From 5d62ed88de2f3b39537648265098ab495aee03b4 Mon Sep 17 00:00:00 2001
From: sachin-sandhu <sachin-sandhu@github.com>
Date: Sat, 23 Nov 2024 02:04:14 -0500
Subject: [PATCH] more fixes

---
 python/lib/dependabot/python/file_parser.rb   | 29 +++++++++++--------
 .../python/peotry_package_manager_spec.rb     | 11 ++++---
 .../python/pip_package_manager_spec.rb        | 11 ++++---
 3 files changed, 31 insertions(+), 20 deletions(-)

diff --git a/python/lib/dependabot/python/file_parser.rb b/python/lib/dependabot/python/file_parser.rb
index d6f04039576..69741033420 100644
--- a/python/lib/dependabot/python/file_parser.rb
+++ b/python/lib/dependabot/python/file_parser.rb
@@ -37,8 +37,10 @@ class FileParser < Dependabot::FileParsers::Base
         InvalidRequirement ValueError RecursionError
       ).freeze
 
-      DEFAULT_PACKAGE_MANAGER = "pip"
-      DEFAULT_PACKAGE_MANAGER_VERSION = "24.0"
+      # we use this placeholder version in case we are not able to detect any
+      # PIP version from shell, we are ensuring that the actual update is not blocked
+      # in any way if any metric collection exception start happening
+      UNDETECTED_PACKAGE_MANAGER_VERSION = "0.0"
 
       def parse
         # TODO: setup.py from external dependencies is evaluated. Provide guards before removing this.
@@ -84,10 +86,6 @@ def python_requirement_parser
 
       sig { returns(Ecosystem::VersionManager) }
       def package_manager
-        Dependabot.logger.info(
-          "Package manager #{detected_package_manager.name}, detected version #{detected_package_manager_version}"
-        )
-
         @package_manager ||= detected_package_manager
       end
 
@@ -95,12 +93,7 @@ def package_manager
       def detected_package_manager
         return PeotryPackageManager.new(detect_poetry_version) if poetry_lock && detect_poetry_version
 
-        PipPackageManager.new(DEFAULT_PACKAGE_MANAGER_VERSION)
-      end
-
-      sig { returns(String) }
-      def detected_package_manager_version
-        detect_poetry_version || DEFAULT_PACKAGE_MANAGER_VERSION
+        PipPackageManager.new(detect_pip_version)
       end
 
       def detect_poetry_version
@@ -118,6 +111,18 @@ def detect_poetry_version
         nil
       end
 
+      def detect_pip_version
+        # extracts pip version from current python via executing shell command
+        version = SharedHelpers.run_shell_command("pyenv exec pip -V")
+                               .split("from").first&.split("pip")&.last&.strip
+
+        log_if_version_malformed(PipPackageManager.name, version)
+
+        version&.match?(/^\d+(?:\.\d+)*$/) ? version : UNDETECTED_PACKAGE_MANAGER_VERSION
+      rescue StandardError
+        nil
+      end
+
       def log_if_version_malformed(package_manager, version)
         # logs warning if malformed version is found
         return true if version&.match?(/^\d+(?:\.\d+)*$/)
diff --git a/python/spec/dependabot/python/peotry_package_manager_spec.rb b/python/spec/dependabot/python/peotry_package_manager_spec.rb
index db3851a3943..c7f5c5bbf71 100644
--- a/python/spec/dependabot/python/peotry_package_manager_spec.rb
+++ b/python/spec/dependabot/python/peotry_package_manager_spec.rb
@@ -19,11 +19,14 @@
       end
     end
 
-    context "when version is a malformed string" do
-      let(:package_manager) { described_class.new("1.8.3)") }
+    context "when poetry version is extracted from pyenv is well formed" do
+      # If this test start failing, you need to adjust the "detect_poetry_version" function
+      # to return a valid version in format x.x, x.x.x etc. examples: 3.12.5, 3.12
+      version = Dependabot::SharedHelpers.run_shell_command("pyenv exec poetry --version")
+                                         .split("version ").last&.split(")")&.first
 
-      it "raises error" do
-        expect { package_manager.version }.to raise_error(Dependabot::BadRequirementError)
+      it "does not raise error" do
+        expect(version.match(/^\d+(?:\.\d+)*$/)).to be_truthy
       end
     end
   end
diff --git a/python/spec/dependabot/python/pip_package_manager_spec.rb b/python/spec/dependabot/python/pip_package_manager_spec.rb
index bdd0ccf2982..d3e31c6920b 100644
--- a/python/spec/dependabot/python/pip_package_manager_spec.rb
+++ b/python/spec/dependabot/python/pip_package_manager_spec.rb
@@ -19,11 +19,14 @@
       end
     end
 
-    context "when version is a malformed string" do
-      let(:package_manager) { described_class.new("1.8.3)") }
+    context "when pip version is extracted from pyenv is well formed" do
+      # If this test start failing, you need to adjust the "detect_poetry_version" function
+      # to return a valid version in format x.x, x.x.x etc. examples: 3.12.5, 3.12
+      version = Dependabot::SharedHelpers.run_shell_command("pyenv exec pip -V")
+                                         .split("from").first&.split("pip")&.last&.strip.to_s
 
-      it "raises error" do
-        expect { package_manager.version }.to raise_error(Dependabot::BadRequirementError)
+      it "does not raise error" do
+        expect(version.match(/^\d+(?:\.\d+)*$/)).to be_truthy
       end
     end
   end