dependabot-python 0.107.15 → 0.107.16

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5ffebfaceb07f5bf94da0ded93fdda43739fef731ca3b9ff82c7f39fb702fcc7
-  data.tar.gz: dd1d31548c650f25fdecf3199288ead3fdee49fa7a19fce57ff2b7d1a728ef39
+  metadata.gz: cf5ae0d63ffafdb1b009b5b0979fc06de616d6796ba3adfd250668e14ebf72dd
+  data.tar.gz: 76324145714e3b3357129fa9f69b3c10e22ce743101f6a2960104908a25662f0
 SHA512:
-  metadata.gz: 2db790058faba2f8d3d67842d642598209380bcc216f257ef0a42d82db3ba100a49c4a1c4a6513aefd6fe44dade4ecb45f2a104da99ceca9a4d591eea54f292e
-  data.tar.gz: 6acbe2f5e0a838d1d54100a01683a25348da08289206db9c93e61a9098f3732e58cd77ad0e8aa8341a0559b0df19b1fd6b43e7f2effbedc3f05adcbf1cae8eae
+  metadata.gz: 47c9a78408b34a690323f84832f4fd943666afc8a30b08a632df37e91a9fb1e234d4420d97ae5ce2bb24eb897c3e5aa55189f4721cee7f575733c6052c2e8dcc
+  data.tar.gz: 2c42a89658e0c45a7c5eabc287349b4ccfcf50fda16b13d14aca5aaf484b78dab0b503631d1675a9cf186923b89c54f7f86b01ae569d8e6d6403178f134c2d9b

data/lib/dependabot/python/file_updater/poetry_file_updater.rb

@@ -180,9 +180,7 @@ module Dependabot
                                  "#{NativeHelpers.python_requirements_path}")
             end
 
-            run_poetry_command(
-              "pyenv exec poetry update #{dependency.name} --lock"
-            )
+            run_poetry_command(poetry_update_command)
 
             return File.read("poetry.lock") if File.exist?("poetry.lock")
 
@@ -190,6 +188,12 @@ module Dependabot
           end
         end
 
+        # Using `--lock` avoids doing an install.
+        # Using `--no-interaction` avoids asking for passwords.
+        def poetry_update_command
+          "pyenv exec poetry update #{dependency.name} --lock --no-interaction"
+        end
+
         def run_poetry_command(command)
           start = Time.now
           command = SharedHelpers.escape_command(command)

data/lib/dependabot/python/update_checker/poetry_version_resolver.rb

@@ -78,10 +78,7 @@ module Dependabot
               end
 
               # Shell out to Poetry, which handles everything for us.
-              # Using `--lock` avoids doing an install.
-              run_poetry_command(
-                "pyenv exec poetry update #{dependency.name} --lock"
-              )
+              run_poetry_command(poetry_update_command)
 
               updated_lockfile =
                 if File.exist?("poetry.lock") then File.read("poetry.lock")
@@ -134,15 +131,19 @@ module Dependabot
           raise
         end
 
+        # Using `--lock` avoids doing an install.
+        # Using `--no-interaction` avoids asking for passwords.
+        def poetry_update_command
+          "pyenv exec poetry update #{dependency.name} --lock --no-interaction"
+        end
+
         def check_original_requirements_resolvable
           return @original_reqs_resolvable if @original_reqs_resolvable
 
           SharedHelpers.in_a_temporary_directory do
             write_temporary_dependency_files(update_pyproject: false)
 
-            run_poetry_command(
-              "pyenv exec poetry update #{dependency.name} --lock"
-            )
+            run_poetry_command(poetry_update_command)
 
             @original_reqs_resolvable = true
           rescue SharedHelpers::HelperSubprocessFailed => e

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.107.15
+  version: 0.107.16
 platform: ruby
 authors:
 - Dependabot
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.15
+        version: 0.107.16
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.15
+        version: 0.107.16
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement