dependabot-python 0.119.0.beta1 → 0.119.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 84b93ec627bd617f9e3b101d3a080d0360ce03687921e2e7a9f18269f05443e4
|
|
4
|
+
data.tar.gz: 1540bd63155f250dff52f2488e8310a5c68d5f4fb4d2b64065876760bf36fc9d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 652148d29cbbee475593db5e2d546a32d8a5d36e7311b68d74184205aa80eca44eaeec6dcaba42eacd3c441ea103bfd9b08608b5c8b467ac03a5553903fe900a
|
|
7
|
+
data.tar.gz: ffb6daa592bca2618ab5d57e62ad687da41eee41737cfac243cffde4315e8affc304df8813d794cd0c045e68a75b3d235d58676f1b04a9a2040f67eccb7b941c
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.119.0
|
|
4
|
+
version: 0.119.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-08-
|
|
11
|
+
date: 2020-08-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.119.0
|
|
19
|
+
version: 0.119.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.119.0
|
|
26
|
+
version: 0.119.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -144,11 +144,6 @@ extensions: []
|
|
|
144
144
|
extra_rdoc_files: []
|
|
145
145
|
files:
|
|
146
146
|
- helpers/build
|
|
147
|
-
- helpers/install-dir/python/lib/__init__.py
|
|
148
|
-
- helpers/install-dir/python/lib/hasher.py
|
|
149
|
-
- helpers/install-dir/python/lib/parser.py
|
|
150
|
-
- helpers/install-dir/python/requirements.txt
|
|
151
|
-
- helpers/install-dir/python/run.py
|
|
152
147
|
- helpers/lib/__init__.py
|
|
153
148
|
- helpers/lib/hasher.py
|
|
154
149
|
- helpers/lib/parser.py
|
|
@@ -191,7 +186,7 @@ homepage: https://github.com/dependabot/dependabot-core
|
|
|
191
186
|
licenses:
|
|
192
187
|
- Nonstandard
|
|
193
188
|
metadata: {}
|
|
194
|
-
post_install_message:
|
|
189
|
+
post_install_message:
|
|
195
190
|
rdoc_options: []
|
|
196
191
|
require_paths:
|
|
197
192
|
- lib
|
|
@@ -206,8 +201,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
206
201
|
- !ruby/object:Gem::Version
|
|
207
202
|
version: 2.5.0
|
|
208
203
|
requirements: []
|
|
209
|
-
rubygems_version: 3.1.
|
|
210
|
-
signing_key:
|
|
204
|
+
rubygems_version: 3.1.2
|
|
205
|
+
signing_key:
|
|
211
206
|
specification_version: 4
|
|
212
207
|
summary: Python support for dependabot
|
|
213
208
|
test_files: []
|
|
File without changes
|
|
@@ -1,24 +0,0 @@
|
|
|
1
|
-
import hashin
|
|
2
|
-
import json
|
|
3
|
-
import pipfile
|
|
4
|
-
from poetry.poetry import Poetry
|
|
5
|
-
from poetry.factory import Factory
|
|
6
|
-
|
|
7
|
-
def get_dependency_hash(dependency_name, dependency_version, algorithm):
|
|
8
|
-
hashes = hashin.get_package_hashes(
|
|
9
|
-
dependency_name,
|
|
10
|
-
version=dependency_version,
|
|
11
|
-
algorithm=algorithm
|
|
12
|
-
)
|
|
13
|
-
|
|
14
|
-
return json.dumps({ "result": hashes["hashes"] })
|
|
15
|
-
|
|
16
|
-
def get_pipfile_hash(directory):
|
|
17
|
-
p = pipfile.load(directory + '/Pipfile')
|
|
18
|
-
|
|
19
|
-
return json.dumps({ "result": p.hash })
|
|
20
|
-
|
|
21
|
-
def get_pyproject_hash(directory):
|
|
22
|
-
p = Factory().create_poetry(directory)
|
|
23
|
-
|
|
24
|
-
return json.dumps({ "result": p.locker._get_content_hash() })
|
|
@@ -1,138 +0,0 @@
|
|
|
1
|
-
from itertools import chain
|
|
2
|
-
import glob
|
|
3
|
-
import io
|
|
4
|
-
import json
|
|
5
|
-
import optparse
|
|
6
|
-
import os.path
|
|
7
|
-
import re
|
|
8
|
-
|
|
9
|
-
import setuptools
|
|
10
|
-
import pip._internal.req.req_file
|
|
11
|
-
from pip._internal.network.session import PipSession
|
|
12
|
-
from pip._internal.models.format_control import FormatControl
|
|
13
|
-
from pip._internal.req.constructors import (
|
|
14
|
-
install_req_from_line,
|
|
15
|
-
install_req_from_parsed_requirement,
|
|
16
|
-
)
|
|
17
|
-
|
|
18
|
-
def parse_requirements(directory):
|
|
19
|
-
# Parse the requirements.txt
|
|
20
|
-
requirement_packages = []
|
|
21
|
-
requirement_files = glob.glob(os.path.join(directory, '*.txt')) \
|
|
22
|
-
+ glob.glob(os.path.join(directory, '**', '*.txt'))
|
|
23
|
-
|
|
24
|
-
pip_compile_files = glob.glob(os.path.join(directory, '*.in')) \
|
|
25
|
-
+ glob.glob(os.path.join(directory, '**', '*.in'))
|
|
26
|
-
|
|
27
|
-
def version_from_install_req(install_req):
|
|
28
|
-
if install_req.is_pinned:
|
|
29
|
-
return next(iter(install_req.specifier)).version
|
|
30
|
-
|
|
31
|
-
for reqs_file in requirement_files + pip_compile_files:
|
|
32
|
-
try:
|
|
33
|
-
requirements = pip._internal.req.req_file.parse_requirements(
|
|
34
|
-
reqs_file,
|
|
35
|
-
session=PipSession()
|
|
36
|
-
)
|
|
37
|
-
for parsed_req in requirements:
|
|
38
|
-
install_req = install_req_from_parsed_requirement(parsed_req)
|
|
39
|
-
if install_req.original_link:
|
|
40
|
-
continue
|
|
41
|
-
|
|
42
|
-
pattern = r"-[cr] (.*) \(line \d+\)"
|
|
43
|
-
abs_path = re.search(pattern, install_req.comes_from).group(1)
|
|
44
|
-
rel_path = os.path.relpath(abs_path, directory)
|
|
45
|
-
|
|
46
|
-
requirement_packages.append({
|
|
47
|
-
"name": install_req.req.name,
|
|
48
|
-
"version": version_from_install_req(install_req),
|
|
49
|
-
"markers": str(install_req.markers) or None,
|
|
50
|
-
"file": rel_path,
|
|
51
|
-
"requirement": str(install_req.specifier) or None,
|
|
52
|
-
"extras": sorted(list(install_req.extras))
|
|
53
|
-
})
|
|
54
|
-
except Exception as e:
|
|
55
|
-
print(json.dumps({ "error": repr(e) }))
|
|
56
|
-
exit(1)
|
|
57
|
-
|
|
58
|
-
return json.dumps({ "result": requirement_packages })
|
|
59
|
-
|
|
60
|
-
def parse_setup(directory):
|
|
61
|
-
# Parse the setup.py
|
|
62
|
-
setup_packages = []
|
|
63
|
-
if os.path.isfile(directory + '/setup.py'):
|
|
64
|
-
def version_from_install_req(install_req):
|
|
65
|
-
if install_req.is_pinned:
|
|
66
|
-
return next(iter(install_req.specifier)).version
|
|
67
|
-
|
|
68
|
-
def parse_requirement(req, req_type):
|
|
69
|
-
install_req = install_req_from_line(req)
|
|
70
|
-
if install_req.original_link:
|
|
71
|
-
return
|
|
72
|
-
|
|
73
|
-
setup_packages.append({
|
|
74
|
-
"name": install_req.req.name,
|
|
75
|
-
"version": version_from_install_req(install_req),
|
|
76
|
-
"markers": str(install_req.markers) or None,
|
|
77
|
-
"file": "setup.py",
|
|
78
|
-
"requirement": str(install_req.specifier) or None,
|
|
79
|
-
"requirement_type": req_type,
|
|
80
|
-
"extras": sorted(list(install_req.extras))
|
|
81
|
-
})
|
|
82
|
-
|
|
83
|
-
def setup(*args, **kwargs):
|
|
84
|
-
for arg in ['setup_requires', 'install_requires', 'tests_require']:
|
|
85
|
-
if not kwargs.get(arg):
|
|
86
|
-
continue
|
|
87
|
-
for req in kwargs.get(arg):
|
|
88
|
-
parse_requirement(req, arg)
|
|
89
|
-
extras_require_dict = kwargs.get('extras_require', {})
|
|
90
|
-
for key in extras_require_dict:
|
|
91
|
-
for req in extras_require_dict[key]:
|
|
92
|
-
parse_requirement(req, 'extras_require:{}'.format(key))
|
|
93
|
-
setuptools.setup = setup
|
|
94
|
-
|
|
95
|
-
def noop(*args, **kwargs):
|
|
96
|
-
pass
|
|
97
|
-
|
|
98
|
-
def fake_parse(*args, **kwargs):
|
|
99
|
-
return []
|
|
100
|
-
|
|
101
|
-
global fake_open
|
|
102
|
-
def fake_open(*args, **kwargs):
|
|
103
|
-
content = ("VERSION = ('0', '0', '1+dependabot')\n"
|
|
104
|
-
"__version__ = '0.0.1+dependabot'\n"
|
|
105
|
-
"__author__ = 'someone'\n"
|
|
106
|
-
"__title__ = 'something'\n"
|
|
107
|
-
"__description__ = 'something'\n"
|
|
108
|
-
"__author_email__ = 'something'\n"
|
|
109
|
-
"__license__ = 'something'\n"
|
|
110
|
-
"__url__ = 'something'\n")
|
|
111
|
-
return io.StringIO(content)
|
|
112
|
-
|
|
113
|
-
content = open(directory + '/setup.py', 'r').read()
|
|
114
|
-
|
|
115
|
-
# Remove `print`, `open`, `log` and import statements
|
|
116
|
-
content = re.sub(r"print\s*\(", "noop(", content)
|
|
117
|
-
content = re.sub(r"log\s*(\.\w+)*\(", "noop(", content)
|
|
118
|
-
content = re.sub(r"\b(\w+\.)*(open|file)\s*\(", "fake_open(", content)
|
|
119
|
-
content = content.replace("parse_requirements(", "fake_parse(")
|
|
120
|
-
version_re = re.compile(r"^.*import.*__version__.*$", re.MULTILINE)
|
|
121
|
-
content = re.sub(version_re, "", content)
|
|
122
|
-
|
|
123
|
-
# Set variables likely to be imported
|
|
124
|
-
__version__ = '0.0.1+dependabot'
|
|
125
|
-
__author__ = 'someone'
|
|
126
|
-
__title__ = 'something'
|
|
127
|
-
__description__ = 'something'
|
|
128
|
-
__author_email__ = 'something'
|
|
129
|
-
__license__ = 'something'
|
|
130
|
-
__url__ = 'something'
|
|
131
|
-
|
|
132
|
-
# Run as main (since setup.py is a script)
|
|
133
|
-
__name__ = '__main__'
|
|
134
|
-
|
|
135
|
-
# Exec the setup.py
|
|
136
|
-
exec(content) in globals(), locals()
|
|
137
|
-
|
|
138
|
-
return json.dumps({ "result": setup_packages })
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
import sys
|
|
2
|
-
import json
|
|
3
|
-
|
|
4
|
-
from lib import parser, hasher
|
|
5
|
-
|
|
6
|
-
if __name__ == "__main__":
|
|
7
|
-
args = json.loads(sys.stdin.read())
|
|
8
|
-
|
|
9
|
-
if args["function"] == "parse_requirements":
|
|
10
|
-
print(parser.parse_requirements(args["args"][0]))
|
|
11
|
-
if args["function"] == "parse_setup":
|
|
12
|
-
print(parser.parse_setup(args["args"][0]))
|
|
13
|
-
elif args["function"] == "get_dependency_hash":
|
|
14
|
-
print(hasher.get_dependency_hash(*args["args"]))
|
|
15
|
-
elif args["function"] == "get_pipfile_hash":
|
|
16
|
-
print(hasher.get_pipfile_hash(*args["args"]))
|
|
17
|
-
elif args["function"] == "get_pyproject_hash":
|
|
18
|
-
print(hasher.get_pyproject_hash(*args["args"]))
|