dependabot-python 0.276.0 → 0.277.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4da06b9469d330346925302b154afcdd9fc86b56bebf83cdfdd507e5c0c5d49d
|
|
4
|
+
data.tar.gz: e19f02eb10fd9a05c18173efcf0ea1731af7a2bb90a9e984b5dadf39f39b5040
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f5a8f5476bb1b546f0eb7914e3736e714f6411efada1e5937328733829e7ebeeb698f221177aca327608d6f4c44b6dd9b4469fda1bfab7b2a6b005ef23235678
|
|
7
|
+
data.tar.gz: 14f76ec80065edbe87d2443825ec7ae9eaca97d94d6ee387e112242b407b60b96dd30ae105f4095196b7557e986225fed2a2a9429a662595f00f028d55da43d5
|
data/helpers/requirements.txt
CHANGED
|
@@ -133,6 +133,8 @@ module Dependabot
|
|
|
133
133
|
content = updated_pipfile_content
|
|
134
134
|
content = add_private_sources(content)
|
|
135
135
|
content = update_python_requirement(content)
|
|
136
|
+
content = update_ssl_requirement(content, updated_pipfile_content)
|
|
137
|
+
|
|
136
138
|
content
|
|
137
139
|
end
|
|
138
140
|
|
|
@@ -142,6 +144,12 @@ module Dependabot
|
|
|
142
144
|
.update_python_requirement(language_version_manager.python_major_minor)
|
|
143
145
|
end
|
|
144
146
|
|
|
147
|
+
def update_ssl_requirement(pipfile_content, parsed_file)
|
|
148
|
+
Python::FileUpdater::PipfilePreparer
|
|
149
|
+
.new(pipfile_content: pipfile_content)
|
|
150
|
+
.update_ssl_requirement(parsed_file)
|
|
151
|
+
end
|
|
152
|
+
|
|
145
153
|
def add_private_sources(pipfile_content)
|
|
146
154
|
PipfilePreparer
|
|
147
155
|
.new(pipfile_content: pipfile_content)
|
|
@@ -39,6 +39,21 @@ module Dependabot
|
|
|
39
39
|
TomlRB.dump(pipfile_object)
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
+
def update_ssl_requirement(parsed_file)
|
|
43
|
+
pipfile_object = TomlRB.parse(pipfile_content)
|
|
44
|
+
parsed_object = TomlRB.parse(parsed_file)
|
|
45
|
+
|
|
46
|
+
# we parse the verify_ssl value from manifest if it exists
|
|
47
|
+
verify_ssl = parsed_object["source"].map { |x| x["verify_ssl"] }.first
|
|
48
|
+
|
|
49
|
+
# provide a default "true" value to file generator in case no value is provided in manifest file
|
|
50
|
+
pipfile_object["source"].each do |key|
|
|
51
|
+
key["verify_ssl"] = verify_ssl.nil? ? true : verify_ssl
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
TomlRB.dump(pipfile_object)
|
|
55
|
+
end
|
|
56
|
+
|
|
42
57
|
private
|
|
43
58
|
|
|
44
59
|
attr_reader :pipfile_content
|
|
@@ -30,7 +30,7 @@ module Dependabot
|
|
|
30
30
|
PIPENV_INSTALLATION_ERROR_REGEX =
|
|
31
31
|
/[\s\S]*Collecting\s(?<name>.+)\s\(from\s-r.+\)[\s\S]*(#{PIPENV_INSTALLATION_ERROR})/
|
|
32
32
|
|
|
33
|
-
PIPENV_RANGE_WARNING = /
|
|
33
|
+
PIPENV_RANGE_WARNING = /Python version range specifier '(?<ver>.*)' is not supported/
|
|
34
34
|
|
|
35
35
|
attr_reader :dependency
|
|
36
36
|
attr_reader :dependency_files
|
|
@@ -284,6 +284,8 @@ module Dependabot
|
|
|
284
284
|
content = pipfile.content
|
|
285
285
|
content = add_private_sources(content)
|
|
286
286
|
content = update_python_requirement(content)
|
|
287
|
+
content = update_ssl_requirement(content, pipfile.content)
|
|
288
|
+
|
|
287
289
|
content
|
|
288
290
|
end
|
|
289
291
|
|
|
@@ -293,6 +295,12 @@ module Dependabot
|
|
|
293
295
|
.update_python_requirement(language_version_manager.python_major_minor)
|
|
294
296
|
end
|
|
295
297
|
|
|
298
|
+
def update_ssl_requirement(pipfile_content, parsed_file)
|
|
299
|
+
Python::FileUpdater::PipfilePreparer
|
|
300
|
+
.new(pipfile_content: pipfile_content)
|
|
301
|
+
.update_ssl_requirement(parsed_file)
|
|
302
|
+
end
|
|
303
|
+
|
|
296
304
|
def add_private_sources(pipfile_content)
|
|
297
305
|
Python::FileUpdater::PipfilePreparer
|
|
298
306
|
.new(pipfile_content: pipfile_content)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.277.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-09-
|
|
11
|
+
date: 2024-09-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.277.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.277.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -288,7 +288,7 @@ licenses:
|
|
|
288
288
|
- MIT
|
|
289
289
|
metadata:
|
|
290
290
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
291
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
291
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.277.0
|
|
292
292
|
post_install_message:
|
|
293
293
|
rdoc_options: []
|
|
294
294
|
require_paths:
|