dependabot-python 0.98.24 → 0.98.25
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1aaab07a4e5df91bccc505b908fc7f37702b8edbb79737e541b757e6e34f1bc7
|
|
4
|
+
data.tar.gz: 990d6385f400beb22a15d24d9e61831422d0eb13d801aa2f3425c6d87b933c30
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3cd9b354906ec58fd77380a1bb5f6ffb450aa01eab2c38396e7708ba23174e0696350fab6c5633a932981aa0d190789746a63c4337866d5272979e174ba47562
|
|
7
|
+
data.tar.gz: 065ce3c0dd5afa5f01df0af0e15d6c187a89e0fa491c48bb783fe3d519736527f07e1c942d77bbe1959a3d6283edb3a935c14ead1d964f7acab6d9ad254e7bc1
|
|
@@ -6,12 +6,14 @@ require "dependabot/python/requirement_parser"
|
|
|
6
6
|
require "dependabot/python/file_updater"
|
|
7
7
|
require "dependabot/shared_helpers"
|
|
8
8
|
require "dependabot/python/native_helpers"
|
|
9
|
+
|
|
9
10
|
module Dependabot
|
|
10
11
|
module Python
|
|
11
12
|
class FileUpdater
|
|
12
13
|
# rubocop:disable Metrics/ClassLength
|
|
13
14
|
class PipfileFileUpdater
|
|
14
15
|
require_relative "pipfile_preparer"
|
|
16
|
+
require_relative "pipfile_manifest_updater"
|
|
15
17
|
require_relative "setup_file_sanitizer"
|
|
16
18
|
|
|
17
19
|
attr_reader :dependencies, :dependency_files, :credentials
|
|
@@ -39,7 +41,7 @@ module Dependabot
|
|
|
39
41
|
def fetch_updated_dependency_files
|
|
40
42
|
updated_files = []
|
|
41
43
|
|
|
42
|
-
if
|
|
44
|
+
if pipfile.content != updated_pipfile_content
|
|
43
45
|
updated_files <<
|
|
44
46
|
updated_file(file: pipfile, content: updated_pipfile_content)
|
|
45
47
|
end
|
|
@@ -58,27 +60,11 @@ module Dependabot
|
|
|
58
60
|
end
|
|
59
61
|
|
|
60
62
|
def updated_pipfile_content
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
fetch(:requirement)
|
|
67
|
-
|
|
68
|
-
old_req =
|
|
69
|
-
dep.previous_requirements.
|
|
70
|
-
find { |r| r[:file] == pipfile.name }.
|
|
71
|
-
fetch(:requirement)
|
|
72
|
-
|
|
73
|
-
updated_content =
|
|
74
|
-
content.gsub(declaration_regex(dep)) do |line|
|
|
75
|
-
line.gsub(old_req, updated_requirement)
|
|
76
|
-
end
|
|
77
|
-
|
|
78
|
-
raise "Content did not change!" if content == updated_content
|
|
79
|
-
|
|
80
|
-
updated_content
|
|
81
|
-
end
|
|
63
|
+
@updated_pipfile_content ||=
|
|
64
|
+
PipfileManifestUpdater.new(
|
|
65
|
+
dependencies: dependencies,
|
|
66
|
+
manifest: pipfile
|
|
67
|
+
).updated_manifest_content
|
|
82
68
|
end
|
|
83
69
|
|
|
84
70
|
def updated_lockfile_content
|
|
@@ -430,22 +416,6 @@ module Dependabot
|
|
|
430
416
|
end
|
|
431
417
|
end
|
|
432
418
|
|
|
433
|
-
def declaration_regex(dep)
|
|
434
|
-
escaped_name = Regexp.escape(dep.name).gsub("\\-", "[-_.]")
|
|
435
|
-
/(?:^|["'])#{escaped_name}["']?\s*=.*$/i
|
|
436
|
-
end
|
|
437
|
-
|
|
438
|
-
def file_changed?(file)
|
|
439
|
-
dependencies.any? { |dep| requirement_changed?(file, dep) }
|
|
440
|
-
end
|
|
441
|
-
|
|
442
|
-
def requirement_changed?(file, dependency)
|
|
443
|
-
changed_requirements =
|
|
444
|
-
dependency.requirements - dependency.previous_requirements
|
|
445
|
-
|
|
446
|
-
changed_requirements.any? { |f| f[:file] == file.name }
|
|
447
|
-
end
|
|
448
|
-
|
|
449
419
|
def updated_file(file:, content:)
|
|
450
420
|
updated_file = file.dup
|
|
451
421
|
updated_file.content = content
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require "toml-rb"
|
|
4
|
+
require "dependabot/python/file_updater"
|
|
5
|
+
|
|
6
|
+
module Dependabot
|
|
7
|
+
module Python
|
|
8
|
+
class FileUpdater
|
|
9
|
+
class PipfileManifestUpdater
|
|
10
|
+
def initialize(dependencies:, manifest:)
|
|
11
|
+
@dependencies = dependencies
|
|
12
|
+
@manifest = manifest
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
def updated_manifest_content
|
|
16
|
+
dependencies.
|
|
17
|
+
select { |dep| requirement_changed?(dep) }.
|
|
18
|
+
reduce(manifest.content.dup) do |content, dep|
|
|
19
|
+
updated_requirement =
|
|
20
|
+
dep.requirements.find { |r| r[:file] == manifest.name }.
|
|
21
|
+
fetch(:requirement)
|
|
22
|
+
|
|
23
|
+
old_req =
|
|
24
|
+
dep.previous_requirements.
|
|
25
|
+
find { |r| r[:file] == manifest.name }.
|
|
26
|
+
fetch(:requirement)
|
|
27
|
+
|
|
28
|
+
updated_content =
|
|
29
|
+
content.gsub(declaration_regex(dep)) do |line|
|
|
30
|
+
line.gsub(old_req, updated_requirement)
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
raise "Content did not change!" if content == updated_content
|
|
34
|
+
|
|
35
|
+
updated_content
|
|
36
|
+
end
|
|
37
|
+
end
|
|
38
|
+
|
|
39
|
+
private
|
|
40
|
+
|
|
41
|
+
attr_reader :dependencies, :manifest
|
|
42
|
+
|
|
43
|
+
def declaration_regex(dep)
|
|
44
|
+
escaped_name = Regexp.escape(dep.name).gsub("\\-", "[-_.]")
|
|
45
|
+
/(?:^|["'])#{escaped_name}["']?\s*=.*$/i
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def requirement_changed?(dependency)
|
|
49
|
+
changed_requirements =
|
|
50
|
+
dependency.requirements - dependency.previous_requirements
|
|
51
|
+
|
|
52
|
+
changed_requirements.any? { |f| f[:file] == manifest.name }
|
|
53
|
+
end
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
end
|
|
57
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.25
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.25
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.25
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -158,6 +158,7 @@ files:
|
|
|
158
158
|
- lib/dependabot/python/file_updater.rb
|
|
159
159
|
- lib/dependabot/python/file_updater/pip_compile_file_updater.rb
|
|
160
160
|
- lib/dependabot/python/file_updater/pipfile_file_updater.rb
|
|
161
|
+
- lib/dependabot/python/file_updater/pipfile_manifest_updater.rb
|
|
161
162
|
- lib/dependabot/python/file_updater/pipfile_preparer.rb
|
|
162
163
|
- lib/dependabot/python/file_updater/poetry_file_updater.rb
|
|
163
164
|
- lib/dependabot/python/file_updater/pyproject_preparer.rb
|