dependabot-uv 0.303.0 → 0.304.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/uv/update_checker.rb +8 -3
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2d5f1b9161659351245ebbc999b0177dd255c65cd0ddd6a8e19d32a5048d05b4
|
|
4
|
+
data.tar.gz: 0e4f06ff9eb01cb5bdeb3a555e6b80ee4bf4ecef6bd4ca3e981f406010bf72e9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ad716da9490bc8f2e5f63b425371fd625d8d83d8dca27f88f5b1f93ea1972686a9c155c2e05b17285e94e5f31a4d7880a9415d788cb51385caa0c47dca7075c7
|
|
7
|
+
data.tar.gz: e7cf3bb299efb98aede5a905dc4255027a4d53e1a0241f892117a648abc8c4bef86624739e6648a568310906e4813d43e9b48aad787c2f8245d3fc2cf96dd184
|
|
@@ -127,9 +127,9 @@ module Dependabot
|
|
|
127
127
|
def resolver_type
|
|
128
128
|
reqs = requirements
|
|
129
129
|
|
|
130
|
-
# If there are no requirements then this is a sub-dependency.
|
|
131
|
-
# must come from one of Pipenv, Poetry or pip-tools,
|
|
132
|
-
# from the first two unless they have a lockfile.
|
|
130
|
+
# If there are no requirements then this is a sub-dependency.
|
|
131
|
+
# It must come from one of Pipenv, Poetry or pip-tools,
|
|
132
|
+
# and can't come from the first two unless they have a lockfile.
|
|
133
133
|
return subdependency_resolver if reqs.none?
|
|
134
134
|
|
|
135
135
|
# Otherwise, this is a top-level dependency, and we can figure out
|
|
@@ -147,6 +147,7 @@ module Dependabot
|
|
|
147
147
|
|
|
148
148
|
def subdependency_resolver
|
|
149
149
|
return :pip_compile if pip_compile_files.any?
|
|
150
|
+
return :lock_file if uv_lock.any?
|
|
150
151
|
|
|
151
152
|
raise "Claimed to be a sub-dependency, but no lockfile exists!"
|
|
152
153
|
end
|
|
@@ -323,6 +324,10 @@ module Dependabot
|
|
|
323
324
|
def pip_compile_files
|
|
324
325
|
dependency_files.select { |f| f.name.end_with?(".in") }
|
|
325
326
|
end
|
|
327
|
+
|
|
328
|
+
def uv_lock
|
|
329
|
+
dependency_files.select { |f| f.name == "uv.lock" }
|
|
330
|
+
end
|
|
326
331
|
end
|
|
327
332
|
end
|
|
328
333
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-uv
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.304.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-03
|
|
11
|
+
date: 2025-04-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.304.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.304.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -285,7 +285,7 @@ licenses:
|
|
|
285
285
|
- MIT
|
|
286
286
|
metadata:
|
|
287
287
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
288
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
288
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.304.0
|
|
289
289
|
post_install_message:
|
|
290
290
|
rdoc_options: []
|
|
291
291
|
require_paths:
|