From 087c54eb82b0bc85ba21deb78e29324540f88c10 Mon Sep 17 00:00:00 2001
From: Zvi Grinberg <zgrinber@redhat.com>
Date: Tue, 31 Oct 2023 11:32:22 +0200
Subject: [PATCH] fix: for python - MATCH_MANIFEST_VERSIONS process only for
 installed packages

Signed-off-by: Zvi Grinberg <zgrinber@redhat.com>
---
 src/providers/python_controller.js | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/providers/python_controller.js b/src/providers/python_controller.js
index 449d42e..81119af 100644
--- a/src/providers/python_controller.js
+++ b/src/providers/python_controller.js
@@ -158,6 +158,8 @@ export default class Python_controller {
 				throw new Error('fail invoking pip show to fetch all installed dependencies metadata --> ' + err.message)
 			}
 		}).toString();
+		//debug
+		// pipShowOutput = "alternative pip show output goes here for debugging"
 		let allPipShowDeps = pipShowOutput.split( EOL +"---" + EOL);
 		let matchManifestVersions = getCustom("MATCH_MANIFEST_VERSIONS","true",this.options);
 		let linesOfRequirements = fs.readFileSync(this.pathToRequirements).toString().split(EOL).filter( (line) => !line.startsWith("#")).map(line => line.trim())
@@ -186,10 +188,14 @@ export default class Python_controller {
 						manifestVersion = manifestVersion.substring(0,hashCharIndex)
 					}
 					dependencyName = getDependencyName(dep)
-					installedVersion = getDependencyVersion(CachedEnvironmentDeps[dependencyName.toLowerCase()])
-					if(manifestVersion.trim() !== installedVersion.trim())
-					{
-						throw new Error(`Can't continue with analysis - versions mismatch for dependency name ${dependencyName}, manifest version=${manifestVersion}, installed Version=${installedVersion}, if you want to allow version mismatch for analysis between installed and requested packages, set environment variable/setting - MATCH_MANIFEST_VERSIONS=false`)
+					// only compare between declared version in manifest to installed version , if the package is installed.
+					if(CachedEnvironmentDeps[dependencyName.toLowerCase()] !== undefined) {
+						installedVersion = getDependencyVersion(CachedEnvironmentDeps[dependencyName.toLowerCase()])
+					}
+					if(installedVersion) {
+						if (manifestVersion.trim() !== installedVersion.trim()) {
+							throw new Error(`Can't continue with analysis - versions mismatch for dependency name ${dependencyName}, manifest version=${manifestVersion}, installed Version=${installedVersion}, if you want to allow version mismatch for analysis between installed and requested packages, set environment variable/setting - MATCH_MANIFEST_VERSIONS=false`)
+						}
 					}
 
 				}