MaxMood96 · pull · Sep 22, 2021 · Sep 17, 2021 · Sep 21, 2021 · Sep 22, 2021
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -72,7 +72,7 @@
   "dependencies": {
     "@open-policy-agent/opa-wasm": "^1.2.0",
     "@snyk/cli-interface": "2.11.0",
-    "@snyk/cloud-config-parser": "^1.10.2",
+    "@snyk/cloud-config-parser": "^1.11.1",
     "@snyk/code-client": "^4.2.3",
     "@snyk/dep-graph": "^1.27.1",
     "@snyk/fix": "file:packages/snyk-fix",
@@ -137,8 +137,7 @@
     "tar": "^6.1.2",
     "tempy": "^1.0.1",
     "uuid": "^8.3.2",
-    "wrap-ansi": "^5.1.0",
-    "yaml": "^1.10.2"
+    "wrap-ansi": "^5.1.0"
   },
   "devDependencies": {
     "@types/cross-spawn": "^6.0.2",

diff --git a/packages/snyk-fix/src/index.ts b/packages/snyk-fix/src/index.ts
@@ -37,6 +37,8 @@ export async function fix(
   meta: FixedMeta;
   fixSummary: string;
 }> {
+  debug('Running snyk fix with options:', options);
+
   const spinner = ora({ isSilent: options.quiet, stream: process.stdout });
 
   let resultsByPlugin: FixHandlerResultByPlugin = {};

diff --git a/...ges/snyk-fix/src/plugins/python/handlers/pipenv-pipfile/update-dependencies/pipenv-add.ts b/...ges/snyk-fix/src/plugins/python/handlers/pipenv-pipfile/update-dependencies/pipenv-add.ts
@@ -1,5 +1,6 @@
 import * as pathLib from 'path';
 import * as pipenvPipfileFix from '@snyk/fix-pipenv-pipfile';
+import * as debugLib from 'debug';
 
 import {
   EntityToFix,
@@ -15,6 +16,8 @@ import {
 import { CommandFailedError } from '../../../../../lib/errors/command-failed-to-run-error';
 import { NoFixesCouldBeAppliedError } from '../../../../../lib/errors/no-fixes-applied';
 
+const debug = debugLib('snyk-fix:python:pipenvAdd');
+
 export async function pipenvAdd(
   entity: EntityToFix,
   options: FixOptions,
@@ -27,12 +30,18 @@ export async function pipenvAdd(
     const targetFilePath = pathLib.resolve(entity.workspace.path, targetFile);
     const { dir } = pathLib.parse(targetFilePath);
     if (!options.dryRun && upgrades.length) {
-      const res = await pipenvPipfileFix.pipenvInstall(dir, upgrades, {
+      const {
+        stderr,
+        stdout,
+        command,
+        exitCode,
+      } = await pipenvPipfileFix.pipenvInstall(dir, upgrades, {
         python: entity.options.command,
       });
-      if (res.exitCode !== 0) {
-        pipenvCommand = res.command;
-        throwPipenvError(res.stderr ? res.stderr : res.stdout, res.command);
+      debug('`pipenv add` returned:', { stderr, stdout, command });
+      if (exitCode !== 0) {
+        pipenvCommand = command;
+        throwPipenvError(stderr, stdout, command);
       }
     }
     changes.push(...generateSuccessfulChanges(upgrades, remediation.pin));
@@ -44,8 +53,7 @@ export async function pipenvAdd(
   return changes;
 }
 
-function throwPipenvError(stderr: string, command?: string) {
-  const errorStr = stderr.toLowerCase();
+function throwPipenvError(stderr: string, stdout: string, command?: string) {
   const incompatibleDeps =
     'There are incompatible versions in the resolved dependencies';
   const lockingFailed = 'Locking failed';
@@ -54,13 +62,17 @@ function throwPipenvError(stderr: string, command?: string) {
   const errorsToBubbleUp = [incompatibleDeps, lockingFailed, versionNotFound];
 
   for (const error of errorsToBubbleUp) {
-    if (errorStr.includes(error.toLowerCase())) {
+    if (
+      stderr.toLowerCase().includes(error.toLowerCase()) ||
+      stdout.toLowerCase().includes(error.toLowerCase())
+    ) {
       throw new CommandFailedError(error, command);
     }
   }
 
   const SOLVER_PROBLEM = /SolverProblemError(.* version solving failed)/gms;
-  const solverProblemError = SOLVER_PROBLEM.exec(stderr);
+  const solverProblemError =
+    SOLVER_PROBLEM.exec(stderr) || SOLVER_PROBLEM.exec(stdout);
   if (solverProblemError) {
     throw new CommandFailedError(solverProblemError[0].trim(), command);
   }

diff --git a/packages/snyk-fix/src/plugins/python/handlers/poetry/update-dependencies/poetry-add.ts b/packages/snyk-fix/src/plugins/python/handlers/poetry/update-dependencies/poetry-add.ts
@@ -1,4 +1,5 @@
 import * as pathLib from 'path';
+import * as debugLib from 'debug';
 
 import * as poetryFix from '@snyk/fix-poetry';
 
@@ -14,6 +15,7 @@ import {
 } from '../../attempted-changes-summary';
 import { CommandFailedError } from '../../../../../lib/errors/command-failed-to-run-error';
 import { NoFixesCouldBeAppliedError } from '../../../../../lib/errors/no-fixes-applied';
+const debug = debugLib('snyk-fix:python:poetryAdd');
 
 export async function poetryAdd(
   entity: EntityToFix,
@@ -28,13 +30,19 @@ export async function poetryAdd(
     const targetFilePath = pathLib.resolve(entity.workspace.path, targetFile);
     const { dir } = pathLib.parse(targetFilePath);
     if (!options.dryRun && upgrades.length) {
-      const res = await poetryFix.poetryAdd(dir, upgrades, {
-        dev,
-        python: entity.options.command ?? undefined,
-      });
-      if (res.exitCode !== 0) {
-        poetryCommand = res.command;
-        throwPoetryError(res.stderr ? res.stderr : res.stdout, res.command);
+      const { stderr, stdout, command, exitCode } = await poetryFix.poetryAdd(
+        dir,
+        upgrades,
+        {
+          dev,
+          python: entity.options.command ?? undefined,
+        },
+      );
+      debug('`poetry add` returned:', { stderr, stdout, command });
+
+      if (exitCode !== 0) {
+        poetryCommand = command;
+        throwPoetryError(stderr, stdout, command);
       }
     }
     changes.push(...generateSuccessfulChanges(upgrades, remediation.pin));
@@ -46,27 +54,32 @@ export async function poetryAdd(
   return changes;
 }
 
-function throwPoetryError(stderr: string, command?: string) {
+function throwPoetryError(stderr: string, stdout: string, command?: string) {
   const ALREADY_UP_TO_DATE = 'No dependencies to install or update';
   const INCOMPATIBLE_PYTHON = new RegExp(
     /Python requirement (.*) is not compatible/g,
     'gm',
   );
   const SOLVER_PROBLEM = /SolverProblemError(.* version solving failed)/gms;
 
-  const incompatiblePythonError = INCOMPATIBLE_PYTHON.exec(stderr);
+  const incompatiblePythonError =
+    INCOMPATIBLE_PYTHON.exec(stderr) || SOLVER_PROBLEM.exec(stdout);
   if (incompatiblePythonError) {
     throw new CommandFailedError(
       `The current project's Python requirement ${incompatiblePythonError[1]} is not compatible with some of the required packages`,
       command,
     );
   }
-  const solverProblemError = SOLVER_PROBLEM.exec(stderr);
+  const solverProblemError =
+    SOLVER_PROBLEM.exec(stderr) || SOLVER_PROBLEM.exec(stdout);
   if (solverProblemError) {
     throw new CommandFailedError(solverProblemError[0].trim(), command);
   }
 
-  if (stderr.includes(ALREADY_UP_TO_DATE)) {
+  if (
+    stderr.includes(ALREADY_UP_TO_DATE) ||
+    stdout.includes(ALREADY_UP_TO_DATE)
+  ) {
     throw new CommandFailedError(
       'No dependencies could be updated as they seem to be at the correct versions. Make sure installed dependencies in the environment match those in the lockfile by running `poetry update`',
       command,