dependabot-python 0.98.31 → 0.98.32

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/file_updater/pipfile_preparer.rb +2 -0
  3. data/lib/dependabot/python/file_updater/pyproject_preparer.rb +2 -0
  4. data/lib/dependabot/python/metadata_finder.rb +2 -0
  5. data/lib/dependabot/python/update_checker/latest_version_finder.rb +2 -0
  6. data/lib/dependabot/python/update_checker/pipfile_version_resolver.rb +2 -22
  7. data/lib/dependabot/python/update_checker/poetry_version_resolver.rb +2 -0
  8. metadata +4 -4
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 55f2df02a86fe3a817276864b695d703405ef351bb4bd0603d5f312ce77dfd33
4
- data.tar.gz: c777600045af9242c35cbe00362b55fb564cb118d0eb67f6cb2ba38542a9f607
3
+ metadata.gz: 57ad32ac040184b8acacabaead63e2e477fad8692627037488964aedc4df6091
4
+ data.tar.gz: 4d940ffdff07e26f8910675777e8047e045d70c75663d69ac71231dc863a390d
5
5
  SHA512:
6
- metadata.gz: 73358ae18269988f15538f36f63816742768dacb98a134ad1cc43639aa805596144f9c5d493a97f40416bf3aa13c67dad618cf7528e59e13f158dd3e313f9280
7
- data.tar.gz: dc1e97ab3f7427cadc635953124e15ba7cb9115ad68986855163c64ddcb67aec22f66e9a2f7d5bc7eb398e7e753198fdfa4e32d4cccad4b1b48ea9de0fbc6b91
6
+ metadata.gz: 204c3fd077c46b617c2a81390f771452a8acdc3aa7cbb137bb69584a517cb7c9efe70a0eaf49bb612bf6036cbca0fb093ee00e0832943b54eb44c89b68164673
7
+ data.tar.gz: d9851b78fe7c2b639237c3378c1437bb0a4deb461c7291d1f4b4a0ec1a1f2c6570d3c300dc5c2e6432736e017b6ba9815ee93e79ef21f384b96b91d24d857852
data/lib/dependabot/python/file_updater/pipfile_preparer.rb CHANGED
@@ -113,6 +113,8 @@ module Dependabot
113
113
  map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
114
114
  end
115
115
 
116
+ # Has test that it works without username / password.
117
+ # TODO: Test with proxy
116
118
  def config_variable_sources(credentials)
117
119
  @config_variable_sources ||=
118
120
  credentials.
data/lib/dependabot/python/file_updater/pyproject_preparer.rb CHANGED
@@ -93,6 +93,8 @@ module Dependabot
93
93
  map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") }
94
94
  end
95
95
 
96
+ # Has test that it works without username / password.
97
+ # TODO: Test with proxy
96
98
  def config_variable_sources(credentials)
97
99
  @config_variable_sources ||=
98
100
  credentials.
data/lib/dependabot/python/metadata_finder.rb CHANGED
@@ -146,6 +146,8 @@ module Dependabot
146
146
  @pypi_listing = {} # No listing found
147
147
  end
148
148
 
149
+ # Has test that it works without username / password.
150
+ # TODO: Test with proxy
149
151
  def possible_listing_urls
150
152
  credential_urls =
151
153
  credentials.
data/lib/dependabot/python/update_checker/latest_version_finder.rb CHANGED
@@ -190,6 +190,8 @@ module Dependabot
190
190
  urls
191
191
  end
192
192
 
193
+ # Has test that it works without username / password.
194
+ # TODO: Test with proxy
193
195
  def config_variable_index_urls
194
196
  urls = { main: nil, extra: [] }
195
197
 
data/lib/dependabot/python/update_checker/pipfile_version_resolver.rb CHANGED
@@ -421,10 +421,6 @@ module Dependabot
421
421
  end
422
422
 
423
423
  def check_private_sources_are_reachable
424
- env_sources = pipfile_sources.select { |h| h["url"].include?("${") }
425
-
426
- check_env_sources_included_in_config_variables(env_sources)
427
-
428
424
  sources_to_check =
429
425
  pipfile_sources.reject { |h| h["url"].include?("${") } +
430
426
  config_variable_sources
@@ -534,24 +530,8 @@ module Dependabot
534
530
  error_message.include?('Command "python setup.py egg_info" failed')
535
531
  end
536
532
 
537
- def check_env_sources_included_in_config_variables(env_sources)
538
- config_variable_source_urls =
539
- config_variable_sources.map { |s| s["url"] }
540
-
541
- env_sources.each do |source|
542
- url = source["url"]
543
- known_parts = url.split(/\$\{.*?\}/).reject(&:empty?).compact
544
-
545
- # If the whole URL is an environment variable we can't do a check
546
- next if known_parts.none?
547
-
548
- regex = known_parts.map { |p| Regexp.quote(p) }.join(".*?")
549
- next if config_variable_source_urls.any? { |s| s.match?(regex) }
550
-
551
- raise PrivateSourceAuthenticationFailure, url
552
- end
553
- end
554
-
533
+ # Has test that it works without username / password.
534
+ # TODO: Test with proxy
555
535
  def config_variable_sources
556
536
  @config_variable_sources ||=
557
537
  credentials.
data/lib/dependabot/python/update_checker/poetry_version_resolver.rb CHANGED
@@ -337,6 +337,8 @@ module Dependabot
337
337
  name.downcase.gsub(/[-_.]+/, "-")
338
338
  end
339
339
 
340
+ # Has test that it works without username / password.
341
+ # TODO: Test with proxy
340
342
  def config_variable_sources
341
343
  @config_variable_sources ||=
342
344
  credentials.
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.98.31
4
+ version: 0.98.32
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2019-03-22 00:00:00.000000000 Z
11
+ date: 2019-03-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.98.31
19
+ version: 0.98.32
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.98.31
26
+ version: 0.98.32
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement