RubyGems - dependabot-python - Versions diffs - 0.235.0 → 0.236.0 - Mend

dependabot-python 0.235.0 → 0.236.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml +4 -4
data/lib/dependabot/python/file_updater/poetry_file_updater.rb +8 -5
data/lib/dependabot/python/file_updater/pyproject_preparer.rb +2 -0
data/lib/dependabot/python/requirement_parser.rb +1 -1
data/lib/dependabot/python.rb +1 -1
metadata +5 -5

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b267a681a1cb7f4fe9493bab088098d89b943ab77c074ee5dda1837f0a3901a2
-  data.tar.gz: f3fe927fe0afbec634e0ca2feb0ed313bfeda7a0c510457d00e864d409d277da
+  metadata.gz: a9f6ef3950d4558611300b72d3839af555ea94e389aeb114a1257290901419e8
+  data.tar.gz: c896fc1ec74464344a70a3bf00add5181424b599c4553bf1d8dcb1e9708d8fcc
 SHA512:
-  metadata.gz: a6e4ce8030018586812a2e87db6c7fcfacf8408982b7925a722ff503c8a6d4fd8352b9da3e6c8d527447a4931242a9146fe3a758294bd50c89675e4d77ac6769
-  data.tar.gz: 953aa95ad316e5856c55069bcebb1ec886c0482ed5bdc430ca4c616411e052cee928d6a0a9c8c3833a85b6e6ada8a91a0dc4ecccc4fca9458145d8ef67628561
+  metadata.gz: 0c25f7375610f6be67b98731d756af8c16b551971dfef4661f59e48fd3b8cfb09ac962b60458bcb99ddcc40c58a6246c5e95062eb9d3724d0d7d93be5860e71a
+  data.tar.gz: 54538b41299885f7187c6c3fe8d2967eb2bf6001fdc18dfb897cc1b70841060de2b48f834e480406d4e8c595c5897d734856e549e9cfe04d820a66dee8e39c09

data/lib/dependabot/python/file_updater/poetry_file_updater.rb CHANGED Viewed

@@ -81,10 +81,11 @@ module Dependabot
           old_req = old_r[:requirement]
           declaration_regex = declaration_regex(dep, old_r)
-          if content.match?(declaration_regex)
-            content.gsub(declaration_regex) do |match|
-              match.gsub(old_req, new_req)
-            end
+          declaration_match = content.match(declaration_regex)
+          if declaration_match
+            declaration = declaration_match[:declaration]
+            new_declaration = declaration.sub(old_req, new_req)
+            content.sub(declaration, new_declaration)
           else
             content.gsub(table_declaration_regex(dep, new_r)) do |match|
               match.gsub(/(\s*version\s*=\s*["'])#{Regexp.escape(old_req)}/,
@@ -244,7 +245,9 @@ module Dependabot
         end
         def declaration_regex(dep, old_req)
-          /#{old_req[:groups].first}(?:\.dependencies)?\]\s*\n.*?(?:^\s*|["'])#{escape(dep)}["']?\s*=.*$/mi
+          group = old_req[:groups].first
+          /#{group}(?:\.dependencies)?\]\s*\n.*?(?<declaration>(?:^\s*|["'])#{escape(dep)}["']?\s*=[^\n]*)$/mi
         end
         def table_declaration_regex(dep, old_req)

data/lib/dependabot/python/file_updater/pyproject_preparer.rb CHANGED Viewed

@@ -82,6 +82,8 @@ module Dependabot
                   "git" => locked_details&.dig("source", "url"),
                   "rev" => locked_details&.dig("source", "reference")
                 }
+                subdirectory = locked_details&.dig("source", "subdirectory")
+                poetry_object[key][dep_name]["subdirectory"] = subdirectory if subdirectory
               elsif poetry_object[key][dep_name].is_a?(Hash)
                 poetry_object[key][dep_name]["version"] = locked_version
               elsif poetry_object[key][dep_name].is_a?(Array)

data/lib/dependabot/python/requirement_parser.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# typed: true
+# typed: strong
 # frozen_string_literal: true
 module Dependabot

data/lib/dependabot/python.rb CHANGED Viewed

@@ -1,4 +1,4 @@
-# typed: true
+# typed: strict
 # frozen_string_literal: true
 # These all need to be required so the various classes can be registered in a

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.235.0
+  version: 0.236.0
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-19 00:00:00.000000000 Z
+date: 2023-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.235.0
+        version: 0.236.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.235.0
+        version: 0.236.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -245,7 +245,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.235.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.236.0
 post_install_message:
 rdoc_options: []
 require_paths: