dependabot-python 0.118.13 → 0.119.0.beta1

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5d40b703af7755372ebc0e7313e0bb3e71760b73bfca3aeff321dc1d19914744
4
- data.tar.gz: 991c0555715aa0f40f16e7dccce79b38733603962eafd39bbcfebf1f08da096a
3
+ metadata.gz: 0c443c75018adfd2cf364c97de4ef952789b4b1d279c9ef325ee181e8f46cd56
4
+ data.tar.gz: 3ef40c7a0ac388eea5b3a2ea5b70ca5019a0110088fae84e5913c2584d37eb8d
5
5
  SHA512:
6
- metadata.gz: f250e18d12e7056278813b7222b888c4ce080c293aa79c7e1cb72b5d5b5244953e69cf750836bfbf8585b7da08fd70571ae63cf4d0239bfba7df9f01927fe041
7
- data.tar.gz: a6f2cdad3b38118dfd5125ee3864c2f8e0b2cfc966b098928376a5f7cdda74c331b3fe8a650ed106614c50f89b109aaccf047921e60a9126ca3c110948e0cb9b
6
+ metadata.gz: 13bcdc6647e905be59181cac53a5e79073531940e291684b9431b68bbb16702871d56c964ea4ba4cdee736ec74f050db09b94bd0ba2b370813e5c4ae9cf7e144
7
+ data.tar.gz: 8f7113e04bf9c2c2fd727ecba7c7240d1f7f518237f4c8361531370e3fa86fb712d22544bbfe5751fee6296749c3dfc179c786bdd41a3db241d164a5cd5fb6ca
@@ -0,0 +1,24 @@
1
+ import hashin
2
+ import json
3
+ import pipfile
4
+ from poetry.poetry import Poetry
5
+ from poetry.factory import Factory
6
+
7
+ def get_dependency_hash(dependency_name, dependency_version, algorithm):
8
+ hashes = hashin.get_package_hashes(
9
+ dependency_name,
10
+ version=dependency_version,
11
+ algorithm=algorithm
12
+ )
13
+
14
+ return json.dumps({ "result": hashes["hashes"] })
15
+
16
+ def get_pipfile_hash(directory):
17
+ p = pipfile.load(directory + '/Pipfile')
18
+
19
+ return json.dumps({ "result": p.hash })
20
+
21
+ def get_pyproject_hash(directory):
22
+ p = Factory().create_poetry(directory)
23
+
24
+ return json.dumps({ "result": p.locker._get_content_hash() })
@@ -0,0 +1,138 @@
1
+ from itertools import chain
2
+ import glob
3
+ import io
4
+ import json
5
+ import optparse
6
+ import os.path
7
+ import re
8
+
9
+ import setuptools
10
+ import pip._internal.req.req_file
11
+ from pip._internal.network.session import PipSession
12
+ from pip._internal.models.format_control import FormatControl
13
+ from pip._internal.req.constructors import (
14
+ install_req_from_line,
15
+ install_req_from_parsed_requirement,
16
+ )
17
+
18
+ def parse_requirements(directory):
19
+ # Parse the requirements.txt
20
+ requirement_packages = []
21
+ requirement_files = glob.glob(os.path.join(directory, '*.txt')) \
22
+ + glob.glob(os.path.join(directory, '**', '*.txt'))
23
+
24
+ pip_compile_files = glob.glob(os.path.join(directory, '*.in')) \
25
+ + glob.glob(os.path.join(directory, '**', '*.in'))
26
+
27
+ def version_from_install_req(install_req):
28
+ if install_req.is_pinned:
29
+ return next(iter(install_req.specifier)).version
30
+
31
+ for reqs_file in requirement_files + pip_compile_files:
32
+ try:
33
+ requirements = pip._internal.req.req_file.parse_requirements(
34
+ reqs_file,
35
+ session=PipSession()
36
+ )
37
+ for parsed_req in requirements:
38
+ install_req = install_req_from_parsed_requirement(parsed_req)
39
+ if install_req.original_link:
40
+ continue
41
+
42
+ pattern = r"-[cr] (.*) \(line \d+\)"
43
+ abs_path = re.search(pattern, install_req.comes_from).group(1)
44
+ rel_path = os.path.relpath(abs_path, directory)
45
+
46
+ requirement_packages.append({
47
+ "name": install_req.req.name,
48
+ "version": version_from_install_req(install_req),
49
+ "markers": str(install_req.markers) or None,
50
+ "file": rel_path,
51
+ "requirement": str(install_req.specifier) or None,
52
+ "extras": sorted(list(install_req.extras))
53
+ })
54
+ except Exception as e:
55
+ print(json.dumps({ "error": repr(e) }))
56
+ exit(1)
57
+
58
+ return json.dumps({ "result": requirement_packages })
59
+
60
+ def parse_setup(directory):
61
+ # Parse the setup.py
62
+ setup_packages = []
63
+ if os.path.isfile(directory + '/setup.py'):
64
+ def version_from_install_req(install_req):
65
+ if install_req.is_pinned:
66
+ return next(iter(install_req.specifier)).version
67
+
68
+ def parse_requirement(req, req_type):
69
+ install_req = install_req_from_line(req)
70
+ if install_req.original_link:
71
+ return
72
+
73
+ setup_packages.append({
74
+ "name": install_req.req.name,
75
+ "version": version_from_install_req(install_req),
76
+ "markers": str(install_req.markers) or None,
77
+ "file": "setup.py",
78
+ "requirement": str(install_req.specifier) or None,
79
+ "requirement_type": req_type,
80
+ "extras": sorted(list(install_req.extras))
81
+ })
82
+
83
+ def setup(*args, **kwargs):
84
+ for arg in ['setup_requires', 'install_requires', 'tests_require']:
85
+ if not kwargs.get(arg):
86
+ continue
87
+ for req in kwargs.get(arg):
88
+ parse_requirement(req, arg)
89
+ extras_require_dict = kwargs.get('extras_require', {})
90
+ for key in extras_require_dict:
91
+ for req in extras_require_dict[key]:
92
+ parse_requirement(req, 'extras_require:{}'.format(key))
93
+ setuptools.setup = setup
94
+
95
+ def noop(*args, **kwargs):
96
+ pass
97
+
98
+ def fake_parse(*args, **kwargs):
99
+ return []
100
+
101
+ global fake_open
102
+ def fake_open(*args, **kwargs):
103
+ content = ("VERSION = ('0', '0', '1+dependabot')\n"
104
+ "__version__ = '0.0.1+dependabot'\n"
105
+ "__author__ = 'someone'\n"
106
+ "__title__ = 'something'\n"
107
+ "__description__ = 'something'\n"
108
+ "__author_email__ = 'something'\n"
109
+ "__license__ = 'something'\n"
110
+ "__url__ = 'something'\n")
111
+ return io.StringIO(content)
112
+
113
+ content = open(directory + '/setup.py', 'r').read()
114
+
115
+ # Remove `print`, `open`, `log` and import statements
116
+ content = re.sub(r"print\s*\(", "noop(", content)
117
+ content = re.sub(r"log\s*(\.\w+)*\(", "noop(", content)
118
+ content = re.sub(r"\b(\w+\.)*(open|file)\s*\(", "fake_open(", content)
119
+ content = content.replace("parse_requirements(", "fake_parse(")
120
+ version_re = re.compile(r"^.*import.*__version__.*$", re.MULTILINE)
121
+ content = re.sub(version_re, "", content)
122
+
123
+ # Set variables likely to be imported
124
+ __version__ = '0.0.1+dependabot'
125
+ __author__ = 'someone'
126
+ __title__ = 'something'
127
+ __description__ = 'something'
128
+ __author_email__ = 'something'
129
+ __license__ = 'something'
130
+ __url__ = 'something'
131
+
132
+ # Run as main (since setup.py is a script)
133
+ __name__ = '__main__'
134
+
135
+ # Exec the setup.py
136
+ exec(content) in globals(), locals()
137
+
138
+ return json.dumps({ "result": setup_packages })
@@ -0,0 +1,9 @@
1
+ pip==20.1.1
2
+ pip-tools==5.3.0
3
+ hashin==0.15.0
4
+ pipenv==2018.11.26
5
+ pipfile==0.0.2
6
+ poetry==1.0.10
7
+
8
+ # Some dependencies will only install if Cython is present
9
+ Cython==0.29.21
@@ -0,0 +1,18 @@
1
+ import sys
2
+ import json
3
+
4
+ from lib import parser, hasher
5
+
6
+ if __name__ == "__main__":
7
+ args = json.loads(sys.stdin.read())
8
+
9
+ if args["function"] == "parse_requirements":
10
+ print(parser.parse_requirements(args["args"][0]))
11
+ if args["function"] == "parse_setup":
12
+ print(parser.parse_setup(args["args"][0]))
13
+ elif args["function"] == "get_dependency_hash":
14
+ print(hasher.get_dependency_hash(*args["args"]))
15
+ elif args["function"] == "get_pipfile_hash":
16
+ print(hasher.get_pipfile_hash(*args["args"]))
17
+ elif args["function"] == "get_pyproject_hash":
18
+ print(hasher.get_pyproject_hash(*args["args"]))
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.13
4
+ version: 0.119.0.beta1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-19 00:00:00.000000000 Z
11
+ date: 2020-08-20 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.118.13
19
+ version: 0.119.0.beta1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.118.13
26
+ version: 0.119.0.beta1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -144,6 +144,11 @@ extensions: []
144
144
  extra_rdoc_files: []
145
145
  files:
146
146
  - helpers/build
147
+ - helpers/install-dir/python/lib/__init__.py
148
+ - helpers/install-dir/python/lib/hasher.py
149
+ - helpers/install-dir/python/lib/parser.py
150
+ - helpers/install-dir/python/requirements.txt
151
+ - helpers/install-dir/python/run.py
147
152
  - helpers/lib/__init__.py
148
153
  - helpers/lib/hasher.py
149
154
  - helpers/lib/parser.py
@@ -186,7 +191,7 @@ homepage: https://github.com/dependabot/dependabot-core
186
191
  licenses:
187
192
  - Nonstandard
188
193
  metadata: {}
189
- post_install_message:
194
+ post_install_message:
190
195
  rdoc_options: []
191
196
  require_paths:
192
197
  - lib
@@ -201,8 +206,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
201
206
  - !ruby/object:Gem::Version
202
207
  version: 2.5.0
203
208
  requirements: []
204
- rubygems_version: 3.1.2
205
- signing_key:
209
+ rubygems_version: 3.1.4
210
+ signing_key:
206
211
  specification_version: 4
207
212
  summary: Python support for dependabot
208
213
  test_files: []