dependabot-python 0.235.0 → 0.236.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a9f6ef3950d4558611300b72d3839af555ea94e389aeb114a1257290901419e8
|
|
4
|
+
data.tar.gz: c896fc1ec74464344a70a3bf00add5181424b599c4553bf1d8dcb1e9708d8fcc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0c25f7375610f6be67b98731d756af8c16b551971dfef4661f59e48fd3b8cfb09ac962b60458bcb99ddcc40c58a6246c5e95062eb9d3724d0d7d93be5860e71a
|
|
7
|
+
data.tar.gz: 54538b41299885f7187c6c3fe8d2967eb2bf6001fdc18dfb897cc1b70841060de2b48f834e480406d4e8c595c5897d734856e549e9cfe04d820a66dee8e39c09
|
|
@@ -81,10 +81,11 @@ module Dependabot
|
|
|
81
81
|
old_req = old_r[:requirement]
|
|
82
82
|
|
|
83
83
|
declaration_regex = declaration_regex(dep, old_r)
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
84
|
+
declaration_match = content.match(declaration_regex)
|
|
85
|
+
if declaration_match
|
|
86
|
+
declaration = declaration_match[:declaration]
|
|
87
|
+
new_declaration = declaration.sub(old_req, new_req)
|
|
88
|
+
content.sub(declaration, new_declaration)
|
|
88
89
|
else
|
|
89
90
|
content.gsub(table_declaration_regex(dep, new_r)) do |match|
|
|
90
91
|
match.gsub(/(\s*version\s*=\s*["'])#{Regexp.escape(old_req)}/,
|
|
@@ -244,7 +245,9 @@ module Dependabot
|
|
|
244
245
|
end
|
|
245
246
|
|
|
246
247
|
def declaration_regex(dep, old_req)
|
|
247
|
-
|
|
248
|
+
group = old_req[:groups].first
|
|
249
|
+
|
|
250
|
+
/#{group}(?:\.dependencies)?\]\s*\n.*?(?<declaration>(?:^\s*|["'])#{escape(dep)}["']?\s*=[^\n]*)$/mi
|
|
248
251
|
end
|
|
249
252
|
|
|
250
253
|
def table_declaration_regex(dep, old_req)
|
|
@@ -82,6 +82,8 @@ module Dependabot
|
|
|
82
82
|
"git" => locked_details&.dig("source", "url"),
|
|
83
83
|
"rev" => locked_details&.dig("source", "reference")
|
|
84
84
|
}
|
|
85
|
+
subdirectory = locked_details&.dig("source", "subdirectory")
|
|
86
|
+
poetry_object[key][dep_name]["subdirectory"] = subdirectory if subdirectory
|
|
85
87
|
elsif poetry_object[key][dep_name].is_a?(Hash)
|
|
86
88
|
poetry_object[key][dep_name]["version"] = locked_version
|
|
87
89
|
elsif poetry_object[key][dep_name].is_a?(Array)
|
data/lib/dependabot/python.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.236.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-10-
|
|
11
|
+
date: 2023-10-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.236.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.236.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -245,7 +245,7 @@ licenses:
|
|
|
245
245
|
- Nonstandard
|
|
246
246
|
metadata:
|
|
247
247
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
248
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
248
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.236.0
|
|
249
249
|
post_install_message:
|
|
250
250
|
rdoc_options: []
|
|
251
251
|
require_paths:
|