dependabot-python 0.337.0 → 0.341.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/requirements.txt +1 -1
- data/lib/dependabot/python/file_updater.rb +0 -15
- data/lib/dependabot/python/pipenv_runner.rb +31 -2
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b1d5c24fb6c1b335ae479fbae07096649ee30ee7eec9e363504de5c221d2e5e6
|
|
4
|
+
data.tar.gz: bf3670b60f32885a9483df12df0e2a6b67a02addc5aba6b3a866a5f311a06fc7
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ad633257aba1efb87699a352208e5d8183f07a96638fb4bd0f83ac1f61c68824ac16bb8bcce7fcc0c5b70fe33ed62940eee9472319728413e44141da5fb9d8db
|
|
7
|
+
data.tar.gz: 38bd7e4f464a4fc2728c8eb1fcc20f56cf9b31ec8f27b633ee6bbb34b9048b3cd6e7ae98ab1d86e911961cb4cdcd600fd4587ca84507a4cfe36f5358da31b304
|
data/helpers/requirements.txt
CHANGED
|
@@ -17,21 +17,6 @@ module Dependabot
|
|
|
17
17
|
require_relative "file_updater/poetry_file_updater"
|
|
18
18
|
require_relative "file_updater/requirement_file_updater"
|
|
19
19
|
|
|
20
|
-
sig { override.returns(T::Array[Regexp]) }
|
|
21
|
-
def self.updated_files_regex
|
|
22
|
-
[
|
|
23
|
-
/^.*Pipfile$/, # Match Pipfile at any level
|
|
24
|
-
/^.*Pipfile\.lock$/, # Match Pipfile.lock at any level
|
|
25
|
-
/^.*\.txt$/, # Match any .txt files (e.g., requirements.txt) at any level
|
|
26
|
-
/^.*\.in$/, # Match any .in files at any level
|
|
27
|
-
/^.*setup\.py$/, # Match setup.py at any level
|
|
28
|
-
/^.*setup\.cfg$/, # Match setup.cfg at any level
|
|
29
|
-
/^.*pyproject\.toml$/, # Match pyproject.toml at any level
|
|
30
|
-
/^.*pyproject\.lock$/, # Match pyproject.lock at any level
|
|
31
|
-
/^.*poetry\.lock$/ # Match poetry.lock at any level
|
|
32
|
-
]
|
|
33
|
-
end
|
|
34
|
-
|
|
35
20
|
sig { override.returns(T::Array[DependencyFile]) }
|
|
36
21
|
def updated_dependency_files
|
|
37
22
|
updated_files =
|
|
@@ -28,10 +28,15 @@ module Dependabot
|
|
|
28
28
|
sig { params(constraint: T.nilable(String)).returns(String) }
|
|
29
29
|
def run_upgrade(constraint)
|
|
30
30
|
constraint = "" if constraint == "*"
|
|
31
|
-
|
|
31
|
+
|
|
32
|
+
# Build the full package specification with extras
|
|
33
|
+
extras_spec = extras_specification
|
|
34
|
+
package_spec = "#{dependency_name}#{extras_spec}#{constraint}"
|
|
35
|
+
|
|
36
|
+
command = "pyenv exec pipenv upgrade --verbose #{package_spec}"
|
|
32
37
|
command << " --dev" if lockfile_section == "develop"
|
|
33
38
|
|
|
34
|
-
run(command, fingerprint: "pyenv exec pipenv upgrade --verbose <dependency_name><constraint>")
|
|
39
|
+
run(command, fingerprint: "pyenv exec pipenv upgrade --verbose <dependency_name><extras><constraint>")
|
|
35
40
|
end
|
|
36
41
|
|
|
37
42
|
sig { params(constraint: T.nilable(String)).returns(T.nilable(String)) }
|
|
@@ -64,6 +69,30 @@ module Dependabot
|
|
|
64
69
|
sig { returns(LanguageVersionManager) }
|
|
65
70
|
attr_reader :language_version_manager
|
|
66
71
|
|
|
72
|
+
sig { returns(String) }
|
|
73
|
+
def extras_specification
|
|
74
|
+
extras = dependency_extras
|
|
75
|
+
return "" if extras.nil? || extras.empty?
|
|
76
|
+
|
|
77
|
+
"[#{extras.join(',')}]"
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
sig { returns(T.nilable(T::Array[String])) }
|
|
81
|
+
def dependency_extras
|
|
82
|
+
return nil unless lockfile
|
|
83
|
+
|
|
84
|
+
lockfile_content = T.must(lockfile).content
|
|
85
|
+
return nil unless lockfile_content
|
|
86
|
+
|
|
87
|
+
parsed_lockfile = JSON.parse(lockfile_content)
|
|
88
|
+
section = lockfile_section
|
|
89
|
+
dependency_data = parsed_lockfile.dig(section, dependency_name)
|
|
90
|
+
|
|
91
|
+
return nil unless dependency_data
|
|
92
|
+
|
|
93
|
+
dependency_data["extras"]
|
|
94
|
+
end
|
|
95
|
+
|
|
67
96
|
sig { params(updated_lockfile: T::Hash[String, T.untyped]).returns(T.nilable(String)) }
|
|
68
97
|
def fetch_version_from_parsed_lockfile(updated_lockfile)
|
|
69
98
|
deps = updated_lockfile[lockfile_section] || {}
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.341.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.341.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.341.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -290,7 +290,7 @@ licenses:
|
|
|
290
290
|
- MIT
|
|
291
291
|
metadata:
|
|
292
292
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
293
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
293
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.341.0
|
|
294
294
|
rdoc_options: []
|
|
295
295
|
require_paths:
|
|
296
296
|
- lib
|