Documented optional graphviz dependency and removed use of os.system() in draw_graph#2287
Merged
Conversation
Contributor
Author
|
This perhaps should be two separate PRs? I can re-do the PR if needed. |
ConradJohnston
force-pushed
the
fix_835_graph_generation_does_not_work_without_graphviz
branch
from
97dcc76 to
da981f1
Compare
Contributor
|
I am happy with it being a single PR. There are two nice commits to go with it 👍 |
sphuber
previously approved these changes
Dec 4, 2018
The use of verdi graph to generate a plot of part of the provenance graph requires the graphviz package, which was not documented other than in the source code. This commit increases the visibility of this dependency in the docs.
- Replaces the use of os.system in aiida.common.graph with subprocess.call The former was dangerous as it was passed arguments directly from the cmdline via verdi graph and so would execute and valid shell string, The solution is to use subprocess.call() which sanitises the input automatically. - Also prints a more usful message if graphviz is possibly not installed.
sphuber
force-pushed
the
fix_835_graph_generation_does_not_work_without_graphviz
branch
from
3ab67ee to
4bddfe7
Compare
sphuber
approved these changes
Dec 4, 2018
This was referenced Dec 4, 2018
ConradJohnston
deleted the
fix_835_graph_generation_does_not_work_without_graphviz
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #835 and #2285.
The use of verdi graph to generate a plot of part of the provenance graph requires the graphviz package, which was not documented other than in the source code. This pull request increases the visibility of this dependency in the docs and adds a more human-parsable error message suggest when it could be the case that graphviz is not installed.
Also replaces the use of os.system() in aiida.common.graph with subprocess.call to prevent shell script from being injected via verdi graph generate.