dependabot-python 0.242.0 → 0.243.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dbc92acce577f6f8e65c4ec359e6baf8f1ecda036b4fa85054855fed57086e99
-  data.tar.gz: bcb6aa86eacb5e18fdbec0c3aa42cf7aef7f6335e85a7b442a9d428b81e74167
+  metadata.gz: 2b21f11fc70d892878937bbee1ebb777bfe04b7d5a343d2532e95d7e0ffbfb31
+  data.tar.gz: 1f801c4b70837b1beba89ef13fad5465d7cd3694e870b7651160d86d5feeace7
 SHA512:
-  metadata.gz: f0718cf4dc565dbc99077ab163462a66af9f11228e1866f97a8e782aa7819493f564f86ff7a70331c4112d19eebff4c0b3a3432b1d42fbc670b0bf5fdd851136
-  data.tar.gz: 9354d7b328dda77c82e9dad55f697bbe2d8a56a9af21f41c9005a49463cfda5665897f8ccdba2903ecd2fd540ed76cace41c50030d6873fe75eb43be99e4e4b5
+  metadata.gz: 9bf132f27cdcb751c790c4bf789dc5226243075811cbf87567f255a8a0d4d6e4d0819f4faa433ba1c371468ae1be00eaf0434a22ac1bd967bae7dc5fb3811930
+  data.tar.gz: f62aa6eaa2ec10aa079b9cfcdbb6dcc6191662a28ee2afe687d8c92241cf676b0aeb2dbda44a9229e51e494d44f7ae3c07bd95a5a67ab551a87b2e6d17606431

data/helpers/requirements.txt

@@ -2,7 +2,7 @@ pip==23.3.2
 pip-tools==7.3.0
 flake8==7.0.0
 hashin==0.17.0
-pipenv@git+https://github.com/pypa/pipenv@main
+pipenv==2023.11.17
 pipfile==0.0.2
 poetry==1.7.1
 

data/lib/dependabot/python/file_parser/pyproject_files_parser.rb

@@ -1,4 +1,4 @@
-# typed: false
+# typed: true
 # frozen_string_literal: true
 
 require "toml-rb"

data/lib/dependabot/python/file_parser.rb

@@ -91,7 +91,7 @@ module Dependabot
               }]
             end
 
-          # PyYAML < 6.0 will cause `pip-compile` to fail due to incompatiblity with Cython 3. Workaround it.
+          # PyYAML < 6.0 will cause `pip-compile` to fail due to incompatibility with Cython 3. Workaround it.
           SharedHelpers.run_shell_command("pyenv exec pip install cython<3.0") if old_pyyaml?(name, version)
 
           dependencies <<

data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb

@@ -463,7 +463,7 @@ module Dependabot
             .map do |cred|
               authed_url = AuthedUrlBuilder.authed_url(credential: cred)
 
-              if cred["replaces-base"]
+              if cred.replaces_base?
                 "--index-url=#{authed_url}"
               else
                 "--extra-index-url=#{authed_url}"

data/lib/dependabot/python/update_checker/index_finder.rb

@@ -146,13 +146,13 @@ module Dependabot
           index_url_creds = credentials
                             .select { |cred| cred["type"] == "python_index" }
 
-          if (main_cred = index_url_creds.find { |cred| cred["replaces-base"] })
+          if (main_cred = index_url_creds.find(&:replaces_base?))
             urls[:main] = AuthedUrlBuilder.authed_url(credential: main_cred)
           end
 
           urls[:extra] =
             index_url_creds
-            .reject { |cred| cred["replaces-base"] }
+            .reject(&:replaces_base?)
             .map { |cred| AuthedUrlBuilder.authed_url(credential: cred) }
 
           urls

data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb

@@ -257,7 +257,7 @@ module Dependabot
             .map do |cred|
               authed_url = AuthedUrlBuilder.authed_url(credential: cred)
 
-              if cred["replaces-base"]
+              if cred.replaces_base?
                 "--index-url=#{authed_url}"
               else
                 "--extra-index-url=#{authed_url}"

data/lib/dependabot/python/version.rb

@@ -1,4 +1,4 @@
-# typed: false
+# typed: true
 # frozen_string_literal: true
 
 require "dependabot/version"
@@ -59,7 +59,7 @@ module Dependabot
         return epoch_comparison unless epoch_comparison.zero?
 
         version_comparison = super(other)
-        return version_comparison unless version_comparison.zero?
+        return version_comparison unless version_comparison&.zero?
 
         post_version_comparison = post_version_comparison(other)
         return post_version_comparison unless post_version_comparison.zero?
@@ -96,7 +96,7 @@ module Dependabot
 
         local_comparison = Gem::Version.new(lhs) <=> Gem::Version.new(rhs)
 
-        return local_comparison unless local_comparison.zero?
+        return local_comparison unless local_comparison&.zero?
 
         lhsegments.count <=> rhsegments.count
       end

data/lib/dependabot/python.rb

@@ -33,6 +33,3 @@ Dependabot::Dependency.register_name_normaliser(
   "pip",
   ->(name) { Dependabot::Python::NameNormaliser.normalise(name) }
 )
-
-require "dependabot/utils"
-Dependabot::Utils.register_always_clone("pip")

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.242.0
+  version: 0.243.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-01-22 00:00:00.000000000 Z
+date: 2024-02-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.242.0
+        version: 0.243.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.242.0
+        version: 0.243.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -274,7 +274,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.242.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.243.0
 post_install_message: 
 rdoc_options: []
 require_paths: