Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

python-inspector cannot analyze s5cmd package due to IOException: error=2, No such file or directory #9254

Open
bennati opened this issue Oct 8, 2024 · 7 comments
Labels
analyzer About the analyzer tool bug Issues that are considered to be bugs docker About Docker topics help wanted An issue where third-party help is wanted on

Comments

@bennati
Copy link
Contributor

bennati commented Oct 8, 2024

When scanning the repository https://github.com/peak/s5cmd/tree/v2.2.2

The analyzer throws the error:
ERROR org.ossreviewtoolkit.plugins.packagemanagers.python.Pip - Unable to determine dependencies for definition file '/builds/oss/oss-review-toolkit/ort-gitlab-ci/project/vendor/github.com/urfave/cli/v2/mkdocs-requirements.txt': IOException: Cannot run program "python-inspector" (in directory "/builds/oss/oss-review-toolkit/ort-gitlab-ci/project/vendor/github.com/urfave/cli/v2"): error=2, No such file or directory Caused by: IOException: error=2, No such file or directory

Tested with ORT 27.0.0, 29.1.0, 32.1.0

@bennati bennati added bug Issues that are considered to be bugs to triage Issues that need triaging labels Oct 8, 2024
@sschuberth
Copy link
Member

Are you using the Docker image? Could be related to the notes mentioned here, so please try with ORT 33.1.0.

@sschuberth sschuberth added analyzer About the analyzer tool needs info An issue where further information is required and removed to triage Issues that need triaging labels Oct 8, 2024
@bennati
Copy link
Contributor Author

bennati commented Oct 8, 2024

It's not related: I see the same issue also with 27.0.0

@sschuberth
Copy link
Member

It's not related: I see the same issue also with 27.0.0

That should be irrelevant. Only ORT 33.1.0 and above contain the fix to pin the setuptools version. I.e. the issue might be caused by a new version of a requirement of python-inspector, not by some change in an ORT version.

@bennati
Copy link
Contributor Author

bennati commented Oct 23, 2024

I tested with version 6bb98df and the error is still there.
P.s. we build the docker image ourselves

@sschuberth sschuberth added help wanted An issue where third-party help is wanted on docker About Docker topics and removed needs info An issue where further information is required labels Oct 23, 2024
@sschuberth
Copy link
Member

While I can't reproduce this locally, I can when using the Docker image. Anyway, I guess it's not python-inspector itself than cannot be found, but some dependency of it. I currently don't have time to investigate this further.

@sschuberth
Copy link
Member

Anyway, I guess it's not python-inspector itself than cannot be found, but some dependency of it.

Guessing further, I believe the "thing" that cannot be found is something that gets called from the s5cmd project's setup.py script as we run python-inspector by default with --analyze-setup-py-insecurely. So a work-around could be to disable this via the respective package manager option.

Could you please give that a try, @bennati?

@sschuberth sschuberth changed the title IOException: Cannot run program "python-inspector" python-inspector cannot analyze s5cmd package due to IOException: error=2, No such file or directory Nov 26, 2024
@bennati
Copy link
Contributor Author

bennati commented Nov 28, 2024

I tried adding the following to the global config, but the error persists

  analyzer:
    packageManagers:
      Pip:
        options:
          analyzeSetupPyInsecurely: false

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
analyzer About the analyzer tool bug Issues that are considered to be bugs docker About Docker topics help wanted An issue where third-party help is wanted on
Projects
None yet
Development

No branches or pull requests

2 participants