dependabot-python 0.107.16 → 0.107.18

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cf5ae0d63ffafdb1b009b5b0979fc06de616d6796ba3adfd250668e14ebf72dd
-  data.tar.gz: 76324145714e3b3357129fa9f69b3c10e22ce743101f6a2960104908a25662f0
+  metadata.gz: bdf74b2a4921285cf23bd3f0a3fb890afd61b541d8185d3cd055407bbac5dd2f
+  data.tar.gz: 4219acc252b78bcf2e7bd139e22ef19853a2968a53ce4bcd03299bcc65e9b0eb
 SHA512:
-  metadata.gz: 47c9a78408b34a690323f84832f4fd943666afc8a30b08a632df37e91a9fb1e234d4420d97ae5ce2bb24eb897c3e5aa55189f4721cee7f575733c6052c2e8dcc
-  data.tar.gz: 2c42a89658e0c45a7c5eabc287349b4ccfcf50fda16b13d14aca5aaf484b78dab0b503631d1675a9cf186923b89c54f7f86b01ae569d8e6d6403178f134c2d9b
+  metadata.gz: 8177a5aef2b5a3eecd0cc0b9e22b6dc5c962da6b0f454d086de480fedb1b2f4775649f38821ba256959380321781dcc1aaf159e6579afdb043a51da988d3941f
+  data.tar.gz: ecbea9c2f953a8f0ff0e6bbfce7421015f0abd65fb45a44a92282b40d8e83f4b7a0ae4604774334aa3b6330ae16b589cedee0c68269116ace4fed07ac4388e66

data/lib/dependabot/python/file_updater/poetry_file_updater.rb

@@ -9,6 +9,7 @@ require "dependabot/python/python_versions"
 require "dependabot/python/file_updater"
 require "dependabot/python/native_helpers"
 
+# rubocop:disable Metrics/ClassLength
 module Dependabot
   module Python
     class FileUpdater
@@ -172,19 +173,21 @@ module Dependabot
 
         def updated_lockfile_content_for(pyproject_content)
           SharedHelpers.in_a_temporary_directory do
-            write_temporary_dependency_files(pyproject_content)
+            SharedHelpers.with_git_configured(credentials: credentials) do
+              write_temporary_dependency_files(pyproject_content)
 
-            if python_version && !pre_installed_python?(python_version)
-              run_poetry_command("pyenv install -s #{python_version}")
-              run_poetry_command("pyenv exec pip install -r"\
-                                 "#{NativeHelpers.python_requirements_path}")
-            end
+              if python_version && !pre_installed_python?(python_version)
+                run_poetry_command("pyenv install -s #{python_version}")
+                run_poetry_command("pyenv exec pip install -r"\
+                                   "#{NativeHelpers.python_requirements_path}")
+              end
 
-            run_poetry_command(poetry_update_command)
+              run_poetry_command(poetry_update_command)
 
-            return File.read("poetry.lock") if File.exist?("poetry.lock")
+              return File.read("poetry.lock") if File.exist?("poetry.lock")
 
-            File.read("pyproject.lock")
+              File.read("pyproject.lock")
+            end
           end
         end
 
@@ -274,12 +277,14 @@ module Dependabot
 
         def pyproject_hash_for(pyproject_content)
           SharedHelpers.in_a_temporary_directory do |dir|
-            File.write(File.join(dir, "pyproject.toml"), pyproject_content)
-            SharedHelpers.run_helper_subprocess(
-              command: "pyenv exec python #{NativeHelpers.python_helper_path}",
-              function: "get_pyproject_hash",
-              args: [dir]
-            )
+            SharedHelpers.with_git_configured(credentials: credentials) do
+              File.write(File.join(dir, "pyproject.toml"), pyproject_content)
+              SharedHelpers.run_helper_subprocess(
+                command: "pyenv exec python #{python_helper_path}",
+                function: "get_pyproject_hash",
+                args: [dir]
+              )
+            end
           end
         end
 
@@ -319,6 +324,10 @@ module Dependabot
           @lockfile ||= pyproject_lock || poetry_lock
         end
 
+        def python_helper_path
+          NativeHelpers.python_helper_path
+        end
+
         def pyproject_lock
           dependency_files.find { |f| f.name == "pyproject.lock" }
         end
@@ -338,3 +347,4 @@ module Dependabot
     end
   end
 end
+# rubocop:enable Metrics/ClassLength

data/lib/dependabot/python/update_checker/index_finder.rb

@@ -56,11 +56,11 @@ module Dependabot
           urls = { main: nil, extra: [] }
 
           requirements_files.each do |file|
-            if file.content.match?(/^--index-url\s(.+)/)
+            if file.content.match?(/^--index-url\s([^\s]+)/)
               urls[:main] =
-                file.content.match(/^--index-url\s(.+)/).captures.first
+                file.content.match(/^--index-url\s([^\s]+)/).captures.first
             end
-            urls[:extra] += file.content.scan(/^--extra-index-url\s(.+)/).
+            urls[:extra] += file.content.scan(/^--extra-index-url\s([^\s]+)/).
                             flatten
           end
 

data/lib/dependabot/python/update_checker/poetry_version_resolver.rb

@@ -61,6 +61,7 @@ module Dependabot
 
         private
 
+        # rubocop:disable Metrics/MethodLength
         def fetch_latest_resolvable_version_string(requirement:)
           @latest_resolvable_version_string ||= {}
           if @latest_resolvable_version_string.key?(requirement)
@@ -69,28 +70,33 @@ module Dependabot
 
           @latest_resolvable_version_string[requirement] ||=
             SharedHelpers.in_a_temporary_directory do
-              write_temporary_dependency_files(updated_req: requirement)
-
-              if python_version && !pre_installed_python?(python_version)
-                run_poetry_command("pyenv install -s #{python_version}")
-                run_poetry_command("pyenv exec pip install -r "\
-                                   "#{NativeHelpers.python_requirements_path}")
-              end
+              SharedHelpers.with_git_configured(credentials: credentials) do
+                write_temporary_dependency_files(updated_req: requirement)
+
+                if python_version && !pre_installed_python?(python_version)
+                  run_poetry_command("pyenv install -s #{python_version}")
+                  run_poetry_command(
+                    "pyenv exec pip install -r "\
+                    "#{NativeHelpers.python_requirements_path}"
+                  )
+                end
 
-              # Shell out to Poetry, which handles everything for us.
-              run_poetry_command(poetry_update_command)
+                # Shell out to Poetry, which handles everything for us.
+                run_poetry_command(poetry_update_command)
 
-              updated_lockfile =
-                if File.exist?("poetry.lock") then File.read("poetry.lock")
-                else File.read("pyproject.lock")
-                end
-              updated_lockfile = TomlRB.parse(updated_lockfile)
+                updated_lockfile =
+                  if File.exist?("poetry.lock") then File.read("poetry.lock")
+                  else File.read("pyproject.lock")
+                  end
+                updated_lockfile = TomlRB.parse(updated_lockfile)
 
-              fetch_version_from_parsed_lockfile(updated_lockfile)
-            rescue SharedHelpers::HelperSubprocessFailed => e
-              handle_poetry_errors(e)
+                fetch_version_from_parsed_lockfile(updated_lockfile)
+              rescue SharedHelpers::HelperSubprocessFailed => e
+                handle_poetry_errors(e)
+              end
             end
         end
+        # rubocop:enable Metrics/MethodLength
 
         def fetch_version_from_parsed_lockfile(updated_lockfile)
           version =
@@ -141,17 +147,19 @@ module Dependabot
           return @original_reqs_resolvable if @original_reqs_resolvable
 
           SharedHelpers.in_a_temporary_directory do
-            write_temporary_dependency_files(update_pyproject: false)
+            SharedHelpers.with_git_configured(credentials: credentials) do
+              write_temporary_dependency_files(update_pyproject: false)
 
-            run_poetry_command(poetry_update_command)
+              run_poetry_command(poetry_update_command)
 
-            @original_reqs_resolvable = true
-          rescue SharedHelpers::HelperSubprocessFailed => e
-            raise unless e.message.include?("SolverProblemError") ||
-                         e.message.include?("PackageNotFound")
+              @original_reqs_resolvable = true
+            rescue SharedHelpers::HelperSubprocessFailed => e
+              raise unless e.message.include?("SolverProblemError") ||
+                           e.message.include?("PackageNotFound")
 
-            msg = clean_error_message(e.message)
-            raise DependencyFileNotResolvable, msg
+              msg = clean_error_message(e.message)
+              raise DependencyFileNotResolvable, msg
+            end
           end
         end
 
@@ -387,10 +395,6 @@ module Dependabot
             sources.
             map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
         end
-
-        def python_requirements_path
-          File.join(NativeHelpers.python_helper_path, "requirements.txt")
-        end
       end
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.107.16
+  version: 0.107.18
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-24 00:00:00.000000000 Z
+date: 2019-05-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.16
+        version: 0.107.18
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.16
+        version: 0.107.18
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement