dependabot-python 0.118.4 → 0.118.10

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/build +1 -1
  3. data/helpers/requirements.txt +2 -2
  4. data/lib/dependabot/python/authed_url_builder.rb +2 -0
  5. data/lib/dependabot/python/file_parser.rb +5 -3
  6. data/lib/dependabot/python/file_updater/pyproject_preparer.rb +4 -0
  7. data/lib/dependabot/python/python_versions.rb +2 -2
  8. data/lib/dependabot/python/version.rb +0 -2
  9. metadata +7 -21
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b5e0617fae821ec632fc7f1eddde32962a1df52ddd266d946033e42efb6b2031
4
- data.tar.gz: ce74737754731d32562993a145e63eaf7513b59b8c58d2ff11f18861f8a36a01
3
+ metadata.gz: 14c71fc46abb6cec42bd01050da39422df024ca241f49f24bc6b2f894831f96d
4
+ data.tar.gz: e9429e4ae27676d657c339a2e312fa9127a512e81dd2a2ab714c5a9384b5f197
5
5
  SHA512:
6
- metadata.gz: '02250941200ab1de97012b7be8410788c2df2891862a3316d89cc1b3050fd22dc52671ddb742542d015467fabead012c8e2137e48a36e4a3dabe600b9491fd8d'
7
- data.tar.gz: fab0d25f84992900a32cd5ddb3fc7aceb9578efe1ee1295e9b66772c93bee9b74467c215d9dbd302d02fb9722170e4b7e679b6b1c34afb471d63ef144037873f
6
+ metadata.gz: 64a0ab9e68edc09360ab3ce3d0b98b70791b2fe61df9d843a11a962620f1b4c1179c31e4021d3b585e212727aed5c31c0d073f4cd169a7053726a1a8d25c3871
7
+ data.tar.gz: b8846dfa2db83b34ee3995e090a254b2187232690622e0209d0ec0b19be1dad7b975b582ebb8acec37afa1a16c3e79abdf401b7769de3d8a2f0ea397f5a236d4
data/helpers/build CHANGED
@@ -17,4 +17,4 @@ cp -r \
17
17
 
18
18
  cd "$install_dir"
19
19
  PYENV_VERSION=2.7.18 pyenv exec pip install -r "requirements.txt"
20
- PYENV_VERSION=3.8.3 pyenv exec pip install -r "requirements.txt"
20
+ PYENV_VERSION=3.8.5 pyenv exec pip install -r "requirements.txt"
data/helpers/requirements.txt CHANGED
@@ -1,9 +1,9 @@
1
1
  pip==20.1.1
2
- pip-tools==5.2.1
2
+ pip-tools==5.3.0
3
3
  hashin==0.15.0
4
4
  pipenv==2018.11.26
5
5
  pipfile==0.0.2
6
6
  poetry==1.0.9
7
7
 
8
8
  # Some dependencies will only install if Cython is present
9
- Cython==0.29.20
9
+ Cython==0.29.21
data/lib/dependabot/python/authed_url_builder.rb CHANGED
@@ -16,6 +16,8 @@ module Dependabot
16
16
  else token
17
17
  end
18
18
 
19
+ basic_auth_details = basic_auth_details.gsub("@", "%40")
20
+
19
21
  url.sub("://", "://#{basic_auth_details}@")
20
22
  end
21
23
  end
data/lib/dependabot/python/file_parser.rb CHANGED
@@ -181,12 +181,14 @@ module Dependabot
181
181
  each do |file|
182
182
  path = file.name
183
183
  FileUtils.mkdir_p(Pathname.new(path).dirname)
184
- File.write(path, remove_imports(file.content))
184
+ File.write(path, remove_imports(file))
185
185
  end
186
186
  end
187
187
 
188
- def remove_imports(content)
189
- content.lines.
188
+ def remove_imports(file)
189
+ return file.content if file.path.end_with?(".tar.gz", ".whl", ".zip")
190
+
191
+ file.content.lines.
190
192
  reject { |l| l.match?(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/) }.
191
193
  reject { |l| l.match?(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/) }.
192
194
  join
data/lib/dependabot/python/file_updater/pyproject_preparer.rb CHANGED
@@ -36,6 +36,7 @@ module Dependabot
36
36
  end
37
37
 
38
38
  # rubocop:disable Metrics/PerceivedComplexity
39
+ # rubocop:disable Metrics/CyclomaticComplexity
39
40
  def freeze_top_level_dependencies_except(dependencies)
40
41
  return pyproject_content unless lockfile
41
42
 
@@ -53,6 +54,8 @@ module Dependabot
53
54
 
54
55
  next unless (locked_version = locked_details&.fetch("version"))
55
56
 
57
+ next if locked_details&.dig("source", "type") == "directory"
58
+
56
59
  if locked_details&.dig("source", "type") == "git"
57
60
  poetry_object[key][dep_name] = {
58
61
  "git" => locked_details&.dig("source", "url"),
@@ -69,6 +72,7 @@ module Dependabot
69
72
  TomlRB.dump(pyproject_object)
70
73
  end
71
74
  # rubocop:enable Metrics/PerceivedComplexity
75
+ # rubocop:enable Metrics/CyclomaticComplexity
72
76
 
73
77
  private
74
78
 
data/lib/dependabot/python/python_versions.rb CHANGED
@@ -4,13 +4,13 @@ module Dependabot
4
4
  module Python
5
5
  module PythonVersions
6
6
  PRE_INSTALLED_PYTHON_VERSIONS = %w(
7
- 3.8.3 2.7.18
7
+ 3.8.5 2.7.18
8
8
  ).freeze
9
9
 
10
10
  # Due to an OpenSSL issue we can only install the following versions in
11
11
  # the Dependabot container.
12
12
  SUPPORTED_VERSIONS = %w(
13
- 3.8.3 3.8.2 3.8.1 3.8.0
13
+ 3.8.5 3.8.4 3.8.3 3.8.2 3.8.1 3.8.0
14
14
  3.7.7 3.7.6 3.7.5 3.7.4 3.7.3 3.7.2 3.7.1 3.7.0
15
15
  3.6.9 3.6.8 3.6.7 3.6.6 3.6.5 3.6.4 3.6.3 3.6.2 3.6.1 3.6.0
16
16
  3.5.7 3.5.6 3.5.5 3.5.4 3.5.3
data/lib/dependabot/python/version.rb CHANGED
@@ -114,7 +114,6 @@ module Dependabot
114
114
  # TODO: Delete this once we're using a version of Rubygems that includes
115
115
  # https://github.com/rubygems/rubygems/pull/2651
116
116
  #
117
- # rubocop:disable Metrics/CyclomaticComplexity
118
117
  # rubocop:disable Metrics/PerceivedComplexity
119
118
  # rubocop:disable Style/CaseEquality
120
119
  # rubocop:disable Layout/LineLength
@@ -146,7 +145,6 @@ module Dependabot
146
145
 
147
146
  return 0
148
147
  end
149
- # rubocop:enable Metrics/CyclomaticComplexity
150
148
  # rubocop:enable Metrics/PerceivedComplexity
151
149
  # rubocop:enable Style/CaseEquality
152
150
  # rubocop:enable Layout/LineLength
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.118.4
4
+ version: 0.118.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-19 00:00:00.000000000 Z
11
+ date: 2020-08-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.118.4
19
+ version: 0.118.10
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.118.4
26
+ version: 0.118.10
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -94,34 +94,20 @@ dependencies:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
96
  version: '1.2'
97
- - !ruby/object:Gem::Dependency
98
- name: rspec_junit_formatter
99
- requirement: !ruby/object:Gem::Requirement
100
- requirements:
101
- - - "~>"
102
- - !ruby/object:Gem::Version
103
- version: '0.4'
104
- type: :development
105
- prerelease: false
106
- version_requirements: !ruby/object:Gem::Requirement
107
- requirements:
108
- - - "~>"
109
- - !ruby/object:Gem::Version
110
- version: '0.4'
111
97
  - !ruby/object:Gem::Dependency
112
98
  name: rubocop
113
99
  requirement: !ruby/object:Gem::Requirement
114
100
  requirements:
115
101
  - - "~>"
116
102
  - !ruby/object:Gem::Version
117
- version: 0.85.0
103
+ version: 0.88.0
118
104
  type: :development
119
105
  prerelease: false
120
106
  version_requirements: !ruby/object:Gem::Requirement
121
107
  requirements:
122
108
  - - "~>"
123
109
  - !ruby/object:Gem::Version
124
- version: 0.85.0
110
+ version: 0.88.0
125
111
  - !ruby/object:Gem::Dependency
126
112
  name: vcr
127
113
  requirement: !ruby/object:Gem::Requirement
@@ -215,7 +201,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
215
201
  - !ruby/object:Gem::Version
216
202
  version: 2.5.0
217
203
  requirements: []
218
- rubygems_version: 3.0.3
204
+ rubygems_version: 3.1.2
219
205
  signing_key:
220
206
  specification_version: 4
221
207
  summary: Python support for dependabot