dependabot-python 0.362.0 → 0.363.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/file_parser/pipfile_files_parser.rb +2 -2
  3. data/lib/dependabot/python/package/package_details_fetcher.rb +6 -6
  4. data/lib/dependabot/python/update_checker/requirements_updater.rb +2 -2
  5. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 41969fffceb16127501815b18338b47fed108ad0a31d01b47584d6798ec446ba
4
- data.tar.gz: 279aa5702150e0fabae033d6050023a91c0aae715cef14dae31aa4686410645e
3
+ metadata.gz: 7cc1d0760f4a6f24d10d75d27c11c194d41eb47a26903927b42ba775ce8d7088
4
+ data.tar.gz: 90c3a5758a74e86b813a50e3d262d87944c783c3ece0dd99047939651571c4fe
5
5
  SHA512:
6
- metadata.gz: 6e1b58219c98cb0d8c29644418ec930221ba85c5503e6db0c0df38125515202cb56545180187dcb24af2b7474aa7b63fbb4d34f22c7c0090dbb124142dbebb1f
7
- data.tar.gz: bf71087e14538101af044f780b3de22c37f679bce0e0bf13e292b5c690c2ed9b08275b76186ca1582c3fab3226e4f8fcc720a21d7599b92952557563caeb2dad
6
+ metadata.gz: 9493ba092dcdd370a58895cc4f37670ec4ac3b6d142ad21dd49a2a1f4165178f748389706bc0802167d2b7a6f9cf213b4cda44ce0fd19f03a34c1e0c5d4b2fa6
7
+ data.tar.gz: 7406412e5b8223da13f54ccdb2fdb1b9b5189b582c68bfc0d561c5f3a8c5068e7793692f33e7fcd840650fdcc8dd3328552b5556ea39715890d43d7dac37b6eb
data/lib/dependabot/python/file_parser/pipfile_files_parser.rb CHANGED
@@ -140,7 +140,7 @@ module Dependabot
140
140
  end
141
141
 
142
142
  sig do
143
- params(obj: T.any(String, NilClass, T::Array[String], T::Hash[String, T.untyped])).returns(T.nilable(String))
143
+ params(obj: T.nilable(T.any(String, T::Array[String], T::Hash[String, T.untyped]))).returns(T.nilable(String))
144
144
  end
145
145
  def version_from_hash_or_string(obj)
146
146
  case obj
@@ -149,7 +149,7 @@ module Dependabot
149
149
  end
150
150
  end
151
151
 
152
- sig { params(req: T.any(String, T::Hash[String, T.untyped])).returns(T.any(T::Boolean, NilClass, String)) }
152
+ sig { params(req: T.any(String, T::Hash[String, T.untyped])).returns(T.nilable(T.any(T::Boolean, String))) }
153
153
  def specifies_version?(req)
154
154
  return true if req.is_a?(String)
155
155
 
data/lib/dependabot/python/package/package_details_fetcher.rb CHANGED
@@ -68,13 +68,13 @@ module Dependabot
68
68
  package_releases = registry_urls
69
69
  .select { |index_url| validate_index(index_url) } # Ensure only valid URLs
70
70
  .flat_map do |index_url|
71
- fetch_from_registry(index_url) || [] # Ensure it always returns an array
72
- rescue Excon::Error::Timeout, Excon::Error::Socket
73
- raise if MAIN_PYPI_INDEXES.include?(index_url)
71
+ fetch_from_registry(index_url) || [] # Ensure it always returns an array
72
+ rescue Excon::Error::Timeout, Excon::Error::Socket
73
+ raise if MAIN_PYPI_INDEXES.include?(index_url)
74
74
 
75
- raise PrivateSourceTimedOut, sanitized_url(index_url)
76
- rescue URI::InvalidURIError
77
- raise DependencyFileNotResolvable, "Invalid URL: #{sanitized_url(index_url)}"
75
+ raise PrivateSourceTimedOut, sanitized_url(index_url)
76
+ rescue URI::InvalidURIError
77
+ raise DependencyFileNotResolvable, "Invalid URL: #{sanitized_url(index_url)}"
78
78
  end
79
79
 
80
80
  Dependabot::Package::PackageDetails.new(
data/lib/dependabot/python/update_checker/requirements_updater.rb CHANGED
@@ -297,7 +297,7 @@ module Dependabot
297
297
  # Prefix match
298
298
  T.must(requirement_strings.find { |r| r.match?(/^(=+|\d)/) })
299
299
  .sub(RequirementParser::VERSION) do |v|
300
- at_same_precision(T.must(latest_resolvable_version).to_s, v)
300
+ at_same_precision(T.must(latest_resolvable_version).to_s, v)
301
301
  end
302
302
  end
303
303
  end
@@ -317,7 +317,7 @@ module Dependabot
317
317
  new_segments
318
318
  .first(count)
319
319
  .map.with_index { |s, i| i < precision ? s : "*" }
320
- .join(".")
320
+ .join(".")
321
321
  end
322
322
 
323
323
  sig { params(requirement_strings: T::Array[String]).returns(String) }
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.362.0
4
+ version: 0.363.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,14 +15,14 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.362.0
18
+ version: 0.363.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.362.0
25
+ version: 0.363.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: debug
28
28
  requirement: !ruby/object:Gem::Requirement
@@ -85,14 +85,14 @@ dependencies:
85
85
  requirements:
86
86
  - - "~>"
87
87
  - !ruby/object:Gem::Version
88
- version: '1.3'
88
+ version: '2.0'
89
89
  type: :development
90
90
  prerelease: false
91
91
  version_requirements: !ruby/object:Gem::Requirement
92
92
  requirements:
93
93
  - - "~>"
94
94
  - !ruby/object:Gem::Version
95
- version: '1.3'
95
+ version: '2.0'
96
96
  - !ruby/object:Gem::Dependency
97
97
  name: rspec-sorbet
98
98
  requirement: !ruby/object:Gem::Requirement
@@ -291,7 +291,7 @@ licenses:
291
291
  - MIT
292
292
  metadata:
293
293
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
294
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.362.0
294
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.363.0
295
295
  rdoc_options: []
296
296
  require_paths:
297
297
  - lib