dependabot-python 0.104.2 → 0.104.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/python/update_checker.rb +5 -5
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 702c5c5750288484136775804d047bc867655a405140c1fcd2c0b554e74fe579
|
|
4
|
+
data.tar.gz: 7d9c5035f14967cf1cd4eb8b57482c8abd3f2913c4a044409994962468f63550
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a2205963216400d9484557b7cfc0d928c5dabec6612cef1296b6185a8af95d56035277c707e8deba9411c57f2850e6f1f2eddf7d0787ae933dec4042f5522024
|
|
7
|
+
data.tar.gz: f77d2cfcc4fe7534f07886a146cc0d81eac5bf00107cc00db26223d88042042da1c2b09ef55e1a3858c8f399bf52442739a05bfe8299c80d4ea3cac6ab2b5b75
|
|
@@ -30,7 +30,7 @@ module Dependabot
|
|
|
30
30
|
def latest_resolvable_version
|
|
31
31
|
@latest_resolvable_version ||=
|
|
32
32
|
case resolver_type
|
|
33
|
-
when :
|
|
33
|
+
when :pipenv
|
|
34
34
|
pipenv_version_resolver.latest_resolvable_version
|
|
35
35
|
when :poetry
|
|
36
36
|
poetry_version_resolver.latest_resolvable_version
|
|
@@ -48,7 +48,7 @@ module Dependabot
|
|
|
48
48
|
def latest_resolvable_version_with_no_unlock
|
|
49
49
|
@latest_resolvable_version_with_no_unlock ||=
|
|
50
50
|
case resolver_type
|
|
51
|
-
when :
|
|
51
|
+
when :pipenv
|
|
52
52
|
pipenv_version_resolver(
|
|
53
53
|
unlock_requirement: false
|
|
54
54
|
).latest_resolvable_version
|
|
@@ -73,7 +73,7 @@ module Dependabot
|
|
|
73
73
|
case resolver_type
|
|
74
74
|
when :requirements
|
|
75
75
|
latest_version_finder.lowest_security_fix_version
|
|
76
|
-
when :
|
|
76
|
+
when :pipenv, :poetry, :pip_compile
|
|
77
77
|
# TODO: Handle package managers with a resolvability concept
|
|
78
78
|
latest_resolvable_version
|
|
79
79
|
else raise "Unexpected resolver type #{resolver_type}"
|
|
@@ -127,7 +127,7 @@ module Dependabot
|
|
|
127
127
|
|
|
128
128
|
# Otherwise, this is a top-level dependency, and we can figure out
|
|
129
129
|
# which resolver to use based on the filename of its requirements
|
|
130
|
-
return :
|
|
130
|
+
return :pipenv if req_files.any? { |f| f == "Pipfile" }
|
|
131
131
|
return :poetry if req_files.any? { |f| f == "pyproject.toml" }
|
|
132
132
|
return :pip_compile if req_files.any? { |f| f.end_with?(".in") }
|
|
133
133
|
|
|
@@ -140,7 +140,7 @@ module Dependabot
|
|
|
140
140
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
141
141
|
|
|
142
142
|
def subdependency_resolver
|
|
143
|
-
return :
|
|
143
|
+
return :pipenv if pipfile_lock
|
|
144
144
|
return :poetry if poetry_lock || pyproject_lock
|
|
145
145
|
return :pip_compile if pip_compile_files.any?
|
|
146
146
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.104.
|
|
4
|
+
version: 0.104.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.104.
|
|
19
|
+
version: 0.104.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.104.
|
|
26
|
+
version: 0.104.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|