dependabot-python 0.119.0 → 0.119.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 84b93ec627bd617f9e3b101d3a080d0360ce03687921e2e7a9f18269f05443e4
4
- data.tar.gz: 1540bd63155f250dff52f2488e8310a5c68d5f4fb4d2b64065876760bf36fc9d
3
+ metadata.gz: 4a1041f59aa8f3cd0dcec834a41a72efdfe4ae59fbbe1b396316ad709b6e770d
4
+ data.tar.gz: 75553b63dfe8f6b94847825a129a932b3c74efe097f768827baeee22a1c4eefe
5
5
  SHA512:
6
- metadata.gz: 652148d29cbbee475593db5e2d546a32d8a5d36e7311b68d74184205aa80eca44eaeec6dcaba42eacd3c441ea103bfd9b08608b5c8b467ac03a5553903fe900a
7
- data.tar.gz: ffb6daa592bca2618ab5d57e62ad687da41eee41737cfac243cffde4315e8affc304df8813d794cd0c045e68a75b3d235d58676f1b04a9a2040f67eccb7b941c
6
+ metadata.gz: 5f62732fdf96d0acddc61e5255613c41d5e3f26f51d235405c9b611de74751a7989e30135a28d576f8b9838bd1c2a7be1266872243998b9f6b1aa0869deaa39d
7
+ data.tar.gz: '08beae963dc586c4df999c41286dd7d274561d7a8d5c1643adc102c3f176ee73a3d5c17655971b7ce4d7462e0e1b8e44b394f104cd363f2739dfbd6c10e4b421'
@@ -3,7 +3,7 @@ pip-tools==5.3.1
3
3
  hashin==0.15.0
4
4
  pipenv==2018.11.26
5
5
  pipfile==0.0.2
6
- poetry==1.0.9
6
+ poetry==1.0.10
7
7
 
8
8
  # Some dependencies will only install if Cython is present
9
9
  Cython==0.29.21
@@ -3,7 +3,6 @@
3
3
  module Dependabot
4
4
  module Python
5
5
  class AuthedUrlBuilder
6
- # rubocop:disable Metrics/PerceivedComplexity
7
6
  def self.authed_url(credential:)
8
7
  token = credential.fetch("token", nil)
9
8
  url = credential.fetch("index-url")
@@ -24,7 +23,6 @@ module Dependabot
24
23
 
25
24
  url.sub("://", "://#{basic_auth_details}@")
26
25
  end
27
- # rubocop:enable Metrics/PerceivedComplexity
28
26
  end
29
27
  end
30
28
  end
@@ -350,14 +350,14 @@ module Dependabot
350
350
  def parse_path_setup_paths(req_file)
351
351
  uneditable_reqs =
352
352
  req_file.content.
353
- scan(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/).
353
+ scan(/^['"]?(?:file:)?(?<path>\..*?)(?=\[|#|'|"|$)/).
354
354
  flatten.
355
355
  map(&:strip).
356
356
  reject { |p| p.include?("://") }
357
357
 
358
358
  editable_reqs =
359
359
  req_file.content.
360
- scan(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/).
360
+ scan(/^(?:-e)\s+['"]?(?:file:)?(?<path>.*?)(?=\[|#|'|"|$)/).
361
361
  flatten.
362
362
  map(&:strip).
363
363
  reject { |p| p.include?("://") || p.include?("git@") }
@@ -44,6 +44,7 @@ module Dependabot
44
44
 
45
45
  private
46
46
 
47
+ # rubocop:disable Metrics/PerceivedComplexity
47
48
  def resolver_type
48
49
  reqs = dependencies.flat_map(&:requirements)
49
50
  changed_reqs = reqs.zip(dependencies.flat_map(&:previous_requirements)).
@@ -64,6 +65,7 @@ module Dependabot
64
65
 
65
66
  :requirements
66
67
  end
68
+ # rubocop:enable Metrics/PerceivedComplexity
67
69
 
68
70
  def subdependency_resolver
69
71
  return :pipfile if pipfile_lock
@@ -142,6 +142,7 @@ module Dependabot
142
142
  freeze_top_level_dependencies_except(dependencies)
143
143
  end
144
144
 
145
+ # rubocop:disable Metrics/PerceivedComplexity
145
146
  def freeze_dependencies_being_updated(pipfile_content)
146
147
  pipfile_object = TomlRB.parse(pipfile_content)
147
148
 
@@ -163,6 +164,7 @@ module Dependabot
163
164
 
164
165
  TomlRB.dump(pipfile_object)
165
166
  end
167
+ # rubocop:enable Metrics/PerceivedComplexity
166
168
 
167
169
  def subdep_type?(type)
168
170
  return false if dependency.top_level?
@@ -46,7 +46,6 @@ module Dependabot
46
46
  TomlRB.dump(pipfile_object)
47
47
  end
48
48
 
49
- # rubocop:disable Metrics/PerceivedComplexity
50
49
  def freeze_dependency(dep_name, pipfile_object, keys)
51
50
  locked_version = version_from_lockfile(
52
51
  keys[:lockfile],
@@ -66,7 +65,6 @@ module Dependabot
66
65
  pipfile_object[keys[:pipfile]][dep_name] = "==#{locked_version}"
67
66
  end
68
67
  end
69
- # rubocop:enable Metrics/PerceivedComplexity
70
68
 
71
69
  def update_python_requirement(requirement)
72
70
  pipfile_object = TomlRB.parse(pipfile_content)
@@ -36,7 +36,7 @@ module Dependabot
36
36
  end
37
37
 
38
38
  # rubocop:disable Metrics/PerceivedComplexity
39
- # rubocop:disable Metrics/CyclomaticComplexity
39
+ # rubocop:disable Metrics/AbcSize
40
40
  def freeze_top_level_dependencies_except(dependencies)
41
41
  return pyproject_content unless lockfile
42
42
 
@@ -71,8 +71,8 @@ module Dependabot
71
71
 
72
72
  TomlRB.dump(pyproject_object)
73
73
  end
74
+ # rubocop:enable Metrics/AbcSize
74
75
  # rubocop:enable Metrics/PerceivedComplexity
75
- # rubocop:enable Metrics/CyclomaticComplexity
76
76
 
77
77
  private
78
78
 
@@ -30,8 +30,8 @@ module Dependabot
30
30
  updated_dependency_declaration_string
31
31
  end
32
32
 
33
- unless old_requirement == new_requirement
34
- raise "Expected content to change!" if content == updated_content
33
+ if old_requirement != new_requirement && content == updated_content
34
+ raise "Expected content to change!"
35
35
  end
36
36
 
37
37
  updated_content
@@ -100,7 +100,7 @@ module Dependabot
100
100
  def convert_caret_req(req_string)
101
101
  version = req_string.gsub(/^\^/, "")
102
102
  parts = version.split(".")
103
- parts = parts.fill(0, parts.length...3)
103
+ parts.fill(0, parts.length...3)
104
104
  first_non_zero = parts.find { |d| d != "0" }
105
105
  first_non_zero_index =
106
106
  first_non_zero ? parts.index(first_non_zero) : parts.count - 1
@@ -166,6 +166,7 @@ module Dependabot
166
166
  end
167
167
  end
168
168
 
169
+ # rubocop:disable Metrics/PerceivedComplexity
169
170
  def version_details_from_link(link)
170
171
  doc = Nokogiri::XML(link)
171
172
  filename = doc.at_css("a")&.content
@@ -181,6 +182,7 @@ module Dependabot
181
182
  yanked: link&.include?("data-yanked")
182
183
  }
183
184
  end
185
+ # rubocop:enable Metrics/PerceivedComplexity
184
186
 
185
187
  def get_version_from_filename(filename)
186
188
  filename.
@@ -97,7 +97,6 @@ module Dependabot
97
97
  end
98
98
  end
99
99
 
100
- # rubocop:disable Metrics/PerceivedComplexity
101
100
  # rubocop:disable Metrics/AbcSize
102
101
  def handle_pip_compile_errors(error)
103
102
  if error.message.include?("Could not find a version")
@@ -114,11 +113,14 @@ module Dependabot
114
113
  check_original_requirements_resolvable
115
114
  end
116
115
 
117
- if error.message.include?('Command "python setup.py egg_info') ||
118
- error.message.include?("exit status 1: python setup.py egg_info")
116
+ if (error.message.include?('Command "python setup.py egg_info') ||
117
+ error.message.include?(
118
+ "exit status 1: python setup.py egg_info"
119
+ )) &&
120
+ check_original_requirements_resolvable
119
121
  # The latest version of the dependency we're updating is borked
120
122
  # (because it has an unevaluatable setup.py). Skip the update.
121
- return if check_original_requirements_resolvable
123
+ return
122
124
  end
123
125
 
124
126
  if error.message.include?("Could not find a version ") &&
@@ -143,7 +145,6 @@ module Dependabot
143
145
  raise
144
146
  end
145
147
 
146
- # rubocop:enable Metrics/PerceivedComplexity
147
148
  # rubocop:enable Metrics/AbcSize
148
149
 
149
150
  # Needed because pip-compile's resolver isn't perfect.
@@ -152,11 +152,14 @@ module Dependabot
152
152
  check_original_requirements_resolvable
153
153
  end
154
154
 
155
- if error.message.include?('Command "python setup.py egg_info"') ||
156
- error.message.include?("exit status 1: python setup.py egg_info")
155
+ if (error.message.include?('Command "python setup.py egg_info"') ||
156
+ error.message.include?(
157
+ "exit status 1: python setup.py egg_info"
158
+ )) &&
159
+ check_original_requirements_resolvable
157
160
  # The latest version of the dependency we're updating is borked
158
161
  # (because it has an unevaluatable setup.py). Skip the update.
159
- return if check_original_requirements_resolvable
162
+ return
160
163
  end
161
164
 
162
165
  if error.message.include?("UnsupportedPythonVersion") &&
@@ -332,6 +335,7 @@ module Dependabot
332
335
  freeze_top_level_dependencies_except([dependency])
333
336
  end
334
337
 
338
+ # rubocop:disable Metrics/PerceivedComplexity
335
339
  def set_target_dependency_req(pipfile_content, updated_requirement)
336
340
  return pipfile_content unless updated_requirement
337
341
 
@@ -352,6 +356,7 @@ module Dependabot
352
356
 
353
357
  TomlRB.dump(pipfile_object)
354
358
  end
359
+ # rubocop:enable Metrics/PerceivedComplexity
355
360
 
356
361
  def subdep_type?(type)
357
362
  return false if dependency.top_level?
@@ -22,12 +22,18 @@ module Dependabot
22
22
  class UpdateChecker
23
23
  # This class does version resolution for pyproject.toml files.
24
24
  class PoetryVersionResolver
25
- GIT_REFERENCE_NOT_FOUND_REGEX =
26
- /'git'.*pypoetry-git-(?<name>.+?).{8}','checkout','(?<tag>.+?)'/.
27
- freeze
28
- GIT_DEPENDENCY_UNREACHABLE_REGEX =
29
- /'\['git',\s+'clone',\s+'(?<url>.+?)'.*\s+exit\s+status\s+128/m.
30
- freeze
25
+ GIT_REFERENCE_NOT_FOUND_REGEX = /
26
+ 'git'.*pypoetry-git-(?<name>.+?).{8}',
27
+ 'checkout',
28
+ '(?<tag>.+?)'
29
+ /x.freeze
30
+ GIT_DEPENDENCY_UNREACHABLE_REGEX = /
31
+ '\['git',
32
+ \s+'clone',
33
+ \s+'--recurse-submodules',
34
+ \s+'(?<url>.+?)'.*
35
+ \s+exit\s+status\s+128
36
+ /mx.freeze
31
37
 
32
38
  attr_reader :dependency, :dependency_files, :credentials
33
39
 
@@ -252,6 +258,7 @@ module Dependabot
252
258
  freeze_top_level_dependencies_except([dependency])
253
259
  end
254
260
 
261
+ # rubocop:disable Metrics/PerceivedComplexity
255
262
  def set_target_dependency_req(pyproject_content, updated_requirement)
256
263
  return pyproject_content unless updated_requirement
257
264
 
@@ -278,6 +285,7 @@ module Dependabot
278
285
 
279
286
  TomlRB.dump(pyproject_object)
280
287
  end
288
+ # rubocop:enable Metrics/PerceivedComplexity
281
289
 
282
290
  def subdep_type
283
291
  category =
@@ -73,7 +73,6 @@ module Dependabot
73
73
  updated_requirement(req)
74
74
  end
75
75
 
76
- # rubocop:disable Metrics/PerceivedComplexity
77
76
  def updated_pyproject_requirement(req)
78
77
  return req unless latest_resolvable_version
79
78
  return req unless req.fetch(:requirement)
@@ -99,8 +98,6 @@ module Dependabot
99
98
  req.merge(requirement: :unfixable)
100
99
  end
101
100
 
102
- # rubocop:enable Metrics/PerceivedComplexity
103
-
104
101
  def update_pyproject_version(req)
105
102
  requirement_strings = req[:requirement].split(",").map(&:strip)
106
103
 
@@ -160,6 +157,7 @@ module Dependabot
160
157
  "#{req_string.strip} || #{new_option.strip}"
161
158
  end
162
159
 
160
+ # rubocop:disable Metrics/PerceivedComplexity
163
161
  def widen_requirement_range(req_string)
164
162
  requirement_strings = req_string.split(",").map(&:strip)
165
163
 
@@ -179,6 +177,7 @@ module Dependabot
179
177
  update_requirements_range(requirement_strings)
180
178
  end
181
179
  end
180
+ # rubocop:enable Metrics/PerceivedComplexity
182
181
 
183
182
  # rubocop:disable Metrics/PerceivedComplexity
184
183
  def updated_requirement(req)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.119.0
4
+ version: 0.119.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-26 00:00:00.000000000 Z
11
+ date: 2020-09-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.119.0
19
+ version: 0.119.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.119.0
26
+ version: 0.119.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 0.88.0
103
+ version: 0.90.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 0.88.0
110
+ version: 0.90.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: vcr
113
113
  requirement: !ruby/object:Gem::Requirement