dependabot-python 0.119.1 → 0.119.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fdab726baec43a67d4003598b7f41dedacea6bf225ffba1094611d0bc1c7fe29
-  data.tar.gz: e6bff6b822b2fc03f0955981b106c0b64502234510b81253adcb0a632db43b16
+  metadata.gz: d06cc0493e384b4156b2882654820dce32fe9b86e8052941cb908ab9e413299e
+  data.tar.gz: fc6ae7eb998282fea39189db9260f5025dda112a885714d1580c56a411d857da
 SHA512:
-  metadata.gz: edfe88d1500ddeabec9815a07fea7e69434a6bbf58166f026ab48a7b9cbacef470e38e29f75d07609204e70d91e648a0ec7a7ad5c9d8a62ce979383944947adc
-  data.tar.gz: 64a74aa9083a6dddbada1c7eb04c7f6eaa146e8b4f7d411468d9e1139cc5cf7b920b03ff13ad4115f6af46908d3d631eca5767a97b30999b6bcbb9be77bb1bfa
+  metadata.gz: ff7c653ba55c0ef7e9d3cabc41bdaf0cdbb9306f2953afcbdc09b11913b0c16e2d213bf09a4794a2c83266dbd0115acb1ffa737c5ba449691c45c2ed3b8c0f5b
+  data.tar.gz: 7d3d0ab6c559a9c9eb2c1680b48a57d9a6443af54b83aa3b3b686530e28548bbacd5413e349a138fcb8eec14dcaa1e0b849f4b607d7e616c6a4349315bf0f197

data/lib/dependabot/python/authed_url_builder.rb

@@ -3,7 +3,6 @@
 module Dependabot
   module Python
     class AuthedUrlBuilder
-      # rubocop:disable Metrics/PerceivedComplexity
       def self.authed_url(credential:)
         token = credential.fetch("token", nil)
         url = credential.fetch("index-url")
@@ -24,7 +23,6 @@ module Dependabot
 
         url.sub("://", "://#{basic_auth_details}@")
       end
-      # rubocop:enable Metrics/PerceivedComplexity
     end
   end
 end

data/lib/dependabot/python/file_fetcher.rb

@@ -350,14 +350,14 @@ module Dependabot
       def parse_path_setup_paths(req_file)
         uneditable_reqs =
           req_file.content.
-          scan(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/).
+          scan(/^['"]?(?:file:)?(?<path>\..*?)(?=\[|#|'|"|$)/).
           flatten.
           map(&:strip).
           reject { |p| p.include?("://") }
 
         editable_reqs =
           req_file.content.
-          scan(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/).
+          scan(/^(?:-e)\s+['"]?(?:file:)?(?<path>.*?)(?=\[|#|'|"|$)/).
           flatten.
           map(&:strip).
           reject { |p| p.include?("://") || p.include?("git@") }

data/lib/dependabot/python/file_updater.rb

@@ -44,6 +44,7 @@ module Dependabot
 
       private
 
+      # rubocop:disable Metrics/PerceivedComplexity
       def resolver_type
         reqs = dependencies.flat_map(&:requirements)
         changed_reqs = reqs.zip(dependencies.flat_map(&:previous_requirements)).
@@ -64,6 +65,7 @@ module Dependabot
 
         :requirements
       end
+      # rubocop:enable Metrics/PerceivedComplexity
 
       def subdependency_resolver
         return :pipfile if pipfile_lock

data/lib/dependabot/python/file_updater/pipfile_file_updater.rb

@@ -142,6 +142,7 @@ module Dependabot
             freeze_top_level_dependencies_except(dependencies)
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def freeze_dependencies_being_updated(pipfile_content)
           pipfile_object = TomlRB.parse(pipfile_content)
 
@@ -163,6 +164,7 @@ module Dependabot
 
           TomlRB.dump(pipfile_object)
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def subdep_type?(type)
           return false if dependency.top_level?

data/lib/dependabot/python/file_updater/pipfile_preparer.rb

@@ -46,7 +46,6 @@ module Dependabot
           TomlRB.dump(pipfile_object)
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def freeze_dependency(dep_name, pipfile_object, keys)
           locked_version = version_from_lockfile(
             keys[:lockfile],
@@ -66,7 +65,6 @@ module Dependabot
             pipfile_object[keys[:pipfile]][dep_name] = "==#{locked_version}"
           end
         end
-        # rubocop:enable Metrics/PerceivedComplexity
 
         def update_python_requirement(requirement)
           pipfile_object = TomlRB.parse(pipfile_content)

data/lib/dependabot/python/file_updater/pyproject_preparer.rb

@@ -36,7 +36,7 @@ module Dependabot
         end
 
         # rubocop:disable Metrics/PerceivedComplexity
-        # rubocop:disable Metrics/CyclomaticComplexity
+        # rubocop:disable Metrics/AbcSize
         def freeze_top_level_dependencies_except(dependencies)
           return pyproject_content unless lockfile
 
@@ -71,8 +71,8 @@ module Dependabot
 
           TomlRB.dump(pyproject_object)
         end
+        # rubocop:enable Metrics/AbcSize
         # rubocop:enable Metrics/PerceivedComplexity
-        # rubocop:enable Metrics/CyclomaticComplexity
 
         private
 

data/lib/dependabot/python/file_updater/requirement_replacer.rb

@@ -30,8 +30,8 @@ module Dependabot
               updated_dependency_declaration_string
             end
 
-          unless old_requirement == new_requirement
-            raise "Expected content to change!" if content == updated_content
+          if old_requirement != new_requirement && content == updated_content
+            raise "Expected content to change!"
           end
 
           updated_content

data/lib/dependabot/python/requirement.rb

@@ -100,7 +100,7 @@ module Dependabot
       def convert_caret_req(req_string)
         version = req_string.gsub(/^\^/, "")
         parts = version.split(".")
-        parts = parts.fill(0, parts.length...3)
+        parts.fill(0, parts.length...3)
         first_non_zero = parts.find { |d| d != "0" }
         first_non_zero_index =
           first_non_zero ? parts.index(first_non_zero) : parts.count - 1

data/lib/dependabot/python/update_checker/latest_version_finder.rb

@@ -166,6 +166,7 @@ module Dependabot
             end
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def version_details_from_link(link)
           doc = Nokogiri::XML(link)
           filename = doc.at_css("a")&.content
@@ -181,6 +182,7 @@ module Dependabot
             yanked: link&.include?("data-yanked")
           }
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def get_version_from_filename(filename)
           filename.

data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb

@@ -97,7 +97,6 @@ module Dependabot
             end
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         # rubocop:disable Metrics/AbcSize
         def handle_pip_compile_errors(error)
           if error.message.include?("Could not find a version")
@@ -114,11 +113,14 @@ module Dependabot
             check_original_requirements_resolvable
           end
 
-          if error.message.include?('Command "python setup.py egg_info') ||
-             error.message.include?("exit status 1: python setup.py egg_info")
+          if (error.message.include?('Command "python setup.py egg_info') ||
+              error.message.include?(
+                "exit status 1: python setup.py egg_info"
+              )) &&
+             check_original_requirements_resolvable
             # The latest version of the dependency we're updating is borked
             # (because it has an unevaluatable setup.py). Skip the update.
-            return if check_original_requirements_resolvable
+            return
           end
 
           if error.message.include?("Could not find a version ") &&
@@ -143,7 +145,6 @@ module Dependabot
           raise
         end
 
-        # rubocop:enable Metrics/PerceivedComplexity
         # rubocop:enable Metrics/AbcSize
 
         # Needed because pip-compile's resolver isn't perfect.

data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb

@@ -152,11 +152,14 @@ module Dependabot
             check_original_requirements_resolvable
           end
 
-          if error.message.include?('Command "python setup.py egg_info"') ||
-             error.message.include?("exit status 1: python setup.py egg_info")
+          if (error.message.include?('Command "python setup.py egg_info"') ||
+              error.message.include?(
+                "exit status 1: python setup.py egg_info"
+              )) &&
+             check_original_requirements_resolvable
             # The latest version of the dependency we're updating is borked
             # (because it has an unevaluatable setup.py). Skip the update.
-            return if check_original_requirements_resolvable
+            return
           end
 
           if error.message.include?("UnsupportedPythonVersion") &&
@@ -332,6 +335,7 @@ module Dependabot
             freeze_top_level_dependencies_except([dependency])
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def set_target_dependency_req(pipfile_content, updated_requirement)
           return pipfile_content unless updated_requirement
 
@@ -352,6 +356,7 @@ module Dependabot
 
           TomlRB.dump(pipfile_object)
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def subdep_type?(type)
           return false if dependency.top_level?

data/lib/dependabot/python/update_checker/poetry_version_resolver.rb

@@ -258,6 +258,7 @@ module Dependabot
             freeze_top_level_dependencies_except([dependency])
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def set_target_dependency_req(pyproject_content, updated_requirement)
           return pyproject_content unless updated_requirement
 
@@ -284,6 +285,7 @@ module Dependabot
 
           TomlRB.dump(pyproject_object)
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def subdep_type
           category =

data/lib/dependabot/python/update_checker/requirements_updater.rb

@@ -73,7 +73,6 @@ module Dependabot
           updated_requirement(req)
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def updated_pyproject_requirement(req)
           return req unless latest_resolvable_version
           return req unless req.fetch(:requirement)
@@ -99,8 +98,6 @@ module Dependabot
           req.merge(requirement: :unfixable)
         end
 
-        # rubocop:enable Metrics/PerceivedComplexity
-
         def update_pyproject_version(req)
           requirement_strings = req[:requirement].split(",").map(&:strip)
 
@@ -160,6 +157,7 @@ module Dependabot
           "#{req_string.strip} || #{new_option.strip}"
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def widen_requirement_range(req_string)
           requirement_strings = req_string.split(",").map(&:strip)
 
@@ -179,6 +177,7 @@ module Dependabot
             update_requirements_range(requirement_strings)
           end
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         # rubocop:disable Metrics/PerceivedComplexity
         def updated_requirement(req)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.119.1
+  version: 0.119.6
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-28 00:00:00.000000000 Z
+date: 2020-09-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.1
+        version: 0.119.6
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.1
+        version: 0.119.6
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.90.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.90.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement