dependabot-python 0.142.1 → 0.143.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6bbb1df342c09fe1bdfbefe65ae811face359bd8a76f8e6fecf21d8678dd3115
4
- data.tar.gz: 77dbea3fb94451ed98d2afbcad6368bcd116468febb7e57dae466912e2fa4d70
3
+ metadata.gz: 8c267dc7f2143181759940166e43b27fdbafae1ae296f33e526a3f1304b283c8
4
+ data.tar.gz: 1e1c15bdb03251d8582074b68af012dc7255de385b93f14c858c617258161dc6
5
5
  SHA512:
6
- metadata.gz: 12da4b5becd679ae5aa76297dc029c6d7185996916810e0e6398f12b6cc6dff43c2cfbb4f7598a45168c6b3991401b806b34af2ae82f760c371332639247fc89
7
- data.tar.gz: 4f08bf630610807b4fa8b295e7d5d84390c762627b12565cf764cc7fa6957d5087fe3e3c5facd04789103fd89d40988d5510b02fdced2e95fb6c2bfefe33267a
6
+ metadata.gz: e9aefef80e19ddced38bd983b13cb295012c1829e1a296b8734189c11135186917b45dce268e3148737f8f1bdbd8757b1229d9d2fb2ba8c30758b438cfcc74e8
7
+ data.tar.gz: f770db284ab46511979935d06ee9b7700bb4dd7ab13836f4ae58fcf722198ac718a94ec953f0db2fced3e853bbb940649668255ad82b290c0657bf9e1031b066
@@ -57,38 +57,50 @@ def parse_requirements(directory):
57
57
 
58
58
 
59
59
  def parse_setup(directory):
60
- # Parse the setup.py
61
- setup_packages = []
62
- if os.path.isfile(directory + '/setup.py'):
63
- def version_from_install_req(install_req):
64
- if install_req.is_pinned:
65
- return next(iter(install_req.specifier)).version
60
+ def version_from_install_req(install_req):
61
+ if install_req.is_pinned:
62
+ return next(iter(install_req.specifier)).version
66
63
 
67
- def parse_requirement(req, req_type):
68
- install_req = install_req_from_line(req)
69
- if install_req.original_link:
70
- return
64
+ def parse_requirement(req, req_type, filename):
65
+ install_req = install_req_from_line(req)
66
+ if install_req.original_link:
67
+ return
71
68
 
72
- setup_packages.append({
69
+ setup_packages.append(
70
+ {
73
71
  "name": install_req.req.name,
74
72
  "version": version_from_install_req(install_req),
75
73
  "markers": str(install_req.markers) or None,
76
- "file": "setup.py",
74
+ "file": filename,
77
75
  "requirement": str(install_req.specifier) or None,
78
76
  "requirement_type": req_type,
79
- "extras": sorted(list(install_req.extras))
80
- })
77
+ "extras": sorted(list(install_req.extras)),
78
+ }
79
+ )
80
+
81
+ def parse_requirements(requires, req_type, filename):
82
+ for req in requires:
83
+ parse_requirement(req, req_type, filename)
84
+
85
+ # Parse the setup.py and setup.cfg
86
+ setup_py = "setup.py"
87
+ setup_py_path = os.path.join(directory, setup_py)
88
+ setup_cfg = "setup.cfg"
89
+ setup_cfg_path = os.path.join(directory, setup_cfg)
90
+ setup_packages = []
91
+
92
+ if os.path.isfile(setup_py_path):
81
93
 
82
94
  def setup(*args, **kwargs):
83
- for arg in ['setup_requires', 'install_requires', 'tests_require']:
84
- if not kwargs.get(arg):
85
- continue
86
- for req in kwargs.get(arg):
87
- parse_requirement(req, arg)
88
- extras_require_dict = kwargs.get('extras_require', {})
89
- for key in extras_require_dict:
90
- for req in extras_require_dict[key]:
91
- parse_requirement(req, 'extras_require:{}'.format(key))
95
+ for arg in ["setup_requires", "install_requires", "tests_require"]:
96
+ requires = kwargs.get(arg, [])
97
+ parse_requirements(requires, arg, setup_py)
98
+ extras_require_dict = kwargs.get("extras_require", {})
99
+ for key, value in extras_require_dict.items():
100
+ parse_requirements(
101
+ value, "extras_require:{}".format(key), setup_py
102
+ )
103
+
92
104
  setuptools.setup = setup
93
105
 
94
106
  def noop(*args, **kwargs):
@@ -100,17 +112,19 @@ def parse_setup(directory):
100
112
  global fake_open
101
113
 
102
114
  def fake_open(*args, **kwargs):
103
- content = ("VERSION = ('0', '0', '1+dependabot')\n"
104
- "__version__ = '0.0.1+dependabot'\n"
105
- "__author__ = 'someone'\n"
106
- "__title__ = 'something'\n"
107
- "__description__ = 'something'\n"
108
- "__author_email__ = 'something'\n"
109
- "__license__ = 'something'\n"
110
- "__url__ = 'something'\n")
115
+ content = (
116
+ "VERSION = ('0', '0', '1+dependabot')\n"
117
+ "__version__ = '0.0.1+dependabot'\n"
118
+ "__author__ = 'someone'\n"
119
+ "__title__ = 'something'\n"
120
+ "__description__ = 'something'\n"
121
+ "__author_email__ = 'something'\n"
122
+ "__license__ = 'something'\n"
123
+ "__url__ = 'something'\n"
124
+ )
111
125
  return io.StringIO(content)
112
126
 
113
- content = open(directory + '/setup.py', 'r').read()
127
+ content = open(setup_py_path, "r").read()
114
128
 
115
129
  # Remove `print`, `open`, `log` and import statements
116
130
  content = re.sub(r"print\s*\(", "noop(", content)
@@ -121,18 +135,41 @@ def parse_setup(directory):
121
135
  content = re.sub(version_re, "", content)
122
136
 
123
137
  # Set variables likely to be imported
124
- __version__ = '0.0.1+dependabot'
125
- __author__ = 'someone'
126
- __title__ = 'something'
127
- __description__ = 'something'
128
- __author_email__ = 'something'
129
- __license__ = 'something'
130
- __url__ = 'something'
138
+ __version__ = "0.0.1+dependabot"
139
+ __author__ = "someone"
140
+ __title__ = "something"
141
+ __description__ = "something"
142
+ __author_email__ = "something"
143
+ __license__ = "something"
144
+ __url__ = "something"
131
145
 
132
146
  # Run as main (since setup.py is a script)
133
- __name__ = '__main__'
147
+ __name__ = "__main__"
134
148
 
135
149
  # Exec the setup.py
136
150
  exec(content) in globals(), locals()
137
151
 
152
+ if os.path.isfile(setup_cfg_path):
153
+ try:
154
+ config = setuptools.config.read_configuration(setup_cfg_path)
155
+
156
+ for req_type in [
157
+ "setup_requires",
158
+ "install_requires",
159
+ "tests_require",
160
+ ]:
161
+ requires = config.get("options", {}).get(req_type, [])
162
+ parse_requirements(requires, req_type, setup_cfg)
163
+
164
+ extras_require = config.get("options", {}).get(
165
+ "extras_require", {}
166
+ )
167
+ for key, value in extras_require.items():
168
+ parse_requirements(
169
+ value, "extras_require:{}".format(key), setup_cfg
170
+ )
171
+ except Exception as e:
172
+ print(json.dumps({"error": repr(e)}))
173
+ exit(1)
174
+
138
175
  return json.dumps({"result": setup_packages})
@@ -4,7 +4,7 @@ flake8==3.9.1
4
4
  hashin==0.15.0
5
5
  pipenv==2018.11.26
6
6
  pipfile==0.0.2
7
- poetry==1.1.4
7
+ poetry==1.1.6
8
8
  wheel==0.36.2
9
9
 
10
10
  # Some dependencies will only install if Cython is present
data/helpers/run.py CHANGED
@@ -8,7 +8,7 @@ if __name__ == "__main__":
8
8
 
9
9
  if args["function"] == "parse_requirements":
10
10
  print(parser.parse_requirements(args["args"][0]))
11
- if args["function"] == "parse_setup":
11
+ elif args["function"] == "parse_setup":
12
12
  print(parser.parse_setup(args["args"][0]))
13
13
  elif args["function"] == "get_dependency_hash":
14
14
  print(hasher.get_dependency_hash(*args["args"]))
@@ -25,11 +25,13 @@ module Dependabot
25
25
  # If this repo is using Poetry return true
26
26
  return true if filenames.include?("pyproject.toml")
27
27
 
28
- filenames.include?("setup.py")
28
+ return true if filenames.include?("setup.py")
29
+
30
+ filenames.include?("setup.cfg")
29
31
  end
30
32
 
31
33
  def self.required_files_message
32
- "Repo must contain a requirements.txt, setup.py, pyproject.toml, "\
34
+ "Repo must contain a requirements.txt, setup.py, setup.cfg, pyproject.toml, "\
33
35
  "or a Pipfile."
34
36
  end
35
37
 
@@ -45,7 +47,7 @@ module Dependabot
45
47
  fetched_files += requirement_files if requirements_txt_files.any?
46
48
 
47
49
  fetched_files << setup_file if setup_file
48
- fetched_files << setup_cfg if setup_cfg
50
+ fetched_files << setup_cfg_file if setup_cfg_file
49
51
  fetched_files += path_setup_files
50
52
  fetched_files << pip_conf if pip_conf
51
53
  fetched_files << python_version if python_version
@@ -77,7 +79,7 @@ module Dependabot
77
79
  end
78
80
 
79
81
  def check_required_files_present
80
- return if requirements_txt_files.any? || setup_file || pipfile || pyproject
82
+ return if requirements_txt_files.any? || setup_file || setup_cfg_file || pipfile || pyproject
81
83
 
82
84
  path = Pathname.new(File.join(directory, "requirements.txt")).
83
85
  cleanpath.to_path
@@ -88,8 +90,8 @@ module Dependabot
88
90
  @setup_file ||= fetch_file_if_present("setup.py")
89
91
  end
90
92
 
91
- def setup_cfg
92
- @setup_cfg ||= fetch_file_if_present("setup.cfg")
93
+ def setup_cfg_file
94
+ @setup_cfg_file ||= fetch_file_if_present("setup.cfg")
93
95
  end
94
96
 
95
97
  def pip_conf
@@ -44,7 +44,7 @@ module Dependabot
44
44
  dependency_set += pipenv_dependencies if pipfile
45
45
  dependency_set += poetry_dependencies if using_poetry?
46
46
  dependency_set += requirement_dependencies if requirement_files.any?
47
- dependency_set += setup_file_dependencies if setup_file
47
+ dependency_set += setup_file_dependencies if setup_file || setup_cfg_file
48
48
 
49
49
  dependency_set.dependencies
50
50
  end
@@ -207,8 +207,9 @@ module Dependabot
207
207
  return if pipfile
208
208
  return if pyproject
209
209
  return if setup_file
210
+ return if setup_cfg_file
210
211
 
211
- raise "No requirements.txt or setup.py!"
212
+ raise "Missing required files!"
212
213
  end
213
214
 
214
215
  def pipfile
@@ -248,6 +249,10 @@ module Dependabot
248
249
  @setup_file ||= get_original_file("setup.py")
249
250
  end
250
251
 
252
+ def setup_cfg_file
253
+ @setup_cfg_file ||= get_original_file("setup.cfg")
254
+ end
255
+
251
256
  def pip_compile_files
252
257
  @pip_compile_files ||=
253
258
  dependency_files.select { |f| f.name.end_with?(".in") }
@@ -71,6 +71,8 @@ module Dependabot
71
71
  rescue SharedHelpers::HelperSubprocessFailed => e
72
72
  raise Dependabot::DependencyFileNotEvaluatable, e.message if e.message.start_with?("InstallationError")
73
73
 
74
+ return [] unless setup_file
75
+
74
76
  parsed_sanitized_setup_file
75
77
  end
76
78
 
@@ -19,6 +19,7 @@ module Dependabot
19
19
  /.*\.txt$/,
20
20
  /.*\.in$/,
21
21
  /^setup\.py$/,
22
+ /^setup\.cfg$/,
22
23
  /^pyproject\.toml$/,
23
24
  /^pyproject\.lock$/
24
25
  ]
@@ -113,8 +114,9 @@ module Dependabot
113
114
  return if pipfile
114
115
  return if pyproject
115
116
  return if get_original_file("setup.py")
117
+ return if get_original_file("setup.cfg")
116
118
 
117
- raise "No requirements.txt or setup.py!"
119
+ raise "Missing required files!"
118
120
  end
119
121
 
120
122
  def pipfile
@@ -50,7 +50,7 @@ module Dependabot
50
50
  requirements = requirements.flatten.flat_map do |req_string|
51
51
  next if req_string.nil?
52
52
 
53
- req_string.split(",").map do |r|
53
+ req_string.split(",").map(&:strip).map do |r|
54
54
  convert_python_constraint_to_ruby_constraint(r)
55
55
  end
56
56
  end
@@ -100,7 +100,7 @@ module Dependabot
100
100
 
101
101
  def filter_ignored_versions(versions_array)
102
102
  filtered = versions_array.
103
- reject { |v| ignore_reqs.any? { |r| r.satisfied_by?(v) } }
103
+ reject { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
104
104
  raise Dependabot::AllVersionsIgnored if @raise_on_ignored && filtered.empty? && versions_array.any?
105
105
 
106
106
  filtered
@@ -226,8 +226,8 @@ module Dependabot
226
226
  )
227
227
  end
228
228
 
229
- def ignore_reqs
230
- ignored_versions.map { |req| requirement_class.new(req.split(",")) }
229
+ def ignore_requirements
230
+ ignored_versions.flat_map { |req| requirement_class.requirements_array(req) }
231
231
  end
232
232
 
233
233
  def normalised_name
@@ -32,7 +32,7 @@ module Dependabot
32
32
  def updated_requirements
33
33
  requirements.map do |req|
34
34
  case req[:file]
35
- when "setup.py" then updated_setup_requirement(req)
35
+ when /setup\.(?:py|cfg)$/ then updated_setup_requirement(req)
36
36
  when "pyproject.toml" then updated_pyproject_requirement(req)
37
37
  when "Pipfile" then updated_pipfile_requirement(req)
38
38
  when /\.txt$|\.in$/ then updated_requirement(req)
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.142.1
4
+ version: 0.143.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-04-16 00:00:00.000000000 Z
11
+ date: 2021-04-21 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.142.1
19
+ version: 0.143.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.142.1
26
+ version: 0.143.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.12.0
103
+ version: 1.13.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.12.0
110
+ version: 1.13.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: simplecov
113
113
  requirement: !ruby/object:Gem::Requirement