dependabot-python 0.111.13 → 0.111.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/python/metadata_finder.rb +18 -5
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a10949a16fe3b06af79342eef4660b126c26b143b99693ee86ee3d86f8ef2b28
|
|
4
|
+
data.tar.gz: 328718c8705ca24144b63981264e4eb3bfc72c0bd927ced46b4a6da12e205b73
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 4cef4d799bbcea7196d92433a6b9a60478f6a8ac0b65403b63c372f62f27f5b5e791c3b229cd5f22cadce48abe87a86b291566b0b5178fd836af7b88b41913e0
|
|
7
|
+
data.tar.gz: cc9c60a0124489bbc6d1acc8b42e0f3ff1786b4a828f45f3a991fbdf4ab5fbdd85d9ae1c5fe6d2783989de57770673769edda68b166383b0367a0f3075e9a2b3
|
|
@@ -130,11 +130,7 @@ module Dependabot
|
|
|
130
130
|
return @pypi_listing = {} if dependency.version.include?("+")
|
|
131
131
|
|
|
132
132
|
possible_listing_urls.each do |url|
|
|
133
|
-
response =
|
|
134
|
-
url,
|
|
135
|
-
idempotent: true,
|
|
136
|
-
**SharedHelpers.excon_defaults
|
|
137
|
-
)
|
|
133
|
+
response = fetch_authed_url(url)
|
|
138
134
|
next unless response.status == 200
|
|
139
135
|
|
|
140
136
|
@pypi_listing = JSON.parse(response.body)
|
|
@@ -146,6 +142,23 @@ module Dependabot
|
|
|
146
142
|
@pypi_listing = {} # No listing found
|
|
147
143
|
end
|
|
148
144
|
|
|
145
|
+
def fetch_authed_url(url)
|
|
146
|
+
if url.match(%r{(.*)://(.*?):(.*)@([^@]+)$}) &&
|
|
147
|
+
Regexp.last_match.captures[1].include?("@")
|
|
148
|
+
protocol, user, pass, url = Regexp.last_match.captures
|
|
149
|
+
|
|
150
|
+
Excon.get(
|
|
151
|
+
"#{protocol}://#{url}",
|
|
152
|
+
user: user,
|
|
153
|
+
password: pass,
|
|
154
|
+
idempotent: true,
|
|
155
|
+
**SharedHelpers.excon_defaults
|
|
156
|
+
)
|
|
157
|
+
else
|
|
158
|
+
Excon.get(url, idempotent: true, **SharedHelpers.excon_defaults)
|
|
159
|
+
end
|
|
160
|
+
end
|
|
161
|
+
|
|
149
162
|
def possible_listing_urls
|
|
150
163
|
credential_urls =
|
|
151
164
|
credentials.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.111.
|
|
4
|
+
version: 0.111.14
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.111.
|
|
19
|
+
version: 0.111.14
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.111.
|
|
26
|
+
version: 0.111.14
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|