dependabot-python 0.110.6 → 0.110.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/python/file_parser/pipfile_files_parser.rb +15 -1
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 43d7f7244606a50ce1ddd11fdcfd2bcc0af02b146f4e4c85709a39aae6bfc712
|
|
4
|
+
data.tar.gz: 7e520bc19af23154694cea92ecb57def883b39bc8ad819de972923821743431a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: b0e955e58e7e5f4251e373e3dbfee4aadfcaafc6493ce4de1aad56fe1667f983c0ee70df3e7d6bddcc9bc8d2c82af8a34b2ad2ee8d767dd6089ad4374214f04d
|
|
7
|
+
data.tar.gz: e306090151957bfe827b03fcb96181065c9e46208545ef61cd3d30f83caebc8910284be227e75e542be7c74bf18a1394b3ecc31a0066bf729eb8ba60ccc40298
|
|
@@ -47,7 +47,8 @@ module Dependabot
|
|
|
47
47
|
|
|
48
48
|
parsed_pipfile[keys[:pipfile]].map do |dep_name, req|
|
|
49
49
|
group = keys[:lockfile]
|
|
50
|
-
next unless
|
|
50
|
+
next unless specifies_version?(req)
|
|
51
|
+
next if git_or_path_requirement?(req)
|
|
51
52
|
next if pipfile_lock && !dependency_version(dep_name, req, group)
|
|
52
53
|
|
|
53
54
|
dependencies <<
|
|
@@ -84,6 +85,7 @@ module Dependabot
|
|
|
84
85
|
when Hash then details["version"]
|
|
85
86
|
end
|
|
86
87
|
next unless version
|
|
88
|
+
next if git_or_path_requirement?(details)
|
|
87
89
|
|
|
88
90
|
dependencies <<
|
|
89
91
|
Dependency.new(
|
|
@@ -119,6 +121,18 @@ module Dependabot
|
|
|
119
121
|
end
|
|
120
122
|
end
|
|
121
123
|
|
|
124
|
+
def specifies_version?(req)
|
|
125
|
+
return true if req.is_a?(String)
|
|
126
|
+
|
|
127
|
+
req["version"]
|
|
128
|
+
end
|
|
129
|
+
|
|
130
|
+
def git_or_path_requirement?(req)
|
|
131
|
+
return false unless req.is_a?(Hash)
|
|
132
|
+
|
|
133
|
+
%w(git path).any? { |k| req.key?(k) }
|
|
134
|
+
end
|
|
135
|
+
|
|
122
136
|
# See https://www.python.org/dev/peps/pep-0503/#normalized-names
|
|
123
137
|
def normalised_name(name)
|
|
124
138
|
name.downcase.gsub(/[-_.]+/, "-")
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.110.
|
|
4
|
+
version: 0.110.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.110.
|
|
19
|
+
version: 0.110.7
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.110.
|
|
26
|
+
version: 0.110.7
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|