dependabot-python 0.107.16 → 0.107.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cf5ae0d63ffafdb1b009b5b0979fc06de616d6796ba3adfd250668e14ebf72dd
4
- data.tar.gz: 76324145714e3b3357129fa9f69b3c10e22ce743101f6a2960104908a25662f0
3
+ metadata.gz: bdf74b2a4921285cf23bd3f0a3fb890afd61b541d8185d3cd055407bbac5dd2f
4
+ data.tar.gz: 4219acc252b78bcf2e7bd139e22ef19853a2968a53ce4bcd03299bcc65e9b0eb
5
5
  SHA512:
6
- metadata.gz: 47c9a78408b34a690323f84832f4fd943666afc8a30b08a632df37e91a9fb1e234d4420d97ae5ce2bb24eb897c3e5aa55189f4721cee7f575733c6052c2e8dcc
7
- data.tar.gz: 2c42a89658e0c45a7c5eabc287349b4ccfcf50fda16b13d14aca5aaf484b78dab0b503631d1675a9cf186923b89c54f7f86b01ae569d8e6d6403178f134c2d9b
6
+ metadata.gz: 8177a5aef2b5a3eecd0cc0b9e22b6dc5c962da6b0f454d086de480fedb1b2f4775649f38821ba256959380321781dcc1aaf159e6579afdb043a51da988d3941f
7
+ data.tar.gz: ecbea9c2f953a8f0ff0e6bbfce7421015f0abd65fb45a44a92282b40d8e83f4b7a0ae4604774334aa3b6330ae16b589cedee0c68269116ace4fed07ac4388e66
@@ -9,6 +9,7 @@ require "dependabot/python/python_versions"
9
9
  require "dependabot/python/file_updater"
10
10
  require "dependabot/python/native_helpers"
11
11
 
12
+ # rubocop:disable Metrics/ClassLength
12
13
  module Dependabot
13
14
  module Python
14
15
  class FileUpdater
@@ -172,19 +173,21 @@ module Dependabot
172
173
 
173
174
  def updated_lockfile_content_for(pyproject_content)
174
175
  SharedHelpers.in_a_temporary_directory do
175
- write_temporary_dependency_files(pyproject_content)
176
+ SharedHelpers.with_git_configured(credentials: credentials) do
177
+ write_temporary_dependency_files(pyproject_content)
176
178
 
177
- if python_version && !pre_installed_python?(python_version)
178
- run_poetry_command("pyenv install -s #{python_version}")
179
- run_poetry_command("pyenv exec pip install -r"\
180
- "#{NativeHelpers.python_requirements_path}")
181
- end
179
+ if python_version && !pre_installed_python?(python_version)
180
+ run_poetry_command("pyenv install -s #{python_version}")
181
+ run_poetry_command("pyenv exec pip install -r"\
182
+ "#{NativeHelpers.python_requirements_path}")
183
+ end
182
184
 
183
- run_poetry_command(poetry_update_command)
185
+ run_poetry_command(poetry_update_command)
184
186
 
185
- return File.read("poetry.lock") if File.exist?("poetry.lock")
187
+ return File.read("poetry.lock") if File.exist?("poetry.lock")
186
188
 
187
- File.read("pyproject.lock")
189
+ File.read("pyproject.lock")
190
+ end
188
191
  end
189
192
  end
190
193
 
@@ -274,12 +277,14 @@ module Dependabot
274
277
 
275
278
  def pyproject_hash_for(pyproject_content)
276
279
  SharedHelpers.in_a_temporary_directory do |dir|
277
- File.write(File.join(dir, "pyproject.toml"), pyproject_content)
278
- SharedHelpers.run_helper_subprocess(
279
- command: "pyenv exec python #{NativeHelpers.python_helper_path}",
280
- function: "get_pyproject_hash",
281
- args: [dir]
282
- )
280
+ SharedHelpers.with_git_configured(credentials: credentials) do
281
+ File.write(File.join(dir, "pyproject.toml"), pyproject_content)
282
+ SharedHelpers.run_helper_subprocess(
283
+ command: "pyenv exec python #{python_helper_path}",
284
+ function: "get_pyproject_hash",
285
+ args: [dir]
286
+ )
287
+ end
283
288
  end
284
289
  end
285
290
 
@@ -319,6 +324,10 @@ module Dependabot
319
324
  @lockfile ||= pyproject_lock || poetry_lock
320
325
  end
321
326
 
327
+ def python_helper_path
328
+ NativeHelpers.python_helper_path
329
+ end
330
+
322
331
  def pyproject_lock
323
332
  dependency_files.find { |f| f.name == "pyproject.lock" }
324
333
  end
@@ -338,3 +347,4 @@ module Dependabot
338
347
  end
339
348
  end
340
349
  end
350
+ # rubocop:enable Metrics/ClassLength
@@ -56,11 +56,11 @@ module Dependabot
56
56
  urls = { main: nil, extra: [] }
57
57
 
58
58
  requirements_files.each do |file|
59
- if file.content.match?(/^--index-url\s(.+)/)
59
+ if file.content.match?(/^--index-url\s([^\s]+)/)
60
60
  urls[:main] =
61
- file.content.match(/^--index-url\s(.+)/).captures.first
61
+ file.content.match(/^--index-url\s([^\s]+)/).captures.first
62
62
  end
63
- urls[:extra] += file.content.scan(/^--extra-index-url\s(.+)/).
63
+ urls[:extra] += file.content.scan(/^--extra-index-url\s([^\s]+)/).
64
64
  flatten
65
65
  end
66
66
 
@@ -61,6 +61,7 @@ module Dependabot
61
61
 
62
62
  private
63
63
 
64
+ # rubocop:disable Metrics/MethodLength
64
65
  def fetch_latest_resolvable_version_string(requirement:)
65
66
  @latest_resolvable_version_string ||= {}
66
67
  if @latest_resolvable_version_string.key?(requirement)
@@ -69,28 +70,33 @@ module Dependabot
69
70
 
70
71
  @latest_resolvable_version_string[requirement] ||=
71
72
  SharedHelpers.in_a_temporary_directory do
72
- write_temporary_dependency_files(updated_req: requirement)
73
-
74
- if python_version && !pre_installed_python?(python_version)
75
- run_poetry_command("pyenv install -s #{python_version}")
76
- run_poetry_command("pyenv exec pip install -r "\
77
- "#{NativeHelpers.python_requirements_path}")
78
- end
73
+ SharedHelpers.with_git_configured(credentials: credentials) do
74
+ write_temporary_dependency_files(updated_req: requirement)
75
+
76
+ if python_version && !pre_installed_python?(python_version)
77
+ run_poetry_command("pyenv install -s #{python_version}")
78
+ run_poetry_command(
79
+ "pyenv exec pip install -r "\
80
+ "#{NativeHelpers.python_requirements_path}"
81
+ )
82
+ end
79
83
 
80
- # Shell out to Poetry, which handles everything for us.
81
- run_poetry_command(poetry_update_command)
84
+ # Shell out to Poetry, which handles everything for us.
85
+ run_poetry_command(poetry_update_command)
82
86
 
83
- updated_lockfile =
84
- if File.exist?("poetry.lock") then File.read("poetry.lock")
85
- else File.read("pyproject.lock")
86
- end
87
- updated_lockfile = TomlRB.parse(updated_lockfile)
87
+ updated_lockfile =
88
+ if File.exist?("poetry.lock") then File.read("poetry.lock")
89
+ else File.read("pyproject.lock")
90
+ end
91
+ updated_lockfile = TomlRB.parse(updated_lockfile)
88
92
 
89
- fetch_version_from_parsed_lockfile(updated_lockfile)
90
- rescue SharedHelpers::HelperSubprocessFailed => e
91
- handle_poetry_errors(e)
93
+ fetch_version_from_parsed_lockfile(updated_lockfile)
94
+ rescue SharedHelpers::HelperSubprocessFailed => e
95
+ handle_poetry_errors(e)
96
+ end
92
97
  end
93
98
  end
99
+ # rubocop:enable Metrics/MethodLength
94
100
 
95
101
  def fetch_version_from_parsed_lockfile(updated_lockfile)
96
102
  version =
@@ -141,17 +147,19 @@ module Dependabot
141
147
  return @original_reqs_resolvable if @original_reqs_resolvable
142
148
 
143
149
  SharedHelpers.in_a_temporary_directory do
144
- write_temporary_dependency_files(update_pyproject: false)
150
+ SharedHelpers.with_git_configured(credentials: credentials) do
151
+ write_temporary_dependency_files(update_pyproject: false)
145
152
 
146
- run_poetry_command(poetry_update_command)
153
+ run_poetry_command(poetry_update_command)
147
154
 
148
- @original_reqs_resolvable = true
149
- rescue SharedHelpers::HelperSubprocessFailed => e
150
- raise unless e.message.include?("SolverProblemError") ||
151
- e.message.include?("PackageNotFound")
155
+ @original_reqs_resolvable = true
156
+ rescue SharedHelpers::HelperSubprocessFailed => e
157
+ raise unless e.message.include?("SolverProblemError") ||
158
+ e.message.include?("PackageNotFound")
152
159
 
153
- msg = clean_error_message(e.message)
154
- raise DependencyFileNotResolvable, msg
160
+ msg = clean_error_message(e.message)
161
+ raise DependencyFileNotResolvable, msg
162
+ end
155
163
  end
156
164
  end
157
165
 
@@ -387,10 +395,6 @@ module Dependabot
387
395
  sources.
388
396
  map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
389
397
  end
390
-
391
- def python_requirements_path
392
- File.join(NativeHelpers.python_helper_path, "requirements.txt")
393
- end
394
398
  end
395
399
  end
396
400
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.107.16
4
+ version: 0.107.18
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-05-24 00:00:00.000000000 Z
11
+ date: 2019-05-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.107.16
19
+ version: 0.107.18
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.107.16
26
+ version: 0.107.18
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement