dependabot-python 0.93.2 → 0.93.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/python/file_fetcher.rb +58 -36
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 03e42ce4b4fbe1d2120e19d19c824fee64d48f780d66827fe5349c5e31fb0f88
|
4
|
+
data.tar.gz: 754a2bcab4e657fda82b538a778074553a859ac7b33237ae213cddf04d3378b6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 539a56d9ae30347f38994f9bb5e62d8395d79357040125733d8baf07c1c1785094a210e8c3fcb16a9bebd7d50fecf8e0c2ebffe35555fdc1c13fee1594a7b334
|
7
|
+
data.tar.gz: 991231daea34176c28c367cdd9121d7d6abac373df2f660d2c90ac479476e84267f0219a275bd0e90c1e966051f3e259b9a654ccf1864b99f4a74776209e8006
|
@@ -232,24 +232,9 @@ module Dependabot
|
|
232
232
|
unfetchable_files = []
|
233
233
|
|
234
234
|
path_setup_file_paths.each do |path|
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
begin
|
239
|
-
path_setup_files << fetch_file_from_host(path).
|
240
|
-
tap { |f| f.support_file = true }
|
241
|
-
rescue Dependabot::DependencyFileNotFound
|
242
|
-
unfetchable_files << path
|
243
|
-
end
|
244
|
-
|
245
|
-
begin
|
246
|
-
cfg_path = path.gsub(/\.py$/, ".cfg")
|
247
|
-
path_setup_files << fetch_file_from_host(cfg_path).
|
248
|
-
tap { |f| f.support_file = true }
|
249
|
-
rescue Dependabot::DependencyFileNotFound
|
250
|
-
# Ignore lack of a setup.cfg
|
251
|
-
nil
|
252
|
-
end
|
235
|
+
path_setup_files += fetch_path_setup_file(path)
|
236
|
+
rescue Dependabot::DependencyFileNotFound => error
|
237
|
+
unfetchable_files << error.file_path.gsub(%r{^/}, "")
|
253
238
|
end
|
254
239
|
|
255
240
|
if unfetchable_files.any?
|
@@ -259,6 +244,31 @@ module Dependabot
|
|
259
244
|
path_setup_files
|
260
245
|
end
|
261
246
|
|
247
|
+
def fetch_path_setup_file(path)
|
248
|
+
path_setup_files = []
|
249
|
+
|
250
|
+
unless path.end_with?(".tar.gz")
|
251
|
+
path = Pathname.new(File.join(path, "setup.py")).cleanpath.to_path
|
252
|
+
end
|
253
|
+
return [] if path == "setup.py" && setup_file
|
254
|
+
|
255
|
+
path_setup_files << fetch_file_from_host(path).
|
256
|
+
tap { |f| f.support_file = true }
|
257
|
+
|
258
|
+
return path_setup_files unless path.end_with?(".py")
|
259
|
+
|
260
|
+
begin
|
261
|
+
cfg_path = path.gsub(/\.py$/, ".cfg")
|
262
|
+
path_setup_files << fetch_file_from_host(cfg_path).
|
263
|
+
tap { |f| f.support_file = true }
|
264
|
+
rescue Dependabot::DependencyFileNotFound
|
265
|
+
# Ignore lack of a setup.cfg
|
266
|
+
nil
|
267
|
+
end
|
268
|
+
|
269
|
+
path_setup_files
|
270
|
+
end
|
271
|
+
|
262
272
|
def requirements_file?(file)
|
263
273
|
return true if file.name.match?(/requirements/x)
|
264
274
|
|
@@ -275,27 +285,39 @@ module Dependabot
|
|
275
285
|
end
|
276
286
|
|
277
287
|
def path_setup_file_paths
|
278
|
-
requirement_txt_path_setup_file_paths +
|
288
|
+
requirement_txt_path_setup_file_paths +
|
289
|
+
requirement_in_path_setup_file_paths +
|
290
|
+
pipfile_path_setup_file_paths
|
279
291
|
end
|
280
292
|
|
281
293
|
def requirement_txt_path_setup_file_paths
|
282
|
-
(requirements_txt_files + child_requirement_txt_files).
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
294
|
+
(requirements_txt_files + child_requirement_txt_files).
|
295
|
+
map { |req_file| parse_path_setup_paths(req_file) }.
|
296
|
+
flatten.uniq
|
297
|
+
end
|
298
|
+
|
299
|
+
def requirement_in_path_setup_file_paths
|
300
|
+
requirements_in_files.
|
301
|
+
map { |req_file| parse_path_setup_paths(req_file) }.
|
302
|
+
flatten.uniq
|
303
|
+
end
|
304
|
+
|
305
|
+
def parse_path_setup_paths(req_file)
|
306
|
+
uneditable_reqs =
|
307
|
+
req_file.content.
|
308
|
+
scan(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/).
|
309
|
+
flatten.
|
310
|
+
map(&:strip).
|
311
|
+
reject { |p| p.include?("://") }
|
312
|
+
|
313
|
+
editable_reqs =
|
314
|
+
req_file.content.
|
315
|
+
scan(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/).
|
316
|
+
flatten.
|
317
|
+
map(&:strip).
|
318
|
+
reject { |p| p.include?("://") }
|
319
|
+
|
320
|
+
uneditable_reqs + editable_reqs
|
299
321
|
end
|
300
322
|
|
301
323
|
def pipfile_path_setup_file_paths
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.93.
|
4
|
+
version: 0.93.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2019-01-
|
11
|
+
date: 2019-01-27 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-core
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.93.
|
19
|
+
version: 0.93.3
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.93.
|
26
|
+
version: 0.93.3
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|