dependabot-python 0.98.30 → 0.98.31
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/python/authed_url_builder.rb +23 -0
- data/lib/dependabot/python/file_updater/pipfile_preparer.rb +2 -1
- data/lib/dependabot/python/file_updater/pyproject_preparer.rb +2 -1
- data/lib/dependabot/python/metadata_finder.rb +3 -2
- data/lib/dependabot/python/update_checker/latest_version_finder.rb +7 -5
- data/lib/dependabot/python/update_checker/pipfile_version_resolver.rb +5 -1
- data/lib/dependabot/python/update_checker/poetry_version_resolver.rb +5 -1
- metadata +4 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 55f2df02a86fe3a817276864b695d703405ef351bb4bd0603d5f312ce77dfd33
|
4
|
+
data.tar.gz: c777600045af9242c35cbe00362b55fb564cb118d0eb67f6cb2ba38542a9f607
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 73358ae18269988f15538f36f63816742768dacb98a134ad1cc43639aa805596144f9c5d493a97f40416bf3aa13c67dad618cf7528e59e13f158dd3e313f9280
|
7
|
+
data.tar.gz: dc1e97ab3f7427cadc635953124e15ba7cb9115ad68986855163c64ddcb67aec22f66e9a2f7d5bc7eb398e7e753198fdfa4e32d4cccad4b1b48ea9de0fbc6b91
|
@@ -0,0 +1,23 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Dependabot
|
4
|
+
module Python
|
5
|
+
class AuthedUrlBuilder
|
6
|
+
def self.authed_url(credential:)
|
7
|
+
token = credential.fetch("token", nil)
|
8
|
+
url = credential.fetch("index-url")
|
9
|
+
return url unless token
|
10
|
+
|
11
|
+
basic_auth_details =
|
12
|
+
if token.ascii_only? && token.include?(":") then token
|
13
|
+
elsif Base64.decode64(token).ascii_only? &&
|
14
|
+
Base64.decode64(token).include?(":")
|
15
|
+
Base64.decode64(token)
|
16
|
+
else token
|
17
|
+
end
|
18
|
+
|
19
|
+
url.sub("://", "://#{basic_auth_details}@")
|
20
|
+
end
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
@@ -4,6 +4,7 @@ require "toml-rb"
|
|
4
4
|
|
5
5
|
require "dependabot/python/file_parser"
|
6
6
|
require "dependabot/python/file_updater"
|
7
|
+
require "dependabot/python/authed_url_builder"
|
7
8
|
|
8
9
|
module Dependabot
|
9
10
|
module Python
|
@@ -116,7 +117,7 @@ module Dependabot
|
|
116
117
|
@config_variable_sources ||=
|
117
118
|
credentials.
|
118
119
|
select { |cred| cred["type"] == "python_index" }.
|
119
|
-
map { |
|
120
|
+
map { |c| { "url" => AuthedUrlBuilder.authed_url(credential: c) } }
|
120
121
|
end
|
121
122
|
end
|
122
123
|
end
|
@@ -4,6 +4,7 @@ require "toml-rb"
|
|
4
4
|
|
5
5
|
require "dependabot/python/file_parser"
|
6
6
|
require "dependabot/python/file_updater"
|
7
|
+
require "dependabot/python/authed_url_builder"
|
7
8
|
|
8
9
|
module Dependabot
|
9
10
|
module Python
|
@@ -96,7 +97,7 @@ module Dependabot
|
|
96
97
|
@config_variable_sources ||=
|
97
98
|
credentials.
|
98
99
|
select { |cred| cred["type"] == "python_index" }.
|
99
|
-
map { |
|
100
|
+
map { |c| { "url" => AuthedUrlBuilder.authed_url(credential: c) } }
|
100
101
|
end
|
101
102
|
|
102
103
|
def parsed_lockfile
|
@@ -4,6 +4,7 @@ require "excon"
|
|
4
4
|
require "dependabot/metadata_finders"
|
5
5
|
require "dependabot/metadata_finders/base"
|
6
6
|
require "dependabot/shared_helpers"
|
7
|
+
require "dependabot/python/authed_url_builder"
|
7
8
|
|
8
9
|
module Dependabot
|
9
10
|
module Python
|
@@ -149,10 +150,10 @@ module Dependabot
|
|
149
150
|
credential_urls =
|
150
151
|
credentials.
|
151
152
|
select { |cred| cred["type"] == "python_index" }.
|
152
|
-
map { |
|
153
|
+
map { |c| AuthedUrlBuilder.authed_url(credential: c) }
|
153
154
|
|
154
155
|
(credential_urls + [MAIN_PYPI_URL]).map do |base_url|
|
155
|
-
base_url + "/#{dependency.name}/json"
|
156
|
+
base_url.gsub(%r{/$}, "") + "/#{dependency.name}/json"
|
156
157
|
end
|
157
158
|
end
|
158
159
|
end
|
@@ -4,6 +4,7 @@ require "excon"
|
|
4
4
|
|
5
5
|
require "dependabot/python/update_checker"
|
6
6
|
require "dependabot/shared_helpers"
|
7
|
+
require "dependabot/python/authed_url_builder"
|
7
8
|
|
8
9
|
module Dependabot
|
9
10
|
module Python
|
@@ -194,14 +195,15 @@ module Dependabot
|
|
194
195
|
|
195
196
|
index_url_creds = credentials.
|
196
197
|
select { |cred| cred["type"] == "python_index" }
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
198
|
+
|
199
|
+
if (main_cred = index_url_creds.find { |cred| cred["replaces-base"] })
|
200
|
+
urls[:main] = AuthedUrlBuilder.authed_url(credential: main_cred)
|
201
|
+
end
|
202
|
+
|
201
203
|
urls[:extra] =
|
202
204
|
index_url_creds.
|
203
205
|
reject { |cred| cred["replaces-base"] }.
|
204
|
-
map { |cred| cred
|
206
|
+
map { |cred| AuthedUrlBuilder.authed_url(credential: cred) }
|
205
207
|
|
206
208
|
urls
|
207
209
|
end
|
@@ -12,6 +12,7 @@ require "dependabot/python/update_checker"
|
|
12
12
|
require "dependabot/python/python_versions"
|
13
13
|
require "dependabot/python/native_helpers"
|
14
14
|
require "dependabot/python/version"
|
15
|
+
require "dependabot/python/authed_url_builder"
|
15
16
|
|
16
17
|
# rubocop:disable Metrics/ClassLength
|
17
18
|
module Dependabot
|
@@ -555,7 +556,10 @@ module Dependabot
|
|
555
556
|
@config_variable_sources ||=
|
556
557
|
credentials.
|
557
558
|
select { |cred| cred["type"] == "python_index" }.
|
558
|
-
map
|
559
|
+
map do |h|
|
560
|
+
url = AuthedUrlBuilder.authed_url(credential: h)
|
561
|
+
{ "url" => url.gsub(%r{/*$}, "") + "/" }
|
562
|
+
end
|
559
563
|
end
|
560
564
|
|
561
565
|
def pipfile_sources
|
@@ -12,6 +12,7 @@ require "dependabot/python/version"
|
|
12
12
|
require "dependabot/python/requirement"
|
13
13
|
require "dependabot/python/native_helpers"
|
14
14
|
require "dependabot/python/python_versions"
|
15
|
+
require "dependabot/python/authed_url_builder"
|
15
16
|
|
16
17
|
# rubocop:disable Metrics/ClassLength
|
17
18
|
module Dependabot
|
@@ -340,7 +341,10 @@ module Dependabot
|
|
340
341
|
@config_variable_sources ||=
|
341
342
|
credentials.
|
342
343
|
select { |cred| cred["type"] == "python_index" }.
|
343
|
-
map
|
344
|
+
map do |h|
|
345
|
+
url = AuthedUrlBuilder.authed_url(credential: h)
|
346
|
+
{ "url" => url.gsub(%r{/*$}, "") + "/" }
|
347
|
+
end
|
344
348
|
end
|
345
349
|
|
346
350
|
def pyproject_sources
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.98.
|
4
|
+
version: 0.98.31
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.98.
|
19
|
+
version: 0.98.31
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.98.
|
26
|
+
version: 0.98.31
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -150,6 +150,7 @@ files:
|
|
150
150
|
- helpers/requirements.txt
|
151
151
|
- helpers/run.py
|
152
152
|
- lib/dependabot/python.rb
|
153
|
+
- lib/dependabot/python/authed_url_builder.rb
|
153
154
|
- lib/dependabot/python/file_fetcher.rb
|
154
155
|
- lib/dependabot/python/file_parser.rb
|
155
156
|
- lib/dependabot/python/file_parser/pipfile_files_parser.rb
|