eclipse-velocitas · erikbosch · Aug 2, 2024 · Jul 2, 2024
diff --git a/NOTICE-3RD-PARTY-CONTENT.md b/NOTICE-3RD-PARTY-CONTENT.md
@@ -3,7 +3,7 @@
 ## Python
 | Dependency | Version | License |
 |:-----------|:-------:|--------:|
-|certifi|2024.6.2|Mozilla Public License 2.0|
+|certifi|2024.7.4|Mozilla Public License 2.0|
 |charset-normalizer|3.3.2|MIT|
 |gitdb|4.0.11|BSD|
 |GitPython|3.1.43|New BSD|
@@ -12,9 +12,9 @@
 |requests|2.32.3|Apache 2.0|
 |smmap|5.0.1|BSD|
 |str2bool|1.1|BSD|
-|types-PyYAML|6.0.12.20240311|Apache 2.0|
-|types-requests|2.32.0.20240622|Apache 2.0|
-|types-setuptools|70.1.0.20240625|Apache 2.0|
+|types-PyYAML|6.0.12.20240724|Apache 2.0|
+|types-requests|2.32.0.20240712|Apache 2.0|
+|types-setuptools|71.1.0.20240726|Apache 2.0|
 |urllib3|2.2.2|MIT|
 ## Workflows
 | Dependency | Version | License |

diff --git a/test/lib/test_licensefinder.py b/test/lib/test_licensefinder.py
@@ -25,10 +25,24 @@ def test_execution_python():
         pip_requirements_path="requirements.txt",
     )
 
-    assert len(result) == 2
-    assert result[0].name == "grpcio"
-    assert result[0].version == "1.53.0"
-    assert result[0].licenses == ["Apache 2.0"]
-    assert result[1].name == "six"
-    assert result[1].version == "1.16.0"
-    assert result[1].licenses == ["MIT"]
+    # Two explicit plus two implicit
+    assert len(result) == 4
+
+    # List in alphabetical order
+    # idna required by yarl
+    assert result[0].name == "idna"
+    assert result[0].version == "3.7"
+    assert result[0].licenses == ["BSD"]
+
+    # multidict required by yarl
+    assert result[1].name == "multidict"
+    assert result[1].version == "6.0.5"
+    assert result[1].licenses == ["Apache 2.0"]
+
+    assert result[2].name == "six"
+    assert result[2].version == "1.16.0"
+    assert result[2].licenses == ["MIT"]
+
+    assert result[3].name == "yarl"
+    assert result[3].version == "1.9.4"
+    assert result[3].licenses == ["Apache 2.0"]
diff --git a/test/test_licensevalidator.py b/test/test_licensevalidator.py
@@ -36,8 +36,11 @@ def test_python_with_workflows():
 
     assert "Python" in origin_vs_deps
     python_deps = origin_vs_deps["Python"]
-    assert python_deps[0].name == "grpcio"
-    assert python_deps[1].name == "six"
+    assert len(python_deps) == 4
+    assert python_deps[0].name == "idna"
+    assert python_deps[1].name == "multidict"
+    assert python_deps[2].name == "six"
+    assert python_deps[3].name == "yarl"
 
     assert "Workflows" in origin_vs_deps
     workflow_deps = origin_vs_deps["Workflows"]
@@ -61,8 +64,11 @@ def test_python_without_workflows():
     assert len(origin_vs_deps) == 1
     assert "Python" in origin_vs_deps
     python_deps = origin_vs_deps["Python"]
-    assert python_deps[0].name == "grpcio"
-    assert python_deps[1].name == "six"
+    assert len(python_deps) == 4
+    assert python_deps[0].name == "idna"
+    assert python_deps[1].name == "multidict"
+    assert python_deps[2].name == "six"
+    assert python_deps[3].name == "yarl"
 
 
 def test_python_without_req_files():

diff --git a/testbench/multilang/python-proj/requirements.txt b/testbench/multilang/python-proj/requirements.txt
@@ -1,3 +1,3 @@
-grpcio==1.53.0
+yarl==1.9.4
 coverage2clover
 coveragepy-lcov
diff --git a/testbench/python-with-workflows/my-source/requirements.txt b/testbench/python-with-workflows/my-source/requirements.txt
@@ -1,2 +1,2 @@
-grpcio==1.53.0
+yarl==1.9.4
 six==1.16.0
diff --git a/testbench/python-with-workflows/whitelist.txt b/testbench/python-with-workflows/whitelist.txt
@@ -1,2 +1,3 @@
 Apache 2.0
 MIT
+BSD
diff --git a/testbench/python-without-workflows/src/requirements.txt b/testbench/python-without-workflows/src/requirements.txt
@@ -1,2 +1,2 @@
-grpcio==1.53.0
+yarl==1.9.4
 six==1.16.0
diff --git a/testbench/python-without-workflows/whitelist.txt b/testbench/python-without-workflows/whitelist.txt
@@ -1,2 +1,3 @@
 Apache 2.0
 MIT
+BSD