dependabot-python 0.98.15 → 0.98.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/build +1 -1
- data/helpers/lib/parser.py +11 -10
- data/lib/dependabot/python/file_fetcher.rb +1 -1
- data/lib/dependabot/python/file_updater/pip_compile_file_updater.rb +2 -2
- data/lib/dependabot/python/file_updater/pipfile_file_updater.rb +1 -1
- data/lib/dependabot/python/python_versions.rb +2 -2
- data/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb +2 -2
- data/lib/dependabot/python/update_checker/pipfile_version_resolver.rb +1 -1
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a20f6a5b17c638ba7b511ea05511c82cfa87c1d7bb5e037db6871fbefc6f197b
|
4
|
+
data.tar.gz: d693cac0af963ea95481dcfea8ce691293b79b423b0dfd7abefa11268c5e08b5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3dd9b2507d5aad67c603949d9b7308e2c5a067ea61f8d8bdd7f6a96992667e6584c3485ff0baadc7eb35e3513827097e8f45079cb558a7cc783c8699ef91c523
|
7
|
+
data.tar.gz: ed41be6a6158526e7b3b28e9c545b48e61a9dec279d3709ae212e5f0066d4c33509e35404cad4a8402e99d9304ff9f4e82b33292d775269fa321857715854679
|
data/helpers/build
CHANGED
data/helpers/lib/parser.py
CHANGED
@@ -20,6 +20,10 @@ def parse_requirements(directory):
|
|
20
20
|
pip_compile_files = glob.glob(os.path.join(directory, '*.in')) \
|
21
21
|
+ glob.glob(os.path.join(directory, '**', '*.in'))
|
22
22
|
|
23
|
+
def version_from_install_req(install_req):
|
24
|
+
if install_req.is_pinned:
|
25
|
+
return next(iter(install_req.specifier)).version
|
26
|
+
|
23
27
|
for reqs_file in requirement_files + pip_compile_files:
|
24
28
|
try:
|
25
29
|
requirements = pip._internal.req.req_file.parse_requirements(
|
@@ -29,10 +33,6 @@ def parse_requirements(directory):
|
|
29
33
|
for install_req in requirements:
|
30
34
|
if install_req.original_link:
|
31
35
|
continue
|
32
|
-
if install_req.is_pinned:
|
33
|
-
version = next(iter(install_req.specifier)).version
|
34
|
-
else:
|
35
|
-
version = None
|
36
36
|
|
37
37
|
pattern = r"-[cr] (.*) \(line \d+\)"
|
38
38
|
abs_path = re.search(pattern, install_req.comes_from).group(1)
|
@@ -40,7 +40,7 @@ def parse_requirements(directory):
|
|
40
40
|
|
41
41
|
requirement_packages.append({
|
42
42
|
"name": install_req.req.name,
|
43
|
-
"version":
|
43
|
+
"version": version_from_install_req(install_req),
|
44
44
|
"markers": str(install_req.markers) or None,
|
45
45
|
"file": rel_path,
|
46
46
|
"requirement": str(install_req.specifier) or None
|
@@ -55,17 +55,18 @@ def parse_setup(directory):
|
|
55
55
|
# Parse the setup.py
|
56
56
|
setup_packages = []
|
57
57
|
if os.path.isfile(directory + '/setup.py'):
|
58
|
+
def version_from_install_req(install_req):
|
59
|
+
if install_req.is_pinned:
|
60
|
+
return next(iter(install_req.specifier)).version
|
61
|
+
|
58
62
|
def parse_requirement(req, req_type):
|
59
63
|
install_req = install_req_from_line(req)
|
60
64
|
if install_req.original_link:
|
61
65
|
return
|
62
|
-
|
63
|
-
version = next(iter(install_req.specifier)).version
|
64
|
-
else:
|
65
|
-
version = None
|
66
|
+
|
66
67
|
setup_packages.append({
|
67
68
|
"name": install_req.req.name,
|
68
|
-
"version":
|
69
|
+
"version": version_from_install_req(install_req),
|
69
70
|
"markers": str(install_req.markers) or None,
|
70
71
|
"file": "setup.py",
|
71
72
|
"requirement": str(install_req.specifier) or None,
|
@@ -262,7 +262,7 @@ module Dependabot
|
|
262
262
|
def fetch_path_setup_file(path, allow_pyproject: false)
|
263
263
|
path_setup_files = []
|
264
264
|
|
265
|
-
unless path.end_with?(".tar.gz", ".
|
265
|
+
unless path.end_with?(".tar.gz", ".whl", ".zip")
|
266
266
|
path = Pathname.new(File.join(path, "setup.py")).cleanpath.to_path
|
267
267
|
end
|
268
268
|
return [] if path == "setup.py" && setup_file
|
@@ -169,9 +169,9 @@ module Dependabot
|
|
169
169
|
|
170
170
|
raise relevant_error unless error_suggests_bad_python_version?(msg)
|
171
171
|
raise relevant_error if user_specified_python_version
|
172
|
-
raise relevant_error if python_version == "2.7.
|
172
|
+
raise relevant_error if python_version == "2.7.16"
|
173
173
|
|
174
|
-
@python_version = "2.7.
|
174
|
+
@python_version = "2.7.16"
|
175
175
|
retry
|
176
176
|
ensure
|
177
177
|
@python_version = nil
|
@@ -4,7 +4,7 @@ module Dependabot
|
|
4
4
|
module Python
|
5
5
|
module PythonVersions
|
6
6
|
PRE_INSTALLED_PYTHON_VERSIONS = %w(
|
7
|
-
3.6.8 2.7.
|
7
|
+
3.6.8 2.7.16
|
8
8
|
).freeze
|
9
9
|
|
10
10
|
# Due to an OpenSSL issue we can only install the following versions in
|
@@ -13,7 +13,7 @@ module Dependabot
|
|
13
13
|
3.7.2 3.7.1 3.7.0
|
14
14
|
3.6.8 3.6.7 3.6.6 3.6.5 3.6.4 3.6.3 3.6.2 3.6.1 3.6.0
|
15
15
|
3.5.6 3.5.5 3.5.4 3.5.3
|
16
|
-
2.7.15 2.7.14 2.7.13
|
16
|
+
2.7.16 2.7.15 2.7.14 2.7.13
|
17
17
|
).freeze
|
18
18
|
|
19
19
|
# This list gets iterated through to find a valid version, so we have
|
@@ -176,9 +176,9 @@ module Dependabot
|
|
176
176
|
|
177
177
|
raise relevant_error unless error_suggests_bad_python_version?(msg)
|
178
178
|
raise relevant_error if user_specified_python_version
|
179
|
-
raise relevant_error if python_version == "2.7.
|
179
|
+
raise relevant_error if python_version == "2.7.16"
|
180
180
|
|
181
|
-
@python_version = "2.7.
|
181
|
+
@python_version = "2.7.16"
|
182
182
|
retry
|
183
183
|
ensure
|
184
184
|
@python_version = nil
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.98.
|
4
|
+
version: 0.98.16
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.98.
|
19
|
+
version: 0.98.16
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.98.
|
26
|
+
version: 0.98.16
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|