Package org.openrewrite.python.trait

Interface PythonDependencyFile

All Superinterfaces:
org.openrewrite.trait.Trait<org.openrewrite.SourceFile>
All Known Implementing Classes:
PipfileFile, PyProjectFile, RequirementsFile
public interface PythonDependencyFile extends org.openrewrite.trait.Trait<org.openrewrite.SourceFile>
Trait for Python dependency files (pyproject.toml, requirements.txt, etc.). Use PyProjectHelper.extractPackageName(String) for PEP 508 package name extraction.

  • Method Details

    • getMarker

      PythonResolutionResult getMarker()

    • withUpgradedVersions

      PythonDependencyFile withUpgradedVersions(Map<String,String> upgrades, @Nullable String scope, @Nullable String groupName)
      Upgrade version constraints for dependencies in the specified scope.
      Parameters:
      upgrades - package name → new version
      scope - the scope to upgrade in, or null to upgrade in all scopes
      groupName - required for "project.optional-dependencies" or "dependency-groups"

    • withAddedDependencies

      PythonDependencyFile withAddedDependencies(Map<String,String> additions, @Nullable String scope, @Nullable String groupName)
      Add dependencies to the specified scope.
      Parameters:
      additions - package name → version constraint (e.g. "2.0" or ">=2.0")
      scope - the TOML scope (e.g. "project.optional-dependencies", "dependency-groups"), or null for the default ([project].dependencies)
      groupName - required when scope is "project.optional-dependencies" or "dependency-groups", otherwise null

    • withPinnedTransitiveDependencies

      PythonDependencyFile withPinnedTransitiveDependencies(Map<String,String> pins, @Nullable String scope, @Nullable String groupName)
      Pin transitive dependencies using the strategy appropriate for this file's package manager. For pyproject.toml: uv uses [tool.uv].constraint-dependencies, PDM uses [tool.pdm.overrides], and other managers add a direct dependency. For requirements.txt: appends the dependency.
      Parameters:
      pins - package name → version constraint
      scope - the scope to look for transitive dependencies in, or null to search all scopes
      groupName - required for "project.optional-dependencies" or "dependency-groups"

    • withRemovedDependencies

      PythonDependencyFile withRemovedDependencies(Set<String> packageNames, @Nullable String scope, @Nullable String groupName)
      Remove dependencies from the specified scope.
      Parameters:
      packageNames - package names to remove
      scope - the scope to remove from, or null to remove from all scopes
      groupName - required for "project.optional-dependencies" or "dependency-groups"

    • withChangedDependency

      PythonDependencyFile withChangedDependency(String oldPackageName, String newPackageName, @Nullable String newVersion, @Nullable String scope, @Nullable String groupName)
      Change a dependency to a different package.
      Parameters:
      oldPackageName - the current package name
      newPackageName - the new package name
      newVersion - optional new version constraint, or null to preserve the original
      scope - the scope to change in, or null to change in all scopes
      groupName - required for "project.optional-dependencies" or "dependency-groups"

    • withDependencySearchMarkers

      PythonDependencyFile withDependencySearchMarkers(Map<String,String> packageMessages, @Nullable String scope, @Nullable String groupName, org.openrewrite.ExecutionContext ctx)
      Add search result markers for vulnerable dependencies.
      Parameters:
      packageMessages - package name → vulnerability description message
      scope - the scope to search in, or null to search all scopes
      groupName - required for "project.optional-dependencies" or "dependency-groups"

    • afterModification

      default org.openrewrite.SourceFile afterModification(org.openrewrite.ExecutionContext ctx)
      Post-process the modified source file, e.g. regenerate lock files. Called by recipes after a trait method modifies the tree. The default implementation returns the tree unchanged.
      Parameters:
      ctx - the execution context
      Returns:
      the post-processed source file

    • rewritePep508Spec

      static String rewritePep508Spec(String spec, String packageName, String newVersion)
      Rewrite a PEP 508 dependency spec with a new version constraint. Preserves extras and environment markers. The version is normalized via PyProjectHelper.normalizeVersionConstraint(String), so both "2.31.0" and ">=2.31.0" are accepted.

    • getByNormalizedName

      static @Nullable String getByNormalizedName(Map<String,String> map, String name)
      Look up a value in a map by normalizing the lookup key per PEP 503. This allows callers to pass non-normalized package names.

    • updateResolvedVersions

      static PythonResolutionResult updateResolvedVersions(PythonResolutionResult marker, Map<String,String> versionUpdates)
      Update the resolved dependency versions in a marker to reflect version changes. Returns the same marker if no changes were needed.