dependabot-python 0.98.33 → 0.98.34
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/python/file_parser.rb +9 -2
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 31a0e686b7d7859ea9325ce183be6ee0c02b416271027d9aabd04dec3f086de8
|
|
4
|
+
data.tar.gz: 78ab7888f881e069769ac8a69bdd7a895fef81dbf0e5fc549d61c14055bb35cc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 7d0517df1e458acac2819ad04ccd017e1b19a1dddcdb6276a08de8d707be55339de212531da9c4736c6a506287b1363c70325043684f1dcdc70a19b6bdfc76ad
|
|
7
|
+
data.tar.gz: a8db92998339a322aa24f0d8937b70ceecde125767b24606436c15d1533bbd69505bb2528d042c956ab85f833347ebe8eaa16d8d76ba7b99f9170e31871564b9
|
|
@@ -69,9 +69,10 @@ module Dependabot
|
|
|
69
69
|
dependencies = DependencySet.new
|
|
70
70
|
parsed_requirement_files.each do |dep|
|
|
71
71
|
# This isn't ideal, but currently the FileUpdater won't update
|
|
72
|
-
# deps that appear in a requirements.txt and
|
|
73
|
-
# and *aren't* a straight lockfile for
|
|
72
|
+
# deps that appear in a requirements.txt and Pipenv / Poetry
|
|
73
|
+
# and *aren't* a straight lockfile for Pipenv / Poetry
|
|
74
74
|
next if included_in_pipenv_deps?(normalised_name(dep["name"]))
|
|
75
|
+
next if included_in_poetry_deps?(normalised_name(dep["name"]))
|
|
75
76
|
|
|
76
77
|
# If a requirement has a `<`, `<=` or '==' marker then updating it is
|
|
77
78
|
# probably blocked. Ignore it.
|
|
@@ -105,6 +106,12 @@ module Dependabot
|
|
|
105
106
|
pipenv_dependencies.dependencies.map(&:name).include?(dep_name)
|
|
106
107
|
end
|
|
107
108
|
|
|
109
|
+
def included_in_poetry_deps?(dep_name)
|
|
110
|
+
return false unless using_poetry?
|
|
111
|
+
|
|
112
|
+
poetry_dependencies.dependencies.map(&:name).include?(dep_name)
|
|
113
|
+
end
|
|
114
|
+
|
|
108
115
|
def blocking_marker?(dep)
|
|
109
116
|
return false if dep["markers"].include?(">")
|
|
110
117
|
return true if dep["markers"].include?("<")
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-python
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.98.
|
|
4
|
+
version: 0.98.34
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.98.
|
|
19
|
+
version: 0.98.34
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.98.
|
|
26
|
+
version: 0.98.34
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|