dependabot-python 0.214.0 → 0.216.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -92,15 +92,15 @@ module Dependabot
92
92
  write_temporary_dependency_files(updated_req: requirement)
93
93
  add_auth_env_vars
94
94
 
95
- Helpers.install_required_python(python_version)
95
+ language_version_manager.install_required_python
96
96
 
97
97
  # use system git instead of the pure Python dulwich
98
- unless python_version&.start_with?("3.6")
98
+ unless language_version_manager.python_version&.start_with?("3.6")
99
99
  run_poetry_command("pyenv exec poetry config experimental.system-git-client true")
100
100
  end
101
101
 
102
102
  # Shell out to Poetry, which handles everything for us.
103
- run_poetry_command(poetry_update_command)
103
+ run_poetry_update_command
104
104
 
105
105
  updated_lockfile =
106
106
  if File.exist?("poetry.lock") then File.read("poetry.lock")
@@ -163,8 +163,11 @@ module Dependabot
163
163
 
164
164
  # Using `--lock` avoids doing an install.
165
165
  # Using `--no-interaction` avoids asking for passwords.
166
- def poetry_update_command
167
- "pyenv exec poetry update #{dependency.name} --lock --no-interaction"
166
+ def run_poetry_update_command
167
+ run_poetry_command(
168
+ "pyenv exec poetry update #{dependency.name} --lock --no-interaction",
169
+ fingerprint: "pyenv exec poetry update <dependency_name> --lock --no-interaction"
170
+ )
168
171
  end
169
172
 
170
173
  def check_original_requirements_resolvable
@@ -174,7 +177,7 @@ module Dependabot
174
177
  SharedHelpers.with_git_configured(credentials: credentials) do
175
178
  write_temporary_dependency_files(update_pyproject: false)
176
179
 
177
- run_poetry_command(poetry_update_command)
180
+ run_poetry_update_command
178
181
 
179
182
  @original_reqs_resolvable = true
180
183
  rescue SharedHelpers::HelperSubprocessFailed => e
@@ -202,7 +205,7 @@ module Dependabot
202
205
  end
203
206
 
204
207
  # Overwrite the .python-version with updated content
205
- File.write(".python-version", Helpers.python_major_minor(python_version)) if python_version
208
+ File.write(".python-version", language_version_manager.python_major_minor)
206
209
 
207
210
  # Overwrite the pyproject with updated content
208
211
  if update_pyproject
@@ -221,39 +224,10 @@ module Dependabot
221
224
  add_auth_env_vars(credentials)
222
225
  end
223
226
 
224
- def python_version
225
- requirements = python_requirement_parser.user_specified_requirements
226
- requirements = requirements.
227
- map { |r| Python::Requirement.requirements_array(r) }
228
-
229
- version = PythonVersions::SUPPORTED_VERSIONS_TO_ITERATE.find do |v|
230
- requirements.all? do |reqs|
231
- reqs.any? { |r| r.satisfied_by?(Python::Version.new(v)) }
232
- end
233
- end
234
- return version if version
235
-
236
- msg = "Dependabot detected the following Python requirements " \
237
- "for your project: '#{requirements}'.\n\nCurrently, the " \
238
- "following Python versions are supported in Dependabot: " \
239
- "#{PythonVersions::SUPPORTED_VERSIONS.join(', ')}."
240
- raise DependencyFileNotResolvable, msg
241
- end
242
-
243
- def python_requirement_parser
244
- @python_requirement_parser ||=
245
- FileParser::PythonRequirementParser.new(
246
- dependency_files: dependency_files
247
- )
248
- end
249
-
250
- def pre_installed_python?(version)
251
- PythonVersions::PRE_INSTALLED_PYTHON_VERSIONS.include?(version)
252
- end
253
-
254
227
  def updated_pyproject_content(updated_requirement:)
255
228
  content = pyproject.content
256
229
  content = sanitize_pyproject_content(content)
230
+ content = update_python_requirement(content)
257
231
  content = freeze_other_dependencies(content)
258
232
  content = set_target_dependency_req(content, updated_requirement)
259
233
  content
@@ -262,6 +236,7 @@ module Dependabot
262
236
  def sanitized_pyproject_content
263
237
  content = pyproject.content
264
238
  content = sanitize_pyproject_content(content)
239
+ content = update_python_requirement(content)
265
240
  content
266
241
  end
267
242
 
@@ -271,13 +246,18 @@ module Dependabot
271
246
  sanitize
272
247
  end
273
248
 
249
+ def update_python_requirement(pyproject_content)
250
+ Python::FileUpdater::PyprojectPreparer.
251
+ new(pyproject_content: pyproject_content).
252
+ update_python_requirement(language_version_manager.python_major_minor)
253
+ end
254
+
274
255
  def freeze_other_dependencies(pyproject_content)
275
256
  Python::FileUpdater::PyprojectPreparer.
276
257
  new(pyproject_content: pyproject_content, lockfile: lockfile).
277
258
  freeze_top_level_dependencies_except([dependency])
278
259
  end
279
260
 
280
- # rubocop:disable Metrics/PerceivedComplexity
281
261
  def set_target_dependency_req(pyproject_content, updated_requirement)
282
262
  return pyproject_content unless updated_requirement
283
263
 
@@ -285,15 +265,15 @@ module Dependabot
285
265
  poetry_object = pyproject_object.dig("tool", "poetry")
286
266
 
287
267
  Dependabot::Python::FileParser::PyprojectFilesParser::POETRY_DEPENDENCY_TYPES.each do |type|
288
- names = poetry_object[type]&.keys || []
289
- pkg_name = names.find { |nm| normalise(nm) == dependency.name }
290
- next unless pkg_name
291
-
292
- if poetry_object.dig(type, pkg_name).is_a?(Hash)
293
- poetry_object[type][pkg_name]["version"] = updated_requirement
294
- else
295
- poetry_object[type][pkg_name] = updated_requirement
296
- end
268
+ dependencies = poetry_object[type]
269
+ next unless dependencies
270
+
271
+ update_dependency_requirement(dependencies, updated_requirement)
272
+ end
273
+
274
+ groups = poetry_object["group"]&.values || []
275
+ groups.each do |group_spec|
276
+ update_dependency_requirement(group_spec["dependencies"], updated_requirement)
297
277
  end
298
278
 
299
279
  # If this is a sub-dependency, add the new requirement
@@ -304,7 +284,18 @@ module Dependabot
304
284
 
305
285
  TomlRB.dump(pyproject_object)
306
286
  end
307
- # rubocop:enable Metrics/PerceivedComplexity
287
+
288
+ def update_dependency_requirement(toml_node, requirement)
289
+ names = toml_node.keys
290
+ pkg_name = names.find { |nm| normalise(nm) == dependency.name }
291
+ return unless pkg_name
292
+
293
+ if toml_node[pkg_name].is_a?(Hash)
294
+ toml_node[pkg_name]["version"] = requirement
295
+ else
296
+ toml_node[pkg_name] = requirement
297
+ end
298
+ end
308
299
 
309
300
  def subdep_type
310
301
  category =
@@ -315,6 +306,20 @@ module Dependabot
315
306
  category == "dev" ? "dev-dependencies" : "dependencies"
316
307
  end
317
308
 
309
+ def python_requirement_parser
310
+ @python_requirement_parser ||=
311
+ FileParser::PythonRequirementParser.new(
312
+ dependency_files: dependency_files
313
+ )
314
+ end
315
+
316
+ def language_version_manager
317
+ @language_version_manager ||=
318
+ LanguageVersionManager.new(
319
+ python_requirement_parser: python_requirement_parser
320
+ )
321
+ end
322
+
318
323
  def pyproject
319
324
  dependency_files.find { |f| f.name == "pyproject.toml" }
320
325
  end
@@ -331,7 +336,7 @@ module Dependabot
331
336
  poetry_lock || pyproject_lock
332
337
  end
333
338
 
334
- def run_poetry_command(command)
339
+ def run_poetry_command(command, fingerprint: nil)
335
340
  start = Time.now
336
341
  command = SharedHelpers.escape_command(command)
337
342
  stdout, process = Open3.capture2e(command)
@@ -345,6 +350,7 @@ module Dependabot
345
350
  message: stdout,
346
351
  error_context: {
347
352
  command: command,
353
+ fingerprint: fingerprint,
348
354
  time_taken: time_taken,
349
355
  process_exit_value: process.to_s
350
356
  }
@@ -88,12 +88,19 @@ module Dependabot
88
88
  case update_strategy
89
89
  when :widen_ranges then widen_pyproject_requirement(req)
90
90
  when :bump_versions then update_pyproject_version(req)
91
+ when :bump_versions_if_necessary then update_pyproject_version_if_needed(req)
91
92
  else raise "Unexpected update strategy: #{update_strategy}"
92
93
  end
93
94
  rescue UnfixableRequirement
94
95
  req.merge(requirement: :unfixable)
95
96
  end
96
97
 
98
+ def update_pyproject_version_if_needed(req)
99
+ return req if new_version_satisfies?(req)
100
+
101
+ update_pyproject_version(req)
102
+ end
103
+
97
104
  def update_pyproject_version(req)
98
105
  requirement_strings = req[:requirement].split(",").map(&:strip)
99
106
 
@@ -180,10 +187,14 @@ module Dependabot
180
187
  return req unless req.fetch(:requirement)
181
188
 
182
189
  case update_strategy
190
+ when :widen_ranges
191
+ widen_requirement(req)
183
192
  when :bump_versions
184
193
  update_requirement(req)
185
194
  when :bump_versions_if_necessary
186
195
  update_requirement_if_needed(req)
196
+ else
197
+ raise "Unexpected update strategy: #{update_strategy}"
187
198
  end
188
199
  end
189
200
 
@@ -212,6 +223,14 @@ module Dependabot
212
223
  req.merge(requirement: :unfixable)
213
224
  end
214
225
 
226
+ def widen_requirement(req)
227
+ return req if new_version_satisfies?(req)
228
+
229
+ new_requirement = widen_requirement_range(req[:requirement])
230
+
231
+ req.merge(requirement: new_requirement)
232
+ end
233
+
215
234
  def new_version_satisfies?(req)
216
235
  requirement_class.
217
236
  requirements_array(req.fetch(:requirement)).
@@ -256,8 +275,10 @@ module Dependabot
256
275
  next r.to_s if r.satisfied_by?(latest_resolvable_version)
257
276
 
258
277
  case op = r.requirements.first.first
259
- when "<", "<="
260
- "<" + update_greatest_version(r.to_s, latest_resolvable_version)
278
+ when "<"
279
+ "<" + update_greatest_version(r.requirements.first.last, latest_resolvable_version)
280
+ when "<="
281
+ "<=" + latest_resolvable_version.to_s
261
282
  when "!=", ">", ">="
262
283
  raise UnfixableRequirement
263
284
  else
@@ -329,14 +350,12 @@ module Dependabot
329
350
  end
330
351
  end
331
352
 
332
- # Updates the version in a "<" or "<=" constraint to allow the given
333
- # version
334
- def update_greatest_version(req_string, version_to_be_permitted)
353
+ # Updates the version in a "<" constraint to allow the given version
354
+ def update_greatest_version(version, version_to_be_permitted)
335
355
  if version_to_be_permitted.is_a?(String)
336
356
  version_to_be_permitted =
337
357
  Python::Version.new(version_to_be_permitted)
338
358
  end
339
- version = Python::Version.new(req_string.gsub(/<=?/, ""))
340
359
  version = version.release if version.prerelease?
341
360
 
342
361
  index_to_update = [
@@ -34,43 +34,25 @@ module Dependabot
34
34
 
35
35
  def latest_resolvable_version
36
36
  @latest_resolvable_version ||=
37
- case resolver_type
38
- when :pipenv
39
- pipenv_version_resolver.latest_resolvable_version(
37
+ if resolver_type == :requirements
38
+ resolver.latest_resolvable_version
39
+ elsif resolver_type == :pip_compile && resolver.resolvable?(version: latest_version)
40
+ latest_version
41
+ else
42
+ resolver.latest_resolvable_version(
40
43
  requirement: unlocked_requirement_string
41
44
  )
42
- when :poetry
43
- poetry_version_resolver.latest_resolvable_version(
44
- requirement: unlocked_requirement_string
45
- )
46
- when :pip_compile
47
- pip_compile_version_resolver.latest_resolvable_version(
48
- requirement: unlocked_requirement_string
49
- )
50
- when :requirements
51
- pip_version_resolver.latest_resolvable_version
52
- else raise "Unexpected resolver type #{resolver_type}"
53
45
  end
54
46
  end
55
47
 
56
48
  def latest_resolvable_version_with_no_unlock
57
49
  @latest_resolvable_version_with_no_unlock ||=
58
- case resolver_type
59
- when :pipenv
60
- pipenv_version_resolver.latest_resolvable_version(
61
- requirement: current_requirement_string
62
- )
63
- when :poetry
64
- poetry_version_resolver.latest_resolvable_version(
65
- requirement: current_requirement_string
66
- )
67
- when :pip_compile
68
- pip_compile_version_resolver.latest_resolvable_version(
50
+ if resolver_type == :requirements
51
+ resolver.latest_resolvable_version_with_no_unlock
52
+ else
53
+ resolver.latest_resolvable_version(
69
54
  requirement: current_requirement_string
70
55
  )
71
- when :requirements
72
- pip_version_resolver.latest_resolvable_version_with_no_unlock
73
- else raise "Unexpected resolver type #{resolver_type}"
74
56
  end
75
57
  end
76
58
 
@@ -115,34 +97,25 @@ module Dependabot
115
97
  raise NotImplementedError
116
98
  end
117
99
 
118
- def preferred_version_resolvable_with_unlock?
119
- # Our requirements file updater doesn't currently support widening
120
- # ranges, so avoid updating this dependency if widening ranges has been
121
- # required and the dependency is present on a requirements file.
122
- # Otherwise, we will crash later on. TODO: Consider what the correct
123
- # behavior is in these cases.
124
- return false if requirements_update_strategy == :widen_ranges && updating_requirements_file?
125
-
126
- super
127
- end
128
-
129
100
  def fetch_lowest_resolvable_security_fix_version
130
101
  fix_version = lowest_security_fix_version
131
102
  return latest_resolvable_version if fix_version.nil?
132
103
 
133
- return pip_version_resolver.lowest_resolvable_security_fix_version if resolver_type == :requirements
134
-
135
- resolver =
136
- case resolver_type
137
- when :pip_compile then pip_compile_version_resolver
138
- when :pipenv then pipenv_version_resolver
139
- when :poetry then poetry_version_resolver
140
- else raise "Unexpected resolver type #{resolver_type}"
141
- end
104
+ return resolver.lowest_resolvable_security_fix_version if resolver_type == :requirements
142
105
 
143
106
  resolver.resolvable?(version: fix_version) ? fix_version : nil
144
107
  end
145
108
 
109
+ def resolver
110
+ case resolver_type
111
+ when :pip_compile then pip_compile_version_resolver
112
+ when :pipenv then pipenv_version_resolver
113
+ when :poetry then poetry_version_resolver
114
+ when :requirements then pip_version_resolver
115
+ else raise "Unexpected resolver type #{resolver_type}"
116
+ end
117
+ end
118
+
146
119
  def resolver_type
147
120
  reqs = requirements
148
121
 
@@ -292,7 +265,7 @@ module Dependabot
292
265
 
293
266
  pypi_info = JSON.parse(index_response.body)["info"] || {}
294
267
  pypi_info["summary"] == library_details["description"]
295
- rescue Excon::Error::Timeout
268
+ rescue Excon::Error::Timeout, Excon::Error::Socket
296
269
  false
297
270
  rescue URI::InvalidURIError
298
271
  false
@@ -1,7 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "dependabot/version"
3
4
  require "dependabot/utils"
4
- require "rubygems_version_patch"
5
5
 
6
6
  # Python versions can include a local version identifier, which Ruby can't
7
7
  # parse. This class augments Gem::Version with local version identifier info.
@@ -9,7 +9,7 @@ require "rubygems_version_patch"
9
9
 
10
10
  module Dependabot
11
11
  module Python
12
- class Version < Gem::Version
12
+ class Version < Dependabot::Version
13
13
  attr_reader :epoch
14
14
  attr_reader :local_version
15
15
  attr_reader :post_release_version
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.214.0
4
+ version: 0.216.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-12-01 00:00:00.000000000 Z
11
+ date: 2023-04-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.214.0
19
+ version: 0.216.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.214.0
26
+ version: 0.216.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ">="
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.0.0
33
+ version: 1.7.1
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ">="
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.0.0
40
+ version: 1.7.1
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: gpgme
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -58,14 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 4.0.0
61
+ version: 4.2.0
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 4.0.0
68
+ version: 4.2.0
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rake
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -86,70 +86,70 @@ dependencies:
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: '3.8'
89
+ version: '3.12'
90
90
  type: :development
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: '3.8'
96
+ version: '3.12'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: rspec-its
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: '1.2'
103
+ version: '1.3'
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: '1.2'
110
+ version: '1.3'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: rubocop
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.39.0
117
+ version: 1.48.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.39.0
124
+ version: 1.48.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop-performance
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.15.0
131
+ version: 1.17.1
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.15.0
138
+ version: 1.17.1
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: simplecov
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
143
  - - "~>"
144
144
  - !ruby/object:Gem::Version
145
- version: 0.21.0
145
+ version: 0.22.0
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
150
  - - "~>"
151
151
  - !ruby/object:Gem::Version
152
- version: 0.21.0
152
+ version: 0.22.0
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: simplecov-console
155
155
  requirement: !ruby/object:Gem::Requirement
@@ -182,38 +182,40 @@ dependencies:
182
182
  name: vcr
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
- - - '='
185
+ - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: 6.1.0
187
+ version: '6.1'
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
- - - '='
192
+ - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: 6.1.0
194
+ version: '6.1'
195
195
  - !ruby/object:Gem::Dependency
196
196
  name: webmock
197
197
  requirement: !ruby/object:Gem::Requirement
198
198
  requirements:
199
199
  - - "~>"
200
200
  - !ruby/object:Gem::Version
201
- version: '3.4'
201
+ version: '3.18'
202
202
  type: :development
203
203
  prerelease: false
204
204
  version_requirements: !ruby/object:Gem::Requirement
205
205
  requirements:
206
206
  - - "~>"
207
207
  - !ruby/object:Gem::Version
208
- version: '3.4'
209
- description: Automated dependency management for Ruby, JavaScript, Python, PHP, Elixir,
210
- Rust, Java, .NET, Elm and Go
211
- email: support@dependabot.com
208
+ version: '3.18'
209
+ description: Dependabot-Python provides support for bumping Python packages via Dependabot.
210
+ If you want support for multiple package managers, you probably want the meta-gem
211
+ dependabot-omnibus.
212
+ email: opensource@github.com
212
213
  executables: []
213
214
  extensions: []
214
215
  extra_rdoc_files: []
215
216
  files:
216
217
  - helpers/build
218
+ - helpers/build_for_version
217
219
  - helpers/lib/__init__.py
218
220
  - helpers/lib/hasher.py
219
221
  - helpers/lib/parser.py
@@ -237,7 +239,7 @@ files:
237
239
  - lib/dependabot/python/file_updater/requirement_file_updater.rb
238
240
  - lib/dependabot/python/file_updater/requirement_replacer.rb
239
241
  - lib/dependabot/python/file_updater/setup_file_sanitizer.rb
240
- - lib/dependabot/python/helpers.rb
242
+ - lib/dependabot/python/language_version_manager.rb
241
243
  - lib/dependabot/python/metadata_finder.rb
242
244
  - lib/dependabot/python/name_normaliser.rb
243
245
  - lib/dependabot/python/native_helpers.rb
@@ -256,7 +258,9 @@ files:
256
258
  homepage: https://github.com/dependabot/dependabot-core
257
259
  licenses:
258
260
  - Nonstandard
259
- metadata: {}
261
+ metadata:
262
+ issue_tracker_uri: https://github.com/dependabot/dependabot-core/issues
263
+ changelog_uri: https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG.md
260
264
  post_install_message:
261
265
  rdoc_options: []
262
266
  require_paths:
@@ -272,8 +276,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
272
276
  - !ruby/object:Gem::Version
273
277
  version: 3.1.0
274
278
  requirements: []
275
- rubygems_version: 3.3.7
279
+ rubygems_version: 3.3.26
276
280
  signing_key:
277
281
  specification_version: 4
278
- summary: Python support for dependabot
282
+ summary: Provides Dependabot support for Python
279
283
  test_files: []
@@ -1,37 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "dependabot/logger"
4
- require "dependabot/python/version"
5
-
6
- module Dependabot
7
- module Python
8
- module Helpers
9
- def self.install_required_python(python_version)
10
- # The leading space is important in the version check
11
- return if SharedHelpers.run_shell_command("pyenv versions").include?(" #{python_major_minor(python_version)}.")
12
-
13
- if File.exist?("/usr/local/.pyenv/#{python_major_minor(python_version)}.tar.gz")
14
- SharedHelpers.run_shell_command(
15
- "tar xzf /usr/local/.pyenv/#{python_major_minor(python_version)}.tar.gz -C /usr/local/.pyenv/"
16
- )
17
- return if SharedHelpers.run_shell_command("pyenv versions").
18
- include?(" #{python_major_minor(python_version)}.")
19
- end
20
-
21
- Dependabot.logger.info("Installing required Python #{python_version}.")
22
- start = Time.now
23
- SharedHelpers.run_shell_command("pyenv install -s #{python_version}")
24
- SharedHelpers.run_shell_command("pyenv exec pip install --upgrade pip")
25
- SharedHelpers.run_shell_command("pyenv exec pip install -r" \
26
- "#{NativeHelpers.python_requirements_path}")
27
- time_taken = Time.now - start
28
- Dependabot.logger.info("Installing Python #{python_version} took #{time_taken}s.")
29
- end
30
-
31
- def self.python_major_minor(python_version)
32
- python = Python::Version.new(python_version)
33
- "#{python.segments[0]}.#{python.segments[1]}"
34
- end
35
- end
36
- end
37
- end