dependabot-python 0.111.24 → 0.111.25

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e4f5ea7c78f1dc2588f09b7c5a8e5d827cd807523275c09f7c3c6173992bef88
4
- data.tar.gz: c638fa89b028992fe037f7d8726ed6d7d4133b21b48d7a8cba889f9d2c5c69fb
3
+ metadata.gz: d38ee5f205abe3d445efa70798b613ebc6fbdf984d1d7be097b15d69ca7e3bce
4
+ data.tar.gz: 5a6b7b801fc9f72b90b70b0d92324df3822874d98d8e87c15cb2ff1fc82c21b0
5
5
  SHA512:
6
- metadata.gz: a515588d3a8069172e6c29c941ab63fe725fa1d7e16615c3b72600a9ea7a412ec9a483744ffe536a3bde80c63860f7119cf38679265096a89fd5c821c2d12c7a
7
- data.tar.gz: f049f7d63332c356bd6c0b8f2f17f2dcf546757e3458d2a9a1a75689fb345a6e905ccd0e3b2710354381c809f4aa368e73d9ed3160c7be6f04ad48fda818c604
6
+ metadata.gz: 1d0489f5425c3d6deeddfbf254bf640d5b8fc0c175ef641adcd1644d837684e4970ba598ffa5b000b076e52ff187025322dd1b3f60ed392cd34113a5c8b896ee
7
+ data.tar.gz: 9a7109a141bdfb14f6e97ac06d004e11401832834cf08dc8e31509ede266bf7ca1082dcff46ecf6e009c646bd69359229135343cb34d4c8fdfdb7aa41f9de688
@@ -25,3 +25,9 @@ Dependabot::Dependency.register_production_check(
25
25
  groups.include?("dependencies")
26
26
  end
27
27
  )
28
+
29
+ # See https://www.python.org/dev/peps/pep-0503/#normalized-names
30
+ Dependabot::Dependency.register_name_normaliser(
31
+ "pip",
32
+ ->(name) { name.downcase.gsub(/[-_.]+/, "-") }
33
+ )
@@ -183,7 +183,7 @@ module Dependabot
183
183
 
184
184
  # See https://www.python.org/dev/peps/pep-0503/#normalized-names
185
185
  def normalised_name(name)
186
- name.downcase.gsub(/[-_.]+/, "-")
186
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
187
187
  end
188
188
 
189
189
  def check_required_files
@@ -133,9 +133,8 @@ module Dependabot
133
133
  %w(git path).any? { |k| req.key?(k) }
134
134
  end
135
135
 
136
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
137
136
  def normalised_name(name)
138
- name.downcase.gsub(/[-_.]+/, "-")
137
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
139
138
  end
140
139
 
141
140
  def parsed_pipfile
@@ -97,9 +97,8 @@ module Dependabot
97
97
  raise Dependabot::DependencyFileNotEvaluatable, e.message
98
98
  end
99
99
 
100
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
101
100
  def normalise(name)
102
- name.downcase.gsub(/[-_.]+/, "-")
101
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
103
102
  end
104
103
 
105
104
  def parsed_pyproject
@@ -163,9 +163,8 @@ module Dependabot
163
163
  0
164
164
  end
165
165
 
166
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
167
166
  def normalised_name(name)
168
- name.downcase.gsub(/[-_.]+/, "-")
167
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
169
168
  end
170
169
 
171
170
  def setup_file
@@ -1,6 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "open3"
4
+ require "dependabot/dependency"
4
5
  require "dependabot/python/requirement_parser"
5
6
  require "dependabot/python/file_fetcher"
6
7
  require "dependabot/python/file_parser/python_requirement_parser"
@@ -483,9 +484,8 @@ module Dependabot
483
484
  matches.any? { |m| normalise(m[:name]) == dependency.name }
484
485
  end
485
486
 
486
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
487
487
  def normalise(name)
488
- name.downcase.gsub(/[-_.]+/, "-")
488
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
489
489
  end
490
490
 
491
491
  # If the files we need to update require one another then we need to
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "toml-rb"
4
4
  require "open3"
5
+ require "dependabot/dependency"
5
6
  require "dependabot/python/requirement_parser"
6
7
  require "dependabot/python/file_parser/python_requirement_parser"
7
8
  require "dependabot/python/file_updater"
@@ -419,9 +420,8 @@ module Dependabot
419
420
  updated_file
420
421
  end
421
422
 
422
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
423
423
  def normalise(name)
424
- name.downcase.gsub(/[-_.]+/, "-")
424
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
425
425
  end
426
426
 
427
427
  def parsed_lockfile
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "toml-rb"
4
4
 
5
+ require "dependabot/dependency"
5
6
  require "dependabot/python/file_parser"
6
7
  require "dependabot/python/file_updater"
7
8
  require "dependabot/python/authed_url_builder"
@@ -102,9 +103,8 @@ module Dependabot
102
103
  @parsed_lockfile ||= JSON.parse(lockfile.content)
103
104
  end
104
105
 
105
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
106
106
  def normalise(name)
107
- name.downcase.gsub(/[-_.]+/, "-")
107
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
108
108
  end
109
109
 
110
110
  def pipfile_sources
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "toml-rb"
4
4
  require "open3"
5
+ require "dependabot/dependency"
5
6
  require "dependabot/shared_helpers"
6
7
  require "dependabot/python/version"
7
8
  require "dependabot/python/requirement"
@@ -289,9 +290,8 @@ module Dependabot
289
290
  updated_file
290
291
  end
291
292
 
292
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
293
293
  def normalise(name)
294
- name.downcase.gsub(/[-_.]+/, "-")
294
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
295
295
  end
296
296
 
297
297
  def pyproject
@@ -2,6 +2,7 @@
2
2
 
3
3
  require "toml-rb"
4
4
 
5
+ require "dependabot/dependency"
5
6
  require "dependabot/python/file_parser"
6
7
  require "dependabot/python/file_updater"
7
8
  require "dependabot/python/authed_url_builder"
@@ -77,9 +78,8 @@ module Dependabot
77
78
  find { |d| d["name"] == normalise(dep_name) }
78
79
  end
79
80
 
80
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
81
81
  def normalise(name)
82
- name.downcase.gsub(/[-_.]+/, "-")
82
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
83
83
  end
84
84
 
85
85
  def pyproject_sources
@@ -1,5 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "dependabot/dependency"
3
4
  require "dependabot/python/requirement_parser"
4
5
  require "dependabot/python/file_updater"
5
6
  require "dependabot/shared_helpers"
@@ -165,9 +166,8 @@ module Dependabot
165
166
  dec.to_s.strip
166
167
  end
167
168
 
168
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
169
169
  def normalise(name)
170
- name.downcase.gsub(/[-_.]+/, "-")
170
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
171
171
  end
172
172
 
173
173
  def requirements_match(req1, req2)
@@ -3,6 +3,7 @@
3
3
  require "excon"
4
4
  require "toml-rb"
5
5
 
6
+ require "dependabot/dependency"
6
7
  require "dependabot/update_checkers"
7
8
  require "dependabot/update_checkers/base"
8
9
  require "dependabot/shared_helpers"
@@ -286,9 +287,8 @@ module Dependabot
286
287
  false
287
288
  end
288
289
 
289
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
290
290
  def normalised_name(name)
291
- name.downcase.gsub(/[-_.]+/, "-")
291
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
292
292
  end
293
293
 
294
294
  def pipfile
@@ -4,6 +4,7 @@ require "cgi"
4
4
  require "excon"
5
5
  require "nokogiri"
6
6
 
7
+ require "dependabot/dependency"
7
8
  require "dependabot/python/update_checker"
8
9
  require "dependabot/shared_helpers"
9
10
  require "dependabot/python/authed_url_builder"
@@ -45,6 +46,7 @@ module Dependabot
45
46
 
46
47
  def fetch_latest_version(python_version:)
47
48
  versions = available_versions
49
+ versions = filter_yanked_versions(versions)
48
50
  versions = filter_unsupported_versions(versions, python_version)
49
51
  versions = filter_prerelease_versions(versions)
50
52
  versions = filter_ignored_versions(versions)
@@ -53,6 +55,7 @@ module Dependabot
53
55
 
54
56
  def fetch_latest_version_with_no_unlock(python_version:)
55
57
  versions = available_versions
58
+ versions = filter_yanked_versions(versions)
56
59
  versions = filter_unsupported_versions(versions, python_version)
57
60
  versions = filter_prerelease_versions(versions)
58
61
  versions = filter_ignored_versions(versions)
@@ -62,6 +65,7 @@ module Dependabot
62
65
 
63
66
  def fetch_lowest_security_fix_version(python_version:)
64
67
  versions = available_versions
68
+ versions = filter_yanked_versions(versions)
65
69
  versions = filter_unsupported_versions(versions, python_version)
66
70
  versions = filter_prerelease_versions(versions)
67
71
  versions = filter_ignored_versions(versions)
@@ -70,6 +74,10 @@ module Dependabot
70
74
  versions.min
71
75
  end
72
76
 
77
+ def filter_yanked_versions(versions_array)
78
+ versions_array.reject { |details| details.fetch(:yanked) }
79
+ end
80
+
73
81
  def filter_unsupported_versions(versions_array, python_version)
74
82
  versions_array.map do |details|
75
83
  python_requirement = details.fetch(:python_requirement)
@@ -160,7 +168,8 @@ module Dependabot
160
168
 
161
169
  {
162
170
  version: version_class.new(version),
163
- python_requirement: build_python_requirement_from_link(link)
171
+ python_requirement: build_python_requirement_from_link(link),
172
+ yanked: link&.include?("data-yanked")
164
173
  }
165
174
  end
166
175
 
@@ -212,9 +221,8 @@ module Dependabot
212
221
  ignored_versions.map { |req| requirement_class.new(req.split(",")) }
213
222
  end
214
223
 
215
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
216
224
  def normalised_name
217
- dependency.name.downcase.gsub(/[-_.]+/, "-")
225
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
218
226
  end
219
227
 
220
228
  def name_regex
@@ -1,6 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require "open3"
4
+ require "dependabot/dependency"
4
5
  require "dependabot/python/requirement_parser"
5
6
  require "dependabot/python/file_fetcher"
6
7
  require "dependabot/python/file_parser"
@@ -343,9 +344,8 @@ module Dependabot
343
344
  ).updated_content
344
345
  end
345
346
 
346
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
347
347
  def normalise(name)
348
- name.downcase.gsub(/[-_.]+/, "-")
348
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
349
349
  end
350
350
 
351
351
  def clean_error_message(message)
@@ -3,6 +3,7 @@
3
3
  require "excon"
4
4
  require "toml-rb"
5
5
  require "open3"
6
+ require "dependabot/dependency"
6
7
  require "dependabot/errors"
7
8
  require "dependabot/shared_helpers"
8
9
  require "dependabot/python/file_parser"
@@ -479,9 +480,8 @@ module Dependabot
479
480
  }
480
481
  end
481
482
 
482
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
483
483
  def normalise(name)
484
- name.downcase.gsub(/[-_.]+/, "-")
484
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
485
485
  end
486
486
 
487
487
  def pipfile
@@ -3,6 +3,7 @@
3
3
  require "excon"
4
4
  require "toml-rb"
5
5
  require "open3"
6
+ require "dependabot/dependency"
6
7
  require "dependabot/errors"
7
8
  require "dependabot/shared_helpers"
8
9
  require "dependabot/python/file_parser"
@@ -324,9 +325,8 @@ module Dependabot
324
325
  )
325
326
  end
326
327
 
327
- # See https://www.python.org/dev/peps/pep-0503/#normalized-names
328
328
  def normalise(name)
329
- name.downcase.gsub(/[-_.]+/, "-")
329
+ Dependency.name_normaliser_for_package_manager("pip").call(name)
330
330
  end
331
331
  end
332
332
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.24
4
+ version: 0.111.25
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-07-22 00:00:00.000000000 Z
11
+ date: 2019-07-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.111.24
19
+ version: 0.111.25
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.111.24
26
+ version: 0.111.25
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement