dependabot-python 0.151.1 → 0.152.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5ef920d2b80e5526bcd35258701f6cf300d0af16499ce06adf1ae7b2d401ca57
-  data.tar.gz: 89c8c3c78c2555a3d2f039dd37f92be479618b6c5274a9e9fd285eb2df71c5d1
+  metadata.gz: 9e1922edaeaf954b6c70d1a18e4a1a89950314b4ef7ab707c85ee4d400898daa
+  data.tar.gz: 47afe48aefccd83ed8c19252f19d24effc248ae8dec6f1b2849bf6c553957478
 SHA512:
-  metadata.gz: ba654b22b0186d2dbc346173b08c667db177a01da1168b1f86e1b9fb4cd28e0e08a8e491a487c81545a13278860b33da9279a030a357930949010d7ad7f7146c
-  data.tar.gz: 80470565f5bdfaad4f52075129a0f90bfd48d6b510df9d13165e281b3e326ee6a40ef7a11f4440f7c20852446607f075df5f75f9b1d6b8d4a504df849872e8be
+  metadata.gz: 4b9442ce4c7b84a539aad7557ece73a81311913d6ed758f7cfb33dd4b60a2d5947856085de980ef6143da5a604f3ecdd955ac431b1749ba96b758870d031694e
+  data.tar.gz: 2547e1be652cb532fa8ae97825d9986808837c8fcb91ee7bec7b3855a8ec18f90a9b69aeb096ed7b840ebd2f7bd1aa12b7a0c25451e73b945b063f15cdc923b2

data/helpers/build

@@ -16,7 +16,6 @@ cp -r \
   "$install_dir"
 
 cd "$install_dir"
-PYENV_VERSION=2.7.18 pyenv exec pip install -r "requirements.txt"
 PYENV_VERSION=3.9.4  pyenv exec pip install -r "requirements.txt"
 
 # Workaround of https://github.com/python-poetry/poetry/issues/3010

data/helpers/requirements.txt

@@ -1,8 +1,8 @@
-pip==20.3.3
-pip-tools==5.5.0
+pip==21.1.2
+pip-tools==6.1.0
 flake8==3.9.2
 hashin==0.15.0
-pipenv==2018.11.26
+pipenv==2021.5.29
 pipfile==0.0.2
 poetry==1.1.6
 wheel==0.36.2

data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb

@@ -170,24 +170,6 @@ module Dependabot
             command,
             allow_unsafe_shell_command: allow_unsafe_shell_command
           )
-        rescue SharedHelpers::HelperSubprocessFailed => e
-          original_error ||= e
-          msg = e.message
-
-          relevant_error =
-            if error_suggests_bad_python_version?(msg) then original_error
-            else e
-            end
-
-          raise relevant_error unless error_suggests_bad_python_version?(msg)
-          raise relevant_error if user_specified_python_version
-          raise relevant_error if python_version == "2.7.18"
-
-          @python_version = "2.7.18"
-          retry
-        ensure
-          @python_version = nil
-          FileUtils.remove_entry(".python-version", true)
         end
 
         def python_env
@@ -205,14 +187,6 @@ module Dependabot
           env
         end
 
-        def error_suggests_bad_python_version?(message)
-          return true if message.include?("UnsupportedPythonVersion")
-          return true if message.include?("not find a version that satisfies")
-
-          message.include?('Command "python setup.py egg_info" failed') ||
-            message.include?("exit status 1: python setup.py egg_info")
-        end
-
         def write_updated_dependency_files
           dependency_files.each do |file|
             path = file.name
@@ -436,7 +410,7 @@ module Dependabot
         def pip_compile_options_from_compiled_file(requirements_file)
           options = ["--output-file=#{requirements_file.name}"]
 
-          options << "--no-index" unless requirements_file.content.include?("index-url http")
+          options << "--no-emit-index-url" unless requirements_file.content.include?("index-url http")
 
           options << "--generate-hashes" if requirements_file.content.include?("--hash=sha")
 

data/lib/dependabot/python/file_updater/pipfile_file_updater.rb

@@ -264,34 +264,6 @@ module Dependabot
         def run_pipenv_command(command, env: pipenv_env_variables)
           run_command("pyenv local #{python_version}")
           run_command(command, env: env)
-        rescue SharedHelpers::HelperSubprocessFailed => e
-          original_error ||= e
-          msg = e.message
-
-          relevant_error =
-            if error_suggests_bad_python_version?(msg) then original_error
-            else e
-            end
-
-          raise relevant_error unless error_suggests_bad_python_version?(msg)
-          raise relevant_error if python_version.start_with?("2")
-
-          # Clear the existing virtualenv, so that we use the new Python version
-          run_command("pyenv local #{python_version}")
-          run_command("pyenv exec pipenv --rm")
-
-          @python_version = "2.7.18"
-          retry
-        ensure
-          @python_version = nil
-          FileUtils.remove_entry(".python-version", true)
-        end
-
-        def error_suggests_bad_python_version?(message)
-          return true if message.include?("UnsupportedPythonVersion")
-
-          message.include?('Command "python setup.py egg_info" failed') ||
-            message.include?("exit status 1: python setup.py egg_info")
         end
 
         def write_temporary_dependency_files(pipfile_content)

data/lib/dependabot/python/python_versions.rb

@@ -4,7 +4,7 @@ module Dependabot
   module Python
     module PythonVersions
       PRE_INSTALLED_PYTHON_VERSIONS = %w(
-        3.9.4 2.7.18
+        3.9.4
       ).freeze
 
       # Due to an OpenSSL issue we can only install the following versions in
@@ -15,14 +15,13 @@ module Dependabot
         3.7.10 3.7.9 3.7.8 3.7.7 3.7.6 3.7.5 3.7.4 3.7.3 3.7.2 3.7.1 3.7.0
         3.6.13 3.6.12 3.6.11 3.6.10 3.6.9 3.6.8 3.6.7 3.6.6 3.6.5 3.6.4 3.6.3
         3.6.2 3.6.1 3.6.0 3.5.10 3.5.8 3.5.7 3.5.6 3.5.5 3.5.4 3.5.3
-        2.7.18 2.7.17 2.7.16 2.7.15 2.7.14 2.7.13
       ).freeze
 
       # This list gets iterated through to find a valid version, so we have
-      # the two pre-installed versions listed first.
+      # the pre-installed versions listed first.
       SUPPORTED_VERSIONS_TO_ITERATE =
         [
-          *PRE_INSTALLED_PYTHON_VERSIONS.select { |v| v.start_with?("3") },
+          *PRE_INSTALLED_PYTHON_VERSIONS,
           *SUPPORTED_VERSIONS
         ].freeze
     end

data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb

@@ -28,7 +28,8 @@ module Dependabot
           /git clone -q (?<url>[^\s]+).* /.freeze
         GIT_REFERENCE_NOT_FOUND_REGEX =
           /egg=(?<name>\S+).*.*WARNING: Did not find branch or tag \'(?<tag>[^\n"]+)\'/m.freeze
-        NATIVE_COMPILATION_ERROR = "pip._internal.exceptions.InstallationError: Command errored out with exit status 1"
+        NATIVE_COMPILATION_ERROR =
+          "pip._internal.exceptions.InstallationSubprocessError: Command errored out with exit status 1:"
 
         attr_reader :dependency, :dependency_files, :credentials
 
@@ -141,18 +142,18 @@ module Dependabot
             return nil
           end
 
-          if error.message.match?(GIT_DEPENDENCY_UNREACHABLE_REGEX)
-            url = error.message.match(GIT_DEPENDENCY_UNREACHABLE_REGEX).
-                  named_captures.fetch("url")
-            raise GitDependenciesNotReachable, url
-          end
-
           if error.message.match?(GIT_REFERENCE_NOT_FOUND_REGEX)
             name = error.message.match(GIT_REFERENCE_NOT_FOUND_REGEX).
                    named_captures.fetch("name")
             raise GitDependencyReferenceNotFound, name
           end
 
+          if error.message.match?(GIT_DEPENDENCY_UNREACHABLE_REGEX)
+            url = error.message.match(GIT_DEPENDENCY_UNREACHABLE_REGEX).
+                  named_captures.fetch("url")
+            raise GitDependenciesNotReachable, url
+          end
+
           raise
         end
 
@@ -235,35 +236,6 @@ module Dependabot
         def run_pip_compile_command(command)
           run_command("pyenv local #{python_version}")
           run_command(command)
-        rescue SharedHelpers::HelperSubprocessFailed => e
-          original_err ||= e
-          msg = e.message
-
-          relevant_error = choose_relevant_error(original_err, e)
-          raise relevant_error unless error_suggests_bad_python_version?(msg)
-          raise relevant_error if user_specified_python_version
-          raise relevant_error if python_version == "2.7.18"
-
-          @python_version = "2.7.18"
-          retry
-        ensure
-          @python_version = nil
-          FileUtils.remove_entry(".python-version", true)
-        end
-
-        def choose_relevant_error(previous_error, new_error)
-          return previous_error if previous_error == new_error
-
-          # If the previous error was definitely due to using the wrong Python
-          # version, return the new error (which can't be worse)
-          return new_error if error_certainly_bad_python_version?(previous_error.message)
-
-          # Otherwise, if the new error may be due to using the wrong Python
-          # version, return the old error (which can't be worse)
-          return previous_error if error_suggests_bad_python_version?(new_error.message)
-
-          # Otherwise, default to the new error
-          new_error
         end
 
         def python_env
@@ -292,15 +264,6 @@ module Dependabot
           message.include?("SyntaxError")
         end
 
-        def error_suggests_bad_python_version?(message)
-          return true if error_certainly_bad_python_version?(message)
-          return true if message.include?("not find a version that satisfies")
-          return true if message.include?("No matching distribution found")
-
-          message.include?('Command "python setup.py egg_info" failed') ||
-            message.include?("exit status 1: python setup.py egg_info")
-        end
-
         def write_temporary_dependency_files(updated_req: nil,
                                              update_requirement: true)
           dependency_files.each do |file|

data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb

@@ -16,7 +16,6 @@ require "dependabot/python/native_helpers"
 require "dependabot/python/name_normaliser"
 require "dependabot/python/version"
 
-# rubocop:disable Metrics/ClassLength
 module Dependabot
   module Python
     class UpdateChecker
@@ -35,16 +34,14 @@ module Dependabot
         GIT_REFERENCE_NOT_FOUND_REGEX =
           %r{git checkout -q (?<tag>[^\n"]+)\n?[^\n]*/(?<name>.*?)(\\n'\]|$)}m.
           freeze
-        UNSUPPORTED_DEPS = %w(pyobjc).freeze
-        UNSUPPORTED_DEP_REGEX =
-          /"python setup\.py egg_info".*(?:#{UNSUPPORTED_DEPS.join("|")})/.
-          freeze
-        PIPENV_INSTALLATION_ERROR = "pipenv.patched.notpip._internal."\
-                                    "exceptions.InstallationError: "\
-                                    "Command \"python setup.py egg_info\" "\
-                                    "failed with error code 1 in"
+        PIPENV_INSTALLATION_ERROR = "pipenv.patched.notpip._internal.exceptions.InstallationError: Command errored out"\
+                                    " with exit status 1: python setup.py egg_info"
+        TRACEBACK = "Traceback (most recent call last):"
         PIPENV_INSTALLATION_ERROR_REGEX =
-          %r{#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}.+/(?<name>.+)/$}.freeze
+          /#{Regexp.quote(TRACEBACK)}[\s\S]*^\s+import\s(?<name>.+)[\s\S]*^#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}/.
+          freeze
+        UNSUPPORTED_DEP_REGEX = /(?:pyobjc)[\s\S]*#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}/.freeze
+        PIPENV_RANGE_WARNING = /Warning:\sPython\s[<>].* was not found/.freeze
 
         attr_reader :dependency, :dependency_files, :credentials
 
@@ -151,9 +148,19 @@ module Dependabot
             raise DependencyFileNotResolvable, msg
           end
 
-          if error.message.include?("Could not find a version") ||
-             error.message.include?("is not a python version")
-            check_original_requirements_resolvable
+          if error.message.match?(PIPENV_RANGE_WARNING)
+            msg = "Pipenv does not support specifying Python ranges "\
+              "(see https://github.com/pypa/pipenv/issues/1050 for more "\
+              "details)."
+            raise DependencyFileNotResolvable, msg
+          end
+
+          check_original_requirements_resolvable if error.message.include?("Could not find a version")
+
+          if error.message.include?("SyntaxError: invalid syntax")
+            raise DependencyFileNotResolvable,
+                  "SyntaxError while installing dependencies. Is one of the dependencies not Python 3 compatible? "\
+                  "Pip v21 no longer supports Python 2."
           end
 
           if (error.message.include?('Command "python setup.py egg_info"') ||
@@ -221,13 +228,6 @@ module Dependabot
             raise DependencyFileNotResolvable, msg
           end
 
-          if error.message.include?("is not a python version")
-            msg = "Pipenv does not support specifying Python ranges "\
-              "(see https://github.com/pypa/pipenv/issues/1050 for more "\
-              "details)."
-            raise DependencyFileNotResolvable, msg
-          end
-
           if error.message.include?("UnsupportedPythonVersion") &&
              user_specified_python_requirement
             msg = clean_error_message(error.message).
@@ -465,36 +465,6 @@ module Dependabot
         def run_pipenv_command(command, env: pipenv_env_variables)
           run_command("pyenv local #{python_version}")
           run_command(command, env: env)
-        rescue SharedHelpers::HelperSubprocessFailed => e
-          original_error ||= e
-          msg = e.message
-
-          relevant_error =
-            if may_be_using_wrong_python_version?(msg) then original_error
-            else e
-            end
-
-          raise relevant_error unless may_be_using_wrong_python_version?(msg)
-          raise relevant_error if python_version.start_with?("2")
-
-          # Clear the existing virtualenv, so that we use the new Python version
-          run_command("pyenv local #{python_version}")
-          run_command("pyenv exec pipenv --rm")
-
-          @python_version = "2.7.18"
-          retry
-        ensure
-          @python_version = nil
-          FileUtils.remove_entry(".python-version", true)
-        end
-
-        def may_be_using_wrong_python_version?(error_message)
-          return false if user_specified_python_requirement
-          return true if error_message.include?("UnsupportedPythonVersion")
-          return true if error_message.include?("at matches #{dependency.name}")
-
-          error_message.include?('Command "python setup.py egg_info" failed') ||
-            error_message.include?("exit status 1: python setup.py egg_info")
         end
 
         def pipenv_env_variables
@@ -530,4 +500,3 @@ module Dependabot
     end
   end
 end
-# rubocop:enable Metrics/ClassLength

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.151.1
+  version: 0.152.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-06-07 00:00:00.000000000 Z
+date: 2021-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.151.1
+        version: 0.152.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.151.1
+        version: 0.152.0
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement