Merge pull request LykosAI#1561 from e-nord/fix-pip-show-results-crash

mohnjiles · web-flow · commit 2598d69ca484 · 2026-03-01T13:24:31.000-08:00
Fix: Avoid duplicate pip package entries in results
diff --git a/StabilityMatrix.Core/Python/PipShowResult.cs b/StabilityMatrix.Core/Python/PipShowResult.cs
@@ -45,16 +45,39 @@ public static PipShowResult Parse(string output)
             lines.RemoveRange(indexOfLicense, indexOfLocation - indexOfLicense);
         }
 
-        var linesDict = lines
-            .Select(line => line.Split(':', 2))
-            .Where(split => split.Length == 2)
-            .Select(split => new KeyValuePair<string, string>(split[0].Trim(), split[1].Trim()))
-            .ToDictionary(pair => pair.Key, pair => pair.Value);
+        var linesDict = new Dictionary<string, string>();
+        foreach (var line in lines)
+        {
+            var split = line.Split(':', 2);
+            if (split.Length != 2)
+                continue;
+
+            var key = split[0].Trim();
+            var value = split[1].Trim();
+
+            if (key == "Name" && linesDict.ContainsKey("Name"))
+            {
+                // We've hit a new package, so stop parsing
+                break;
+            }
+
+            linesDict.TryAdd(key, value);
+        }
+
+        if (!linesDict.TryGetValue("Name", out var name))
+        {
+            throw new FormatException("The 'Name' key was not found in the pip show output.");
+        }
+
+        if (!linesDict.TryGetValue("Version", out var version))
+        {
+            throw new FormatException("The 'Version' key was not found in the pip show output.");
+        }
 
         return new PipShowResult
         {
-            Name = linesDict["Name"],
-            Version = linesDict["Version"],
+            Name = name,
+            Version = version,
             Summary = linesDict.GetValueOrDefault("Summary"),
             HomePage = linesDict.GetValueOrDefault("Home-page"),
             Author = linesDict.GetValueOrDefault("Author"),
@@ -68,7 +91,7 @@ public static PipShowResult Parse(string output)
             RequiredBy = linesDict
                 .GetValueOrDefault("Required-by")
                 ?.Split(',', StringSplitOptions.TrimEntries)
-                .ToList()
+                .ToList(),
         };
     }
 
diff --git a/StabilityMatrix.Tests/Core/PipShowResultsTests.cs b/StabilityMatrix.Tests/Core/PipShowResultsTests.cs
@@ -0,0 +1,184 @@
+using System.IO;
+using System.Threading.Tasks;
+using Microsoft.VisualStudio.TestTools.UnitTesting;
+using StabilityMatrix.Core.Python;
+
+namespace StabilityMatrix.Tests.Core;
+
+[TestClass]
+public class PipShowResultsTests
+{
+    [TestMethod]
+    public void TestSinglePackage()
+    {
+        var input = """
+            Name: package-a
+            Version: 1.0.0
+            Summary: A test package
+            Home-page: https://example.com
+            Author: John Doe
+            Author-email: john.doe@example.com
+            License: MIT
+            Location: /path/to/package
+            Requires:
+            Required-by:
+            """;
+
+        var result = PipShowResult.Parse(input);
+
+        Assert.IsNotNull(result);
+        Assert.AreEqual("package-a", result.Name);
+        Assert.AreEqual("1.0.0", result.Version);
+        Assert.AreEqual("A test package", result.Summary);
+    }
+
+    [TestMethod]
+    public void TestMultiplePackages()
+    {
+        var input = """
+            Name: package-a
+            Version: 1.0.0
+            Summary: A test package
+            Home-page: https://example.com
+            Author: John Doe
+            Author-email: john.doe@example.com
+            License: MIT
+            Location: /path/to/package
+            Requires:
+            Required-by:
+            ---
+            Name: package-b
+            Version: 2.0.0
+            Summary: Another test package
+            Home-page: https://example.com
+            Author: Jane Doe
+            Author-email: jane.doe@example.com
+            License: Apache-2.0
+            Location: /path/to/another/package
+            Requires: package-a
+            Required-by:
+            """;
+
+        var result = PipShowResult.Parse(input);
+
+        Assert.IsNotNull(result);
+        Assert.AreEqual("package-a", result.Name);
+        Assert.AreEqual("1.0.0", result.Version);
+        Assert.AreNotEqual("package-b", result.Name);
+    }
+
+    [TestMethod]
+    public void TestMalformedPackage()
+    {
+        var input = """
+            Name: package-a
+            Version: 1.0.0
+            Summary A test package
+            Home-page: https://example.com
+            Author: John Doe
+            Author-email: john.doe@example.com
+            License: MIT
+            Location: /path/to/package
+            Requires:
+            Required-by:
+            """;
+
+        var result = PipShowResult.Parse(input);
+
+        Assert.IsNotNull(result);
+        Assert.AreEqual("package-a", result.Name);
+        Assert.AreEqual("1.0.0", result.Version);
+        Assert.IsNull(result.Summary);
+    }
+
+    [TestMethod]
+    public void TestMultiLineLicense()
+    {
+        var input = """
+            Name: package-a
+            Version: 1.0.0
+            Summary: A test package
+            Home-page: https://example.com
+            Author: John Doe
+            Author-email: john.doe@example.com
+            License: The MIT License (MIT)
+
+                     Copyright (c) 2015 John Doe
+
+                     Permission is hereby granted, free of charge, to any person obtaining a copy
+                     of this software and associated documentation files (the "Software"), to deal
+                     in the Software without restriction, including without limitation the rights
+                     to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+                     copies of the Software, and to permit persons to whom the Software is
+                     furnished to do so, subject to the following conditions:
+
+                     The above copyright notice and this permission notice shall be included in all
+                     copies or substantial portions of the Software.
+
+                     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+                     IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+                     FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+                     AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+                     LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+                     OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+                     SOFTWARE.
+            Location: /path/to/package
+            Requires:
+            Required-by:
+            """;
+
+        var result = PipShowResult.Parse(input);
+
+        Assert.IsNotNull(result);
+        Assert.AreEqual("package-a", result.Name);
+        Assert.AreEqual("1.0.0", result.Version);
+        Assert.IsTrue(result.License?.StartsWith("License: The MIT License (MIT)"));
+    }
+
+    /// <summary>
+    /// This test simulates the input that caused the crash reported in Sentry issue b125504f.
+    /// The old implementation of PipShowResult.Parse used ToDictionary, which would throw an
+    /// ArgumentException if the input contained multiple packages, as the "Name" key would be
+    /// duplicated. The new implementation uses a foreach loop and TryAdd to prevent this crash.
+    /// </summary>
+    [TestMethod]
+    public void TestDuplicatePackageNameInOutput()
+    {
+        var input = """
+            Name: package-a
+            Version: 1.0.0
+            Summary: A test package
+            Home-page: https://example.com
+            Author: John Doe
+            Author-email: john.doe@example.com
+            License: MIT
+            Location: /path/to/package
+            Requires:
+            Required-by:
+            ---
+            Name: package-a
+            Version: 1.0.0
+            Summary: A test package
+            Home-page: https://example.com
+            Author: John Doe
+            Author-email: john.doe@example.com
+            License: MIT
+            Location: /path/to/package
+            Requires:
+            Required-by:
+            """;
+
+        var result = PipShowResult.Parse(input);
+
+        Assert.IsNotNull(result);
+        Assert.AreEqual("package-a", result.Name);
+        Assert.AreEqual("1.0.0", result.Version);
+    }
+
+    [TestMethod]
+    public void TestEmptyInputThrowsFormatException()
+    {
+        var input = "";
+        Assert.ThrowsException<FormatException>(() => PipShowResult.Parse(input));
+    }
+}
