dependabot-python 0.97.11 → 0.98.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/file_fetcher.rb +7 -7
  3. data/lib/dependabot/python/requirement_parser.rb +8 -0
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8048d5061e6d5f5e1544ba403e4419f9682af1f77c23bb4e3b42a22954774114
4
- data.tar.gz: dfbb570fec50dd749852a351cc836ec424c3bc0c7fb22cae5779f7c0064cbca1
3
+ metadata.gz: 86bf4ecb82a960b0f84cd1cf7ff74cf73081be517b672045cd732743ba4957b0
4
+ data.tar.gz: 9675ebc29daaae2cdbc2e9cd02ad4750ee4ff6062e39c12f1f16593d708ccf8a
5
5
  SHA512:
6
- metadata.gz: 320155e0724eb173872e2652bac2c296c7a1b725786362d2a67803ffa72f91dbdf3011c7d5a58e4b012847a9c41c49acd26348971acea26cf3b8be8174438f87
7
- data.tar.gz: 34be31e6dcbbdd2fbd3554708abf0cdbf3a69893615643b0f5a419b11ffe85eb93005bd13673fe2e6ea2f58fcf3f02a57aee6c125438ce2d3d64587b1d603f6e
6
+ metadata.gz: 853a0437246018fd3290d5a3897c70b7c39270d395acf6539772d7eb33c4e53dd54c9c6d9bbd33a7836592fa00be001772034dfbb1bb6324d8217a1175556c38
7
+ data.tar.gz: 3d561dd75778163bf360285255a7433ad6ee0193388bfa97fe10a76368dedf02deb85cf323e4248f43cd1f313549fccafe28a631e4f1b460438ebebc2adee33b
data/lib/dependabot/python/file_fetcher.rb CHANGED
@@ -4,7 +4,7 @@ require "toml-rb"
4
4
 
5
5
  require "dependabot/file_fetchers"
6
6
  require "dependabot/file_fetchers/base"
7
- require "dependabot/python/file_parser"
7
+ require "dependabot/python/requirement_parser"
8
8
  require "dependabot/errors"
9
9
 
10
10
  # rubocop:disable Metrics/ClassLength
@@ -308,12 +308,12 @@ module Dependabot
308
308
  gsub(CONSTRAINT_REGEX, "").
309
309
  gsub(CHILD_REQUIREMENT_REGEX, "")
310
310
 
311
- tmp_file = DependencyFile.new(name: file.name, content: content)
312
- Dependabot::Python::FileParser.
313
- new(dependency_files: [tmp_file], source: source).
314
- parse.any?
315
- rescue Dependabot::DependencyFileNotEvaluatable
316
- false
311
+ matches = []
312
+
313
+ regex = RequirementParser::VALID_REQ_TXT_REQUIREMENT
314
+ content.scan(regex) { matches << Regexp.last_match }
315
+
316
+ matches.any?
317
317
  end
318
318
 
319
319
  def path_setup_file_paths
data/lib/dependabot/python/requirement_parser.rb CHANGED
@@ -29,6 +29,14 @@ module Dependabot
29
29
  \s*#*\s*(?<comment>.+)?$
30
30
  /x.freeze
31
31
 
32
+ VALID_REQ_TXT_REQUIREMENT =
33
+ /^\s*\\?\s*(?<name>#{NAME})
34
+ \s*\\?\s*(\[\s*(?<extras>#{EXTRA}(\s*,\s*#{EXTRA})*)\s*\])?
35
+ \s*\\?\s*(?<requirements>#{REQUIREMENTS})?
36
+ \s*\\?\s*(?<hashes>#{HASHES})?
37
+ \s*(\#+\s*(?<comment>.*))?$
38
+ /x.freeze
39
+
32
40
  NAME_WITH_EXTRAS =
33
41
  /\s*\\?\s*(?<name>#{NAME})
34
42
  (\s*\\?\s*\[\s*(?<extras>#{EXTRA}(\s*,\s*#{EXTRA})*)\s*\])?
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.97.11
4
+ version: 0.98.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.97.11
19
+ version: 0.98.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.97.11
26
+ version: 0.98.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement