dependabot-python 0.233.0 → 0.234.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/lib/parser.py +4 -0
  3. data/helpers/requirements.txt +1 -1
  4. data/lib/dependabot/python/file_parser/pyproject_files_parser.rb +1 -1
  5. data/lib/dependabot/python/file_parser/python_requirement_parser.rb +1 -1
  6. data/lib/dependabot/python/update_checker/latest_version_finder.rb +2 -2
  7. data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb +2 -2
  8. data/lib/dependabot/python/update_checker/poetry_version_resolver.rb +1 -1
  9. metadata +5 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9e72b2862796bd2e8571fb863bbc10dced7f321a69e3374bac180022c732a9e3
4
- data.tar.gz: fa2d9a1cbcba154b17b90b218a8c8ef8fdcdcb71e03ca2f223043c85a5dcf45a
3
+ metadata.gz: a898b6d459367fc728deb010aed7f9adbba8064ffe506547b3076d8320024642
4
+ data.tar.gz: 9fc76c80711472410d5919bab2ff8cca12ab161b7dfae2d23c83fe5afe3e30a2
5
5
  SHA512:
6
- metadata.gz: bbbc6def54658c3cd8ac101bef98977ec60d2e4bee7822dfdd8a8936cd2dc5df7bdff75cc22854bfce5d74a4aa1b67b45c0db79139fa4fffb25d73b30027db18
7
- data.tar.gz: 9e48e19319380482db63e371d87acd2b03d2c0884aecf847f244dd8ee2f2c67610d6b60201a1085bbfc0f3a08a2431214fb8f539b2e4ac1d4ef02b6e20abd367
6
+ metadata.gz: 5c90405c02d5c636ee64d0ecd43b9fbe504b8f6b888d22f81806dddaca8799f590fcf7b46545d06584c3b45f68ffff58f13d0e2b0699441223419eb1e4d35bb9
7
+ data.tar.gz: 7d10aa0fd61a0707b00bac29c8bd12ac533a49b37cfd1bb58a0830ad73eb50ad5767771889eb78236c175dc0e9cf400522395093894f715a6a80c90c523298f1
data/helpers/lib/parser.py CHANGED
@@ -99,6 +99,10 @@ def parse_requirements(directory):
99
99
  if install_req.req is None:
100
100
  continue
101
101
 
102
+ # Ignore file: requirements
103
+ if install_req.link is not None and install_req.link.is_file:
104
+ continue
105
+
102
106
  pattern = r"-[cr] (.*) \(line \d+\)"
103
107
  abs_path = re.search(pattern, install_req.comes_from).group(1)
104
108
  rel_path = os.path.relpath(abs_path, directory)
data/helpers/requirements.txt CHANGED
@@ -7,4 +7,4 @@ pipfile==0.0.2
7
7
  poetry==1.6.1
8
8
 
9
9
  # Some dependencies will only install if Cython is present
10
- Cython==3.0.2
10
+ Cython==3.0.3
data/lib/dependabot/python/file_parser/pyproject_files_parser.rb CHANGED
@@ -208,7 +208,7 @@ module Dependabot
208
208
 
209
209
  parsed_lockfile.fetch("package", [])
210
210
  .find { |p| normalise(p.fetch("name")) == normalise(dep_name) }
211
- &.fetch("version", nil)
211
+ &.fetch("version", nil)
212
212
  end
213
213
 
214
214
  def check_requirements(req)
data/lib/dependabot/python/file_parser/python_requirement_parser.rb CHANGED
@@ -90,7 +90,7 @@ module Dependabot
90
90
 
91
91
  req = setup_file.content
92
92
  .match(/python_requires\s*=\s*['"](?<req>[^'"]+)['"]/)
93
- &.named_captures&.fetch("req")&.strip
93
+ &.named_captures&.fetch("req")&.strip
94
94
 
95
95
  requirement_class.new(req)
96
96
  req
data/lib/dependabot/python/update_checker/latest_version_finder.rb CHANGED
@@ -199,8 +199,8 @@ module Dependabot
199
199
  def build_python_requirement_from_link(link)
200
200
  req_string = Nokogiri::XML(link)
201
201
  .at_css("a")
202
- &.attribute("data-requires-python")
203
- &.content
202
+ &.attribute("data-requires-python")
203
+ &.content
204
204
 
205
205
  return unless req_string
206
206
 
data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb CHANGED
@@ -96,7 +96,7 @@ module Dependabot
96
96
  version =
97
97
  deps.transform_keys { |k| normalise(k) }
98
98
  .dig(dependency.name, "version")
99
- &.gsub(/^==/, "")
99
+ &.gsub(/^==/, "")
100
100
 
101
101
  return version
102
102
  end
@@ -106,7 +106,7 @@ module Dependabot
106
106
  version =
107
107
  deps.transform_keys { |k| normalise(k) }
108
108
  .dig(dependency.name, "version")
109
- &.gsub(/^==/, "")
109
+ &.gsub(/^==/, "")
110
110
 
111
111
  return version if version
112
112
  end
data/lib/dependabot/python/update_checker/poetry_version_resolver.rb CHANGED
@@ -103,7 +103,7 @@ module Dependabot
103
103
  version =
104
104
  updated_lockfile.fetch("package", [])
105
105
  .find { |d| d["name"] && normalise(d["name"]) == dependency.name }
106
- &.fetch("version")
106
+ &.fetch("version")
107
107
 
108
108
  return version unless version.nil? && dependency.top_level?
109
109
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.233.0
4
+ version: 0.234.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-10-06 00:00:00.000000000 Z
11
+ date: 2023-10-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.233.0
19
+ version: 0.234.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.233.0
26
+ version: 0.234.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -245,7 +245,7 @@ licenses:
245
245
  - Nonstandard
246
246
  metadata:
247
247
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
248
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.233.0
248
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.234.0
249
249
  post_install_message:
250
250
  rdoc_options: []
251
251
  require_paths: