RubyGems - dependabot-python - Versions diffs - 0.107.42 → 0.107.43 - Mend

dependabot-python 0.107.42 → 0.107.43

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

checksums.yaml +4 -4
data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb +26 -0
metadata +3 -3

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ed9053320e13e6044cc5aafe841413755948450b02673e64aa80ebaf18a0eedc
-  data.tar.gz: dc36f42548e1238e91c35b7f39695b7dc284957714b21615d530702a14aa6e8b
+  metadata.gz: bb46cd8d71faf4aa0cae9728c94d0cce4609ddf53826c7b9d4fb76bc669a8c8e
+  data.tar.gz: d396b1f311e94639e36cf620ae89fa2ed2ec9358214896cc02ea358e995f1d4b
 SHA512:
-  metadata.gz: a51e6ec79812ecefaa31f0adb9d34de717cadba19a1e9d6763c0e46d705f97957506cd1a71b8e224592295e3ac85ac06c167ba2b7482972cc04c7ef1c50db221
-  data.tar.gz: 4cd521e0f39c1c03b739ec38813ffa4e25e7fc09d979bd482a72172395486bb51225483cc378e53bc05f698a60f6d75fc06880934add5fb5303712a9b31d50ce
+  metadata.gz: 525c9f5d4faf8ac2fd833c1079cf0f850bbfdaf31949e3903cbc1878dcf9913ffe9343f10c60ae38b964ca8c6950b4b670385445dfa27eb6f83ec88eafb4444b
+  data.tar.gz: 06040c1680d083d9331770de64323670d70f9ff010eca05db3db590313e21ac8a376bb78133414626a7ab571386fc0700be05fb8a4db79377fae747b01fddb53

data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb CHANGED Viewed

@@ -20,6 +20,12 @@ module Dependabot
       # - Run `pip-compile` and see what the result is
       # rubocop:disable Metrics/ClassLength
       class PipCompileVersionResolver
+        GIT_DEPENDENCY_UNREACHABLE_REGEX =
+          /Command "git clone -q (?<url>[^\s]+).*" failed/.freeze
+        GIT_REFERENCE_NOT_FOUND_REGEX =
+          %r{"git checkout -q (?<tag>[^"]+)" .*/(?<name>.*?)(\\n'\]|$)}.
+          freeze
         attr_reader :dependency, :dependency_files, :credentials
         def initialize(dependency:, dependency_files:, credentials:)
@@ -88,6 +94,10 @@ module Dependabot
         end
         # rubocop:enable Metrics/MethodLength
+        # rubocop:disable Metrics/CyclomaticComplexity
+        # rubocop:disable Metrics/PerceivedComplexity
+        # rubocop:disable Metrics/AbcSize
+        # rubocop:disable Metrics/MethodLength
         def handle_pip_compile_errors(error)
           if error.message.include?("Could not find a version")
             check_original_requirements_resolvable
@@ -117,8 +127,24 @@ module Dependabot
             return nil
           end
+          if error.message.match?(GIT_DEPENDENCY_UNREACHABLE_REGEX)
+            url = error.message.match(GIT_DEPENDENCY_UNREACHABLE_REGEX).
+                  named_captures.fetch("url")
+            raise GitDependenciesNotReachable, url
+          end
+          if error.message.match?(GIT_REFERENCE_NOT_FOUND_REGEX)
+            name = error.message.match(GIT_REFERENCE_NOT_FOUND_REGEX).
+                   named_captures.fetch("name")
+            raise GitDependencyReferenceNotFound, name
+          end
           raise
         end
+        # rubocop:enable Metrics/CyclomaticComplexity
+        # rubocop:enable Metrics/PerceivedComplexity
+        # rubocop:enable Metrics/AbcSize
+        # rubocop:enable Metrics/MethodLength
         # Needed because pip-compile's resolver isn't perfect.
         # Note: We raise errors from this method, rather than returning a

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.107.42
+  version: 0.107.43
 platform: ruby
 authors:
 - Dependabot
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.42
+        version: 0.107.43
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.42
+        version: 0.107.43
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement