dependabot-python 0.180.3 → 0.181.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 640e6703b3bb9e7aead40b2c323d23ffaf6c52f3adfa09a551ca1d941f561d36
-  data.tar.gz: fa0c3160e37d6a53e074eb661b4137810e644a64498fc1f1b96e1728c3960b94
+  metadata.gz: f4ccf0e12202b5d1b6cb910cab1fcc72de962250ebde3734f5219700d2f1f32f
+  data.tar.gz: 73215b00c8ec406d67219605f713af4f6e47a5e94ecc0ebe9cb7591910362aa9
 SHA512:
-  metadata.gz: 10b638a550024566bdd242b5bbbb50c8d4db557c8ad74af19bf27268ec565303749a742365568727d00b77956dee71ec189d637984913044ad63270ec404c044
-  data.tar.gz: d23ae84a495f107d027ca8a774b6c32d3bbc95d382f84f4fb795c839ac6c7388985e22ced647c81d1df5aa2e0a64ee807a70786be28827f9bac8ab904b15d06f
+  metadata.gz: 366d876a00f9a603d7a51fc2cdd227856c8d356181956503cb18fa4c4565ecfee8667158d73fa8aa25548631c8a8a2411aa012e961c53458c3537c6aa5eafa32
+  data.tar.gz: 14053afa7217d82e24920f0bfe6bd96531c264dcac7a8d90231b7e895fb18be3d448728d94e0f5efa6396c5cf356808add4b8574ec5e42b26293053062f821fb

data/helpers/requirements.txt

@@ -1,8 +1,8 @@
-pip==22.0.4
-pip-tools==6.5.1
+pip>=21.3.1  # Allow earlier versions to retain python 3.6 support
+pip-tools>=6.4.0  # Allow earlier versions to retain python 3.6 support
 flake8==4.0.1
 hashin==0.17.0
-pipenv==2022.3.28
+pipenv==2022.4.8
 pipfile==0.0.2
 poetry==1.1.13
 wheel==0.37.1

data/lib/dependabot/python/file_parser.rb

@@ -72,12 +72,6 @@ module Dependabot
       def requirement_dependencies
         dependencies = DependencySet.new
         parsed_requirement_files.each do |dep|
-          # This isn't ideal, but currently the FileUpdater won't update
-          # deps that appear in a requirements.txt and Pipenv / Poetry
-          # and *aren't* a straight lockfile for Pipenv / Poetry
-          next if included_in_pipenv_deps?(normalised_name(dep["name"]))
-          next if included_in_poetry_deps?(normalised_name(dep["name"]))
-
           # If a requirement has a `<`, `<=` or '==' marker then updating it is
           # probably blocked. Ignore it.
           next if blocking_marker?(dep)

data/lib/dependabot/python/requirement.rb

@@ -6,7 +6,7 @@ require "dependabot/python/version"
 module Dependabot
   module Python
     class Requirement < Gem::Requirement
-      OR_SEPARATOR = /(?<=[a-zA-Z0-9*])\s*\|+/.freeze
+      OR_SEPARATOR = /(?<=[a-zA-Z0-9)*])\s*\|+/.freeze
 
       # Add equality and arbitrary-equality matchers
       OPS = OPS.merge(
@@ -20,11 +20,17 @@ module Dependabot
 
       PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*"
       PATTERN = /\A#{PATTERN_RAW}\z/.freeze
+      PARENS_PATTERN = /\A\(([^)]+)\)\z/.freeze
 
       def self.parse(obj)
         return ["=", Python::Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
 
-        unless (matches = PATTERN.match(obj.to_s))
+        line = obj.to_s
+        if (matches = PARENS_PATTERN.match(line))
+          line = matches[1]
+        end
+
+        unless (matches = PATTERN.match(line))
           msg = "Illformed requirement [#{obj.inspect}]"
           raise BadRequirementError, msg
         end
@@ -41,6 +47,10 @@ module Dependabot
       def self.requirements_array(requirement_string)
         return [new(nil)] if requirement_string.nil?
 
+        if (matches = PARENS_PATTERN.match(requirement_string))
+          requirement_string = matches[1]
+        end
+
         requirement_string.strip.split(OR_SEPARATOR).map do |req_string|
           new(req_string.strip)
         end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.180.3
+  version: 0.181.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-04-04 00:00:00.000000000 Z
+date: 2022-04-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,28 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.180.3
+        version: 0.181.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.180.3
+        version: 0.181.0
+- !ruby/object:Gem::Dependency
+  name: debase
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.4.1
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.2.4.1
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -100,14 +114,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.26.0
+        version: 1.27.0
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.27.0
+- !ruby/object:Gem::Dependency
+  name: ruby-debug-ide
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.7.3
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.26.0
+        version: 0.7.3
 - !ruby/object:Gem::Dependency
   name: simplecov
   requirement: !ruby/object:Gem::Requirement