dependabot-python 0.93.2 → 0.93.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/python/file_fetcher.rb +58 -36
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 03e42ce4b4fbe1d2120e19d19c824fee64d48f780d66827fe5349c5e31fb0f88
|
|
4
|
+
data.tar.gz: 754a2bcab4e657fda82b538a778074553a859ac7b33237ae213cddf04d3378b6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 539a56d9ae30347f38994f9bb5e62d8395d79357040125733d8baf07c1c1785094a210e8c3fcb16a9bebd7d50fecf8e0c2ebffe35555fdc1c13fee1594a7b334
|
|
7
|
+
data.tar.gz: 991231daea34176c28c367cdd9121d7d6abac373df2f660d2c90ac479476e84267f0219a275bd0e90c1e966051f3e259b9a654ccf1864b99f4a74776209e8006
|
|
@@ -232,24 +232,9 @@ module Dependabot
|
|
|
232
232
|
unfetchable_files = []
|
|
233
233
|
|
|
234
234
|
path_setup_file_paths.each do |path|
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
begin
|
|
239
|
-
path_setup_files << fetch_file_from_host(path).
|
|
240
|
-
tap { |f| f.support_file = true }
|
|
241
|
-
rescue Dependabot::DependencyFileNotFound
|
|
242
|
-
unfetchable_files << path
|
|
243
|
-
end
|
|
244
|
-
|
|
245
|
-
begin
|
|
246
|
-
cfg_path = path.gsub(/\.py$/, ".cfg")
|
|
247
|
-
path_setup_files << fetch_file_from_host(cfg_path).
|
|
248
|
-
tap { |f| f.support_file = true }
|
|
249
|
-
rescue Dependabot::DependencyFileNotFound
|
|
250
|
-
# Ignore lack of a setup.cfg
|
|
251
|
-
nil
|
|
252
|
-
end
|
|
235
|
+
path_setup_files += fetch_path_setup_file(path)
|
|
236
|
+
rescue Dependabot::DependencyFileNotFound => error
|
|
237
|
+
unfetchable_files << error.file_path.gsub(%r{^/}, "")
|
|
253
238
|
end
|
|
254
239
|
|
|
255
240
|
if unfetchable_files.any?
|
|
@@ -259,6 +244,31 @@ module Dependabot
|
|
|
259
244
|
path_setup_files
|
|
260
245
|
end
|
|
261
246
|
|
|
247
|
+
def fetch_path_setup_file(path)
|
|
248
|
+
path_setup_files = []
|
|
249
|
+
|
|
250
|
+
unless path.end_with?(".tar.gz")
|
|
251
|
+
path = Pathname.new(File.join(path, "setup.py")).cleanpath.to_path
|
|
252
|
+
end
|
|
253
|
+
return [] if path == "setup.py" && setup_file
|
|
254
|
+
|
|
255
|
+
path_setup_files << fetch_file_from_host(path).
|
|
256
|
+
tap { |f| f.support_file = true }
|
|
257
|
+
|
|
258
|
+
return path_setup_files unless path.end_with?(".py")
|
|
259
|
+
|
|
260
|
+
begin
|
|
261
|
+
cfg_path = path.gsub(/\.py$/, ".cfg")
|
|
262
|
+
path_setup_files << fetch_file_from_host(cfg_path).
|
|
263
|
+
tap { |f| f.support_file = true }
|
|
264
|
+
rescue Dependabot::DependencyFileNotFound
|
|
265
|
+
# Ignore lack of a setup.cfg
|
|
266
|
+
nil
|
|
267
|
+
end
|
|
268
|
+
|
|
269
|
+
path_setup_files
|
|
270
|
+
end
|
|
271
|
+
|
|
262
272
|
def requirements_file?(file)
|
|
263
273
|
return true if file.name.match?(/requirements/x)
|
|
264
274
|
|
|
@@ -275,27 +285,39 @@ module Dependabot
|
|
|
275
285
|
end
|
|
276
286
|
|
|
277
287
|
def path_setup_file_paths
|
|
278
|
-
requirement_txt_path_setup_file_paths +
|
|
288
|
+
requirement_txt_path_setup_file_paths +
|
|
289
|
+
requirement_in_path_setup_file_paths +
|
|
290
|
+
pipfile_path_setup_file_paths
|
|
279
291
|
end
|
|
280
292
|
|
|
281
293
|
def requirement_txt_path_setup_file_paths
|
|
282
|
-
(requirements_txt_files + child_requirement_txt_files).
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
294
|
+
(requirements_txt_files + child_requirement_txt_files).
|
|
295
|
+
map { |req_file| parse_path_setup_paths(req_file) }.
|
|
296
|
+
flatten.uniq
|
|
297
|
+
end
|
|
298
|
+
|
|
299
|
+
def requirement_in_path_setup_file_paths
|
|
300
|
+
requirements_in_files.
|
|
301
|
+
map { |req_file| parse_path_setup_paths(req_file) }.
|
|
302
|
+
flatten.uniq
|
|
303
|
+
end
|
|
304
|
+
|
|
305
|
+
def parse_path_setup_paths(req_file)
|
|
306
|
+
uneditable_reqs =
|
|
307
|
+
req_file.content.
|
|
308
|
+
scan(/^['"]?(?<path>\..*?)(?=\[|#|'|"|$)/).
|
|
309
|
+
flatten.
|
|
310
|
+
map(&:strip).
|
|
311
|
+
reject { |p| p.include?("://") }
|
|
312
|
+
|
|
313
|
+
editable_reqs =
|
|
314
|
+
req_file.content.
|
|
315
|
+
scan(/^(?:-e)\s+['"]?(?<path>.*?)(?=\[|#|'|"|$)/).
|
|
316
|
+
flatten.
|
|
317
|
+
map(&:strip).
|
|
318
|
+
reject { |p| p.include?("://") }
|
|
319
|
+
|
|
320
|
+
uneditable_reqs + editable_reqs
|
|
299
321
|
end
|
|
300
322
|
|
|
301
323
|
def pipfile_path_setup_file_paths
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.93.
|
|
4
|
+
version: 0.93.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-01-
|
|
11
|
+
date: 2019-01-27 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-core
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.93.
|
|
19
|
+
version: 0.93.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.93.
|
|
26
|
+
version: 0.93.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|