Add runtime dependency validation #498
Draft
+333
−1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## master #498 +/- ##
=========================================
Coverage ? 80.52%
=========================================
Files ? 16
Lines ? 2192
Branches ? 454
=========================================
Hits ? 1765
Misses ? 277
Partials ? 150 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
why: NotRequired and TypedDict from typing_extensions are used at runtime in src/vcspull/types.py but were only available as dev dependencies. what: - Add typing_extensions>=4.0.0 with python_version<'3.11' marker - Python 3.11+ has these in stdlib typing module
why: Detect runtime imports not declared in pyproject.toml dependencies without relying on external tools (supply chain security). what: - Zero-dependency script using only stdlib (ast, tomllib, sys, pathlib) - Parses pyproject.toml dependencies and extracts imports via AST - Handles package->import name mapping (PyYAML->yaml, etc.) - Includes doctests for key functions
why: Catch undeclared imports before they cause runtime failures. what: - Add "Check runtime dependencies" step after dependency install - Runs .github/scripts/check_deps.py to detect undeclared imports
why: Allow local verification of runtime dependencies. what: - Add check-deps command in lint group - Runs .github/scripts/check_deps.py
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
typing_extensionsas a runtime dependency for Python <3.11 (fixes import error forNotRequired,TypedDict)src/Motivation
Dev-only dependencies like
typing_extensionswere being used at runtime but not declared independencies. This causes import errors when users install the package without dev dependencies.Implementation
Instead of using external tools like
fawltydeps, this adds a minimal ~250 line script using only stdlib (ast,tomllib,sys,pathlib). Benefits:Test plan
python .github/scripts/check_deps.pypassespython -m doctest .github/scripts/check_deps.pypasses (16 tests)uv run pytestpasses (297 tests)uv run --no-dev python -c 'from vcspull.types import ConfigDict'works