dependabot-python 0.225.0 → 0.226.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/requirements.txt +2 -3
  3. data/lib/dependabot/python/file_fetcher.rb +31 -14
  4. data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb +0 -3
  5. data/lib/dependabot/python/file_updater/pipfile_file_updater.rb +3 -6
  6. data/lib/dependabot/python/file_updater/pipfile_preparer.rb +7 -6
  7. data/lib/dependabot/python/file_updater/poetry_file_updater.rb +0 -3
  8. data/lib/dependabot/python/file_updater/requirement_file_updater.rb +0 -3
  9. data/lib/dependabot/python/language_version_manager.rb +1 -2
  10. data/lib/dependabot/python/metadata_finder.rb +0 -1
  11. data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb +0 -11
  12. metadata +7 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9d804625d39f5d3fae7776c1963e2f33347a97fb4e9dae189674abb3dd5b3b99
4
- data.tar.gz: 25193d26af70d445a683c82f7a2ea4151f1bd879e2ac35cf55d053dc761ddbac
3
+ metadata.gz: 62fa8493503751dac8cc47e22819a502a292e5de2523c22a5dbd9edcb44e8051
4
+ data.tar.gz: 37ea1a41eb2064d2eb28149f86bc6e0c6aee4e9f6b40c64e044fa8b0d69ac8af
5
5
  SHA512:
6
- metadata.gz: 1cbc7939f48ba24aedc80ce89dd0251ec5573197b2f5e6fe7a859b0192bed3e7009dca46287ebbd39f198d2fb5af4c453d4e84cd425b57175f532260386a9994
7
- data.tar.gz: b46f5e9c0dbe616b337bd03d3621ec4a004a7f6e8ff323fa32595af884906908249f126ad1de23467c8a5b936256a5a3c30146113ecccb404b118c1e9383de17
6
+ metadata.gz: '08074756f750b4cae957e60277544eac7c23ec2f958a78d44d8c258921fbba181d783c1a1cf0ca11813969ad1cf0446493367893a797493ab9febae8668ddf75'
7
+ data.tar.gz: 5416cb34a8d3a2aeaf66da9a8bbe90e44d00ff950ed1444c1558131af7863ba7fc1b7b8944c153647686a129539d01b62d9cc2e6b9796927c43f9e0011909a76
data/helpers/requirements.txt CHANGED
@@ -1,10 +1,9 @@
1
1
  pip>=21.3.1,<23.2.0 # Range maintains py36 support TODO: Review python 3.6 support in April 2023 (eol ubuntu 18.04)
2
- pip-tools>=6.4.0,<=6.13.0 # Range maintains py36 support TODO: Review python 3.6 support in April 2023 (eol ubuntu 18.04)
2
+ pip-tools>=6.4.0,<=6.14.0 # Range maintains py36 support TODO: Review python 3.6 support in April 2023 (eol ubuntu 18.04)
3
3
  hashin==0.17.0
4
4
  pipenv==2022.4.8
5
5
  pipfile==0.0.2
6
6
  poetry>=1.1.15,<1.6.0
7
- wheel==0.37.1
8
7
 
9
8
  # Some dependencies will only install if Cython is present
10
- Cython==0.29.34
9
+ Cython==3.0.0
data/lib/dependabot/python/file_fetcher.rb CHANGED
@@ -116,21 +116,27 @@ module Dependabot
116
116
  end
117
117
 
118
118
  def setup_file
119
- @setup_file ||= fetch_file_if_present("setup.py")
119
+ return @setup_file if defined?(@setup_file)
120
+
121
+ @setup_file = fetch_file_if_present("setup.py")
120
122
  end
121
123
 
122
124
  def setup_cfg_file
123
- @setup_cfg_file ||= fetch_file_if_present("setup.cfg")
125
+ return @setup_cfg_file if defined?(@setup_cfg_file)
126
+
127
+ @setup_cfg_file = fetch_file_if_present("setup.cfg")
124
128
  end
125
129
 
126
130
  def pip_conf
127
- @pip_conf ||= fetch_file_if_present("pip.conf")&.
128
- tap { |f| f.support_file = true }
131
+ return @pip_conf if defined?(@pip_conf)
132
+
133
+ @pip_conf = fetch_support_file("pip.conf")
129
134
  end
130
135
 
131
136
  def python_version_file
132
- @python_version_file ||= fetch_file_if_present(".python-version")&.
133
- tap { |f| f.support_file = true }
137
+ return @python_version_file if defined?(@python_version_file)
138
+
139
+ @python_version_file = fetch_support_file(".python-version")
134
140
 
135
141
  return @python_version_file if @python_version_file
136
142
  return if [".", "/"].include?(directory)
@@ -138,33 +144,44 @@ module Dependabot
138
144
  # Check the top-level for a .python-version file, too
139
145
  reverse_path = Pathname.new(directory[0]).relative_path_from(directory)
140
146
  @python_version_file ||=
141
- fetch_file_if_present(File.join(reverse_path, ".python-version"))&.
142
- tap { |f| f.support_file = true }&.
147
+ fetch_support_file(File.join(reverse_path, ".python-version"))&.
143
148
  tap { |f| f.name = ".python-version" }
144
149
  end
145
150
 
146
151
  def pipfile
147
- @pipfile ||= fetch_file_if_present("Pipfile")
152
+ return @pipfile if defined?(@pipfile)
153
+
154
+ @pipfile = fetch_file_if_present("Pipfile")
148
155
  end
149
156
 
150
157
  def pipfile_lock
151
- @pipfile_lock ||= fetch_file_if_present("Pipfile.lock")
158
+ return @pipfile_lock if defined?(@pipfile_lock)
159
+
160
+ @pipfile_lock = fetch_file_if_present("Pipfile.lock")
152
161
  end
153
162
 
154
163
  def pyproject
155
- @pyproject ||= fetch_file_if_present("pyproject.toml")
164
+ return @pyproject if defined?(@pyproject)
165
+
166
+ @pyproject = fetch_file_if_present("pyproject.toml")
156
167
  end
157
168
 
158
169
  def pyproject_lock
159
- @pyproject_lock ||= fetch_file_if_present("pyproject.lock")
170
+ return @pyproject_lock if defined?(@pyproject_lock)
171
+
172
+ @pyproject_lock = fetch_file_if_present("pyproject.lock")
160
173
  end
161
174
 
162
175
  def poetry_lock
163
- @poetry_lock ||= fetch_file_if_present("poetry.lock")
176
+ return @poetry_lock if defined?(@poetry_lock)
177
+
178
+ @poetry_lock = fetch_file_if_present("poetry.lock")
164
179
  end
165
180
 
166
181
  def pdm_lock
167
- @pdm_lock ||= fetch_file_if_present("pdm.lock")
182
+ return @pdm_lock if defined?(@pdm_lock)
183
+
184
+ @pdm_lock = fetch_file_if_present("pdm.lock")
168
185
  end
169
186
 
170
187
  def requirements_txt_files
data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb CHANGED
@@ -37,9 +37,6 @@ module Dependabot
37
37
  end
38
38
 
39
39
  def updated_dependency_files
40
- return @updated_dependency_files if @update_already_attempted
41
-
42
- @update_already_attempted = true
43
40
  @updated_dependency_files ||= fetch_updated_dependency_files
44
41
  end
45
42
 
data/lib/dependabot/python/file_updater/pipfile_file_updater.rb CHANGED
@@ -30,9 +30,6 @@ module Dependabot
30
30
  end
31
31
 
32
32
  def updated_dependency_files
33
- return @updated_dependency_files if @update_already_attempted
34
-
35
- @update_already_attempted = true
36
33
  @updated_dependency_files ||= fetch_updated_dependency_files
37
34
  end
38
35
 
@@ -92,7 +89,7 @@ module Dependabot
92
89
 
93
90
  # Find any requirement files that list the same dependencies as
94
91
  # the (old) Pipfile.lock. Any such files were almost certainly
95
- # generated using `pipenv lock -r`
92
+ # generated using `pipenv requirements`
96
93
  requirements_files.select do |req_file|
97
94
  deps = []
98
95
  req_file.content.scan(regex) { deps << Regexp.last_match }
@@ -237,12 +234,12 @@ module Dependabot
237
234
 
238
235
  def generate_updated_requirements_files
239
236
  req_content = run_pipenv_command(
240
- "pyenv exec pipenv lock -r"
237
+ "pyenv exec pipenv requirements"
241
238
  )
242
239
  File.write("req.txt", req_content)
243
240
 
244
241
  dev_req_content = run_pipenv_command(
245
- "pyenv exec pipenv lock -r -d"
242
+ "pyenv exec pipenv requirements --dev"
246
243
  )
247
244
  File.write("dev-req.txt", dev_req_content)
248
245
  end
data/lib/dependabot/python/file_updater/pipfile_preparer.rb CHANGED
@@ -109,9 +109,7 @@ module Dependabot
109
109
  end
110
110
 
111
111
  def pipfile_sources
112
- @pipfile_sources ||=
113
- TomlRB.parse(pipfile_content).fetch("source", []).
114
- map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
112
+ @pipfile_sources ||= TomlRB.parse(pipfile_content).fetch("source", [])
115
113
  end
116
114
 
117
115
  def sub_auth_url(source, credentials)
@@ -132,9 +130,12 @@ module Dependabot
132
130
 
133
131
  def config_variable_sources(credentials)
134
132
  @config_variable_sources ||=
135
- credentials.
136
- select { |cred| cred["type"] == "python_index" }.
137
- map { |c| { "url" => AuthedUrlBuilder.authed_url(credential: c) } }
133
+ credentials.select { |cred| cred["type"] == "python_index" }.map.with_index do |c, i|
134
+ {
135
+ "name" => "dependabot-inserted-index-#{i}",
136
+ "url" => AuthedUrlBuilder.authed_url(credential: c)
137
+ }
138
+ end
138
139
  end
139
140
  end
140
141
  end
data/lib/dependabot/python/file_updater/poetry_file_updater.rb CHANGED
@@ -28,9 +28,6 @@ module Dependabot
28
28
  end
29
29
 
30
30
  def updated_dependency_files
31
- return @updated_dependency_files if @update_already_attempted
32
-
33
- @update_already_attempted = true
34
31
  @updated_dependency_files ||= fetch_updated_dependency_files
35
32
  end
36
33
 
data/lib/dependabot/python/file_updater/requirement_file_updater.rb CHANGED
@@ -20,9 +20,6 @@ module Dependabot
20
20
  end
21
21
 
22
22
  def updated_dependency_files
23
- return @updated_dependency_files if @update_already_attempted
24
-
25
- @update_already_attempted = true
26
23
  @updated_dependency_files ||= fetch_updated_dependency_files
27
24
  end
28
25
 
data/lib/dependabot/python/language_version_manager.rb CHANGED
@@ -33,8 +33,7 @@ module Dependabot
33
33
  end
34
34
 
35
35
  def python_major_minor
36
- @python ||= Python::Version.new(python_version)
37
- "#{@python.segments[0]}.#{@python.segments[1]}"
36
+ @python_major_minor ||= Python::Version.new(python_version).segments[0..1].join(".")
38
37
  end
39
38
 
40
39
  def python_version
data/lib/dependabot/python/metadata_finder.rb CHANGED
@@ -27,7 +27,6 @@ module Dependabot
27
27
  potential_source_urls = [
28
28
  pypi_listing.dig("info", "project_urls", "Source"),
29
29
  pypi_listing.dig("info", "home_page"),
30
- pypi_listing.dig("info", "bugtrack_url"),
31
30
  pypi_listing.dig("info", "download_url"),
32
31
  pypi_listing.dig("info", "docs_url")
33
32
  ].compact
data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb CHANGED
@@ -301,17 +301,6 @@ module Dependabot
301
301
  env
302
302
  end
303
303
 
304
- def error_certainly_bad_python_version?(message)
305
- return true if message.include?("UnsupportedPythonVersion")
306
-
307
- unless message.include?('"python setup.py egg_info" failed') ||
308
- message.include?("exit status 1: python setup.py egg_info")
309
- return false
310
- end
311
-
312
- message.include?("SyntaxError")
313
- end
314
-
315
304
  def write_temporary_dependency_files(updated_req: nil,
316
305
  update_requirement: true)
317
306
  dependency_files.each do |file|
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.225.0
4
+ version: 0.226.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-07-31 00:00:00.000000000 Z
11
+ date: 2023-08-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.225.0
19
+ version: 0.226.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.225.0
26
+ version: 0.226.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -128,14 +128,14 @@ dependencies:
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.17.1
131
+ version: 1.18.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.17.1
138
+ version: 1.18.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: stackprof
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -231,7 +231,7 @@ licenses:
231
231
  - Nonstandard
232
232
  metadata:
233
233
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
234
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.225.0
234
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.226.0
235
235
  post_install_message:
236
236
  rdoc_options: []
237
237
  require_paths: