dependabot-python 0.167.0 → 0.168.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 443e0251039b9e15270dbff347b618605784b28918301fd67d70101c1dce7721
4
- data.tar.gz: 62518d3076b81d948eef00dc13937fa94c0f20fd61f28bef80e47ecf7d9f7f2f
3
+ metadata.gz: 9a97c2e03959cd5218e6bf5e8c15097ff1974e726dbcf2ad8016d3e1ddb7cb04
4
+ data.tar.gz: 00341d74c5e1cb57be6fed02b8d05a73df4cb433f159a83a38940abe3741c2e4
5
5
  SHA512:
6
- metadata.gz: 41fa8d64868f49b15da75991dcd6ad21ebb46fa4683e3d5f4c03a842c8258633f521ab16faa17f5e52b2ac8484c157166caea58a111e5f63e34bc0c5d2f16a69
7
- data.tar.gz: 7bed8de8b1c40c6e05fc84dce41e31ec44c47e91b6596dcbdd743ea25c765fd602108f843cd21846d3e3a4639b838417f2a605578ef7902df89efa39b0b3b83b
6
+ metadata.gz: f0b5c43bc734d2e12c814cd400bd4d4d6329e38693c125d83c2a3c1f9560bd3314e9af48a0bb68b585df3c865678ce3fa1711a76640c48e9086b766cf81a34bb
7
+ data.tar.gz: c62dbd6b560eac720d8c1adfed25bad4a56c41e6092c44303ae241b1e6ad0f4b9a3fc2fe5b7a36f90ebb9df32134b3f08087fa6725ed54fe737334a20022ab3b
@@ -2,7 +2,7 @@ pip==21.2.4
2
2
  pip-tools==6.4.0
3
3
  flake8==4.0.1
4
4
  hashin==0.15.0
5
- pipenv==2021.5.29
5
+ pipenv==2021.11.15
6
6
  pipfile==0.0.2
7
7
  poetry==1.1.11
8
8
  wheel==0.37.0
@@ -430,6 +430,9 @@ module Dependabot
430
430
  options << "--no-header" unless requirements_file.content.include?("autogenerated by pip-c")
431
431
 
432
432
  options << "--pre" if requirements_file.content.include?("--pre")
433
+
434
+ options << "--strip-extras" if requirements_file.content.include?("--strip-extras")
435
+
433
436
  options
434
437
  end
435
438
 
@@ -54,7 +54,7 @@ module Dependabot
54
54
 
55
55
  next unless (locked_version = locked_details&.fetch("version"))
56
56
 
57
- next if locked_details&.dig("source", "type") == "directory"
57
+ next if %w(directory file url).include?(locked_details&.dig("source", "type"))
58
58
 
59
59
  if locked_details&.dig("source", "type") == "git"
60
60
  poetry_object[key][dep_name] = {
@@ -40,7 +40,9 @@ module Dependabot
40
40
  PIPENV_INSTALLATION_ERROR_REGEX =
41
41
  /#{Regexp.quote(TRACEBACK)}[\s\S]*^\s+import\s(?<name>.+)[\s\S]*^#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}/.
42
42
  freeze
43
- UNSUPPORTED_DEP_REGEX = /(?:pyobjc)[\s\S]*#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}/.freeze
43
+ UNSUPPORTED_DEPS = %w(pyobjc).freeze
44
+ UNSUPPORTED_DEP_REGEX =
45
+ /Could not find a version that satisfies the requirement.*(?:#{UNSUPPORTED_DEPS.join("|")})/.freeze
44
46
  PIPENV_RANGE_WARNING = /Warning:\sPython\s[<>].* was not found/.freeze
45
47
 
46
48
  attr_reader :dependency, :dependency_files, :credentials
@@ -62,11 +64,7 @@ module Dependabot
62
64
  @resolvable ||= {}
63
65
  return @resolvable[version] if @resolvable.key?(version)
64
66
 
65
- @resolvable[version] = if fetch_latest_resolvable_version_string(requirement: "==#{version}")
66
- true
67
- else
68
- false
69
- end
67
+ @resolvable[version] = !!fetch_latest_resolvable_version_string(requirement: "==#{version}")
70
68
  end
71
69
 
72
70
  private
@@ -155,7 +153,9 @@ module Dependabot
155
153
  raise DependencyFileNotResolvable, msg
156
154
  end
157
155
 
158
- check_original_requirements_resolvable if error.message.include?("Could not find a version")
156
+ if error.message.include?("Could not find a version") || error.message.include?("ResolutionFailure")
157
+ check_original_requirements_resolvable
158
+ end
159
159
 
160
160
  if error.message.include?("SyntaxError: invalid syntax")
161
161
  raise DependencyFileNotResolvable,
@@ -220,7 +220,8 @@ module Dependabot
220
220
  end
221
221
 
222
222
  def handle_pipenv_errors_resolving_original_reqs(error)
223
- if error.message.include?("Could not find a version")
223
+ if error.message.include?("Could not find a version") ||
224
+ error.message.include?("package versions have conflicting dependencies")
224
225
  msg = clean_error_message(error.message)
225
226
  msg.gsub!(/\s+\(from .*$/, "")
226
227
  raise if msg.empty?
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.167.0
4
+ version: 0.168.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-16 00:00:00.000000000 Z
11
+ date: 2021-11-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.167.0
19
+ version: 0.168.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.167.0
26
+ version: 0.168.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement