dependabot-python 0.107.16 → 0.107.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bdf74b2a4921285cf23bd3f0a3fb890afd61b541d8185d3cd055407bbac5dd2f
|
4
|
+
data.tar.gz: 4219acc252b78bcf2e7bd139e22ef19853a2968a53ce4bcd03299bcc65e9b0eb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 8177a5aef2b5a3eecd0cc0b9e22b6dc5c962da6b0f454d086de480fedb1b2f4775649f38821ba256959380321781dcc1aaf159e6579afdb043a51da988d3941f
|
7
|
+
data.tar.gz: ecbea9c2f953a8f0ff0e6bbfce7421015f0abd65fb45a44a92282b40d8e83f4b7a0ae4604774334aa3b6330ae16b589cedee0c68269116ace4fed07ac4388e66
|
@@ -9,6 +9,7 @@ require "dependabot/python/python_versions"
|
|
9
9
|
require "dependabot/python/file_updater"
|
10
10
|
require "dependabot/python/native_helpers"
|
11
11
|
|
12
|
+
# rubocop:disable Metrics/ClassLength
|
12
13
|
module Dependabot
|
13
14
|
module Python
|
14
15
|
class FileUpdater
|
@@ -172,19 +173,21 @@ module Dependabot
|
|
172
173
|
|
173
174
|
def updated_lockfile_content_for(pyproject_content)
|
174
175
|
SharedHelpers.in_a_temporary_directory do
|
175
|
-
|
176
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
177
|
+
write_temporary_dependency_files(pyproject_content)
|
176
178
|
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
179
|
+
if python_version && !pre_installed_python?(python_version)
|
180
|
+
run_poetry_command("pyenv install -s #{python_version}")
|
181
|
+
run_poetry_command("pyenv exec pip install -r"\
|
182
|
+
"#{NativeHelpers.python_requirements_path}")
|
183
|
+
end
|
182
184
|
|
183
|
-
|
185
|
+
run_poetry_command(poetry_update_command)
|
184
186
|
|
185
|
-
|
187
|
+
return File.read("poetry.lock") if File.exist?("poetry.lock")
|
186
188
|
|
187
|
-
|
189
|
+
File.read("pyproject.lock")
|
190
|
+
end
|
188
191
|
end
|
189
192
|
end
|
190
193
|
|
@@ -274,12 +277,14 @@ module Dependabot
|
|
274
277
|
|
275
278
|
def pyproject_hash_for(pyproject_content)
|
276
279
|
SharedHelpers.in_a_temporary_directory do |dir|
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
280
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
281
|
+
File.write(File.join(dir, "pyproject.toml"), pyproject_content)
|
282
|
+
SharedHelpers.run_helper_subprocess(
|
283
|
+
command: "pyenv exec python #{python_helper_path}",
|
284
|
+
function: "get_pyproject_hash",
|
285
|
+
args: [dir]
|
286
|
+
)
|
287
|
+
end
|
283
288
|
end
|
284
289
|
end
|
285
290
|
|
@@ -319,6 +324,10 @@ module Dependabot
|
|
319
324
|
@lockfile ||= pyproject_lock || poetry_lock
|
320
325
|
end
|
321
326
|
|
327
|
+
def python_helper_path
|
328
|
+
NativeHelpers.python_helper_path
|
329
|
+
end
|
330
|
+
|
322
331
|
def pyproject_lock
|
323
332
|
dependency_files.find { |f| f.name == "pyproject.lock" }
|
324
333
|
end
|
@@ -338,3 +347,4 @@ module Dependabot
|
|
338
347
|
end
|
339
348
|
end
|
340
349
|
end
|
350
|
+
# rubocop:enable Metrics/ClassLength
|
@@ -56,11 +56,11 @@ module Dependabot
|
|
56
56
|
urls = { main: nil, extra: [] }
|
57
57
|
|
58
58
|
requirements_files.each do |file|
|
59
|
-
if file.content.match?(/^--index-url\s(
|
59
|
+
if file.content.match?(/^--index-url\s([^\s]+)/)
|
60
60
|
urls[:main] =
|
61
|
-
file.content.match(/^--index-url\s(
|
61
|
+
file.content.match(/^--index-url\s([^\s]+)/).captures.first
|
62
62
|
end
|
63
|
-
urls[:extra] += file.content.scan(/^--extra-index-url\s(
|
63
|
+
urls[:extra] += file.content.scan(/^--extra-index-url\s([^\s]+)/).
|
64
64
|
flatten
|
65
65
|
end
|
66
66
|
|
@@ -61,6 +61,7 @@ module Dependabot
|
|
61
61
|
|
62
62
|
private
|
63
63
|
|
64
|
+
# rubocop:disable Metrics/MethodLength
|
64
65
|
def fetch_latest_resolvable_version_string(requirement:)
|
65
66
|
@latest_resolvable_version_string ||= {}
|
66
67
|
if @latest_resolvable_version_string.key?(requirement)
|
@@ -69,28 +70,33 @@ module Dependabot
|
|
69
70
|
|
70
71
|
@latest_resolvable_version_string[requirement] ||=
|
71
72
|
SharedHelpers.in_a_temporary_directory do
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
73
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
74
|
+
write_temporary_dependency_files(updated_req: requirement)
|
75
|
+
|
76
|
+
if python_version && !pre_installed_python?(python_version)
|
77
|
+
run_poetry_command("pyenv install -s #{python_version}")
|
78
|
+
run_poetry_command(
|
79
|
+
"pyenv exec pip install -r "\
|
80
|
+
"#{NativeHelpers.python_requirements_path}"
|
81
|
+
)
|
82
|
+
end
|
79
83
|
|
80
|
-
|
81
|
-
|
84
|
+
# Shell out to Poetry, which handles everything for us.
|
85
|
+
run_poetry_command(poetry_update_command)
|
82
86
|
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
87
|
+
updated_lockfile =
|
88
|
+
if File.exist?("poetry.lock") then File.read("poetry.lock")
|
89
|
+
else File.read("pyproject.lock")
|
90
|
+
end
|
91
|
+
updated_lockfile = TomlRB.parse(updated_lockfile)
|
88
92
|
|
89
|
-
|
90
|
-
|
91
|
-
|
93
|
+
fetch_version_from_parsed_lockfile(updated_lockfile)
|
94
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
95
|
+
handle_poetry_errors(e)
|
96
|
+
end
|
92
97
|
end
|
93
98
|
end
|
99
|
+
# rubocop:enable Metrics/MethodLength
|
94
100
|
|
95
101
|
def fetch_version_from_parsed_lockfile(updated_lockfile)
|
96
102
|
version =
|
@@ -141,17 +147,19 @@ module Dependabot
|
|
141
147
|
return @original_reqs_resolvable if @original_reqs_resolvable
|
142
148
|
|
143
149
|
SharedHelpers.in_a_temporary_directory do
|
144
|
-
|
150
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
151
|
+
write_temporary_dependency_files(update_pyproject: false)
|
145
152
|
|
146
|
-
|
153
|
+
run_poetry_command(poetry_update_command)
|
147
154
|
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
155
|
+
@original_reqs_resolvable = true
|
156
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
157
|
+
raise unless e.message.include?("SolverProblemError") ||
|
158
|
+
e.message.include?("PackageNotFound")
|
152
159
|
|
153
|
-
|
154
|
-
|
160
|
+
msg = clean_error_message(e.message)
|
161
|
+
raise DependencyFileNotResolvable, msg
|
162
|
+
end
|
155
163
|
end
|
156
164
|
end
|
157
165
|
|
@@ -387,10 +395,6 @@ module Dependabot
|
|
387
395
|
sources.
|
388
396
|
map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
|
389
397
|
end
|
390
|
-
|
391
|
-
def python_requirements_path
|
392
|
-
File.join(NativeHelpers.python_helper_path, "requirements.txt")
|
393
|
-
end
|
394
398
|
end
|
395
399
|
end
|
396
400
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.107.
|
4
|
+
version: 0.107.18
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-05-
|
11
|
+
date: 2019-05-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.107.
|
19
|
+
version: 0.107.18
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.107.
|
26
|
+
version: 0.107.18
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|