dependabot-python 0.107.16 → 0.107.18
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bdf74b2a4921285cf23bd3f0a3fb890afd61b541d8185d3cd055407bbac5dd2f
|
|
4
|
+
data.tar.gz: 4219acc252b78bcf2e7bd139e22ef19853a2968a53ce4bcd03299bcc65e9b0eb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8177a5aef2b5a3eecd0cc0b9e22b6dc5c962da6b0f454d086de480fedb1b2f4775649f38821ba256959380321781dcc1aaf159e6579afdb043a51da988d3941f
|
|
7
|
+
data.tar.gz: ecbea9c2f953a8f0ff0e6bbfce7421015f0abd65fb45a44a92282b40d8e83f4b7a0ae4604774334aa3b6330ae16b589cedee0c68269116ace4fed07ac4388e66
|
|
@@ -9,6 +9,7 @@ require "dependabot/python/python_versions"
|
|
|
9
9
|
require "dependabot/python/file_updater"
|
|
10
10
|
require "dependabot/python/native_helpers"
|
|
11
11
|
|
|
12
|
+
# rubocop:disable Metrics/ClassLength
|
|
12
13
|
module Dependabot
|
|
13
14
|
module Python
|
|
14
15
|
class FileUpdater
|
|
@@ -172,19 +173,21 @@ module Dependabot
|
|
|
172
173
|
|
|
173
174
|
def updated_lockfile_content_for(pyproject_content)
|
|
174
175
|
SharedHelpers.in_a_temporary_directory do
|
|
175
|
-
|
|
176
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
177
|
+
write_temporary_dependency_files(pyproject_content)
|
|
176
178
|
|
|
177
|
-
|
|
178
|
-
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
179
|
+
if python_version && !pre_installed_python?(python_version)
|
|
180
|
+
run_poetry_command("pyenv install -s #{python_version}")
|
|
181
|
+
run_poetry_command("pyenv exec pip install -r"\
|
|
182
|
+
"#{NativeHelpers.python_requirements_path}")
|
|
183
|
+
end
|
|
182
184
|
|
|
183
|
-
|
|
185
|
+
run_poetry_command(poetry_update_command)
|
|
184
186
|
|
|
185
|
-
|
|
187
|
+
return File.read("poetry.lock") if File.exist?("poetry.lock")
|
|
186
188
|
|
|
187
|
-
|
|
189
|
+
File.read("pyproject.lock")
|
|
190
|
+
end
|
|
188
191
|
end
|
|
189
192
|
end
|
|
190
193
|
|
|
@@ -274,12 +277,14 @@ module Dependabot
|
|
|
274
277
|
|
|
275
278
|
def pyproject_hash_for(pyproject_content)
|
|
276
279
|
SharedHelpers.in_a_temporary_directory do |dir|
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
280
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
281
|
+
File.write(File.join(dir, "pyproject.toml"), pyproject_content)
|
|
282
|
+
SharedHelpers.run_helper_subprocess(
|
|
283
|
+
command: "pyenv exec python #{python_helper_path}",
|
|
284
|
+
function: "get_pyproject_hash",
|
|
285
|
+
args: [dir]
|
|
286
|
+
)
|
|
287
|
+
end
|
|
283
288
|
end
|
|
284
289
|
end
|
|
285
290
|
|
|
@@ -319,6 +324,10 @@ module Dependabot
|
|
|
319
324
|
@lockfile ||= pyproject_lock || poetry_lock
|
|
320
325
|
end
|
|
321
326
|
|
|
327
|
+
def python_helper_path
|
|
328
|
+
NativeHelpers.python_helper_path
|
|
329
|
+
end
|
|
330
|
+
|
|
322
331
|
def pyproject_lock
|
|
323
332
|
dependency_files.find { |f| f.name == "pyproject.lock" }
|
|
324
333
|
end
|
|
@@ -338,3 +347,4 @@ module Dependabot
|
|
|
338
347
|
end
|
|
339
348
|
end
|
|
340
349
|
end
|
|
350
|
+
# rubocop:enable Metrics/ClassLength
|
|
@@ -56,11 +56,11 @@ module Dependabot
|
|
|
56
56
|
urls = { main: nil, extra: [] }
|
|
57
57
|
|
|
58
58
|
requirements_files.each do |file|
|
|
59
|
-
if file.content.match?(/^--index-url\s(
|
|
59
|
+
if file.content.match?(/^--index-url\s([^\s]+)/)
|
|
60
60
|
urls[:main] =
|
|
61
|
-
file.content.match(/^--index-url\s(
|
|
61
|
+
file.content.match(/^--index-url\s([^\s]+)/).captures.first
|
|
62
62
|
end
|
|
63
|
-
urls[:extra] += file.content.scan(/^--extra-index-url\s(
|
|
63
|
+
urls[:extra] += file.content.scan(/^--extra-index-url\s([^\s]+)/).
|
|
64
64
|
flatten
|
|
65
65
|
end
|
|
66
66
|
|
|
@@ -61,6 +61,7 @@ module Dependabot
|
|
|
61
61
|
|
|
62
62
|
private
|
|
63
63
|
|
|
64
|
+
# rubocop:disable Metrics/MethodLength
|
|
64
65
|
def fetch_latest_resolvable_version_string(requirement:)
|
|
65
66
|
@latest_resolvable_version_string ||= {}
|
|
66
67
|
if @latest_resolvable_version_string.key?(requirement)
|
|
@@ -69,28 +70,33 @@ module Dependabot
|
|
|
69
70
|
|
|
70
71
|
@latest_resolvable_version_string[requirement] ||=
|
|
71
72
|
SharedHelpers.in_a_temporary_directory do
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
73
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
74
|
+
write_temporary_dependency_files(updated_req: requirement)
|
|
75
|
+
|
|
76
|
+
if python_version && !pre_installed_python?(python_version)
|
|
77
|
+
run_poetry_command("pyenv install -s #{python_version}")
|
|
78
|
+
run_poetry_command(
|
|
79
|
+
"pyenv exec pip install -r "\
|
|
80
|
+
"#{NativeHelpers.python_requirements_path}"
|
|
81
|
+
)
|
|
82
|
+
end
|
|
79
83
|
|
|
80
|
-
|
|
81
|
-
|
|
84
|
+
# Shell out to Poetry, which handles everything for us.
|
|
85
|
+
run_poetry_command(poetry_update_command)
|
|
82
86
|
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
87
|
+
updated_lockfile =
|
|
88
|
+
if File.exist?("poetry.lock") then File.read("poetry.lock")
|
|
89
|
+
else File.read("pyproject.lock")
|
|
90
|
+
end
|
|
91
|
+
updated_lockfile = TomlRB.parse(updated_lockfile)
|
|
88
92
|
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
93
|
+
fetch_version_from_parsed_lockfile(updated_lockfile)
|
|
94
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
95
|
+
handle_poetry_errors(e)
|
|
96
|
+
end
|
|
92
97
|
end
|
|
93
98
|
end
|
|
99
|
+
# rubocop:enable Metrics/MethodLength
|
|
94
100
|
|
|
95
101
|
def fetch_version_from_parsed_lockfile(updated_lockfile)
|
|
96
102
|
version =
|
|
@@ -141,17 +147,19 @@ module Dependabot
|
|
|
141
147
|
return @original_reqs_resolvable if @original_reqs_resolvable
|
|
142
148
|
|
|
143
149
|
SharedHelpers.in_a_temporary_directory do
|
|
144
|
-
|
|
150
|
+
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
151
|
+
write_temporary_dependency_files(update_pyproject: false)
|
|
145
152
|
|
|
146
|
-
|
|
153
|
+
run_poetry_command(poetry_update_command)
|
|
147
154
|
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
155
|
+
@original_reqs_resolvable = true
|
|
156
|
+
rescue SharedHelpers::HelperSubprocessFailed => e
|
|
157
|
+
raise unless e.message.include?("SolverProblemError") ||
|
|
158
|
+
e.message.include?("PackageNotFound")
|
|
152
159
|
|
|
153
|
-
|
|
154
|
-
|
|
160
|
+
msg = clean_error_message(e.message)
|
|
161
|
+
raise DependencyFileNotResolvable, msg
|
|
162
|
+
end
|
|
155
163
|
end
|
|
156
164
|
end
|
|
157
165
|
|
|
@@ -387,10 +395,6 @@ module Dependabot
|
|
|
387
395
|
sources.
|
|
388
396
|
map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
|
|
389
397
|
end
|
|
390
|
-
|
|
391
|
-
def python_requirements_path
|
|
392
|
-
File.join(NativeHelpers.python_helper_path, "requirements.txt")
|
|
393
|
-
end
|
|
394
398
|
end
|
|
395
399
|
end
|
|
396
400
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.107.
|
|
4
|
+
version: 0.107.18
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-05-
|
|
11
|
+
date: 2019-05-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.107.
|
|
19
|
+
version: 0.107.18
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.107.
|
|
26
|
+
version: 0.107.18
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|