dependabot-python 0.93.14 → 0.93.15
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ca48499d2e85ad14651c7087d886a76062cddcec7cd3ab93dc3327d417775201
|
|
4
|
+
data.tar.gz: 520d16c6c5a45b5744441c14e364f8f97c740db3483c69675d9b66d78f941ba6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c6b9bd9fc237aac705dd0fc549f46cccde1bdf09881a61a3d31dcd9041c768041ca7bc2e1395e9bb27671bc857144bc6e5a9efc02837e8b67b0117326ea599fd
|
|
7
|
+
data.tar.gz: 182893921326f80adb6c1fef214d0aca83f8b7c05fddd0c4bf0ced235a99039e199fcab6266c5fb55aad216225152bd226f872801e8449390fd80e39ef01e6b9
|
|
@@ -91,7 +91,7 @@ module Dependabot
|
|
|
91
91
|
if error.message.include?("Could not find a version")
|
|
92
92
|
check_original_requirements_resolvable
|
|
93
93
|
# If the original requirements are resolvable but we get an
|
|
94
|
-
# incompatibility
|
|
94
|
+
# incompatibility error after unlocking then it's likely to be
|
|
95
95
|
# due to problems with pip-compile's cascading resolution
|
|
96
96
|
return nil
|
|
97
97
|
end
|
|
@@ -72,6 +72,8 @@ module Dependabot
|
|
|
72
72
|
updated_lockfile = TomlRB.parse(updated_lockfile)
|
|
73
73
|
|
|
74
74
|
fetch_version_from_parsed_lockfile(updated_lockfile)
|
|
75
|
+
rescue SharedHelpers::HelperSubprocessFailed => error
|
|
76
|
+
handle_poetry_errors(error)
|
|
75
77
|
end
|
|
76
78
|
return unless @latest_resolvable_version_string
|
|
77
79
|
|
|
@@ -89,6 +91,36 @@ module Dependabot
|
|
|
89
91
|
raise "No version in lockfile!"
|
|
90
92
|
end
|
|
91
93
|
|
|
94
|
+
def handle_poetry_errors(error)
|
|
95
|
+
if error.message.include?("SolverProblemError")
|
|
96
|
+
check_original_requirements_resolvable
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
raise
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
def check_original_requirements_resolvable
|
|
103
|
+
SharedHelpers.in_a_temporary_directory do
|
|
104
|
+
write_temporary_dependency_files(update_pyproject: false)
|
|
105
|
+
|
|
106
|
+
run_poetry_command(
|
|
107
|
+
"pyenv exec poetry update #{dependency.name} --lock"
|
|
108
|
+
)
|
|
109
|
+
|
|
110
|
+
true
|
|
111
|
+
rescue SharedHelpers::HelperSubprocessFailed => error
|
|
112
|
+
raise unless error.message.include?("SolverProblemError")
|
|
113
|
+
|
|
114
|
+
msg = clean_error_message(error.message)
|
|
115
|
+
raise DependencyFileNotResolvable, msg
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
def clean_error_message(message)
|
|
120
|
+
# Redact any URLs, as they may include credentials
|
|
121
|
+
message.gsub(/http.*?(?=\s)/, "<redacted>")
|
|
122
|
+
end
|
|
123
|
+
|
|
92
124
|
def write_temporary_dependency_files(update_pyproject: true)
|
|
93
125
|
dependency_files.each do |file|
|
|
94
126
|
path = file.name
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.93.
|
|
4
|
+
version: 0.93.15
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.93.
|
|
19
|
+
version: 0.93.15
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.93.
|
|
26
|
+
version: 0.93.15
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|