopsis self.aliases.update app.config.from_object enumerate _add text.d.setdefault.append f.pre_add_manpage re.finditer lines.strip m.span synopsis.SPLITSYNOP.match.groups re.sub abort f.pre_parse_manpage open d.lower BUILTINS.itervalues any round str isinstance l.isspace outside.append util.pairwise paragraph.section.lower mockstore f.post_classify request.form.get devnull.self.path.subprocess.check_output.rstrip fixerscls.append l.strip urllib.urlencode s.replace.replace errors.ProgramDoesNotExist sp errors.EmptyManpage subprocess.check_output render_template logger.info self._text.splitlines re.compile _addwords max l.decode.encode redirect s.strip self.extractedoption.super.__eq__ f._parents.append d.sort dict self._join p.text.index p.text.decode app.run toremove.append p.cleantext collections.OrderedDict text.textwrap.dedent.rstrip newdesc.extend names.append opt_regex.match p.text.rstrip join os.path.abspath reversed hasattr self.optiontrimmer.super.__init__ gzname.rsplit re.findall _eatbetween collections.namedtuple first.split store.paragraph util.toposorted opt2_regex.match mparagraphs.append short.append value.strip l.decode txt.lstrip m.end f.post_parse_manpage longest.start mngr.edit so s.replace m.group _eatbetweenregex.match _option super extract_option self.aliases.remove json.loads extractname value.lower os.getenv store.option os.path.join long.append self._removewhitespace d.append ValueError paragraph.lstrip sorted _parsetext request.form.get.lower app.route os.path.dirname self.tarfixer.super.__init__ r.append self.synopsis.splitlines helpers.convertparagraphs os.path.basename paragraph.splitlines l.strip.startswith newsuggestions.append _section.finditer bold f curr.text.rstrip manager.manager self.logger.info x.insert paragraphlines.append _replacements.append SPLITSYNOP.match store.store extractedoption _paragraphsbetween currpos.txt.isspace url_for set paragraph.strip s.addmanpage s.startswith d.setdefault d.items f.post_option_extraction f.pre_classify extract_first_line COMPOUNDRESERVEDWORDS.setdefault len l.append _convertvalue longest.end logger.error
@mgalgs
Could please help me check this issue?
May I pull a request to fix it?
Thank you very much.