Skip to content

core:services:versionchooser: Fix yarl & python-multipart #3412

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jul 3, 2025

Conversation

joaomariolago
Copy link
Collaborator

@joaomariolago joaomariolago commented Jul 3, 2025

Fix a small mess that #3396 pushed to master...

  • Fix yarl version to avoid error when aiohttp is parsing URLs
  • Fix python-multipart

And make sure it is explicit that they are locked because other libraries couldn't lock by them self....

Summary by Sourcery

Bug Fixes:

  • Lock yarl to v1.12.1 to avoid aiohttp URL parsing errors

Summary by Sourcery

Lock yarl and python-multipart to fixed versions in relevant services and update the lock file to prevent URL parsing and multipart form errors in aiohttp and FastAPI.

Bug Fixes:

  • Lock yarl to 1.12.1 to avoid aiohttp URL parsing errors
  • Lock python-multipart to 0.0.5 to resolve FastAPI multipart form issues

Enhancements:

  • Add comments in pyproject.toml to clarify why these dependencies are locked

Build:

  • Update pyproject.toml in core/services/ardupilot_manager and core/services/versionchooser with explicit version locks
  • Regenerate uv.lock to incorporate the new dependency constraints

* Fix yarl version to avoid error when aiohttp is parsing URLs
Copy link

sourcery-ai bot commented Jul 3, 2025

Reviewer's Guide

This PR explicitly locks the versions of python-multipart and yarl in their respective service pyproject.toml files—adding comments to explain the pins—and regenerates the uv.lock file to include these constraints.

File-Level Changes

Change Details Files
Lock python-multipart to a fixed version with explanatory comment
  • Add python-multipart==0.0.5 to ardupilot_manager dependencies
  • Insert comment noting explicit lock because fastapi can’t pin it itself
core/services/ardupilot_manager/pyproject.toml
Lock yarl to v1.12.1 with explanatory comment
  • Add yarl==1.12.1 to versionchooser dependencies
  • Insert comment noting explicit lock to avoid aiohttp URL parsing errors
core/services/versionchooser/pyproject.toml
Regenerate lockfile to include new dependency pins
  • Update core/uv.lock to reflect new python-multipart and yarl versions
core/uv.lock

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@patrickelectric patrickelectric self-requested a review July 3, 2025 19:02
@joaomariolago joaomariolago marked this pull request as ready for review July 3, 2025 19:09
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @joaomariolago - I've reviewed your changes and they look great!


Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@joaomariolago joaomariolago marked this pull request as draft July 3, 2025 19:17
@joaomariolago joaomariolago changed the title core:services:versionchooser: Fix yarl core:services:versionchooser: Fix yarl & python-multipart Jul 3, 2025
@joaomariolago joaomariolago marked this pull request as ready for review July 3, 2025 19:31
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @joaomariolago - I've reviewed your changes and they look great!

Prompt for AI Agents
Please address the comments from this code review:
## Individual Comments

### Comment 1
<location> `core/services/versionchooser/pyproject.toml:14` </location>
<code_context>
     "connexion[aiohttp,swagger-ui]==2.14.2",
     "docker==6.0.0",
     "loguru==0.5.3",
+    # This dependency needs to be locked due to error in aiohttp
+    "yarl==1.12.1",
 ]

</code_context>

<issue_to_address>
Consider specifying the nature of the aiohttp error requiring yarl pinning.

Adding details or a reference about the specific aiohttp error and affected versions will clarify the reason for pinning yarl and assist future maintenance.
</issue_to_address>

<suggested_fix>
<<<<<<< SEARCH
    # This dependency needs to be locked due to error in aiohttp
    "yarl==1.12.1",
=======
    # Pin yarl due to incompatibility with aiohttp 3.x and yarl>=1.13.0, which causes import errors.
    # See: https://github.com/aio-libs/aiohttp/issues/4324
    "yarl==1.12.1",
>>>>>>> REPLACE

</suggested_fix>

Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

Comment on lines +14 to +15
# This dependency needs to be locked due to error in aiohttp
"yarl==1.12.1",
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Consider specifying the nature of the aiohttp error requiring yarl pinning.

Adding details or a reference about the specific aiohttp error and affected versions will clarify the reason for pinning yarl and assist future maintenance.

Suggested change
# This dependency needs to be locked due to error in aiohttp
"yarl==1.12.1",
# Pin yarl due to incompatibility with aiohttp 3.x and yarl>=1.13.0, which causes import errors.
# See: https://github.com/aio-libs/aiohttp/issues/4324
"yarl==1.12.1",

@patrickelectric patrickelectric merged commit a3e6b45 into bluerobotics:master Jul 3, 2025
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants