dependabot-python 0.106.43 → 0.106.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cd1a46f1c5248dfcba2577238675c4aac25ac050cacb2a431f512cfb5c5f66ac
|
|
4
|
+
data.tar.gz: 9ada331e6948ceecb2cd2579ee40d01085122ae33db6dba0534cc0d31752eef3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1132abea1402fb8d7e14d111c348df1f488e1b57f2cf50d0948202269cb30226709ed6b260881beb1786ef03a0f63eb9d38a80577cd455ad68c218108b23d028
|
|
7
|
+
data.tar.gz: c376f11c0f122bfd9ed94e4f277047f2ad373d8249cf9290d19838a0b7cc2f6281b4bc47c60e2e59d24ff4312df085806bf93b71b18438bf798dd30f28f9697b
|
data/helpers/requirements.txt
CHANGED
|
@@ -81,8 +81,6 @@ module Dependabot
|
|
|
81
81
|
"pyenv exec pip-compile #{pip_compile_options(filename)} "\
|
|
82
82
|
"#{filename}"
|
|
83
83
|
)
|
|
84
|
-
|
|
85
|
-
unredact_git_credentials_in_compiled_file(filename)
|
|
86
84
|
end
|
|
87
85
|
|
|
88
86
|
# Remove any .python-version file before parsing the reqs
|
|
@@ -326,41 +324,6 @@ module Dependabot
|
|
|
326
324
|
content
|
|
327
325
|
end
|
|
328
326
|
|
|
329
|
-
# Pip redacts git credentials in the compiled pip-tools file. We don't
|
|
330
|
-
# want that, as it makes the compiled files unusable. (This is kind of
|
|
331
|
-
# a pip-tools bug.)
|
|
332
|
-
def unredact_git_credentials_in_compiled_file(filename)
|
|
333
|
-
compiled_name = filename.gsub(/\.in$/, ".txt")
|
|
334
|
-
original_content = dependency_files.
|
|
335
|
-
find { |f| f.name == compiled_name }&.content ||
|
|
336
|
-
dependency_files.
|
|
337
|
-
find { |f| f.name == filename }.content
|
|
338
|
-
|
|
339
|
-
updated_content = File.read(compiled_name)
|
|
340
|
-
new_content = updated_content
|
|
341
|
-
|
|
342
|
-
update_count = 0
|
|
343
|
-
original_content.lines.each do |original_line|
|
|
344
|
-
next unless original_line.match?(/^(-e )?git+/)
|
|
345
|
-
next unless original_line.match?(%r{(?<=:)[^/].*?(?=@)})
|
|
346
|
-
next update_count += 1 if updated_content.include?(original_line)
|
|
347
|
-
|
|
348
|
-
line_to_update =
|
|
349
|
-
updated_content.lines.
|
|
350
|
-
select { |l| l.match?(/^(-e )?git+/) && l.include?(":****@") }.
|
|
351
|
-
at(update_count)
|
|
352
|
-
raise "Mismatch in editable requirements!" unless line_to_update
|
|
353
|
-
|
|
354
|
-
auth = original_line.match(%r{(?<=:)[^/].*?(?=@)}).to_s
|
|
355
|
-
new_content =
|
|
356
|
-
new_content.
|
|
357
|
-
gsub(line_to_update, line_to_update.gsub(":****@", ":#{auth}@"))
|
|
358
|
-
update_count += 1
|
|
359
|
-
end
|
|
360
|
-
|
|
361
|
-
File.write(compiled_name, new_content)
|
|
362
|
-
end
|
|
363
|
-
|
|
364
327
|
def update_hashes_if_required(updated_content, original_content)
|
|
365
328
|
deps_to_update =
|
|
366
329
|
deps_to_augment_hashes_for(updated_content, original_content)
|
|
@@ -75,8 +75,6 @@ module Dependabot
|
|
|
75
75
|
"pyenv exec pip-compile --allow-unsafe "\
|
|
76
76
|
"--build-isolation #{filename}"
|
|
77
77
|
)
|
|
78
|
-
|
|
79
|
-
unredact_git_credentials_in_compiled_file(filename)
|
|
80
78
|
end
|
|
81
79
|
|
|
82
80
|
# Remove any .python-version file before parsing the reqs
|
|
@@ -122,41 +120,6 @@ module Dependabot
|
|
|
122
120
|
raise
|
|
123
121
|
end
|
|
124
122
|
|
|
125
|
-
# Pip redacts git credentials in the compiled pip-tools file. We don't
|
|
126
|
-
# want that, as it makes the compiled files unusable. (This is kind of
|
|
127
|
-
# a pip-tools bug.)
|
|
128
|
-
def unredact_git_credentials_in_compiled_file(filename)
|
|
129
|
-
compiled_name = filename.gsub(/\.in$/, ".txt")
|
|
130
|
-
original_content = dependency_files.
|
|
131
|
-
find { |f| f.name == compiled_name }&.content ||
|
|
132
|
-
dependency_files.
|
|
133
|
-
find { |f| f.name == filename }.content
|
|
134
|
-
|
|
135
|
-
updated_content = File.read(compiled_name)
|
|
136
|
-
new_content = updated_content
|
|
137
|
-
|
|
138
|
-
update_count = 0
|
|
139
|
-
original_content.lines.each do |original_line|
|
|
140
|
-
next unless original_line.match?(/^(-e )?git+/)
|
|
141
|
-
next unless original_line.match?(%r{(?<=:)[^/].*?(?=@)})
|
|
142
|
-
next update_count += 1 if updated_content.include?(original_line)
|
|
143
|
-
|
|
144
|
-
line_to_update =
|
|
145
|
-
updated_content.lines.
|
|
146
|
-
select { |l| l.match?(/^(-e )?git+/) && l.include?(":****@") }.
|
|
147
|
-
at(update_count)
|
|
148
|
-
raise "Mismatch in editable requirements!" unless line_to_update
|
|
149
|
-
|
|
150
|
-
auth = original_line.match(%r{(?<=:)[^/].*?(?=@)}).to_s
|
|
151
|
-
new_content =
|
|
152
|
-
new_content.
|
|
153
|
-
gsub(line_to_update, line_to_update.gsub(":****@", ":#{auth}@"))
|
|
154
|
-
update_count += 1
|
|
155
|
-
end
|
|
156
|
-
|
|
157
|
-
File.write(compiled_name, new_content)
|
|
158
|
-
end
|
|
159
|
-
|
|
160
123
|
# Needed because pip-compile's resolver isn't perfect.
|
|
161
124
|
# Note: We raise errors from this method, rather than returning a
|
|
162
125
|
# boolean, so that all deps for this repo will raise identical
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.106.
|
|
4
|
+
version: 0.106.44
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-05-
|
|
11
|
+
date: 2019-05-10 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.106.
|
|
19
|
+
version: 0.106.44
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.106.
|
|
26
|
+
version: 0.106.44
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|