dependabot-python 0.92.8 → 0.93.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/requirements.txt +2 -2
  3. data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb +7 -1
  4. data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb +5 -0
  5. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d55b79dbaa20b727a8338a150c6f53dd013cfcef8b2ccfa0ccc9342e617bd24f
4
- data.tar.gz: ff1621156bfca039fbc7322a355c6492158808b2151df1df96a92efedc364c1e
3
+ metadata.gz: 1920e28898b728022389686349c4c44ba9d60690daa74084a197e47c61ff5f0d
4
+ data.tar.gz: eb6801ae91bfbbcff96ee1a6c2132245ebaed5c45682f084bb0e6bb6ae1a91ef
5
5
  SHA512:
6
- metadata.gz: 2225945924464ce5b92da4322b96ab566a7aa6cc9c501641538488e961fce868689378b1975ccd02a3433bd4a214916cfa3b13c817994324b68ed5ddb502adfc
7
- data.tar.gz: 70a7f6eb71aa90d931f8ba5cc9a3d4294b2923a888356e71969872e27c1832e5aa6b7e0849b5724a70020400418f2e07290243321c4295b887dacb957249ec7f
6
+ metadata.gz: 7fe840e09879b4fd191a24f747426a2e3fee4f3261f7f028fae6ebee0f657685a841e06561faea341d25a17118b0e9d6082b154d0a695d78563ca918e72196af
7
+ data.tar.gz: d558dcca5d80e603eecaf9b5689db391a6b562c8a0f064b0dcab45abf44a000a394d84297c04834a12b7dcfa81dea5bd40e9ee230b78eada338d7caa51ed7121
data/helpers/requirements.txt CHANGED
@@ -1,5 +1,5 @@
1
- pip==18.1
2
- pip-tools==3.1.0
1
+ pip==19.0.1
2
+ pip-tools==3.3.1
3
3
  hashin==0.14.2
4
4
  pipenv==2018.11.26
5
5
  pipfile==0.0.2
data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb CHANGED
@@ -63,7 +63,13 @@ module Dependabot
63
63
  # This is slow, as pip-compile needs to do installs.
64
64
  run_command(
65
65
  "pyenv exec pip-compile #{pip_compile_options(filename)} "\
66
- "-P #{dependency.name} #{filename}"
66
+ "-P #{dependency.name}==#{dependency.version} #{filename}"
67
+ )
68
+ # Run pip-compile a second time, without an update argument, to
69
+ # ensure it resets the right comments.
70
+ run_command(
71
+ "pyenv exec pip-compile #{pip_compile_options(filename)} "\
72
+ "#{filename}"
67
73
  )
68
74
  end
69
75
 
data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb CHANGED
@@ -59,6 +59,11 @@ module Dependabot
59
59
  cmd = "pyenv exec pip-compile --allow-unsafe "\
60
60
  "-P #{dependency.name} #{filename}"
61
61
  run_command(cmd)
62
+ # Run pip-compile a second time, without an update argument,
63
+ # to ensure it handles markers correctly
64
+ run_command(
65
+ "pyenv exec pip-compile --allow-unsafe #{filename}"
66
+ )
62
67
  end
63
68
 
64
69
  # Remove any .python-version file before parsing the reqs
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.92.8
4
+ version: 0.93.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-01-24 00:00:00.000000000 Z
11
+ date: 2019-01-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-core
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.92.8
19
+ version: 0.93.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.92.8
26
+ version: 0.93.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement