dependabot-python 0.104.2 → 0.104.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/python/update_checker.rb +5 -5
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 702c5c5750288484136775804d047bc867655a405140c1fcd2c0b554e74fe579
|
|
4
|
+
data.tar.gz: 7d9c5035f14967cf1cd4eb8b57482c8abd3f2913c4a044409994962468f63550
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a2205963216400d9484557b7cfc0d928c5dabec6612cef1296b6185a8af95d56035277c707e8deba9411c57f2850e6f1f2eddf7d0787ae933dec4042f5522024
|
|
7
|
+
data.tar.gz: f77d2cfcc4fe7534f07886a146cc0d81eac5bf00107cc00db26223d88042042da1c2b09ef55e1a3858c8f399bf52442739a05bfe8299c80d4ea3cac6ab2b5b75
|
|
@@ -30,7 +30,7 @@ module Dependabot
|
|
|
30
30
|
def latest_resolvable_version
|
|
31
31
|
@latest_resolvable_version ||=
|
|
32
32
|
case resolver_type
|
|
33
|
-
when :
|
|
33
|
+
when :pipenv
|
|
34
34
|
pipenv_version_resolver.latest_resolvable_version
|
|
35
35
|
when :poetry
|
|
36
36
|
poetry_version_resolver.latest_resolvable_version
|
|
@@ -48,7 +48,7 @@ module Dependabot
|
|
|
48
48
|
def latest_resolvable_version_with_no_unlock
|
|
49
49
|
@latest_resolvable_version_with_no_unlock ||=
|
|
50
50
|
case resolver_type
|
|
51
|
-
when :
|
|
51
|
+
when :pipenv
|
|
52
52
|
pipenv_version_resolver(
|
|
53
53
|
unlock_requirement: false
|
|
54
54
|
).latest_resolvable_version
|
|
@@ -73,7 +73,7 @@ module Dependabot
|
|
|
73
73
|
case resolver_type
|
|
74
74
|
when :requirements
|
|
75
75
|
latest_version_finder.lowest_security_fix_version
|
|
76
|
-
when :
|
|
76
|
+
when :pipenv, :poetry, :pip_compile
|
|
77
77
|
# TODO: Handle package managers with a resolvability concept
|
|
78
78
|
latest_resolvable_version
|
|
79
79
|
else raise "Unexpected resolver type #{resolver_type}"
|
|
@@ -127,7 +127,7 @@ module Dependabot
|
|
|
127
127
|
|
|
128
128
|
# Otherwise, this is a top-level dependency, and we can figure out
|
|
129
129
|
# which resolver to use based on the filename of its requirements
|
|
130
|
-
return :
|
|
130
|
+
return :pipenv if req_files.any? { |f| f == "Pipfile" }
|
|
131
131
|
return :poetry if req_files.any? { |f| f == "pyproject.toml" }
|
|
132
132
|
return :pip_compile if req_files.any? { |f| f.end_with?(".in") }
|
|
133
133
|
|
|
@@ -140,7 +140,7 @@ module Dependabot
|
|
|
140
140
|
# rubocop:enable Metrics/PerceivedComplexity
|
|
141
141
|
|
|
142
142
|
def subdependency_resolver
|
|
143
|
-
return :
|
|
143
|
+
return :pipenv if pipfile_lock
|
|
144
144
|
return :poetry if poetry_lock || pyproject_lock
|
|
145
145
|
return :pip_compile if pip_compile_files.any?
|
|
146
146
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.104.
|
|
4
|
+
version: 0.104.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.104.
|
|
19
|
+
version: 0.104.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.104.
|
|
26
|
+
version: 0.104.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|