dependabot-python 0.233.0 → 0.234.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/lib/parser.py +4 -0
- data/helpers/requirements.txt +1 -1
- data/lib/dependabot/python/file_parser/pyproject_files_parser.rb +1 -1
- data/lib/dependabot/python/file_parser/python_requirement_parser.rb +1 -1
- data/lib/dependabot/python/update_checker/latest_version_finder.rb +2 -2
- data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb +2 -2
- data/lib/dependabot/python/update_checker/poetry_version_resolver.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a898b6d459367fc728deb010aed7f9adbba8064ffe506547b3076d8320024642
|
4
|
+
data.tar.gz: 9fc76c80711472410d5919bab2ff8cca12ab161b7dfae2d23c83fe5afe3e30a2
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c90405c02d5c636ee64d0ecd43b9fbe504b8f6b888d22f81806dddaca8799f590fcf7b46545d06584c3b45f68ffff58f13d0e2b0699441223419eb1e4d35bb9
|
7
|
+
data.tar.gz: 7d10aa0fd61a0707b00bac29c8bd12ac533a49b37cfd1bb58a0830ad73eb50ad5767771889eb78236c175dc0e9cf400522395093894f715a6a80c90c523298f1
|
data/helpers/lib/parser.py
CHANGED
@@ -99,6 +99,10 @@ def parse_requirements(directory):
|
|
99
99
|
if install_req.req is None:
|
100
100
|
continue
|
101
101
|
|
102
|
+
# Ignore file: requirements
|
103
|
+
if install_req.link is not None and install_req.link.is_file:
|
104
|
+
continue
|
105
|
+
|
102
106
|
pattern = r"-[cr] (.*) \(line \d+\)"
|
103
107
|
abs_path = re.search(pattern, install_req.comes_from).group(1)
|
104
108
|
rel_path = os.path.relpath(abs_path, directory)
|
data/helpers/requirements.txt
CHANGED
@@ -199,8 +199,8 @@ module Dependabot
|
|
199
199
|
def build_python_requirement_from_link(link)
|
200
200
|
req_string = Nokogiri::XML(link)
|
201
201
|
.at_css("a")
|
202
|
-
|
203
|
-
|
202
|
+
&.attribute("data-requires-python")
|
203
|
+
&.content
|
204
204
|
|
205
205
|
return unless req_string
|
206
206
|
|
@@ -96,7 +96,7 @@ module Dependabot
|
|
96
96
|
version =
|
97
97
|
deps.transform_keys { |k| normalise(k) }
|
98
98
|
.dig(dependency.name, "version")
|
99
|
-
|
99
|
+
&.gsub(/^==/, "")
|
100
100
|
|
101
101
|
return version
|
102
102
|
end
|
@@ -106,7 +106,7 @@ module Dependabot
|
|
106
106
|
version =
|
107
107
|
deps.transform_keys { |k| normalise(k) }
|
108
108
|
.dig(dependency.name, "version")
|
109
|
-
|
109
|
+
&.gsub(/^==/, "")
|
110
110
|
|
111
111
|
return version if version
|
112
112
|
end
|
@@ -103,7 +103,7 @@ module Dependabot
|
|
103
103
|
version =
|
104
104
|
updated_lockfile.fetch("package", [])
|
105
105
|
.find { |d| d["name"] && normalise(d["name"]) == dependency.name }
|
106
|
-
|
106
|
+
&.fetch("version")
|
107
107
|
|
108
108
|
return version unless version.nil? && dependency.top_level?
|
109
109
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.234.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-10-
|
11
|
+
date: 2023-10-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.234.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.234.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -245,7 +245,7 @@ licenses:
|
|
245
245
|
- Nonstandard
|
246
246
|
metadata:
|
247
247
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
248
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
248
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.234.0
|
249
249
|
post_install_message:
|
250
250
|
rdoc_options: []
|
251
251
|
require_paths:
|