dependabot-python 0.95.54 → 0.95.55
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fa4c36a5edfef2e030d8a2a0ef9fba45c033fe49a69bc35d633617b552dcc0fc
|
|
4
|
+
data.tar.gz: 228f9bca574583710c4175eb963911be3ae534d4d5260250ce718dadcf1e7e53
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7faac2287e48dd8ec444516847d261616f31416aee54ac3d4d0c7c0985e0a38626793abebb75bf5bf0868de38e064186a180516ac2e2738b7d429adf16843002
|
|
7
|
+
data.tar.gz: 001a51d1416b8009de478bb768d4875904388a03a453f0a93ae41e8dfcb6f86fc0084fb55f08a8b13079f7368517652100a8a0a00130b3dbc9b35f216b0f40f4
|
|
@@ -6,6 +6,7 @@ require "dependabot/python/file_fetcher"
|
|
|
6
6
|
require "dependabot/python/file_updater"
|
|
7
7
|
require "dependabot/shared_helpers"
|
|
8
8
|
require "dependabot/python/native_helpers"
|
|
9
|
+
require "dependabot/python/python_versions"
|
|
9
10
|
|
|
10
11
|
# rubocop:disable Metrics/ClassLength
|
|
11
12
|
module Dependabot
|
|
@@ -57,22 +58,26 @@ module Dependabot
|
|
|
57
58
|
def compile_new_requirement_files
|
|
58
59
|
SharedHelpers.in_a_temporary_directory do
|
|
59
60
|
write_updated_dependency_files
|
|
61
|
+
install_required_python
|
|
60
62
|
|
|
61
63
|
filenames_to_compile.each do |filename|
|
|
62
64
|
# Shell out to pip-compile, generate a new set of requirements.
|
|
63
65
|
# This is slow, as pip-compile needs to do installs.
|
|
64
|
-
|
|
66
|
+
run_pip_compile_command(
|
|
65
67
|
"pyenv exec pip-compile #{pip_compile_options(filename)} "\
|
|
66
68
|
"-P #{dependency.name}==#{dependency.version} #{filename}"
|
|
67
69
|
)
|
|
68
70
|
# Run pip-compile a second time, without an update argument, to
|
|
69
71
|
# ensure it resets the right comments.
|
|
70
|
-
|
|
72
|
+
run_pip_compile_command(
|
|
71
73
|
"pyenv exec pip-compile #{pip_compile_options(filename)} "\
|
|
72
74
|
"#{filename}"
|
|
73
75
|
)
|
|
74
76
|
end
|
|
75
77
|
|
|
78
|
+
# Remove any .python-version file before parsing the reqs
|
|
79
|
+
FileUtils.remove_entry(".python-version", true)
|
|
80
|
+
|
|
76
81
|
dependency_files.map do |file|
|
|
77
82
|
next unless file.name.end_with?(".txt")
|
|
78
83
|
|
|
@@ -124,7 +129,6 @@ module Dependabot
|
|
|
124
129
|
).updated_dependency_files
|
|
125
130
|
end
|
|
126
131
|
|
|
127
|
-
# rubocop:disable Metrics/MethodLength
|
|
128
132
|
def run_command(command)
|
|
129
133
|
command = command.dup
|
|
130
134
|
env_cmd = [python_env, command].compact
|
|
@@ -132,9 +136,7 @@ module Dependabot
|
|
|
132
136
|
stdout, process = Open3.capture2e(*env_cmd)
|
|
133
137
|
time_taken = Time.now - start
|
|
134
138
|
|
|
135
|
-
|
|
136
|
-
# pip-compile returns a non-zero status
|
|
137
|
-
return if process.success?
|
|
139
|
+
return stdout if process.success?
|
|
138
140
|
|
|
139
141
|
raise SharedHelpers::HelperSubprocessFailed.new(
|
|
140
142
|
message: stdout,
|
|
@@ -144,6 +146,11 @@ module Dependabot
|
|
|
144
146
|
process_exit_value: process.to_s
|
|
145
147
|
}
|
|
146
148
|
)
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
def run_pip_compile_command(command)
|
|
152
|
+
local_command = "pyenv local #{python_version} && " + command
|
|
153
|
+
run_command(local_command)
|
|
147
154
|
rescue SharedHelpers::HelperSubprocessFailed => error
|
|
148
155
|
original_error ||= error
|
|
149
156
|
msg = error.message
|
|
@@ -154,14 +161,15 @@ module Dependabot
|
|
|
154
161
|
end
|
|
155
162
|
|
|
156
163
|
raise relevant_error unless error_suggests_bad_python_version?(msg)
|
|
157
|
-
raise relevant_error if
|
|
164
|
+
raise relevant_error if user_specified_python_version
|
|
165
|
+
raise relevant_error if python_version == "2.7.15"
|
|
158
166
|
|
|
159
|
-
|
|
167
|
+
@python_version = "2.7.15"
|
|
160
168
|
retry
|
|
161
169
|
ensure
|
|
170
|
+
@python_version = nil
|
|
162
171
|
FileUtils.remove_entry(".python-version", true)
|
|
163
172
|
end
|
|
164
|
-
# rubocop:enable Metrics/MethodLength
|
|
165
173
|
|
|
166
174
|
def python_env
|
|
167
175
|
env = {}
|
|
@@ -186,13 +194,14 @@ module Dependabot
|
|
|
186
194
|
|
|
187
195
|
def write_updated_dependency_files
|
|
188
196
|
dependency_files.each do |file|
|
|
189
|
-
next if file.name == ".python-version"
|
|
190
|
-
|
|
191
197
|
path = file.name
|
|
192
198
|
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
|
193
199
|
File.write(path, freeze_dependency_requirement(file))
|
|
194
200
|
end
|
|
195
201
|
|
|
202
|
+
# Overwrite the .python-version with updated content
|
|
203
|
+
File.write(".python-version", python_version) if python_version
|
|
204
|
+
|
|
196
205
|
setup_files.each do |file|
|
|
197
206
|
path = file.name
|
|
198
207
|
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
|
@@ -206,6 +215,15 @@ module Dependabot
|
|
|
206
215
|
end
|
|
207
216
|
end
|
|
208
217
|
|
|
218
|
+
def install_required_python
|
|
219
|
+
if python_version &&
|
|
220
|
+
!run_command("pyenv versions").include?(python_version)
|
|
221
|
+
run_command("pyenv install -s")
|
|
222
|
+
run_command("pyenv exec pip install -r " + \
|
|
223
|
+
NativeHelpers.python_requirements_path)
|
|
224
|
+
end
|
|
225
|
+
end
|
|
226
|
+
|
|
209
227
|
def sanitized_setup_file_content(file)
|
|
210
228
|
@sanitized_setup_file_content ||= {}
|
|
211
229
|
if @sanitized_setup_file_content[file.name]
|
|
@@ -475,6 +493,22 @@ module Dependabot
|
|
|
475
493
|
end
|
|
476
494
|
end
|
|
477
495
|
|
|
496
|
+
def python_version
|
|
497
|
+
# TODO: Add better Python version detection using dependency versions
|
|
498
|
+
# (e.g., Django 2.x implies Python 3)
|
|
499
|
+
@python_version ||=
|
|
500
|
+
user_specified_python_version ||
|
|
501
|
+
PythonVersions::PRE_INSTALLED_PYTHON_VERSIONS.first
|
|
502
|
+
end
|
|
503
|
+
|
|
504
|
+
def user_specified_python_version
|
|
505
|
+
python_version_file&.content&.strip
|
|
506
|
+
end
|
|
507
|
+
|
|
508
|
+
def pre_installed_python?(version)
|
|
509
|
+
PythonVersions::PRE_INSTALLED_PYTHON_VERSIONS.include?(version)
|
|
510
|
+
end
|
|
511
|
+
|
|
478
512
|
def setup_files
|
|
479
513
|
dependency_files.select { |f| f.name.end_with?("setup.py") }
|
|
480
514
|
end
|
|
@@ -486,6 +520,10 @@ module Dependabot
|
|
|
486
520
|
def setup_cfg_files
|
|
487
521
|
dependency_files.select { |f| f.name.end_with?("setup.cfg") }
|
|
488
522
|
end
|
|
523
|
+
|
|
524
|
+
def python_version_file
|
|
525
|
+
dependency_files.find { |f| f.name == ".python-version" }
|
|
526
|
+
end
|
|
489
527
|
end
|
|
490
528
|
end
|
|
491
529
|
end
|
|
@@ -10,6 +10,7 @@ require "dependabot/python/file_updater/setup_file_sanitizer"
|
|
|
10
10
|
require "dependabot/python/version"
|
|
11
11
|
require "dependabot/shared_helpers"
|
|
12
12
|
require "dependabot/python/native_helpers"
|
|
13
|
+
require "dependabot/python/python_versions"
|
|
13
14
|
|
|
14
15
|
# rubocop:disable Metrics/ClassLength
|
|
15
16
|
module Dependabot
|
|
@@ -52,16 +53,18 @@ module Dependabot
|
|
|
52
53
|
SharedHelpers.in_a_temporary_directory do
|
|
53
54
|
SharedHelpers.with_git_configured(credentials: credentials) do
|
|
54
55
|
write_temporary_dependency_files
|
|
56
|
+
install_required_python
|
|
55
57
|
|
|
56
58
|
filenames_to_compile.each do |filename|
|
|
57
59
|
# Shell out to pip-compile.
|
|
58
60
|
# This is slow, as pip-compile needs to do installs.
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
61
|
+
run_pip_compile_command(
|
|
62
|
+
"pyenv exec pip-compile --allow-unsafe "\
|
|
63
|
+
"-P #{dependency.name} #{filename}"
|
|
64
|
+
)
|
|
62
65
|
# Run pip-compile a second time, without an update argument,
|
|
63
66
|
# to ensure it handles markers correctly
|
|
64
|
-
|
|
67
|
+
run_pip_compile_command(
|
|
65
68
|
"pyenv exec pip-compile --allow-unsafe #{filename}"
|
|
66
69
|
)
|
|
67
70
|
end
|
|
@@ -139,7 +142,6 @@ module Dependabot
|
|
|
139
142
|
end
|
|
140
143
|
end
|
|
141
144
|
|
|
142
|
-
# rubocop:disable Metrics/MethodLength
|
|
143
145
|
def run_command(command)
|
|
144
146
|
command = command.dup
|
|
145
147
|
env_cmd = [python_env, command].compact
|
|
@@ -147,9 +149,7 @@ module Dependabot
|
|
|
147
149
|
stdout, process = Open3.capture2e(*env_cmd)
|
|
148
150
|
time_taken = Time.now - start
|
|
149
151
|
|
|
150
|
-
|
|
151
|
-
# pip-compile returns a non-zero status
|
|
152
|
-
return if process.success?
|
|
152
|
+
return stdout if process.success?
|
|
153
153
|
|
|
154
154
|
raise SharedHelpers::HelperSubprocessFailed.new(
|
|
155
155
|
message: stdout,
|
|
@@ -159,6 +159,11 @@ module Dependabot
|
|
|
159
159
|
process_exit_value: process.to_s
|
|
160
160
|
}
|
|
161
161
|
)
|
|
162
|
+
end
|
|
163
|
+
|
|
164
|
+
def run_pip_compile_command(command)
|
|
165
|
+
local_command = "pyenv local #{python_version} && " + command
|
|
166
|
+
run_command(local_command)
|
|
162
167
|
rescue SharedHelpers::HelperSubprocessFailed => error
|
|
163
168
|
original_error ||= error
|
|
164
169
|
msg = error.message
|
|
@@ -169,14 +174,15 @@ module Dependabot
|
|
|
169
174
|
end
|
|
170
175
|
|
|
171
176
|
raise relevant_error unless error_suggests_bad_python_version?(msg)
|
|
172
|
-
raise relevant_error if
|
|
177
|
+
raise relevant_error if user_specified_python_version
|
|
178
|
+
raise relevant_error if python_version == "2.7.15"
|
|
173
179
|
|
|
174
|
-
|
|
180
|
+
@python_version = "2.7.15"
|
|
175
181
|
retry
|
|
176
182
|
ensure
|
|
183
|
+
@python_version = nil
|
|
177
184
|
FileUtils.remove_entry(".python-version", true)
|
|
178
185
|
end
|
|
179
|
-
# rubocop:enable Metrics/MethodLength
|
|
180
186
|
|
|
181
187
|
def python_env
|
|
182
188
|
env = {}
|
|
@@ -202,8 +208,6 @@ module Dependabot
|
|
|
202
208
|
|
|
203
209
|
def write_temporary_dependency_files(unlock_requirement: true)
|
|
204
210
|
dependency_files.each do |file|
|
|
205
|
-
next if file.name == ".python-version"
|
|
206
|
-
|
|
207
211
|
path = file.name
|
|
208
212
|
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
|
209
213
|
File.write(
|
|
@@ -212,6 +216,9 @@ module Dependabot
|
|
|
212
216
|
)
|
|
213
217
|
end
|
|
214
218
|
|
|
219
|
+
# Overwrite the .python-version with updated content
|
|
220
|
+
File.write(".python-version", python_version) if python_version
|
|
221
|
+
|
|
215
222
|
setup_files.each do |file|
|
|
216
223
|
path = file.name
|
|
217
224
|
FileUtils.mkdir_p(Pathname.new(path).dirname)
|
|
@@ -225,6 +232,15 @@ module Dependabot
|
|
|
225
232
|
end
|
|
226
233
|
end
|
|
227
234
|
|
|
235
|
+
def install_required_python
|
|
236
|
+
if python_version &&
|
|
237
|
+
!run_command("pyenv versions").include?(python_version)
|
|
238
|
+
run_command("pyenv install -s")
|
|
239
|
+
run_command("pyenv exec pip install -r " + \
|
|
240
|
+
NativeHelpers.python_requirements_path)
|
|
241
|
+
end
|
|
242
|
+
end
|
|
243
|
+
|
|
228
244
|
def sanitized_setup_file_content(file)
|
|
229
245
|
@sanitized_setup_file_content ||= {}
|
|
230
246
|
if @sanitized_setup_file_content[file.name]
|
|
@@ -384,6 +400,22 @@ module Dependabot
|
|
|
384
400
|
).parse.find { |d| d.name == dependency.name }&.version
|
|
385
401
|
end
|
|
386
402
|
|
|
403
|
+
def python_version
|
|
404
|
+
# TODO: Add better Python version detection using dependency versions
|
|
405
|
+
# (e.g., Django 2.x implies Python 3)
|
|
406
|
+
@python_version ||=
|
|
407
|
+
user_specified_python_version ||
|
|
408
|
+
PythonVersions::PRE_INSTALLED_PYTHON_VERSIONS.first
|
|
409
|
+
end
|
|
410
|
+
|
|
411
|
+
def user_specified_python_version
|
|
412
|
+
python_version_file&.content&.strip
|
|
413
|
+
end
|
|
414
|
+
|
|
415
|
+
def pre_installed_python?(version)
|
|
416
|
+
PythonVersions::PRE_INSTALLED_PYTHON_VERSIONS.include?(version)
|
|
417
|
+
end
|
|
418
|
+
|
|
387
419
|
def setup_files
|
|
388
420
|
dependency_files.select { |f| f.name.end_with?("setup.py") }
|
|
389
421
|
end
|
|
@@ -395,6 +427,10 @@ module Dependabot
|
|
|
395
427
|
def setup_cfg_files
|
|
396
428
|
dependency_files.select { |f| f.name.end_with?("setup.cfg") }
|
|
397
429
|
end
|
|
430
|
+
|
|
431
|
+
def python_version_file
|
|
432
|
+
dependency_files.find { |f| f.name == ".python-version" }
|
|
433
|
+
end
|
|
398
434
|
end
|
|
399
435
|
end
|
|
400
436
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.95.
|
|
4
|
+
version: 0.95.55
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-22 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.95.
|
|
19
|
+
version: 0.95.55
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.95.
|
|
26
|
+
version: 0.95.55
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|