dependabot-python 0.111.13 → 0.111.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/metadata_finder.rb +18 -5
  3. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9c2824e060afd4b7dd2dfd1723b0f6d67b6f5fa06175a81defc48b149bee05ac
4
- data.tar.gz: d54ac00f4d2b133d84b50b61b2d5c406b2452f98ead291bc5413ba9257afbe6a
3
+ metadata.gz: a10949a16fe3b06af79342eef4660b126c26b143b99693ee86ee3d86f8ef2b28
4
+ data.tar.gz: 328718c8705ca24144b63981264e4eb3bfc72c0bd927ced46b4a6da12e205b73
5
5
  SHA512:
6
- metadata.gz: 92774946735f194f96c973be8980d6c5fcba9a67f34cfe8bc6f400c4ed2b32b30a75f8664e8d4975f64a146fe9bf3737b9bec9d64975c5ecfcd936c7e18c9ea9
7
- data.tar.gz: d5bd81373f6fc2463b5760183e6fa991557511f4629f1864165f04d7652cad606bc2e2866946ceb504d712be61a0b5ee274831fbb0b58f08dfd6bb472b55b35b
6
+ metadata.gz: 4cef4d799bbcea7196d92433a6b9a60478f6a8ac0b65403b63c372f62f27f5b5e791c3b229cd5f22cadce48abe87a86b291566b0b5178fd836af7b88b41913e0
7
+ data.tar.gz: cc9c60a0124489bbc6d1acc8b42e0f3ff1786b4a828f45f3a991fbdf4ab5fbdd85d9ae1c5fe6d2783989de57770673769edda68b166383b0367a0f3075e9a2b3
data/lib/dependabot/python/metadata_finder.rb CHANGED
@@ -130,11 +130,7 @@ module Dependabot
130
130
  return @pypi_listing = {} if dependency.version.include?("+")
131
131
 
132
132
  possible_listing_urls.each do |url|
133
- response = Excon.get(
134
- url,
135
- idempotent: true,
136
- **SharedHelpers.excon_defaults
137
- )
133
+ response = fetch_authed_url(url)
138
134
  next unless response.status == 200
139
135
 
140
136
  @pypi_listing = JSON.parse(response.body)
@@ -146,6 +142,23 @@ module Dependabot
146
142
  @pypi_listing = {} # No listing found
147
143
  end
148
144
 
145
+ def fetch_authed_url(url)
146
+ if url.match(%r{(.*)://(.*?):(.*)@([^@]+)$}) &&
147
+ Regexp.last_match.captures[1].include?("@")
148
+ protocol, user, pass, url = Regexp.last_match.captures
149
+
150
+ Excon.get(
151
+ "#{protocol}://#{url}",
152
+ user: user,
153
+ password: pass,
154
+ idempotent: true,
155
+ **SharedHelpers.excon_defaults
156
+ )
157
+ else
158
+ Excon.get(url, idempotent: true, **SharedHelpers.excon_defaults)
159
+ end
160
+ end
161
+
149
162
  def possible_listing_urls
150
163
  credential_urls =
151
164
  credentials.
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.111.13
4
+ version: 0.111.14
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.111.13
19
+ version: 0.111.14
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.111.13
26
+ version: 0.111.14
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement