dependabot-python 0.98.33 → 0.98.34

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/python/file_parser.rb +9 -2
  3. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1012922e0a73f6fc48872cd9fd5f2973d61180fe764ded9f15b605a3e165c322
4
- data.tar.gz: 79b87602ff583aca1f221b503471ecb0fda003a66411968fe79003bbb1da3c8f
3
+ metadata.gz: 31a0e686b7d7859ea9325ce183be6ee0c02b416271027d9aabd04dec3f086de8
4
+ data.tar.gz: 78ab7888f881e069769ac8a69bdd7a895fef81dbf0e5fc549d61c14055bb35cc
5
5
  SHA512:
6
- metadata.gz: a4867c67f16b905ec98ebf15ba18d2e82fb1e56e34d5c0afc49a43793b1c1e51f1727d4e80d88cd5011e79647828584eacc5d64074669f6991f2d2cfa7382d70
7
- data.tar.gz: cf6665588001382e4ab71fa298827c79440dbc5cb55244277ebc51f9d6ce78edf888a14c2cf1e4235d2556b47a788bc873ccce6fc80639cf4b2f6496a7453fc6
6
+ metadata.gz: 7d0517df1e458acac2819ad04ccd017e1b19a1dddcdb6276a08de8d707be55339de212531da9c4736c6a506287b1363c70325043684f1dcdc70a19b6bdfc76ad
7
+ data.tar.gz: a8db92998339a322aa24f0d8937b70ceecde125767b24606436c15d1533bbd69505bb2528d042c956ab85f833347ebe8eaa16d8d76ba7b99f9170e31871564b9
data/lib/dependabot/python/file_parser.rb CHANGED
@@ -69,9 +69,10 @@ module Dependabot
69
69
  dependencies = DependencySet.new
70
70
  parsed_requirement_files.each do |dep|
71
71
  # This isn't ideal, but currently the FileUpdater won't update
72
- # deps that appear in a requirements.txt and Pipfile / Pipfile.lock
73
- # and *aren't* a straight lockfile for the Pipfile
72
+ # deps that appear in a requirements.txt and Pipenv / Poetry
73
+ # and *aren't* a straight lockfile for Pipenv / Poetry
74
74
  next if included_in_pipenv_deps?(normalised_name(dep["name"]))
75
+ next if included_in_poetry_deps?(normalised_name(dep["name"]))
75
76
 
76
77
  # If a requirement has a `<`, `<=` or '==' marker then updating it is
77
78
  # probably blocked. Ignore it.
@@ -105,6 +106,12 @@ module Dependabot
105
106
  pipenv_dependencies.dependencies.map(&:name).include?(dep_name)
106
107
  end
107
108
 
109
+ def included_in_poetry_deps?(dep_name)
110
+ return false unless using_poetry?
111
+
112
+ poetry_dependencies.dependencies.map(&:name).include?(dep_name)
113
+ end
114
+
108
115
  def blocking_marker?(dep)
109
116
  return false if dep["markers"].include?(">")
110
117
  return true if dep["markers"].include?("<")
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-python
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.98.33
4
+ version: 0.98.34
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.98.33
19
+ version: 0.98.34
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.98.33
26
+ version: 0.98.34
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement