dependabot-python 0.119.3 → 0.119.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 13a087f8c158a0b967063636237a86def182c624fbab33c6e41eefca49edeac2
-  data.tar.gz: 86f4b6da4b1a085539560cee4ee5403a6c73b56fdc071ddd44371d1efcdadb03
+  metadata.gz: f201c4255c524ae0ecbbfc557cdf318b8efc552d6ac6abb2e713d81e95e1cb27
+  data.tar.gz: 627aaaa1ad891da06db8d67f5927d72f09b635cb5f57cf1b0a45068dde6861ad
 SHA512:
-  metadata.gz: 524ac5b9aee02ae374504a49937f3bebddc3e1762ea211b3337c34cd4c2e12bd08f2710efb177cab8b31c2be430a2fe8d6a8ffb8594a7edd0a9d42359f1d5cca
-  data.tar.gz: 8d7a39bc4f547f464b5b988e70989e9e579c93522da178c8123576c4daa7f43b0c04d590428b3b805d61cce5d9256071b71105798a35ba1a3b3d1c8a6d73f239
+  metadata.gz: 6d742f3fd17de985eda66beac0c1e950fdde39d4a12bb2ad84a5fd15effb15b8fec6c7a9f3dd70941dd6367d1119bd8a74911c008cdd11f95a6d70d50a60795d
+  data.tar.gz: 945f396b17b6175c8139fa4dab6da997f281fe84f4618bbedc5ec3161f5138c6fd50a2b2344098ae5a10b156f21410d24be850e0a9677b2fd9e9aa7b2de8626c

data/lib/dependabot/python/authed_url_builder.rb

@@ -3,7 +3,6 @@
 module Dependabot
   module Python
     class AuthedUrlBuilder
-      # rubocop:disable Metrics/PerceivedComplexity
       def self.authed_url(credential:)
         token = credential.fetch("token", nil)
         url = credential.fetch("index-url")
@@ -24,7 +23,6 @@ module Dependabot
 
         url.sub("://", "://#{basic_auth_details}@")
       end
-      # rubocop:enable Metrics/PerceivedComplexity
     end
   end
 end

data/lib/dependabot/python/file_fetcher.rb

@@ -350,14 +350,14 @@ module Dependabot
       def parse_path_setup_paths(req_file)
         uneditable_reqs =
           req_file.content.
-          scan(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/).
+          scan(/^['"]?(?:file:)?(?<path>\..*?)(?=\[|#|'|"|$)/).
           flatten.
           map(&:strip).
           reject { |p| p.include?("://") }
 
         editable_reqs =
           req_file.content.
-          scan(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/).
+          scan(/^(?:-e)\s+['"]?(?:file:)?(?<path>.*?)(?=\[|#|'|"|$)/).
           flatten.
           map(&:strip).
           reject { |p| p.include?("://") || p.include?("git@") }

data/lib/dependabot/python/file_updater.rb

@@ -44,6 +44,7 @@ module Dependabot
 
       private
 
+      # rubocop:disable Metrics/PerceivedComplexity
       def resolver_type
         reqs = dependencies.flat_map(&:requirements)
         changed_reqs = reqs.zip(dependencies.flat_map(&:previous_requirements)).
@@ -64,6 +65,7 @@ module Dependabot
 
         :requirements
       end
+      # rubocop:enable Metrics/PerceivedComplexity
 
       def subdependency_resolver
         return :pipfile if pipfile_lock

data/lib/dependabot/python/file_updater/pipfile_file_updater.rb

@@ -142,6 +142,7 @@ module Dependabot
             freeze_top_level_dependencies_except(dependencies)
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def freeze_dependencies_being_updated(pipfile_content)
           pipfile_object = TomlRB.parse(pipfile_content)
 
@@ -163,6 +164,7 @@ module Dependabot
 
           TomlRB.dump(pipfile_object)
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def subdep_type?(type)
           return false if dependency.top_level?

data/lib/dependabot/python/file_updater/pipfile_preparer.rb

@@ -46,7 +46,6 @@ module Dependabot
           TomlRB.dump(pipfile_object)
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def freeze_dependency(dep_name, pipfile_object, keys)
           locked_version = version_from_lockfile(
             keys[:lockfile],
@@ -66,7 +65,6 @@ module Dependabot
             pipfile_object[keys[:pipfile]][dep_name] = "==#{locked_version}"
           end
         end
-        # rubocop:enable Metrics/PerceivedComplexity
 
         def update_python_requirement(requirement)
           pipfile_object = TomlRB.parse(pipfile_content)

data/lib/dependabot/python/file_updater/pyproject_preparer.rb

@@ -36,7 +36,7 @@ module Dependabot
         end
 
         # rubocop:disable Metrics/PerceivedComplexity
-        # rubocop:disable Metrics/CyclomaticComplexity
+        # rubocop:disable Metrics/AbcSize
         def freeze_top_level_dependencies_except(dependencies)
           return pyproject_content unless lockfile
 
@@ -71,8 +71,8 @@ module Dependabot
 
           TomlRB.dump(pyproject_object)
         end
+        # rubocop:enable Metrics/AbcSize
         # rubocop:enable Metrics/PerceivedComplexity
-        # rubocop:enable Metrics/CyclomaticComplexity
 
         private
 

data/lib/dependabot/python/file_updater/requirement_replacer.rb

@@ -30,8 +30,8 @@ module Dependabot
               updated_dependency_declaration_string
             end
 
-          unless old_requirement == new_requirement
-            raise "Expected content to change!" if content == updated_content
+          if old_requirement != new_requirement && content == updated_content
+            raise "Expected content to change!"
           end
 
           updated_content

data/lib/dependabot/python/requirement.rb

@@ -100,7 +100,7 @@ module Dependabot
       def convert_caret_req(req_string)
         version = req_string.gsub(/^\^/, "")
         parts = version.split(".")
-        parts = parts.fill(0, parts.length...3)
+        parts.fill(0, parts.length...3)
         first_non_zero = parts.find { |d| d != "0" }
         first_non_zero_index =
           first_non_zero ? parts.index(first_non_zero) : parts.count - 1

data/lib/dependabot/python/update_checker/latest_version_finder.rb

@@ -166,6 +166,7 @@ module Dependabot
             end
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def version_details_from_link(link)
           doc = Nokogiri::XML(link)
           filename = doc.at_css("a")&.content
@@ -181,6 +182,7 @@ module Dependabot
             yanked: link&.include?("data-yanked")
           }
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def get_version_from_filename(filename)
           filename.

data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb

@@ -97,7 +97,6 @@ module Dependabot
             end
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         # rubocop:disable Metrics/AbcSize
         def handle_pip_compile_errors(error)
           if error.message.include?("Could not find a version")
@@ -114,11 +113,14 @@ module Dependabot
             check_original_requirements_resolvable
           end
 
-          if error.message.include?('Command "python setup.py egg_info') ||
-             error.message.include?("exit status 1: python setup.py egg_info")
+          if (error.message.include?('Command "python setup.py egg_info') ||
+              error.message.include?(
+                "exit status 1: python setup.py egg_info"
+              )) &&
+             check_original_requirements_resolvable
             # The latest version of the dependency we're updating is borked
             # (because it has an unevaluatable setup.py). Skip the update.
-            return if check_original_requirements_resolvable
+            return
           end
 
           if error.message.include?("Could not find a version ") &&
@@ -143,7 +145,6 @@ module Dependabot
           raise
         end
 
-        # rubocop:enable Metrics/PerceivedComplexity
         # rubocop:enable Metrics/AbcSize
 
         # Needed because pip-compile's resolver isn't perfect.

data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb

@@ -152,11 +152,14 @@ module Dependabot
             check_original_requirements_resolvable
           end
 
-          if error.message.include?('Command "python setup.py egg_info"') ||
-             error.message.include?("exit status 1: python setup.py egg_info")
+          if (error.message.include?('Command "python setup.py egg_info"') ||
+              error.message.include?(
+                "exit status 1: python setup.py egg_info"
+              )) &&
+             check_original_requirements_resolvable
             # The latest version of the dependency we're updating is borked
             # (because it has an unevaluatable setup.py). Skip the update.
-            return if check_original_requirements_resolvable
+            return
           end
 
           if error.message.include?("UnsupportedPythonVersion") &&
@@ -332,6 +335,7 @@ module Dependabot
             freeze_top_level_dependencies_except([dependency])
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def set_target_dependency_req(pipfile_content, updated_requirement)
           return pipfile_content unless updated_requirement
 
@@ -352,6 +356,7 @@ module Dependabot
 
           TomlRB.dump(pipfile_object)
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def subdep_type?(type)
           return false if dependency.top_level?

data/lib/dependabot/python/update_checker/poetry_version_resolver.rb

@@ -258,6 +258,7 @@ module Dependabot
             freeze_top_level_dependencies_except([dependency])
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def set_target_dependency_req(pyproject_content, updated_requirement)
           return pyproject_content unless updated_requirement
 
@@ -284,6 +285,7 @@ module Dependabot
 
           TomlRB.dump(pyproject_object)
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         def subdep_type
           category =

data/lib/dependabot/python/update_checker/requirements_updater.rb

@@ -73,7 +73,6 @@ module Dependabot
           updated_requirement(req)
         end
 
-        # rubocop:disable Metrics/PerceivedComplexity
         def updated_pyproject_requirement(req)
           return req unless latest_resolvable_version
           return req unless req.fetch(:requirement)
@@ -99,8 +98,6 @@ module Dependabot
           req.merge(requirement: :unfixable)
         end
 
-        # rubocop:enable Metrics/PerceivedComplexity
-
         def update_pyproject_version(req)
           requirement_strings = req[:requirement].split(",").map(&:strip)
 
@@ -160,6 +157,7 @@ module Dependabot
           "#{req_string.strip} || #{new_option.strip}"
         end
 
+        # rubocop:disable Metrics/PerceivedComplexity
         def widen_requirement_range(req_string)
           requirement_strings = req_string.split(",").map(&:strip)
 
@@ -179,6 +177,7 @@ module Dependabot
             update_requirements_range(requirement_strings)
           end
         end
+        # rubocop:enable Metrics/PerceivedComplexity
 
         # rubocop:disable Metrics/PerceivedComplexity
         def updated_requirement(req)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.119.3
+  version: 0.119.4
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-09-10 00:00:00.000000000 Z
+date: 2020-09-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.3
+        version: 0.119.4
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.3
+        version: 0.119.4
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.90.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.88.0
+        version: 0.90.0
 - !ruby/object:Gem::Dependency
   name: vcr
   requirement: !ruby/object:Gem::Requirement