dependabot-python 0.98.23 → 0.98.24

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/file_parser/poetry_files_parser.rb +5 -5
  3. data/lib/dependabot/python/update_checker/poetry_version_resolver.rb +1 -1
  4. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 8805c0ecee5b2ed3941876e30240e13e22181ec4112f0ad53fc072526db5ef8c
4
- data.tar.gz: 9b8989f54a0fe59e51ee7b62dcddf424fca46b5e35b68fb64605987a132a1f59
3
+ metadata.gz: 00bf7e7eced86d3d9da04d2e30bcbb92f0525364864d3629c595c4e5cd56af8c
4
+ data.tar.gz: 0d47ebf51e6ace9e70d129854fc5675e1df23b635374b99449eb4f9238409d6e
5
5
  SHA512:
6
- metadata.gz: c21b58563595648797ef7bed1b423d2fad876b27eb9f6cad456045e3889ceea7f7172146631c95b25f84bfd50da6ae9f631f08b6f840f32e6d49be5ad890dce1
7
- data.tar.gz: a47ea9519eab05a090953eaa9725110b8267926b22c2c57ba8d6cd690a36fff84c2b420d1ce1a6a127b5870519246190039c4e3503df26dc53723d2ea0104237
6
+ metadata.gz: bc2d0b454b81d1068e18cfa9602a915a883924605d6931475eac9c1eda66d9671b1bf0cc1aa9f1a739a5965f4ba87565926a89657fd8294ff88fca70fb5324ee
7
+ data.tar.gz: a8af71c1908e76f26e6b5cd550810557398f2982058734ef6a23c19f527086d49b6413ee9bb9841e6e113fadf000ef2b11abfe7a3c721486cf489c51ef752ee3
data/lib/dependabot/python/file_parser/poetry_files_parser.rb CHANGED
@@ -37,12 +37,12 @@ module Dependabot
37
37
  deps_hash = parsed_pyproject.dig("tool", "poetry", type) || {}
38
38
 
39
39
  deps_hash.each do |name, req|
40
- next if normalised_name(name) == "python"
40
+ next if normalise(name) == "python"
41
41
  next if req.is_a?(Hash) && req.key?("git")
42
42
 
43
43
  dependencies <<
44
44
  Dependency.new(
45
- name: normalised_name(name),
45
+ name: normalise(name),
46
46
  version: version_from_lockfile(name),
47
47
  requirements: [{
48
48
  requirement: req.is_a?(String) ? req : req["version"],
@@ -69,7 +69,7 @@ module Dependabot
69
69
 
70
70
  dependencies <<
71
71
  Dependency.new(
72
- name: details.fetch("name"),
72
+ name: normalise(details.fetch("name")),
73
73
  version: details.fetch("version"),
74
74
  requirements: [],
75
75
  package_manager: "pip"
@@ -83,12 +83,12 @@ module Dependabot
83
83
  return unless parsed_lockfile
84
84
 
85
85
  parsed_lockfile.fetch("package", []).
86
- find { |p| p.fetch("name") == normalised_name(dep_name) }&.
86
+ find { |p| normalise(p.fetch("name")) == normalise(dep_name) }&.
87
87
  fetch("verison", nil)
88
88
  end
89
89
 
90
90
  # See https://www.python.org/dev/peps/pep-0503/#normalized-names
91
- def normalised_name(name)
91
+ def normalise(name)
92
92
  name.downcase.gsub(/[-_.]+/, "-")
93
93
  end
94
94
 
data/lib/dependabot/python/update_checker/poetry_version_resolver.rb CHANGED
@@ -84,7 +84,7 @@ module Dependabot
84
84
  def fetch_version_from_parsed_lockfile(updated_lockfile)
85
85
  version =
86
86
  updated_lockfile.fetch("package", []).
87
- find { |d| d["name"] == dependency.name }&.
87
+ find { |d| d["name"] && normalise(d["name"]) == dependency.name }&.
88
88
  fetch("version")
89
89
 
90
90
  return version unless version.nil? && dependency.top_level?
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.98.23
4
+ version: 0.98.24
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.98.23
19
+ version: 0.98.24
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.98.23
26
+ version: 0.98.24
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement