dependabot-python 0.119.0.beta1 → 0.119.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0c443c75018adfd2cf364c97de4ef952789b4b1d279c9ef325ee181e8f46cd56
-  data.tar.gz: 3ef40c7a0ac388eea5b3a2ea5b70ca5019a0110088fae84e5913c2584d37eb8d
+  metadata.gz: 84b93ec627bd617f9e3b101d3a080d0360ce03687921e2e7a9f18269f05443e4
+  data.tar.gz: 1540bd63155f250dff52f2488e8310a5c68d5f4fb4d2b64065876760bf36fc9d
 SHA512:
-  metadata.gz: 13bcdc6647e905be59181cac53a5e79073531940e291684b9431b68bbb16702871d56c964ea4ba4cdee736ec74f050db09b94bd0ba2b370813e5c4ae9cf7e144
-  data.tar.gz: 8f7113e04bf9c2c2fd727ecba7c7240d1f7f518237f4c8361531370e3fa86fb712d22544bbfe5751fee6296749c3dfc179c786bdd41a3db241d164a5cd5fb6ca
+  metadata.gz: 652148d29cbbee475593db5e2d546a32d8a5d36e7311b68d74184205aa80eca44eaeec6dcaba42eacd3c441ea103bfd9b08608b5c8b467ac03a5553903fe900a
+  data.tar.gz: ffb6daa592bca2618ab5d57e62ad687da41eee41737cfac243cffde4315e8affc304df8813d794cd0c045e68a75b3d235d58676f1b04a9a2040f67eccb7b941c

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.119.0.beta1
+  version: 0.119.0
 platform: ruby
 authors:
 - Dependabot
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2020-08-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.0.beta1
+        version: 0.119.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.119.0.beta1
+        version: 0.119.0
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -144,11 +144,6 @@ extensions: []
 extra_rdoc_files: []
 files:
 - helpers/build
-- helpers/install-dir/python/lib/__init__.py
-- helpers/install-dir/python/lib/hasher.py
-- helpers/install-dir/python/lib/parser.py
-- helpers/install-dir/python/requirements.txt
-- helpers/install-dir/python/run.py
 - helpers/lib/__init__.py
 - helpers/lib/hasher.py
 - helpers/lib/parser.py
@@ -191,7 +186,7 @@ homepage: https://github.com/dependabot/dependabot-core
 licenses:
 - Nonstandard
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -206,8 +201,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: 2.5.0
 requirements: []
-rubygems_version: 3.1.4
-signing_key:
+rubygems_version: 3.1.2
+signing_key: 
 specification_version: 4
 summary: Python support for dependabot
 test_files: []

data/helpers/install-dir/python/lib/hasher.py

@@ -1,24 +0,0 @@
-import hashin
-import json
-import pipfile
-from poetry.poetry import Poetry
-from poetry.factory import Factory
-
-def get_dependency_hash(dependency_name, dependency_version, algorithm):
-    hashes = hashin.get_package_hashes(
-        dependency_name,
-        version=dependency_version,
-        algorithm=algorithm
-    )
-
-    return json.dumps({ "result": hashes["hashes"] })
-
-def get_pipfile_hash(directory):
-    p = pipfile.load(directory + '/Pipfile')
-
-    return json.dumps({ "result": p.hash })
-
-def get_pyproject_hash(directory):
-    p = Factory().create_poetry(directory)
-
-    return json.dumps({ "result": p.locker._get_content_hash() })

data/helpers/install-dir/python/lib/parser.py

@@ -1,138 +0,0 @@
-from itertools import chain
-import glob
-import io
-import json
-import optparse
-import os.path
-import re
-
-import setuptools
-import pip._internal.req.req_file
-from pip._internal.network.session import PipSession
-from pip._internal.models.format_control import FormatControl
-from pip._internal.req.constructors import (
-        install_req_from_line,
-        install_req_from_parsed_requirement,
-)
-
-def parse_requirements(directory):
-    # Parse the requirements.txt
-    requirement_packages = []
-    requirement_files = glob.glob(os.path.join(directory, '*.txt')) \
-                        + glob.glob(os.path.join(directory, '**', '*.txt'))
-
-    pip_compile_files = glob.glob(os.path.join(directory, '*.in')) \
-                        + glob.glob(os.path.join(directory, '**', '*.in'))
-
-    def version_from_install_req(install_req):
-        if install_req.is_pinned:
-            return next(iter(install_req.specifier)).version
-
-    for reqs_file in requirement_files + pip_compile_files:
-        try:
-            requirements = pip._internal.req.req_file.parse_requirements(
-                reqs_file,
-                session=PipSession()
-            )
-            for parsed_req in requirements:
-                install_req = install_req_from_parsed_requirement(parsed_req)
-                if install_req.original_link:
-                    continue
-
-                pattern = r"-[cr] (.*) \(line \d+\)"
-                abs_path = re.search(pattern, install_req.comes_from).group(1)
-                rel_path = os.path.relpath(abs_path, directory)
-
-                requirement_packages.append({
-                    "name": install_req.req.name,
-                    "version": version_from_install_req(install_req),
-                    "markers": str(install_req.markers) or None,
-                    "file": rel_path,
-                    "requirement": str(install_req.specifier) or None,
-                    "extras": sorted(list(install_req.extras))
-                })
-        except Exception as e:
-            print(json.dumps({ "error": repr(e) }))
-            exit(1)
-
-    return json.dumps({ "result": requirement_packages })
-
-def parse_setup(directory):
-    # Parse the setup.py
-    setup_packages = []
-    if os.path.isfile(directory + '/setup.py'):
-        def version_from_install_req(install_req):
-            if install_req.is_pinned:
-                return next(iter(install_req.specifier)).version
-
-        def parse_requirement(req, req_type):
-            install_req = install_req_from_line(req)
-            if install_req.original_link:
-                return
-
-            setup_packages.append({
-                "name": install_req.req.name,
-                "version": version_from_install_req(install_req),
-                "markers": str(install_req.markers) or None,
-                "file": "setup.py",
-                "requirement": str(install_req.specifier) or None,
-                "requirement_type": req_type,
-                "extras": sorted(list(install_req.extras))
-            })
-
-        def setup(*args, **kwargs):
-            for arg in ['setup_requires', 'install_requires', 'tests_require']:
-                if not kwargs.get(arg):
-                    continue
-                for req in kwargs.get(arg):
-                    parse_requirement(req, arg)
-            extras_require_dict = kwargs.get('extras_require', {})
-            for key in extras_require_dict:
-                for req in extras_require_dict[key]:
-                    parse_requirement(req, 'extras_require:{}'.format(key))
-        setuptools.setup = setup
-
-        def noop(*args, **kwargs):
-            pass
-
-        def fake_parse(*args, **kwargs):
-            return []
-
-        global fake_open
-        def fake_open(*args, **kwargs):
-            content = ("VERSION = ('0', '0', '1+dependabot')\n"
-                       "__version__ = '0.0.1+dependabot'\n"
-                       "__author__ = 'someone'\n"
-                       "__title__ = 'something'\n"
-                       "__description__ = 'something'\n"
-                       "__author_email__ = 'something'\n"
-                       "__license__ = 'something'\n"
-                       "__url__ = 'something'\n")
-            return io.StringIO(content)
-
-        content = open(directory + '/setup.py', 'r').read()
-
-        # Remove `print`, `open`, `log` and import statements
-        content = re.sub(r"print\s*\(", "noop(", content)
-        content = re.sub(r"log\s*(\.\w+)*\(", "noop(", content)
-        content = re.sub(r"\b(\w+\.)*(open|file)\s*\(", "fake_open(", content)
-        content = content.replace("parse_requirements(", "fake_parse(")
-        version_re = re.compile(r"^.*import.*__version__.*$", re.MULTILINE)
-        content = re.sub(version_re, "", content)
-
-        # Set variables likely to be imported
-        __version__ = '0.0.1+dependabot'
-        __author__ = 'someone'
-        __title__ = 'something'
-        __description__ = 'something'
-        __author_email__ = 'something'
-        __license__ = 'something'
-        __url__ = 'something'
-
-        # Run as main (since setup.py is a script)
-        __name__ = '__main__'
-
-        # Exec the setup.py
-        exec(content) in globals(), locals()
-
-    return json.dumps({ "result": setup_packages })

data/helpers/install-dir/python/requirements.txt

@@ -1,9 +0,0 @@
-pip==20.1.1
-pip-tools==5.3.0
-hashin==0.15.0
-pipenv==2018.11.26
-pipfile==0.0.2
-poetry==1.0.10
-
-# Some dependencies will only install if Cython is present
-Cython==0.29.21

data/helpers/install-dir/python/run.py

@@ -1,18 +0,0 @@
-import sys
-import json
-
-from lib import parser, hasher
-
-if __name__ == "__main__":
-    args = json.loads(sys.stdin.read())
-
-    if args["function"] == "parse_requirements":
-        print(parser.parse_requirements(args["args"][0]))
-    if args["function"] == "parse_setup":
-        print(parser.parse_setup(args["args"][0]))
-    elif args["function"] == "get_dependency_hash":
-        print(hasher.get_dependency_hash(*args["args"]))
-    elif args["function"] == "get_pipfile_hash":
-        print(hasher.get_pipfile_hash(*args["args"]))
-    elif args["function"] == "get_pyproject_hash":
-        print(hasher.get_pyproject_hash(*args["args"]))