dependabot-python 0.239.0 → 0.240.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bf1b0e7ca12b4aba6ded391d6d075669510d4c0159d0d59fc00f2eb92af5690c
-  data.tar.gz: 61ecd20ccae579ed44f8faa0e0f06f7a0a9b291d3147d7bb2b5a0d8995c41a18
+  metadata.gz: 00aa637ad3528abfe132c01e9f26414bbf218e2c723351374dbc002a87d042ea
+  data.tar.gz: '01529b9365ff17a32883e43958de7f2b3ee0af6796861cee0dc939f455d2c2ef'
 SHA512:
-  metadata.gz: fe6af7078145dfdaba758734bd0c5a687827a6f899c0498e1968b00144c4350f9717fa829b30b078656c16d9c534dea952c5e02cc7b3e59192ee4ec080dd8df3
-  data.tar.gz: '0268b8a34839f4609c1537ed34cbc965b7d60118fa4f810412c0339d63d997fa11e88ccf9f20e7d7542cb44669f2dd50f526c648f5dfeda31ae67296aa0dd540'
+  metadata.gz: 0b99ef75a8dc1dc8ed62dd3fd610dba5b74200afa8017485c8a6cb27c6ecdbaf340d085318dd6a0b3d1d6b90dd5dcfaa896d856f23d7f4ed9529c4c0488fbc65
+  data.tar.gz: '08dee3fbd1077f6bd35128593f9a9c8ffd7583d45e67cecbaedc16d543c76d2fb10ecb9d68488007c1f616243db593dd9bd3ad6084ed9348bb6166996526e62d'

data/lib/dependabot/python/file_fetcher.rb

@@ -84,7 +84,6 @@ module Dependabot
         fetched_files << pip_conf if pip_conf
         fetched_files << python_version_file if python_version_file
 
-        check_required_files_present
         uniq_files(fetched_files)
       end
 
@@ -112,18 +111,6 @@ module Dependabot
         ]
       end
 
-      def check_required_files_present
-        return if requirements_txt_files.any? ||
-                  requirements_in_files.any? ||
-                  setup_file ||
-                  setup_cfg_file ||
-                  pipfile ||
-                  pyproject
-
-        path = cleanpath(File.join(directory, "requirements.txt"))
-        raise Dependabot::DependencyFileNotFound, path
-      end
-
       def setup_file
         return @setup_file if defined?(@setup_file)
 

data/lib/dependabot/python/language_version_manager.rb

@@ -9,7 +9,8 @@ module Dependabot
     class LanguageVersionManager
       # This list must match the versions specified at the top of `python/Dockerfile`
       PRE_INSTALLED_PYTHON_VERSIONS = %w(
-        3.11.5
+        3.12.1
+        3.11.7
         3.10.13
         3.9.18
         3.8.18
@@ -29,7 +30,7 @@ module Dependabot
       end
 
       def python_major_minor
-        @python_major_minor ||= Python::Version.new(python_version).segments[0..1].join(".")
+        @python_major_minor ||= T.must(Python::Version.new(python_version).segments[0..1]).join(".")
       end
 
       def python_version

data/lib/dependabot/python/requirement.rb

@@ -43,7 +43,7 @@ module Dependabot
 
         return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
 
-        [matches[1] || "=", Python::Version.new(matches[2])]
+        [matches[1] || "=", Python::Version.new(T.must(matches[2]))]
       end
 
       # Returns an array of requirements. At least one requirement from the

data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb

@@ -21,9 +21,14 @@ module Dependabot
       class PipenvVersionResolver
         GIT_DEPENDENCY_UNREACHABLE_REGEX = /git clone --filter=blob:none --quiet (?<url>[^\s]+).*/
         GIT_REFERENCE_NOT_FOUND_REGEX = /git checkout -q (?<tag>[^\s]+).*/
-        PIPENV_INSTALLATION_ERROR = "python setup.py egg_info exited with 1"
+        PIPENV_INSTALLATION_ERROR_NEW = "Getting requirements to build wheel exited with 1"
+
+        # Can be removed when Python 3.11 support is dropped
+        PIPENV_INSTALLATION_ERROR_OLD = Regexp.quote("python setup.py egg_info exited with 1")
+
+        PIPENV_INSTALLATION_ERROR = /#{PIPENV_INSTALLATION_ERROR_NEW}|#{PIPENV_INSTALLATION_ERROR_OLD}/
         PIPENV_INSTALLATION_ERROR_REGEX =
-          /[\s\S]*Collecting\s(?<name>.+)\s\(from\s-r.+\)[\s\S]*#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}/
+          /[\s\S]*Collecting\s(?<name>.+)\s\(from\s-r.+\)[\s\S]*(#{PIPENV_INSTALLATION_ERROR})/
 
         PIPENV_RANGE_WARNING = /Warning:\sPython\s[<>].* was not found/
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: dependabot-python
 version: !ruby/object:Gem::Version
-  version: 0.239.0
+  version: 0.240.0
 platform: ruby
 authors:
 - Dependabot
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-12-28 00:00:00.000000000 Z
+date: 2024-01-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.239.0
+        version: 0.240.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: 0.239.0
+        version: 0.240.0
 - !ruby/object:Gem::Dependency
   name: debug
   requirement: !ruby/object:Gem::Requirement
@@ -206,6 +206,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.18'
+- !ruby/object:Gem::Dependency
+  name: webrick
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.7'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.7'
 description: Dependabot-Python provides support for bumping Python packages via Dependabot.
   If you want support for multiple package managers, you probably want the meta-gem
   dependabot-omnibus.
@@ -260,7 +274,7 @@ licenses:
 - Nonstandard
 metadata:
   bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
-  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.239.0
+  changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.240.0
 post_install_message: 
 rdoc_options: []
 require_paths: