dependabot-python 0.239.0 → 0.240.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/file_fetcher.rb +0 -13
  3. data/lib/dependabot/python/language_version_manager.rb +3 -2
  4. data/lib/dependabot/python/requirement.rb +1 -1
  5. data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb +7 -2
  6. metadata +19 -5
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: bf1b0e7ca12b4aba6ded391d6d075669510d4c0159d0d59fc00f2eb92af5690c
4
- data.tar.gz: 61ecd20ccae579ed44f8faa0e0f06f7a0a9b291d3147d7bb2b5a0d8995c41a18
3
+ metadata.gz: 00aa637ad3528abfe132c01e9f26414bbf218e2c723351374dbc002a87d042ea
4
+ data.tar.gz: '01529b9365ff17a32883e43958de7f2b3ee0af6796861cee0dc939f455d2c2ef'
5
5
  SHA512:
6
- metadata.gz: fe6af7078145dfdaba758734bd0c5a687827a6f899c0498e1968b00144c4350f9717fa829b30b078656c16d9c534dea952c5e02cc7b3e59192ee4ec080dd8df3
7
- data.tar.gz: '0268b8a34839f4609c1537ed34cbc965b7d60118fa4f810412c0339d63d997fa11e88ccf9f20e7d7542cb44669f2dd50f526c648f5dfeda31ae67296aa0dd540'
6
+ metadata.gz: 0b99ef75a8dc1dc8ed62dd3fd610dba5b74200afa8017485c8a6cb27c6ecdbaf340d085318dd6a0b3d1d6b90dd5dcfaa896d856f23d7f4ed9529c4c0488fbc65
7
+ data.tar.gz: '08dee3fbd1077f6bd35128593f9a9c8ffd7583d45e67cecbaedc16d543c76d2fb10ecb9d68488007c1f616243db593dd9bd3ad6084ed9348bb6166996526e62d'
data/lib/dependabot/python/file_fetcher.rb CHANGED
@@ -84,7 +84,6 @@ module Dependabot
84
84
  fetched_files << pip_conf if pip_conf
85
85
  fetched_files << python_version_file if python_version_file
86
86
 
87
- check_required_files_present
88
87
  uniq_files(fetched_files)
89
88
  end
90
89
 
@@ -112,18 +111,6 @@ module Dependabot
112
111
  ]
113
112
  end
114
113
 
115
- def check_required_files_present
116
- return if requirements_txt_files.any? ||
117
- requirements_in_files.any? ||
118
- setup_file ||
119
- setup_cfg_file ||
120
- pipfile ||
121
- pyproject
122
-
123
- path = cleanpath(File.join(directory, "requirements.txt"))
124
- raise Dependabot::DependencyFileNotFound, path
125
- end
126
-
127
114
  def setup_file
128
115
  return @setup_file if defined?(@setup_file)
129
116
 
data/lib/dependabot/python/language_version_manager.rb CHANGED
@@ -9,7 +9,8 @@ module Dependabot
9
9
  class LanguageVersionManager
10
10
  # This list must match the versions specified at the top of `python/Dockerfile`
11
11
  PRE_INSTALLED_PYTHON_VERSIONS = %w(
12
- 3.11.5
12
+ 3.12.1
13
+ 3.11.7
13
14
  3.10.13
14
15
  3.9.18
15
16
  3.8.18
@@ -29,7 +30,7 @@ module Dependabot
29
30
  end
30
31
 
31
32
  def python_major_minor
32
- @python_major_minor ||= Python::Version.new(python_version).segments[0..1].join(".")
33
+ @python_major_minor ||= T.must(Python::Version.new(python_version).segments[0..1]).join(".")
33
34
  end
34
35
 
35
36
  def python_version
data/lib/dependabot/python/requirement.rb CHANGED
@@ -43,7 +43,7 @@ module Dependabot
43
43
 
44
44
  return DefaultRequirement if matches[1] == ">=" && matches[2] == "0"
45
45
 
46
- [matches[1] || "=", Python::Version.new(matches[2])]
46
+ [matches[1] || "=", Python::Version.new(T.must(matches[2]))]
47
47
  end
48
48
 
49
49
  # Returns an array of requirements. At least one requirement from the
data/lib/dependabot/python/update_checker/pipenv_version_resolver.rb CHANGED
@@ -21,9 +21,14 @@ module Dependabot
21
21
  class PipenvVersionResolver
22
22
  GIT_DEPENDENCY_UNREACHABLE_REGEX = /git clone --filter=blob:none --quiet (?<url>[^\s]+).*/
23
23
  GIT_REFERENCE_NOT_FOUND_REGEX = /git checkout -q (?<tag>[^\s]+).*/
24
- PIPENV_INSTALLATION_ERROR = "python setup.py egg_info exited with 1"
24
+ PIPENV_INSTALLATION_ERROR_NEW = "Getting requirements to build wheel exited with 1"
25
+
26
+ # Can be removed when Python 3.11 support is dropped
27
+ PIPENV_INSTALLATION_ERROR_OLD = Regexp.quote("python setup.py egg_info exited with 1")
28
+
29
+ PIPENV_INSTALLATION_ERROR = /#{PIPENV_INSTALLATION_ERROR_NEW}|#{PIPENV_INSTALLATION_ERROR_OLD}/
25
30
  PIPENV_INSTALLATION_ERROR_REGEX =
26
- /[\s\S]*Collecting\s(?<name>.+)\s\(from\s-r.+\)[\s\S]*#{Regexp.quote(PIPENV_INSTALLATION_ERROR)}/
31
+ /[\s\S]*Collecting\s(?<name>.+)\s\(from\s-r.+\)[\s\S]*(#{PIPENV_INSTALLATION_ERROR})/
27
32
 
28
33
  PIPENV_RANGE_WARNING = /Warning:\sPython\s[<>].* was not found/
29
34
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.239.0
4
+ version: 0.240.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-12-28 00:00:00.000000000 Z
11
+ date: 2024-01-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.239.0
19
+ version: 0.240.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.239.0
26
+ version: 0.240.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -206,6 +206,20 @@ dependencies:
206
206
  - - "~>"
207
207
  - !ruby/object:Gem::Version
208
208
  version: '3.18'
209
+ - !ruby/object:Gem::Dependency
210
+ name: webrick
211
+ requirement: !ruby/object:Gem::Requirement
212
+ requirements:
213
+ - - ">="
214
+ - !ruby/object:Gem::Version
215
+ version: '1.7'
216
+ type: :development
217
+ prerelease: false
218
+ version_requirements: !ruby/object:Gem::Requirement
219
+ requirements:
220
+ - - ">="
221
+ - !ruby/object:Gem::Version
222
+ version: '1.7'
209
223
  description: Dependabot-Python provides support for bumping Python packages via Dependabot.
210
224
  If you want support for multiple package managers, you probably want the meta-gem
211
225
  dependabot-omnibus.
@@ -260,7 +274,7 @@ licenses:
260
274
  - Nonstandard
261
275
  metadata:
262
276
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
263
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.239.0
277
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.240.0
264
278
  post_install_message:
265
279
  rdoc_options: []
266
280
  require_paths: