Skip to content

feat(version-scanner): implement targeted namespaced ignore pragmas#17540

Draft
chalmerlowe wants to merge 1 commit into
feat/version-scanner-pr2from
feat/version-scanner-pr3
Draft

feat(version-scanner): implement targeted namespaced ignore pragmas#17540
chalmerlowe wants to merge 1 commit into
feat/version-scanner-pr2from
feat/version-scanner-pr3

Conversation

@chalmerlowe

@chalmerlowe chalmerlowe commented Jun 23, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This PR implements ignore pragmas to allow granular and self-expiring ignores:

# version-scanner: ignore-rule=rule_name:version

Examples:
Imagine searching for "Python 3.7". We have a variety of rules to cover multiple circumstances. One rule matches solely on the version number (e.g. "3.7" in case the reference is an edge case not covered by other rules).

Thus if we find "3.7" in a situation unrelated to Python, we will have a false positive such as this:
matplotlib==3.7.2

We can flag a line like this to be ignored under the specific rule explicit_version_string so that it does not trigger a false positive in the future.

matplotlib==3.7.2 # version-scanner: ignore-rule=explicit_version_string:3.7

NOTE: if instead of Python, we were to search for "matplotlib 3.7.2" because this pragma is specific to a rule and a version number this line would be caught under a different rule: specifically: the dependency_requirement rule:

dependency_requirement rules apply when you search for a specific dependency that is not Python. Here are some lines that would be assessed against dependency specific rules.
matplotlib==3.7.2
protobuf==2.48.5
requests==4.3.1

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Jun 23, 2026
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds support for targeted rule ignoring in the version scanner using the version-scanner: ignore-rule=<rule_name>:<version> pragma, along with corresponding unit tests. Feedback was provided to convert the version value to a string before calling re.escape to avoid potential runtime TypeError exceptions if a non-string version (such as a float or integer) is specified in the rule configuration.

Comment thread scripts/version_scanner/version_scanner.py
@chalmerlowe chalmerlowe marked this pull request as ready for review June 23, 2026 15:07
@chalmerlowe chalmerlowe requested a review from a team as a code owner June 23, 2026 15:07
@chalmerlowe chalmerlowe force-pushed the feat/version-scanner-pr2 branch from 04f3d2d to 69e81ab Compare June 23, 2026 15:21
@chalmerlowe chalmerlowe force-pushed the feat/version-scanner-pr3 branch from 64367eb to 23b8ef3 Compare June 23, 2026 15:21
@chalmerlowe chalmerlowe force-pushed the feat/version-scanner-pr2 branch from 69e81ab to 111c152 Compare June 23, 2026 15:31
@chalmerlowe chalmerlowe force-pushed the feat/version-scanner-pr3 branch from 23b8ef3 to 031be67 Compare June 23, 2026 15:31
@chalmerlowe chalmerlowe force-pushed the feat/version-scanner-pr2 branch from 111c152 to 055975c Compare June 23, 2026 15:57
@chalmerlowe chalmerlowe force-pushed the feat/version-scanner-pr3 branch from 031be67 to 8abd504 Compare June 23, 2026 15:58
@chalmerlowe chalmerlowe marked this pull request as draft June 23, 2026 16:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chalmerlowe