dependabot-python 0.371.0 → 0.373.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e5c59beb6b677e51deac37d95023e448ad921265030b47910e4477249a07d1b4
-  data.tar.gz: 4c91924b433ac4f54c2f4f1bfd649e1124864b789cc459e4ab0aca281c02b603
+  metadata.gz: 9e081bf82eb61813d103d7a53103609a706f6aa56b2247ee2cc42ace8912caf5
+  data.tar.gz: 1ff330024be2e88ef84a3277be7fcd20cee93218e21022b0f1a776bf66ce4e79
 SHA512:
-  metadata.gz: ec8aa99e69214eec367ee3dff6e9e4b6f2031f75cca5e7b674eaa41369c8f40e5af4b8ba86dce39420e7affc0316301bacfc0cf2c832902d3d3da22558971d19
-  data.tar.gz: 586dea07cef16ec324974e7983dfbe42314e4782bfb388194bb524dc78ccb8a3448de97b52867e20be55b5304f674ce3eec26ec6f5e6be30632e4b3e1ffdff34
+  metadata.gz: 404f2482dfeac1707d711f93fb2a7741bf1e2e9b679166bb27b715f898918bcddafcaaca1d6157d007d04871e08d3c43e17e1b55f1ed6a6360f5ce23ce36ff69
+  data.tar.gz: c2723616f27806c1b9e7bf062c7965541be6949d7036b4af3d14a19ea5b5b11adfa6eb422d3436f8984f2cf5cee2e0b5bd762141ee28a27f22b3d7409a335b35

data/lib/dependabot/python/dependency_grapher/lockfile_generator.rb

@@ -28,7 +28,7 @@ module Dependabot
           @credentials = credentials
         end
 
-        sig { returns(T.nilable(Dependabot::DependencyFile)) }
+        sig { returns(Dependabot::DependencyFile) }
         def generate
           SharedHelpers.in_a_temporary_directory do
             SharedHelpers.with_git_configured(credentials: credentials) do
@@ -44,7 +44,7 @@ module Dependabot
           end
         rescue SharedHelpers::HelperSubprocessFailed => e
           handle_generation_error(e)
-          nil
+          raise
         end
 
         private
@@ -77,11 +77,11 @@ module Dependabot
           run_poetry_command("pyenv exec poetry lock --no-interaction")
         end
 
-        sig { returns(T.nilable(Dependabot::DependencyFile)) }
+        sig { returns(Dependabot::DependencyFile) }
         def read_generated_lockfile
           unless File.exist?(LOCKFILE_NAME)
-            Dependabot.logger.warn("#{LOCKFILE_NAME} was not generated")
-            return nil
+            Dependabot.logger.error("#{LOCKFILE_NAME} was not generated")
+            raise Dependabot::DependencyFileNotEvaluatable, "#{LOCKFILE_NAME} was not generated"
           end
 
           content = File.read(LOCKFILE_NAME)

data/lib/dependabot/python/dependency_grapher.rb

@@ -88,8 +88,6 @@ module Dependabot
         )
 
         ephemeral_lockfile = generator.generate
-        return unless ephemeral_lockfile
-
         inject_ephemeral_lockfile(ephemeral_lockfile)
         @ephemeral_lockfile_generated = T.let(true, T.nilable(T::Boolean))
 
@@ -97,6 +95,8 @@ module Dependabot
           "Successfully generated ephemeral #{ephemeral_lockfile.name} for dependency graphing"
         )
       rescue StandardError => e
+        errored_fetching_subdependencies!
+        @subdependency_error = e
         Dependabot.logger.warn(
           "Failed to generate ephemeral lockfile: #{e.message}. " \
           "Dependency versions may not be resolved."

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.371.0
+  version: 0.373.0
 platform: ruby
 authors:
 - Dependabot
@@ -15,14 +15,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.371.0
+        version: 0.373.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.371.0
+        version: 0.373.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -322,7 +322,7 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.371.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.373.0
 rdoc_options: []
 require_paths:
 - lib