dependabot-python 0.98.33 → 0.98.34
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/python/file_parser.rb +9 -2
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 31a0e686b7d7859ea9325ce183be6ee0c02b416271027d9aabd04dec3f086de8
|
4
|
+
data.tar.gz: 78ab7888f881e069769ac8a69bdd7a895fef81dbf0e5fc549d61c14055bb35cc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7d0517df1e458acac2819ad04ccd017e1b19a1dddcdb6276a08de8d707be55339de212531da9c4736c6a506287b1363c70325043684f1dcdc70a19b6bdfc76ad
|
7
|
+
data.tar.gz: a8db92998339a322aa24f0d8937b70ceecde125767b24606436c15d1533bbd69505bb2528d042c956ab85f833347ebe8eaa16d8d76ba7b99f9170e31871564b9
|
@@ -69,9 +69,10 @@ module Dependabot
|
|
69
69
|
dependencies = DependencySet.new
|
70
70
|
parsed_requirement_files.each do |dep|
|
71
71
|
# This isn't ideal, but currently the FileUpdater won't update
|
72
|
-
# deps that appear in a requirements.txt and
|
73
|
-
# and *aren't* a straight lockfile for
|
72
|
+
# deps that appear in a requirements.txt and Pipenv / Poetry
|
73
|
+
# and *aren't* a straight lockfile for Pipenv / Poetry
|
74
74
|
next if included_in_pipenv_deps?(normalised_name(dep["name"]))
|
75
|
+
next if included_in_poetry_deps?(normalised_name(dep["name"]))
|
75
76
|
|
76
77
|
# If a requirement has a `<`, `<=` or '==' marker then updating it is
|
77
78
|
# probably blocked. Ignore it.
|
@@ -105,6 +106,12 @@ module Dependabot
|
|
105
106
|
pipenv_dependencies.dependencies.map(&:name).include?(dep_name)
|
106
107
|
end
|
107
108
|
|
109
|
+
def included_in_poetry_deps?(dep_name)
|
110
|
+
return false unless using_poetry?
|
111
|
+
|
112
|
+
poetry_dependencies.dependencies.map(&:name).include?(dep_name)
|
113
|
+
end
|
114
|
+
|
108
115
|
def blocking_marker?(dep)
|
109
116
|
return false if dep["markers"].include?(">")
|
110
117
|
return true if dep["markers"].include?("<")
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-python
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.98.
|
4
|
+
version: 0.98.34
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.98.
|
19
|
+
version: 0.98.34
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.98.
|
26
|
+
version: 0.98.34
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|