dependabot-python 0.118.2 → 0.118.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/requirements.txt +4 -4
- data/lib/dependabot/python/file_parser.rb +5 -3
- data/lib/dependabot/python/requirement_parser.rb +16 -0
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f389bc06b0e930d319d2625c8c9753bea89d54cd6f188e2b8f92a45eae5d9164
|
|
4
|
+
data.tar.gz: 7b9164faa17544c164c8c1a61a36aa1ef2f10b06d20d352a5bd2fb53e903b275
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dca688da7c4ce4f5b5bf0cd743bc3fc012fbdbc49e9d8e049e7fbd5d066d4e42c142b9fe4eb7b8a011ee669de95f2ef5b1d19258d8b1c6517aa8d43498cee543
|
|
7
|
+
data.tar.gz: 9da3df550234656e6e1159942f7f5230d4ff229881ea2f7158179f2b9112152e1828e2d027ec169c86399d2c7f4a8f1404d7d9c5ed110909af9b020916fd7bec
|
data/helpers/requirements.txt
CHANGED
|
@@ -181,12 +181,14 @@ module Dependabot
|
|
|
181
181
|
each do |file|
|
|
182
182
|
path = file.name
|
|
183
183
|
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
|
184
|
-
File.write(path, remove_imports(file
|
|
184
|
+
File.write(path, remove_imports(file))
|
|
185
185
|
end
|
|
186
186
|
end
|
|
187
187
|
|
|
188
|
-
def remove_imports(
|
|
189
|
-
content.
|
|
188
|
+
def remove_imports(file)
|
|
189
|
+
return file.content if file.path.end_with?(".tar.gz", ".whl", ".zip")
|
|
190
|
+
|
|
191
|
+
file.content.lines.
|
|
190
192
|
reject { |l| l.match?(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/) }.
|
|
191
193
|
reject { |l| l.match?(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/) }.
|
|
192
194
|
join
|
|
@@ -13,11 +13,25 @@ module Dependabot
|
|
|
13
13
|
HASH = /--hash=(?<algorithm>.*?):(?<hash>.*?)(?=\s|$)/.freeze
|
|
14
14
|
REQUIREMENTS = /#{REQUIREMENT}(\s*,\s*\\?\s*#{REQUIREMENT})*/.freeze
|
|
15
15
|
HASHES = /#{HASH}(\s*\\?\s*#{HASH})*/.freeze
|
|
16
|
+
MARKER_OP = /\s*(#{COMPARISON}|(\s*in)|(\s*not\s*in))/.freeze
|
|
17
|
+
PYTHON_STR_C =
|
|
18
|
+
%r{[a-zA-Z0-9\s\(\)\.\{\}\-_\*#:;/\?\[\]!~`@\$%\^&=\+\|<>]}.freeze
|
|
19
|
+
PYTHON_STR = /('(#{PYTHON_STR_C}|")*'|"(#{PYTHON_STR_C}|')*")/.freeze
|
|
20
|
+
ENV_VAR =
|
|
21
|
+
/python_version|python_full_version|os_name|sys_platform|
|
|
22
|
+
platform_release|platform_system|platform_version|platform_machine|
|
|
23
|
+
platform_python_implementation|implementation_name|
|
|
24
|
+
implementation_version/.freeze
|
|
25
|
+
MARKER_VAR = /\s*(#{ENV_VAR}|#{PYTHON_STR})/.freeze
|
|
26
|
+
MARKER_EXPR_ONE = /#{MARKER_VAR}#{MARKER_OP}#{MARKER_VAR}/.freeze
|
|
27
|
+
MARKER_EXPR =
|
|
28
|
+
/(#{MARKER_EXPR_ONE}|\(\s*|\s*\)|\s+and\s+|\s+or\s+)+/.freeze
|
|
16
29
|
|
|
17
30
|
INSTALL_REQ_WITH_REQUIREMENT =
|
|
18
31
|
/\s*\\?\s*(?<name>#{NAME})
|
|
19
32
|
\s*\\?\s*(\[\s*(?<extras>#{EXTRA}(\s*,\s*#{EXTRA})*)\s*\])?
|
|
20
33
|
\s*\\?\s*\(?(?<requirements>#{REQUIREMENTS})\)?
|
|
34
|
+
\s*\\?\s*(;\s*(?<markers>#{MARKER_EXPR}))?
|
|
21
35
|
\s*\\?\s*(?<hashes>#{HASHES})?
|
|
22
36
|
\s*#*\s*(?<comment>.+)?
|
|
23
37
|
/x.freeze
|
|
@@ -25,6 +39,7 @@ module Dependabot
|
|
|
25
39
|
INSTALL_REQ_WITHOUT_REQUIREMENT =
|
|
26
40
|
/^\s*\\?\s*(?<name>#{NAME})
|
|
27
41
|
\s*\\?\s*(\[\s*(?<extras>#{EXTRA}(\s*,\s*#{EXTRA})*)\s*\])?
|
|
42
|
+
\s*\\?\s*(;\s*(?<markers>#{MARKER_EXPR}))?
|
|
28
43
|
\s*\\?\s*(?<hashes>#{HASHES})?
|
|
29
44
|
\s*#*\s*(?<comment>.+)?$
|
|
30
45
|
/x.freeze
|
|
@@ -33,6 +48,7 @@ module Dependabot
|
|
|
33
48
|
/^\s*\\?\s*(?<name>#{NAME})
|
|
34
49
|
\s*\\?\s*(\[\s*(?<extras>#{EXTRA}(\s*,\s*#{EXTRA})*)\s*\])?
|
|
35
50
|
\s*\\?\s*\(?(?<requirements>#{REQUIREMENTS})?\)?
|
|
51
|
+
\s*\\?\s*(;\s*(?<markers>#{MARKER_EXPR}))?
|
|
36
52
|
\s*\\?\s*(?<hashes>#{HASHES})?
|
|
37
53
|
\s*(\#+\s*(?<comment>.*))?$
|
|
38
54
|
/x.freeze
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.118.
|
|
4
|
+
version: 0.118.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-07-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.118.
|
|
19
|
+
version: 0.118.7
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.118.
|
|
26
|
+
version: 0.118.7
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|