dependabot-python 0.98.25 → 0.98.26
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 934137f3ab2d41d222a9e1cefdb665a2569f8211b581e0e63a03bbd40e2cc3d7
|
|
4
|
+
data.tar.gz: 6072356a5ff1737059fa1f431b45bac17d06375f7832cfe4a3491b6302d07882
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c56db43000d52695cddefb024874a46d6ecfa3f5f35d1ed42449e4baecc7139480ee32fb1476a9488c01259ad4e2c8bc9ee24dc3f6f35e42c35a6241232c7fe8
|
|
7
|
+
data.tar.gz: 3ad6b8e5f829f41724e6399b16a93b7f6621915cf9a1c578572bd2dada09c190ee8137869e03c35a7c205e71a063bdb9060fa27bfe5c2c71b19b1ac66bf419a2
|
|
@@ -1,6 +1,5 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
require "toml-rb"
|
|
4
3
|
require "dependabot/python/file_updater"
|
|
5
4
|
|
|
6
5
|
module Dependabot
|
|
@@ -16,19 +15,12 @@ module Dependabot
|
|
|
16
15
|
dependencies.
|
|
17
16
|
select { |dep| requirement_changed?(dep) }.
|
|
18
17
|
reduce(manifest.content.dup) do |content, dep|
|
|
19
|
-
|
|
20
|
-
dep.requirements.find { |r| r[:file] == manifest.name }.
|
|
21
|
-
fetch(:requirement)
|
|
18
|
+
updated_content = content
|
|
22
19
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
updated_content =
|
|
29
|
-
content.gsub(declaration_regex(dep)) do |line|
|
|
30
|
-
line.gsub(old_req, updated_requirement)
|
|
31
|
-
end
|
|
20
|
+
updated_content = update_requirements(
|
|
21
|
+
content: updated_content,
|
|
22
|
+
dependency: dep
|
|
23
|
+
)
|
|
32
24
|
|
|
33
25
|
raise "Content did not change!" if content == updated_content
|
|
34
26
|
|
|
@@ -40,11 +32,67 @@ module Dependabot
|
|
|
40
32
|
|
|
41
33
|
attr_reader :dependencies, :manifest
|
|
42
34
|
|
|
35
|
+
def update_requirements(content:, dependency:)
|
|
36
|
+
updated_content = content.dup
|
|
37
|
+
|
|
38
|
+
# The UpdateChecker ensures the order of requirements is preserved
|
|
39
|
+
# when updating, so we can zip them together in new/old pairs.
|
|
40
|
+
reqs = dependency.requirements.
|
|
41
|
+
zip(dependency.previous_requirements).
|
|
42
|
+
reject { |new_req, old_req| new_req == old_req }
|
|
43
|
+
|
|
44
|
+
# Loop through each changed requirement
|
|
45
|
+
reqs.each do |new_req, old_req|
|
|
46
|
+
raise "Bad req match" unless new_req[:file] == old_req[:file]
|
|
47
|
+
next if new_req[:requirement] == old_req[:requirement]
|
|
48
|
+
next unless new_req[:file] == manifest.name
|
|
49
|
+
|
|
50
|
+
updated_content = update_manifest_req(
|
|
51
|
+
content: updated_content,
|
|
52
|
+
dep: dependency,
|
|
53
|
+
old_req: old_req.fetch(:requirement),
|
|
54
|
+
new_req: new_req.fetch(:requirement)
|
|
55
|
+
)
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
updated_content
|
|
59
|
+
end
|
|
60
|
+
|
|
61
|
+
def update_manifest_req(content:, dep:, old_req:, new_req:)
|
|
62
|
+
simple_declaration = content.scan(declaration_regex(dep)).
|
|
63
|
+
find { |m| m.include?(old_req) }
|
|
64
|
+
|
|
65
|
+
if simple_declaration
|
|
66
|
+
simple_declaration_regex =
|
|
67
|
+
/(?:^|["'])#{Regexp.escape(simple_declaration)}/
|
|
68
|
+
content.gsub(simple_declaration_regex) do |line|
|
|
69
|
+
line.gsub(old_req, new_req)
|
|
70
|
+
end
|
|
71
|
+
elsif content.match?(table_declaration_version_regex(dep))
|
|
72
|
+
content.gsub(table_declaration_version_regex(dep)) do |part|
|
|
73
|
+
line = content.match(table_declaration_version_regex(dep)).
|
|
74
|
+
named_captures.fetch("version_declaration")
|
|
75
|
+
new_line = line.gsub(old_req, new_req)
|
|
76
|
+
part.gsub(line, new_line)
|
|
77
|
+
end
|
|
78
|
+
else
|
|
79
|
+
content
|
|
80
|
+
end
|
|
81
|
+
end
|
|
82
|
+
|
|
43
83
|
def declaration_regex(dep)
|
|
44
84
|
escaped_name = Regexp.escape(dep.name).gsub("\\-", "[-_.]")
|
|
45
85
|
/(?:^|["'])#{escaped_name}["']?\s*=.*$/i
|
|
46
86
|
end
|
|
47
87
|
|
|
88
|
+
def table_declaration_version_regex(dep)
|
|
89
|
+
/
|
|
90
|
+
packages\.#{Regexp.quote(dep.name)}\]
|
|
91
|
+
(?:(?!^\[).)+
|
|
92
|
+
(?<version_declaration>version\s*=[^\[]*)$
|
|
93
|
+
/mx
|
|
94
|
+
end
|
|
95
|
+
|
|
48
96
|
def requirement_changed?(dependency)
|
|
49
97
|
changed_requirements =
|
|
50
98
|
dependency.requirements - dependency.previous_requirements
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.26
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.26
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.26
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|