dependabot-python 0.107.44 → 0.107.45

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9311029b8906b5ab2a35456e8e6541d90830a8f333b560d4aefabe700775effe
-  data.tar.gz: 1394673ed94221a9c402986da6bf977b23b67fb64080360ceff38d6d230609f8
+  metadata.gz: 6374dc5aec985c18310a4c3cbbe12b9d3a829a8a81b5315019e3d5e1cf989bd4
+  data.tar.gz: 8e93a3bf1bc85a936a76bca68685aaa3a09e8eeb5169b6f94cc4ee7a844019b7
 SHA512:
-  metadata.gz: f2b3d0e9f30bc8f77913588ef83651e7d558bf32dd035550995e540082e5a8c1ecf5d73ddbfec1111390916ce6ab93a8c99e7000d924453c0ee5d029f83cf3f8
-  data.tar.gz: ef83412fc21e9953f38352487ab3dc12d8619f8e1069b5af08e756bfdfaf7a8d3761394ac8ff405005703ef7d025438fe54981077c6716cc98f64ec499b3aed2
+  metadata.gz: 99c42ab69f01eef089c1966df4941363288929459ceef5d00b321ba258a66f5e4258265f579673dca774bfaa8ad3084639f90ddd189e9743cef396bc169c452b
+  data.tar.gz: 9f4639d8dd902c9df3aff4380d151ef553c1f7b8980e40f6b427578403d1db88b3abe1b784021f932ad9706bb667f88d9534284e0d5fd7de4ebc32316f12717d

data/lib/dependabot/python/file_updater/pyproject_preparer.rb

@@ -5,6 +5,7 @@ require "toml-rb"
 require "dependabot/python/file_parser"
 require "dependabot/python/file_updater"
 require "dependabot/python/authed_url_builder"
+require "securerandom"
 
 module Dependabot
   module Python
@@ -97,7 +98,13 @@ module Dependabot
           @config_variable_sources ||=
             credentials.
             select { |cred| cred["type"] == "python_index" }.
-            map { |c| { "url" => AuthedUrlBuilder.authed_url(credential: c) } }
+            map do |c|
+              {
+                "url" => AuthedUrlBuilder.authed_url(credential: c),
+                "name" => SecureRandom.hex[0..3],
+                "default" => c["replaces-base"]
+              }.compact
+            end
         end
 
         def parsed_lockfile

data/lib/dependabot/python/update_checker/poetry_version_resolver.rb

@@ -14,6 +14,7 @@ require "dependabot/python/native_helpers"
 require "dependabot/python/python_versions"
 require "dependabot/python/authed_url_builder"
 
+# rubocop:disable Metrics/ClassLength
 module Dependabot
   module Python
     class UpdateChecker
@@ -239,6 +240,7 @@ module Dependabot
 
         def updated_pyproject_content(updated_requirement:)
           content = pyproject.content
+          content = add_private_sources(content)
           content = sanitize_pyproject_content(content)
           content = freeze_other_dependencies(content)
           content = set_target_dependency_req(content, updated_requirement)
@@ -247,6 +249,7 @@ module Dependabot
 
         def sanitized_pyproject_content
           content = pyproject.content
+          content = add_private_sources(content)
           content = sanitize_pyproject_content(content)
           content
         end
@@ -257,6 +260,12 @@ module Dependabot
             sanitize
         end
 
+        def add_private_sources(pyproject_content)
+          Python::FileUpdater::PyprojectPreparer.
+            new(pyproject_content: pyproject_content).
+            replace_sources(credentials)
+        end
+
         def freeze_other_dependencies(pyproject_content)
           Python::FileUpdater::PyprojectPreparer.
             new(pyproject_content: pyproject_content, lockfile: lockfile).
@@ -351,3 +360,4 @@ module Dependabot
     end
   end
 end
+# rubocop:enable Metrics/ClassLength

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.107.44
+  version: 0.107.45
 platform: ruby
 authors:
 - Dependabot
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.44
+        version: 0.107.45
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.107.44
+        version: 0.107.45
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement