Remove the dependencies on pip internal for wheel matching

tdruez · tdruez · commit 56e817b645c4 · 2019-01-02T09:03:59.000-07:00
Signed-off-by: Thomas Druez &lt;tdruez@nexb.com&gt;
diff --git a/src/packageurl/contrib/url2purl.py b/src/packageurl/contrib/url2purl.py
@@ -38,9 +38,6 @@
     from urllib.parse import urlparse  # Python 3
     from urllib.parse import unquote_plus
 
-from pip._internal.wheel import Wheel
-from pip._internal.exceptions import InvalidWheelFilename
-
 from packageurl import PackageURL
 from packageurl.contrib.route import Router
 from packageurl.contrib.route import NoRouteAvailable
@@ -187,25 +184,39 @@ def build_rubygems_purl(uri):
     return purl_from_pattern('rubygems', rubygems_pattern, uri)
 
 
-# https://pypi.python.org/packages/source/p/python-openid/python-openid-2.2.5.zip
+# https://pypi.python.org/packages/source/a/anyjson/anyjson-0.3.3.tar.gz
 pypi_pattern = (
     r"(?P<name>.+)-(?P<version>.+)"
-    r"\.(zip|tar.gz|tar.bz2)$"
+    r"\.(zip|tar.gz|tar.bz2|.tgz)$"
+)
+
+# This pattern can be found in the following locations:
+# - wheel.wheelfile.WHEEL_INFO_RE
+# - distlib.wheel.FILENAME_RE
+# - setuptools.wheel.WHEEL_NAME
+# - pip._internal.wheel.Wheel.wheel_file_re
+wheel_file_re = re.compile(
+    r"^(?P<namever>(?P<name>.+?)-(?P<version>.*?))"
+    r"((-(?P<build>\d[^-]*?))?-(?P<pyver>.+?)-(?P<abi>.+?)-(?P<plat>.+?)"
+    r"\.whl)$",
+    re.VERBOSE
 )
 
 
-@purl_router.route('https?://pypi.python.org/packages/.*')
+@purl_router.route('https?://.+python.+org/packages/.*')
 def build_pypi_purl(uri):
     path = unquote_plus(urlparse(uri).path)
     last_segment = path.split('/')[-1]
 
-    # https://pypi.python.org/packages/py2.py3/w/wheel/wheel-0.29.0-py2.py3-none-any.whl
+    # /wheel-0.29.0-py2.py3-none-any.whl
     if last_segment.endswith('.whl'):
-        try:
-            wheel = Wheel(last_segment)
-        except InvalidWheelFilename:
-            return
-        return PackageURL('pypi', name=wheel.name, version=wheel.version)
+        match = wheel_file_re.match(last_segment)
+        if match:
+            return PackageURL(
+                'pypi',
+                name=match.group('name'),
+                version=match.group('version'),
+            )
 
     return purl_from_pattern('pypi', pypi_pattern, last_segment)
 
diff --git a/tests/contrib/data/url2purl.json b/tests/contrib/data/url2purl.json
@@ -102,6 +102,9 @@
   "https://pypi.python.org/packages/py2.py3/w/wheel/bad-wheel-name-any.whl": null,
   "https://pypi.python.org/packages/py2.py3/w/wheel/wheel-0.29.0-py2.py3-none-any.whl": "pkg:pypi/wheel@0.29.0",
   "https://pypi.python.org/packages/py2.py3/w/wheel/wheel-0.29.0-py2.py3-none-any.whl#md5=d7db45db5c131af262b8ffccde46a88a": "pkg:pypi/wheel@0.29.0",
+  "https://files.pythonhosted.org/packages/87/44/0fa8e9d0cccb8eb86fc1b5170208229dc6d6e9fd6e57ea1fe19cbeea68f5/aboutcode_toolkit-3.4.0rc1-py2.py3-none-any.whl": "pkg:pypi/aboutcode-toolkit@3.4.0rc1",
+  "https://files.pythonhosted.org/packages/7f/cf/12d4611fc67babd4ae250c9e8249c5650ae1933395488e9e7e3562b4ff24/amqp-2.3.2-py2.py3-none-any.whl#sha256=eed41946890cd43e8dee44a316b85cf6fee5a1a34bb4a562b660a358eb529e1b": "pkg:pypi/amqp@2.3.2",
+  "https://pypi.python.org/packages/34/c1/8806f99713ddb993c5366c362b2f908f18269f8d792aff1abfd700775a77/click-6.7-py2.py3-none-any.whl#md5=5e7a4e296b3212da2ff11017675d7a4d": "pkg:pypi/click@6.7",
   "https://pypi.python.org/packages/f6/ae/bbc6a204f33d9d57c798fb3857a072cd14b836792244eea4b446fdb674c6/pycryptodome-3.4.7-cp27-cp27m-win32.whl#md5=78b341de1cd686077745cd9e3a93d8d3": "pkg:pypi/pycryptodome@3.4.7",
   "https://pypi.python.org/packages/bd/e8/ea44ba5357a0b4fd16e5fb60c355fc8722eae31b93d7597eec50f7c35a52/pycryptodome-3.4.7-cp27-cp27m-win_amd64.whl#md5=f20bb847322baf7ae24700e5cbb15e07": "pkg:pypi/pycryptodome@3.4.7",
   "https://pypi.python.org/packages/1e/75/8005d086cac4cc41d3b320d338972c5e5c6a21f88472f21ac9d0e031d300/pyahocorasick-1.1.4.tar.bz2#md5=ad445b6648dc06e9040705ce1ccb4384": "pkg:pypi/pyahocorasick@1.1.4",
