dependabot-python 0.107.42 → 0.107.43
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: bb46cd8d71faf4aa0cae9728c94d0cce4609ddf53826c7b9d4fb76bc669a8c8e
|
4
|
+
data.tar.gz: d396b1f311e94639e36cf620ae89fa2ed2ec9358214896cc02ea358e995f1d4b
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 525c9f5d4faf8ac2fd833c1079cf0f850bbfdaf31949e3903cbc1878dcf9913ffe9343f10c60ae38b964ca8c6950b4b670385445dfa27eb6f83ec88eafb4444b
|
7
|
+
data.tar.gz: 06040c1680d083d9331770de64323670d70f9ff010eca05db3db590313e21ac8a376bb78133414626a7ab571386fc0700be05fb8a4db79377fae747b01fddb53
|
@@ -20,6 +20,12 @@ module Dependabot
|
|
20
20
|
# - Run `pip-compile` and see what the result is
|
21
21
|
# rubocop:disable Metrics/ClassLength
|
22
22
|
class PipCompileVersionResolver
|
23
|
+
GIT_DEPENDENCY_UNREACHABLE_REGEX =
|
24
|
+
/Command "git clone -q (?<url>[^\s]+).*" failed/.freeze
|
25
|
+
GIT_REFERENCE_NOT_FOUND_REGEX =
|
26
|
+
%r{"git checkout -q (?<tag>[^"]+)" .*/(?<name>.*?)(\\n'\]|$)}.
|
27
|
+
freeze
|
28
|
+
|
23
29
|
attr_reader :dependency, :dependency_files, :credentials
|
24
30
|
|
25
31
|
def initialize(dependency:, dependency_files:, credentials:)
|
@@ -88,6 +94,10 @@ module Dependabot
|
|
88
94
|
end
|
89
95
|
# rubocop:enable Metrics/MethodLength
|
90
96
|
|
97
|
+
# rubocop:disable Metrics/CyclomaticComplexity
|
98
|
+
# rubocop:disable Metrics/PerceivedComplexity
|
99
|
+
# rubocop:disable Metrics/AbcSize
|
100
|
+
# rubocop:disable Metrics/MethodLength
|
91
101
|
def handle_pip_compile_errors(error)
|
92
102
|
if error.message.include?("Could not find a version")
|
93
103
|
check_original_requirements_resolvable
|
@@ -117,8 +127,24 @@ module Dependabot
|
|
117
127
|
return nil
|
118
128
|
end
|
119
129
|
|
130
|
+
if error.message.match?(GIT_DEPENDENCY_UNREACHABLE_REGEX)
|
131
|
+
url = error.message.match(GIT_DEPENDENCY_UNREACHABLE_REGEX).
|
132
|
+
named_captures.fetch("url")
|
133
|
+
raise GitDependenciesNotReachable, url
|
134
|
+
end
|
135
|
+
|
136
|
+
if error.message.match?(GIT_REFERENCE_NOT_FOUND_REGEX)
|
137
|
+
name = error.message.match(GIT_REFERENCE_NOT_FOUND_REGEX).
|
138
|
+
named_captures.fetch("name")
|
139
|
+
raise GitDependencyReferenceNotFound, name
|
140
|
+
end
|
141
|
+
|
120
142
|
raise
|
121
143
|
end
|
144
|
+
# rubocop:enable Metrics/CyclomaticComplexity
|
145
|
+
# rubocop:enable Metrics/PerceivedComplexity
|
146
|
+
# rubocop:enable Metrics/AbcSize
|
147
|
+
# rubocop:enable Metrics/MethodLength
|
122
148
|
|
123
149
|
# Needed because pip-compile's resolver isn't perfect.
|
124
150
|
# Note: We raise errors from this method, rather than returning a
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.107.
|
4
|
+
version: 0.107.43
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.107.
|
19
|
+
version: 0.107.43
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.107.
|
26
|
+
version: 0.107.43
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|