dependabot-python 0.98.9 → 0.98.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c883a569d0291587e0abe85d6d59cf30185ee6389e67d796c96dd2c91dfdd93a
|
|
4
|
+
data.tar.gz: 8dda941527038c0fe9ca17379b977e84911fd3bb4393c23ee38923e6ab9a6ef9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 35fb8f1ac9bf4dab6e48a8acfb468bfc2baedc894538c9bffc439321298777fe4a1787a74f2f979d4e493a5486ea17f4616fa39fbc589fe3e6126817bdcd9aaa
|
|
7
|
+
data.tar.gz: 852118c1cc474740c4f8f5121edd3477c09ba9b129da8d7ea1891455d28dda4e64b61bfdff81b4b9127e17c9f0411221548a4d821cf744e1d294edbddb0df8c0
|
|
@@ -67,7 +67,7 @@ module Dependabot
|
|
|
67
67
|
# This is slow, as pip-compile needs to do installs.
|
|
68
68
|
cmd_dep_name = Shellwords.join([
|
|
69
69
|
"pyenv", "exec", "pip-compile",
|
|
70
|
-
pip_compile_options(filename),
|
|
70
|
+
*pip_compile_options(filename),
|
|
71
71
|
"-P", dependency.name
|
|
72
72
|
].reject(&:empty?))
|
|
73
73
|
cmd_dep_version = Shellwords.join([dependency.version, filename])
|
|
@@ -77,7 +77,7 @@ module Dependabot
|
|
|
77
77
|
# Run pip-compile a second time, without an update argument, to
|
|
78
78
|
# ensure it resets the right comments.
|
|
79
79
|
run_pip_compile_command(
|
|
80
|
-
["pyenv", "exec", "pip-compile", pip_compile_options(filename),
|
|
80
|
+
["pyenv", "exec", "pip-compile", *pip_compile_options(filename),
|
|
81
81
|
filename].reject(&:empty?)
|
|
82
82
|
)
|
|
83
83
|
end
|
|
@@ -409,25 +409,25 @@ module Dependabot
|
|
|
409
409
|
|
|
410
410
|
return unless requirements_file
|
|
411
411
|
|
|
412
|
-
options =
|
|
412
|
+
options = []
|
|
413
413
|
|
|
414
414
|
if requirements_file.content.include?("--hash=sha")
|
|
415
|
-
options
|
|
415
|
+
options << "--generate-hashes"
|
|
416
416
|
end
|
|
417
417
|
|
|
418
418
|
if includes_unsafe_packages?(requirements_file.content)
|
|
419
|
-
options
|
|
419
|
+
options << "--allow-unsafe"
|
|
420
420
|
end
|
|
421
421
|
|
|
422
422
|
unless requirements_file.content.include?("# via ")
|
|
423
|
-
options
|
|
423
|
+
options << "--no-annotate"
|
|
424
424
|
end
|
|
425
425
|
|
|
426
426
|
unless requirements_file.content.include?("autogenerated by pip-c")
|
|
427
|
-
options
|
|
427
|
+
options << "--no-header"
|
|
428
428
|
end
|
|
429
429
|
|
|
430
|
-
options
|
|
430
|
+
options
|
|
431
431
|
end
|
|
432
432
|
|
|
433
433
|
def includes_unsafe_packages?(content)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.10
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.10
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.10
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|