dependabot-python 0.281.0 → 0.282.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1273f0793f6c0432a5a66468ec19a460c854eda211c935c45af189d1c7b11e9d
4
- data.tar.gz: c938f342ad448550e12036631ecefe4623d5d16afebf21aa01bfe85a0c048ab2
3
+ metadata.gz: cb78159e578c1979c167b0539aef17d508c9a07b17b257c05a7d177a3c543d56
4
+ data.tar.gz: 31e6e4a5c352927c54cca8ef0a9b69265737d1739e9d85622aab8fba4b9e5ac3
5
5
  SHA512:
6
- metadata.gz: a2ae4f68e9cdba267b00989165544e24384d8cd10b58c99802066214fb0b354a9c331af03e8b611a0195eda2d6d760c8cb354584b29b3a7b0d7f42e8e14067a7
7
- data.tar.gz: 39a45d259c975b32debd5f3d21edd53622fb863630da7fe0bdafb6170f6adde5e3f556c36896cac357475b14797ac878855c4b9d171f7d29799bc8bd8ac20854
6
+ metadata.gz: 4a15a3f16e2e68aa7c35d2fc3c011e88210a483cc13b7676e6412a035b8dac2abc831f395074185ca21e4bc020aa0cc775bb8d4b8efb3dda2be0332612bdf3f7
7
+ data.tar.gz: a241cbe9a4b2bab87b9daa50ad2e3ff357b2890f4ecb3f540a97350d44e7a24bd39dcfa660f9d2777d950834ab114ff54183255e35e8edfb22b1daeea92c74ae
@@ -11,9 +11,9 @@ module Dependabot
11
11
  PRE_INSTALLED_PYTHON_VERSIONS = %w(
12
12
  3.12.5
13
13
  3.11.9
14
- 3.10.13
14
+ 3.10.15
15
15
  3.9.18
16
- 3.8.18
16
+ 3.8.20
17
17
  ).freeze
18
18
 
19
19
  def initialize(python_requirement_parser:)
@@ -24,7 +24,7 @@ module Dependabot
24
24
  .map { |k| Regexp.quote(k) }.join("|")
25
25
  version_pattern = Python::Version::VERSION_PATTERN
26
26
 
27
- PATTERN_RAW = "\\s*(#{quoted})?\\s*(#{version_pattern})\\s*".freeze
27
+ PATTERN_RAW = "\\s*(?<op>#{quoted})?\\s*(?<version>#{version_pattern})\\s*".freeze
28
28
  PATTERN = /\A#{PATTERN_RAW}\z/
29
29
  PARENS_PATTERN = /\A\(([^)]+)\)\z/
30
30
 
@@ -36,24 +36,14 @@ module Dependabot
36
36
  line = matches[1]
37
37
  end
38
38
 
39
- pattern = PATTERN
40
-
41
- if Dependabot::Experiments.enabled?(:python_new_version)
42
- quoted = OPS.keys.sort_by(&:length).reverse
43
- .map { |k| Regexp.quote(k) }.join("|")
44
- version_pattern = Python::Version::NEW_VERSION_PATTERN
45
- pattern_raw = "\\s*(?<op>#{quoted})?\\s*(?<version>#{version_pattern})\\s*".freeze
46
- pattern = /\A#{pattern_raw}\z/
47
- end
48
-
49
- unless (matches = pattern.match(line))
39
+ unless (matches = PATTERN.match(line))
50
40
  msg = "Illformed requirement [#{obj.inspect}]"
51
41
  raise BadRequirementError, msg
52
42
  end
53
43
 
54
- return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
44
+ return DefaultRequirement if matches[:op] == ">=" && matches[:version] == "0"
55
45
 
56
- [matches[1] || "=", Python::Version.new(T.must(matches[2]))]
46
+ [matches[:op] || "=", Python::Version.new(T.must(matches[:version]))]
57
47
  end
58
48
 
59
49
  # Returns an array of requirements. At least one requirement from the
@@ -159,10 +159,7 @@ module Dependabot
159
159
  end
160
160
 
161
161
  def wants_prerelease?
162
- if dependency.version
163
- version = version_class.new(dependency.version.tr("+", "."))
164
- return version.prerelease?
165
- end
162
+ return version_class.new(dependency.version).prerelease? if dependency.version
166
163
 
167
164
  dependency.requirements.any? do |req|
168
165
  reqs = (req.fetch(:requirement) || "").split(",").map(&:strip)
@@ -27,14 +27,11 @@ module Dependabot
27
27
  sig { returns(T.nilable(T::Array[T.any(String, Integer)])) }
28
28
  attr_reader :local
29
29
 
30
- attr_reader :local_version
31
- attr_reader :post_release_version
32
-
33
30
  INFINITY = 1000
34
31
  NEGATIVE_INFINITY = -INFINITY
35
32
 
36
33
  # See https://peps.python.org/pep-0440/#appendix-b-parsing-version-strings-with-regular-expressions
37
- NEW_VERSION_PATTERN = /
34
+ VERSION_PATTERN = /
38
35
  v?
39
36
  (?:
40
37
  (?:(?<epoch>[0-9]+)!)? # epoch
@@ -65,62 +62,37 @@ module Dependabot
65
62
  (?:\+(?<local>[a-z0-9]+(?:[-_\.][a-z0-9]+)*))? # local version
66
63
  /ix
67
64
 
68
- VERSION_PATTERN = 'v?([1-9][0-9]*!)?[0-9]+[0-9a-zA-Z]*(?>\.[0-9a-zA-Z]+)*' \
69
- '(-[0-9A-Za-z]+(\.[0-9a-zA-Z]+)*)?' \
70
- '(\+[0-9a-zA-Z]+(\.[0-9a-zA-Z]+)*)?'
71
-
72
65
  ANCHORED_VERSION_PATTERN = /\A\s*#{VERSION_PATTERN}\s*\z/
73
66
 
74
67
  sig { override.params(version: VersionParameter).returns(T::Boolean) }
75
68
  def self.correct?(version)
76
69
  return false if version.nil?
77
70
 
78
- if Dependabot::Experiments.enabled?(:python_new_version)
79
- version.to_s.match?(/\A\s*#{NEW_VERSION_PATTERN}\s*\z/o)
80
- else
81
- version.to_s.match?(ANCHORED_VERSION_PATTERN)
82
- end
71
+ version.to_s.match?(ANCHORED_VERSION_PATTERN)
83
72
  end
84
73
 
85
74
  sig { override.params(version: VersionParameter).void }
86
- def initialize(version) # rubocop:disable Metrics/AbcSize,Metrics/PerceivedComplexity
75
+ def initialize(version)
87
76
  raise Dependabot::BadRequirementError, "Malformed version string - string is nil" if version.nil?
88
77
 
89
78
  @version_string = version.to_s
90
79
 
91
80
  raise Dependabot::BadRequirementError, "Malformed version string - string is empty" if @version_string.empty?
92
81
 
93
- matches = anchored_version_pattern.match(@version_string.downcase)
82
+ matches = ANCHORED_VERSION_PATTERN.match(@version_string.downcase)
94
83
 
95
84
  unless matches
96
85
  raise Dependabot::BadRequirementError,
97
86
  "Malformed version string - #{@version_string} does not match regex"
98
87
  end
99
88
 
100
- if Dependabot::Experiments.enabled?(:python_new_version)
101
- @epoch = matches["epoch"].to_i
102
- @release_segment = matches["release"]&.split(".")&.map(&:to_i) || []
103
- @pre = parse_letter_version(matches["pre_l"], matches["pre_n"])
104
- @post = parse_letter_version(matches["post_l"], matches["post_n1"] || matches["post_n2"])
105
- @dev = parse_letter_version(matches["dev_l"], matches["dev_n"])
106
- @local = parse_local_version(matches["local"])
107
- super(matches["release"] || "")
108
- else
109
- version, @local_version = @version_string.split("+")
110
- version ||= ""
111
- version = version.gsub(/^v/, "")
112
- if version.include?("!")
113
- epoch, version = version.split("!")
114
- @epoch = epoch.to_i
115
- else
116
- @epoch = 0
117
- end
118
- version = normalise_prerelease(version)
119
- version, @post_release_version = version.split(/\.r(?=\d)/)
120
- version ||= ""
121
- @local_version = normalise_prerelease(@local_version) if @local_version
122
- super
123
- end
89
+ @epoch = matches["epoch"].to_i
90
+ @release_segment = matches["release"]&.split(".")&.map(&:to_i) || []
91
+ @pre = parse_letter_version(matches["pre_l"], matches["pre_n"])
92
+ @post = parse_letter_version(matches["post_l"], matches["post_n1"] || matches["post_n2"])
93
+ @dev = parse_letter_version(matches["dev_l"], matches["dev_n"])
94
+ @local = parse_local_version(matches["local"])
95
+ super(matches["release"] || "")
124
96
  end
125
97
 
126
98
  sig { override.params(version: VersionParameter).returns(Dependabot::Python::Version) }
@@ -140,52 +112,35 @@ module Dependabot
140
112
 
141
113
  sig { returns(T::Boolean) }
142
114
  def prerelease?
143
- return super unless Dependabot::Experiments.enabled?(:python_new_version)
144
-
145
115
  !!(pre || dev)
146
116
  end
147
117
 
148
- sig { returns(T.any(Gem::Version, Dependabot::Python::Version)) }
118
+ sig { returns(Dependabot::Python::Version) }
149
119
  def release
150
- return super unless Dependabot::Experiments.enabled?(:python_new_version)
151
-
152
120
  Dependabot::Python::Version.new(release_segment.join("."))
153
121
  end
154
122
 
155
123
  sig { params(other: VersionParameter).returns(Integer) }
156
- def <=>(other) # rubocop:disable Metrics/AbcSize,Metrics/PerceivedComplexity
124
+ def <=>(other)
157
125
  other = Dependabot::Python::Version.new(other.to_s) unless other.is_a?(Dependabot::Python::Version)
158
126
  other = T.cast(other, Dependabot::Python::Version)
159
127
 
160
- if Dependabot::Experiments.enabled?(:python_new_version)
161
- epoch_comparison = epoch <=> other.epoch
162
- return epoch_comparison unless epoch_comparison.zero?
128
+ epoch_comparison = epoch <=> other.epoch
129
+ return epoch_comparison unless epoch_comparison.zero?
163
130
 
164
- release_comparison = release_version_comparison(other)
165
- return release_comparison unless release_comparison.zero?
131
+ release_comparison = release_version_comparison(other)
132
+ return release_comparison unless release_comparison.zero?
166
133
 
167
- pre_comparison = compare_keys(pre_cmp_key, other.pre_cmp_key)
168
- return pre_comparison unless pre_comparison.zero?
134
+ pre_comparison = compare_keys(pre_cmp_key, other.pre_cmp_key)
135
+ return pre_comparison unless pre_comparison.zero?
169
136
 
170
- post_comparison = compare_keys(post_cmp_key, other.post_cmp_key)
171
- return post_comparison unless post_comparison.zero?
137
+ post_comparison = compare_keys(post_cmp_key, other.post_cmp_key)
138
+ return post_comparison unless post_comparison.zero?
172
139
 
173
- dev_comparison = compare_keys(dev_cmp_key, other.dev_cmp_key)
174
- return dev_comparison unless dev_comparison.zero?
140
+ dev_comparison = compare_keys(dev_cmp_key, other.dev_cmp_key)
141
+ return dev_comparison unless dev_comparison.zero?
175
142
 
176
- compare_keys(local_cmp_key, other.local_cmp_key)
177
- else
178
- epoch_comparison = epoch_comparison(other)
179
- return epoch_comparison unless epoch_comparison.zero?
180
-
181
- version_comparison = super
182
- return T.must(version_comparison) unless version_comparison&.zero?
183
-
184
- post_version_comparison = post_version_comparison(other)
185
- return post_version_comparison unless post_version_comparison.zero?
186
-
187
- local_version_comparison(other)
188
- end
143
+ compare_keys(local_cmp_key, other.local_cmp_key)
189
144
  end
190
145
 
191
146
  sig do
@@ -254,6 +209,11 @@ module Dependabot
254
209
  T.must(dev)
255
210
  end
256
211
 
212
+ sig { returns(String) }
213
+ def lowest_prerelease_suffix
214
+ "dev0"
215
+ end
216
+
257
217
  private
258
218
 
259
219
  sig { params(other: Dependabot::Python::Version).returns(Integer) }
@@ -321,65 +281,6 @@ module Dependabot
321
281
 
322
282
  [letter, number.to_i]
323
283
  end
324
-
325
- sig { returns(Regexp) }
326
- def anchored_version_pattern
327
- if Dependabot::Experiments.enabled?(:python_new_version)
328
- /\A\s*#{NEW_VERSION_PATTERN}\s*\z/o
329
- else
330
- ANCHORED_VERSION_PATTERN
331
- end
332
- end
333
-
334
- def epoch_comparison(other)
335
- epoch.to_i <=> other.epoch.to_i
336
- end
337
-
338
- def post_version_comparison(other)
339
- unless other.post_release_version
340
- return post_release_version.nil? ? 0 : 1
341
- end
342
-
343
- return -1 if post_release_version.nil?
344
-
345
- post_release_version.to_i <=> other.post_release_version.to_i
346
- end
347
-
348
- def local_version_comparison(other)
349
- # Local version comparison works differently in Python: `1.0.beta`
350
- # compares as greater than `1.0`. To accommodate, we make the
351
- # strings the same length before comparing.
352
- lhsegments = local_version.to_s.split(".").map(&:downcase)
353
- rhsegments = other.local_version.to_s.split(".").map(&:downcase)
354
- limit = [lhsegments.count, rhsegments.count].min
355
-
356
- lhs = ["1", *lhsegments.first(limit)].join(".")
357
- rhs = ["1", *rhsegments.first(limit)].join(".")
358
-
359
- local_comparison = Gem::Version.new(lhs) <=> Gem::Version.new(rhs)
360
-
361
- return local_comparison unless local_comparison&.zero?
362
-
363
- lhsegments.count <=> rhsegments.count
364
- end
365
-
366
- def normalise_prerelease(version)
367
- # Python has reserved words for release states, which are treated
368
- # as equal (e.g., preview, pre and rc).
369
- # Further, Python treats dashes as a separator between version
370
- # parts and treats the alphabetical characters in strings as the
371
- # start of a new version part (so 1.1a2 == 1.1.alpha.2).
372
- version
373
- .gsub("alpha", "a")
374
- .gsub("beta", "b")
375
- .gsub("preview", "c")
376
- .gsub("pre", "c")
377
- .gsub("post", "r")
378
- .gsub("rev", "r")
379
- .gsub(/([\d.\-_])rc([\d.\-_])?/, '\1c\2')
380
- .tr("-", ".")
381
- .gsub(/(\d)([a-z])/i, '\1.\2')
382
- end
383
284
  end
384
285
  end
385
286
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.281.0
4
+ version: 0.282.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-10-17 00:00:00.000000000 Z
11
+ date: 2024-10-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.281.0
19
+ version: 0.282.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.281.0
26
+ version: 0.282.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -114,28 +114,28 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.65.0
117
+ version: 1.67.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.65.0
124
+ version: 1.67.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop-performance
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.21.0
131
+ version: 1.22.1
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.21.0
138
+ version: 1.22.1
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: rubocop-rspec
141
141
  requirement: !ruby/object:Gem::Requirement
@@ -288,7 +288,7 @@ licenses:
288
288
  - MIT
289
289
  metadata:
290
290
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
291
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.281.0
291
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.282.0
292
292
  post_install_message:
293
293
  rdoc_options: []
294
294
  require_paths: