dependabot-python 0.278.0 → 0.279.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a5bf717c8f68ca481074e67a3358e97f609347162e8ebdefb1b961af9b3d401b
|
|
4
|
+
data.tar.gz: b1565b6a609f5c0ed0aab1254cea234cd807c86bae05fcda662ebf2b13fbe480
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6d0928e2b3ec818b2de96783f85e25c3afd9df6c68e9aa10a85177a62e2794bad043b0dc6b174c8e5f5e020505c3e4a33d465e663aede6c7a23080acbf5b761f
|
|
7
|
+
data.tar.gz: 59598f676aff1150e4bd6db41c3911b05c0d056267309dedc1fa3bd49bce20d7d0e3d5c8a10e8d5838db14163fbae77461e7a7a7d3f705b539daa5b5b667c4ff
|
|
@@ -347,6 +347,15 @@ module Dependabot
|
|
|
347
347
|
# dependency source link not accessible
|
|
348
348
|
INVALID_LINK = /No valid distribution links found for package: "(?<dep>.*)" version: "(?<ver>.*)"/
|
|
349
349
|
|
|
350
|
+
# Python version range mentioned in .toml [tool.poetry.dependencies] python = "x.x" is not satisfied by dependency
|
|
351
|
+
PYTHON_RANGE_NOT_SATISFIED = /(?<dep>.*) requires Python (?<req_ver>.*), so it will not be satisfied for Python (?<men_ver>.*)/ # rubocop:disable Layout/LineLength
|
|
352
|
+
|
|
353
|
+
# package version mentioned in .toml not found in package index
|
|
354
|
+
PACKAGE_NOT_FOUND = /Package (?<pkg>.*) ((?<req_ver>.*)) not found./
|
|
355
|
+
|
|
356
|
+
# error code 401 while accessing registry
|
|
357
|
+
ERROR_401 = /401 Client Error/
|
|
358
|
+
|
|
350
359
|
sig do
|
|
351
360
|
params(
|
|
352
361
|
dependencies: Dependabot::Dependency,
|
|
@@ -366,6 +375,15 @@ module Dependabot
|
|
|
366
375
|
sig { returns(T::Array[Dependabot::DependencyFile]) }
|
|
367
376
|
attr_reader :dependency_files
|
|
368
377
|
|
|
378
|
+
sig do
|
|
379
|
+
params(
|
|
380
|
+
url: T.nilable(String)
|
|
381
|
+
).returns(String)
|
|
382
|
+
end
|
|
383
|
+
def sanitize_url(url)
|
|
384
|
+
T.must(url&.match(%r{^(?:https?://)?(?:[^@\n])?([^:/\n?]+)})).to_s
|
|
385
|
+
end
|
|
386
|
+
|
|
369
387
|
public
|
|
370
388
|
|
|
371
389
|
sig { params(error: Exception).void }
|
|
@@ -378,6 +396,17 @@ module Dependabot
|
|
|
378
396
|
|
|
379
397
|
raise DependencyFileNotResolvable, msg
|
|
380
398
|
end
|
|
399
|
+
|
|
400
|
+
if (msg = error.message.match(PACKAGE_NOT_FOUND))
|
|
401
|
+
raise DependencyFileNotResolvable, msg
|
|
402
|
+
end
|
|
403
|
+
|
|
404
|
+
raise DependencyFileNotResolvable, error.message if error.message.match(PYTHON_RANGE_NOT_SATISFIED)
|
|
405
|
+
|
|
406
|
+
return unless error.message.match?(ERROR_401)
|
|
407
|
+
|
|
408
|
+
url = URI.extract(error.message).first.then { sanitize_url(_1) }
|
|
409
|
+
raise PrivateSourceAuthenticationFailure, url
|
|
381
410
|
end
|
|
382
411
|
end
|
|
383
412
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.279.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-10-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.279.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.279.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -288,7 +288,7 @@ licenses:
|
|
|
288
288
|
- MIT
|
|
289
289
|
metadata:
|
|
290
290
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
291
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
291
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.279.0
|
|
292
292
|
post_install_message:
|
|
293
293
|
rdoc_options: []
|
|
294
294
|
require_paths:
|