dependabot-python 0.301.1 → 0.303.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/python/file_fetcher.rb +1 -1
- data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb +145 -69
- data/lib/dependabot/python/file_updater/pipfile_file_updater.rb +99 -20
- data/lib/dependabot/python/file_updater/pipfile_manifest_updater.rb +30 -12
- data/lib/dependabot/python/file_updater/pipfile_preparer.rb +11 -10
- data/lib/dependabot/python/file_updater/poetry_file_updater.rb +95 -24
- data/lib/dependabot/python/file_updater/pyproject_preparer.rb +21 -8
- data/lib/dependabot/python/file_updater.rb +2 -2
- data/lib/dependabot/python/language.rb +36 -34
- data/lib/dependabot/python/language_version_manager.rb +42 -17
- data/lib/dependabot/python/requirement.rb +34 -1
- metadata +7 -7
|
@@ -93,7 +93,7 @@ module Dependabot
|
|
|
93
93
|
private
|
|
94
94
|
|
|
95
95
|
def convert_python_constraint_to_ruby_constraint(req_string)
|
|
96
|
-
return nil if req_string.nil?
|
|
96
|
+
return nil if req_string.nil? || req_string.strip.empty?
|
|
97
97
|
return nil if req_string == "*"
|
|
98
98
|
|
|
99
99
|
req_string = req_string.gsub("~=", "~>")
|
|
@@ -101,6 +101,8 @@ module Dependabot
|
|
|
101
101
|
|
|
102
102
|
if req_string.match?(/~[^>]/) then convert_tilde_req(req_string)
|
|
103
103
|
elsif req_string.start_with?("^") then convert_caret_req(req_string)
|
|
104
|
+
elsif req_string.match?(/^=?={0,2}\s*\d+\.\d+(\.\d+)?(-[a-z0-9.-]+)?(\.\*)?$/i)
|
|
105
|
+
convert_exact(req_string)
|
|
104
106
|
elsif req_string.include?(".*") then convert_wildcard(req_string)
|
|
105
107
|
else
|
|
106
108
|
req_string
|
|
@@ -155,6 +157,37 @@ module Dependabot
|
|
|
155
157
|
.gsub(/\*$/, "0.dev")
|
|
156
158
|
.tap { |s| exact_op ? s.gsub!(/^(?<!!)=*/, "~>") : s }
|
|
157
159
|
end
|
|
160
|
+
|
|
161
|
+
def convert_exact(req_string)
|
|
162
|
+
arbitrary_equality = req_string.start_with?("===")
|
|
163
|
+
cleaned_version = req_string.gsub(/^=+/, "").strip
|
|
164
|
+
|
|
165
|
+
return ["=== #{cleaned_version}"] if arbitrary_equality
|
|
166
|
+
|
|
167
|
+
# Handle versions wildcarded with .*, e.g. 1.0.*
|
|
168
|
+
if cleaned_version.include?(".*")
|
|
169
|
+
# Remove all characters after the first .*, and the .*
|
|
170
|
+
cleaned_version = cleaned_version.split(".*").first
|
|
171
|
+
version = Python::Version.new(cleaned_version)
|
|
172
|
+
# Get the release segment parts [major, minor, patch]
|
|
173
|
+
version_parts = version.release_segment
|
|
174
|
+
|
|
175
|
+
if version_parts.length == 1
|
|
176
|
+
major = T.must(version_parts[0])
|
|
177
|
+
[">= #{major}.0.0.dev", "< #{major + 1}.0.0"]
|
|
178
|
+
elsif version_parts.length == 2
|
|
179
|
+
major, minor = version_parts
|
|
180
|
+
"~> #{major}.#{minor}.0.dev"
|
|
181
|
+
elsif version_parts.length == 3
|
|
182
|
+
major, minor, patch = version_parts
|
|
183
|
+
"~> #{major}.#{minor}.#{patch}.dev"
|
|
184
|
+
else
|
|
185
|
+
"= #{cleaned_version}"
|
|
186
|
+
end
|
|
187
|
+
else
|
|
188
|
+
"= #{cleaned_version}"
|
|
189
|
+
end
|
|
190
|
+
end
|
|
158
191
|
end
|
|
159
192
|
end
|
|
160
193
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.303.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-03-
|
|
11
|
+
date: 2025-03-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.303.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.303.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -156,14 +156,14 @@ dependencies:
|
|
|
156
156
|
requirements:
|
|
157
157
|
- - "~>"
|
|
158
158
|
- !ruby/object:Gem::Version
|
|
159
|
-
version: 0.8.
|
|
159
|
+
version: 0.8.7
|
|
160
160
|
type: :development
|
|
161
161
|
prerelease: false
|
|
162
162
|
version_requirements: !ruby/object:Gem::Requirement
|
|
163
163
|
requirements:
|
|
164
164
|
- - "~>"
|
|
165
165
|
- !ruby/object:Gem::Version
|
|
166
|
-
version: 0.8.
|
|
166
|
+
version: 0.8.7
|
|
167
167
|
- !ruby/object:Gem::Dependency
|
|
168
168
|
name: simplecov
|
|
169
169
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -291,7 +291,7 @@ licenses:
|
|
|
291
291
|
- MIT
|
|
292
292
|
metadata:
|
|
293
293
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
294
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
294
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.303.0
|
|
295
295
|
post_install_message:
|
|
296
296
|
rdoc_options: []
|
|
297
297
|
require_paths:
|