RubyGems - dependabot-python - Versions diffs - 0.111.27 → 0.111.28 - Mend

dependabot-python 0.111.27 → 0.111.28

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (22) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e240917970cfdb0ebd6d48acaa79c18d613baf1f138ca6207d101910c9810069
-  data.tar.gz: 13be53930a68a1dad68ef8bad2e6485e2ce5acd2a60871b2a8d76a12db39d33e
+  metadata.gz: 9d8b6adc1f2d136a92dbf6980f1fb0e2402ee04d8671e067c017fdef952b727d
+  data.tar.gz: c05e90c49c095f40c32950ce894cf8131fea9e11708b228c455a5b6eed8fd859
 SHA512:
-  metadata.gz: 15399689e9e8baca73f44699537e5944eb111b2b78761fe0bd122216e2a31cb882c67380371f6e703c91eae962b9bfc8cd37aa320b155df37eab8847ecf47524
-  data.tar.gz: 8208b476b422d9a0f6be76c2c5b48fde1f6b61455cfa91f3c5930aff3fe8eb3ea88056a2e11cbf01368ce9ac594847ccb57ca0f4265759ec326518e172f34f49
+  metadata.gz: de00b1055f33feda4ff3f6bba2a4111f0eb1d2003dc3c058a242ac66a9cc945706ca3f4bcdbb2b6e7c180086aed3602758cef322fae5a7023551399411eb749f
+  data.tar.gz: c83b4e3756d6817cb03dfa01cd8e1aeaa3933eed558136e206725101f9aa5682776b91fe244a99879963cd568f3aee2cf52760234b61cde71d19b0a27de83ae6

data/helpers/requirements.txt CHANGED Viewed

@@ -1,5 +1,5 @@
-pip==19.1.1
-pip-tools==3.9.0
+pip==19.2.1
+pip-tools==4.0.0
 hashin==0.14.5
 pipenv==2018.11.26
 pipfile==0.0.2

data/lib/dependabot/python.rb CHANGED Viewed

@@ -9,6 +9,7 @@ require "dependabot/python/file_updater"
 require "dependabot/python/metadata_finder"
 require "dependabot/python/requirement"
 require "dependabot/python/version"
+require "dependabot/python/name_normaliser"
 require "dependabot/pull_request_creator/labeler"
 Dependabot::PullRequestCreator::Labeler.
@@ -29,5 +30,5 @@ Dependabot::Dependency.register_production_check(
 # See https://www.python.org/dev/peps/pep-0503/#normalized-names
 Dependabot::Dependency.register_name_normaliser(
   "pip",
-  ->(name) { name.downcase.gsub(/[-_.]+/, "-") }
+  ->(name) { NameNormaliser.normalise(name) }
 )

data/lib/dependabot/python/file_parser.rb CHANGED Viewed

@@ -9,6 +9,7 @@ require "dependabot/shared_helpers"
 require "dependabot/python/requirement"
 require "dependabot/errors"
 require "dependabot/python/native_helpers"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -137,6 +138,9 @@ module Dependabot
         return false unless pip_compile_files.any?
         return false unless filename.end_with?(".txt")
+        file = dependency_files.find { |f| f.name == filename }
+        return true if file&.content&.match?(output_file_regex(filename))
         basename = filename.gsub(/\.txt$/, "")
         pip_compile_files.any? { |f| f.name == basename + ".in" }
       end
@@ -181,9 +185,8 @@ module Dependabot
           end
       end
-      # See https://www.python.org/dev/peps/pep-0503/#normalized-names
       def normalised_name(name)
-        Dependency.name_normaliser_for_package_manager("pip").call(name)
+        NameNormaliser.normalise(name)
       end
       def check_required_files
@@ -213,6 +216,10 @@ module Dependabot
         raise Dependabot::DependencyFileNotParseable, pyproject.path
       end
+      def output_file_regex(filename)
+        "--output-file[=\s]+#{Regexp.escape(filename)}(?:\s|$)"
+      end
       def pyproject
         @pyproject ||= get_original_file("pyproject.toml")
       end
@@ -237,5 +244,4 @@ module Dependabot
   end
 end
-Dependabot::FileParsers.
-  register("pip", Dependabot::Python::FileParser)
+Dependabot::FileParsers.register("pip", Dependabot::Python::FileParser)

data/lib/dependabot/python/file_parser/pipfile_files_parser.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require "dependabot/dependency"
 require "dependabot/file_parsers/base/dependency_set"
 require "dependabot/python/file_parser"
 require "dependabot/errors"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -134,7 +135,7 @@ module Dependabot
         end
         def normalised_name(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def parsed_pipfile

data/lib/dependabot/python/file_parser/poetry_files_parser.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require "dependabot/file_parsers/base/dependency_set"
 require "dependabot/python/file_parser"
 require "dependabot/python/requirement"
 require "dependabot/errors"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -98,7 +99,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def parsed_pyproject

data/lib/dependabot/python/file_parser/setup_file_parser.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require "dependabot/file_parsers/base/dependency_set"
 require "dependabot/shared_helpers"
 require "dependabot/python/file_parser"
 require "dependabot/python/native_helpers"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -164,7 +165,7 @@ module Dependabot
         end
         def normalised_name(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def setup_file

data/lib/dependabot/python/file_updater.rb CHANGED Viewed

@@ -143,5 +143,4 @@ module Dependabot
   end
 end
-Dependabot::FileUpdaters.
-  register("pip", Dependabot::Python::FileUpdater)
+Dependabot::FileUpdaters.register("pip", Dependabot::Python::FileUpdater)

data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb CHANGED Viewed

@@ -9,6 +9,7 @@ require "dependabot/python/file_updater"
 require "dependabot/shared_helpers"
 require "dependabot/python/native_helpers"
 require "dependabot/python/python_versions"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -203,7 +204,8 @@ module Dependabot
         def error_suggests_bad_python_version?(message)
           return true if message.include?("not find a version that satisfies")
-          message.include?('Command "python setup.py egg_info" failed')
+          message.include?('Command "python setup.py egg_info" failed') ||
+            message.include?("exit status 1: python setup.py egg_info")
         end
         def write_updated_dependency_files
@@ -422,15 +424,13 @@ module Dependabot
         end
         def pip_compile_options(filename)
-          current_requirements_file_name = filename.sub(/\.in$/, ".txt")
+          requirements_file = compiled_file_for_filename(filename)
+          return "--build-isolation" unless requirements_file
-          requirements_file =
-            dependency_files.
-            find { |f| f.name == current_requirements_file_name }
-          return unless requirements_file
-          options = ["--build-isolation"]
+          options = [
+            "--build-isolation",
+            "--output-file=#{requirements_file.name}"
+          ]
           if requirements_file.content.include?("--hash=sha")
             options << "--generate-hashes"
@@ -464,8 +464,7 @@ module Dependabot
           files_from_compiled_files =
             pip_compile_files.map(&:name).select do |fn|
-              compiled_file = dependency_files.
-                              find { |f| f.name == fn.gsub(/\.in$/, ".txt") }
+              compiled_file = compiled_file_for_filename(fn)
               compiled_file_includes_dependency?(compiled_file)
             end
@@ -474,6 +473,22 @@ module Dependabot
           order_filenames_for_compilation(filenames)
         end
+        def compiled_file_for_filename(filename)
+          compiled_file =
+            compiled_files.
+            find { |f| f.content.match?(output_file_regex(filename)) }
+          compiled_file ||=
+            compiled_files.
+            find { |f| f.name == filename.gsub(/\.in$/, ".txt") }
+          compiled_file
+        end
+        def output_file_regex(filename)
+          "--output-file[=\s]+.*\s#{Regexp.escape(filename)}\s*$"
+        end
         def compiled_file_includes_dependency?(compiled_file)
           return false unless compiled_file
@@ -485,7 +500,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         # If the files we need to update require one another then we need to

data/lib/dependabot/python/file_updater/pipfile_file_updater.rb CHANGED Viewed

@@ -8,6 +8,7 @@ require "dependabot/python/file_parser/python_requirement_parser"
 require "dependabot/python/file_updater"
 require "dependabot/shared_helpers"
 require "dependabot/python/native_helpers"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -290,7 +291,8 @@ module Dependabot
         def error_suggests_bad_python_version?(message)
           return true if message.include?("UnsupportedPythonVersion")
-          message.include?('Command "python setup.py egg_info" failed')
+          message.include?('Command "python setup.py egg_info" failed') ||
+            message.include?("exit status 1: python setup.py egg_info")
         end
         def write_temporary_dependency_files(pipfile_content)
@@ -421,7 +423,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def parsed_lockfile

data/lib/dependabot/python/file_updater/pipfile_preparer.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require "dependabot/dependency"
 require "dependabot/python/file_parser"
 require "dependabot/python/file_updater"
 require "dependabot/python/authed_url_builder"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -104,7 +105,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def pipfile_sources

data/lib/dependabot/python/file_updater/poetry_file_updater.rb CHANGED Viewed

@@ -10,6 +10,7 @@ require "dependabot/python/python_versions"
 require "dependabot/python/file_parser/python_requirement_parser"
 require "dependabot/python/file_updater"
 require "dependabot/python/native_helpers"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -291,7 +292,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def pyproject

data/lib/dependabot/python/file_updater/pyproject_preparer.rb CHANGED Viewed

@@ -6,6 +6,7 @@ require "dependabot/dependency"
 require "dependabot/python/file_parser"
 require "dependabot/python/file_updater"
 require "dependabot/python/authed_url_builder"
+require "dependabot/python/name_normaliser"
 require "securerandom"
 module Dependabot
@@ -79,7 +80,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def pyproject_sources

data/lib/dependabot/python/file_updater/requirement_replacer.rb CHANGED Viewed

@@ -5,6 +5,7 @@ require "dependabot/python/requirement_parser"
 require "dependabot/python/file_updater"
 require "dependabot/shared_helpers"
 require "dependabot/python/native_helpers"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -167,7 +168,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def requirements_match(req1, req2)

data/lib/dependabot/python/metadata_finder.rb CHANGED Viewed

@@ -173,5 +173,4 @@ module Dependabot
   end
 end
-Dependabot::MetadataFinders.
-  register("pip", Dependabot::Python::MetadataFinder)
+Dependabot::MetadataFinders.register("pip", Dependabot::Python::MetadataFinder)

data/lib/dependabot/python/name_normaliser.rb ADDED Viewed

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+module Dependabot
+  module Python
+    module NameNormaliser
+      def self.normalise(name)
+        name.downcase.gsub(/[-_.]+/, "-")
+      end
+    end
+  end
+end

data/lib/dependabot/python/update_checker.rb CHANGED Viewed

@@ -10,6 +10,7 @@ require "dependabot/shared_helpers"
 require "dependabot/errors"
 require "dependabot/python/requirement"
 require "dependabot/python/requirement_parser"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -288,7 +289,7 @@ module Dependabot
       end
       def normalised_name(name)
-        Dependency.name_normaliser_for_package_manager("pip").call(name)
+        NameNormaliser.normalise(name)
       end
       def pipfile
@@ -318,5 +319,4 @@ module Dependabot
   end
 end
-Dependabot::UpdateCheckers.
-  register("pip", Dependabot::Python::UpdateChecker)
+Dependabot::UpdateCheckers.register("pip", Dependabot::Python::UpdateChecker)

data/lib/dependabot/python/update_checker/latest_version_finder.rb CHANGED Viewed

@@ -8,6 +8,7 @@ require "dependabot/dependency"
 require "dependabot/python/update_checker"
 require "dependabot/shared_helpers"
 require "dependabot/python/authed_url_builder"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -222,9 +223,7 @@ module Dependabot
         end
         def normalised_name
-          Dependency.
-            name_normaliser_for_package_manager("pip").
-            call(dependency.name)
+          NameNormaliser.normalise(dependency.name)
         end
         def name_regex

data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb CHANGED Viewed

@@ -13,6 +13,7 @@ require "dependabot/python/version"
 require "dependabot/shared_helpers"
 require "dependabot/python/native_helpers"
 require "dependabot/python/python_versions"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -74,14 +75,15 @@ module Dependabot
                   # This is slow, as pip-compile needs to do installs.
                   run_pip_compile_command(
                     "pyenv exec pip-compile --allow-unsafe "\
-                     "--build-isolation -P #{dependency.name} #{filename}"
+                     "#{pip_compile_options(filename)} -P #{dependency.name} "\
+                     "#{filename}"
                   )
                   # Run pip-compile a second time, without an update argument,
                   # to ensure it handles markers correctly
                   write_original_manifest_files unless dependency.top_level?
                   run_pip_compile_command(
                     "pyenv exec pip-compile --allow-unsafe "\
-                     "--build-isolation #{filename}"
+                     "#{pip_compile_options(filename)} #{filename}"
                   )
                 end
@@ -196,6 +198,16 @@ module Dependabot
           )
         end
+        def pip_compile_options(filename)
+          requirements_file = compiled_file_for_filename(filename)
+          return "--build-isolation" unless requirements_file
+          [
+            "--build-isolation",
+            "--output-file=#{requirements_file.name}"
+          ].join(" ")
+        end
         def run_pip_compile_command(command)
           run_command("pyenv local #{python_version}")
           run_command(command)
@@ -250,7 +262,8 @@ module Dependabot
         end
         def error_certainly_bad_python_version?(message)
-          unless message.include?('Command "python setup.py egg_info" failed')
+          unless message.include?('"python setup.py egg_info" failed') ||
+                 message.include?("exit status 1: python setup.py egg_info")
             return false
           end
@@ -261,7 +274,8 @@ module Dependabot
           return true if message.include?("not find a version that satisfies")
           return true if message.include?("No matching distribution found")
-          message.include?('Command "python setup.py egg_info" failed')
+          message.include?('Command "python setup.py egg_info" failed') ||
+            message.include?("exit status 1: python setup.py egg_info")
         end
         def write_temporary_dependency_files(updated_req: nil,
@@ -345,7 +359,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def clean_error_message(message)
@@ -367,8 +381,7 @@ module Dependabot
           files_from_compiled_files =
             pip_compile_files.map(&:name).select do |fn|
-              compiled_file = dependency_files.
-                              find { |f| f.name == fn.gsub(/\.in$/, ".txt") }
+              compiled_file = compiled_file_for_filename(fn)
               compiled_file_includes_dependency?(compiled_file)
             end
@@ -377,6 +390,22 @@ module Dependabot
           order_filenames_for_compilation(filenames)
         end
+        def compiled_file_for_filename(filename)
+          compiled_file =
+            compiled_files.
+            find { |f| f.content.match?(output_file_regex(filename)) }
+          compiled_file ||=
+            compiled_files.
+            find { |f| f.name == filename.gsub(/\.in$/, ".txt") }
+          compiled_file
+        end
+        def output_file_regex(filename)
+          "--output-file[=\s]+.*\s#{Regexp.escape(filename)}\s*$"
+        end
         def compiled_file_includes_dependency?(compiled_file)
           return false unless compiled_file

data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb CHANGED Viewed

@@ -13,6 +13,7 @@ require "dependabot/python/file_updater/setup_file_sanitizer"
 require "dependabot/python/update_checker"
 require "dependabot/python/python_versions"
 require "dependabot/python/native_helpers"
+require "dependabot/python/name_normaliser"
 require "dependabot/python/version"
 # rubocop:disable Metrics/ClassLength
@@ -467,7 +468,8 @@ module Dependabot
           return true if error_message.include?("UnsupportedPythonVersion")
           return true if error_message.include?("at matches #{dependency.name}")
-          error_message.include?('Command "python setup.py egg_info" failed')
+          error_message.include?('Command "python setup.py egg_info" failed') ||
+            message.include?("exit status 1: python setup.py egg_info")
         end
         def pipenv_env_variables
@@ -481,7 +483,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
         def pipfile

data/lib/dependabot/python/update_checker/poetry_version_resolver.rb CHANGED Viewed

@@ -15,6 +15,7 @@ require "dependabot/python/requirement"
 require "dependabot/python/native_helpers"
 require "dependabot/python/python_versions"
 require "dependabot/python/authed_url_builder"
+require "dependabot/python/name_normaliser"
 module Dependabot
   module Python
@@ -326,7 +327,7 @@ module Dependabot
         end
         def normalise(name)
-          Dependency.name_normaliser_for_package_manager("pip").call(name)
+          NameNormaliser.normalise(name)
         end
       end
     end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.111.27
+  version: 0.111.28
 platform: ruby
 authors:
 - Dependabot
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-07-24 00:00:00.000000000 Z
+date: 2019-07-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.111.27
+        version: 0.111.28
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.111.27
+        version: 0.111.28
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -168,6 +168,7 @@ files:
 - lib/dependabot/python/file_updater/requirement_replacer.rb
 - lib/dependabot/python/file_updater/setup_file_sanitizer.rb
 - lib/dependabot/python/metadata_finder.rb
+- lib/dependabot/python/name_normaliser.rb
 - lib/dependabot/python/native_helpers.rb
 - lib/dependabot/python/python_versions.rb
 - lib/dependabot/python/requirement.rb