dependabot-python 0.111.13 → 0.111.14
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/python/metadata_finder.rb +18 -5
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a10949a16fe3b06af79342eef4660b126c26b143b99693ee86ee3d86f8ef2b28
|
4
|
+
data.tar.gz: 328718c8705ca24144b63981264e4eb3bfc72c0bd927ced46b4a6da12e205b73
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4cef4d799bbcea7196d92433a6b9a60478f6a8ac0b65403b63c372f62f27f5b5e791c3b229cd5f22cadce48abe87a86b291566b0b5178fd836af7b88b41913e0
|
7
|
+
data.tar.gz: cc9c60a0124489bbc6d1acc8b42e0f3ff1786b4a828f45f3a991fbdf4ab5fbdd85d9ae1c5fe6d2783989de57770673769edda68b166383b0367a0f3075e9a2b3
|
@@ -130,11 +130,7 @@ module Dependabot
|
|
130
130
|
return @pypi_listing = {} if dependency.version.include?("+")
|
131
131
|
|
132
132
|
possible_listing_urls.each do |url|
|
133
|
-
response =
|
134
|
-
url,
|
135
|
-
idempotent: true,
|
136
|
-
**SharedHelpers.excon_defaults
|
137
|
-
)
|
133
|
+
response = fetch_authed_url(url)
|
138
134
|
next unless response.status == 200
|
139
135
|
|
140
136
|
@pypi_listing = JSON.parse(response.body)
|
@@ -146,6 +142,23 @@ module Dependabot
|
|
146
142
|
@pypi_listing = {} # No listing found
|
147
143
|
end
|
148
144
|
|
145
|
+
def fetch_authed_url(url)
|
146
|
+
if url.match(%r{(.*)://(.*?):(.*)@([^@]+)$}) &&
|
147
|
+
Regexp.last_match.captures[1].include?("@")
|
148
|
+
protocol, user, pass, url = Regexp.last_match.captures
|
149
|
+
|
150
|
+
Excon.get(
|
151
|
+
"#{protocol}://#{url}",
|
152
|
+
user: user,
|
153
|
+
password: pass,
|
154
|
+
idempotent: true,
|
155
|
+
**SharedHelpers.excon_defaults
|
156
|
+
)
|
157
|
+
else
|
158
|
+
Excon.get(url, idempotent: true, **SharedHelpers.excon_defaults)
|
159
|
+
end
|
160
|
+
end
|
161
|
+
|
149
162
|
def possible_listing_urls
|
150
163
|
credential_urls =
|
151
164
|
credentials.
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.111.
|
4
|
+
version: 0.111.14
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.111.
|
19
|
+
version: 0.111.14
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.111.
|
26
|
+
version: 0.111.14
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|