dependabot-uv 0.324.0 → 0.324.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/lib/parser.py +22 -0
- data/lib/dependabot/uv/file_fetcher.rb +19 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f5dcecc8cda1a971e30f9c77b0390147d531ef3dd21c447c70caf265ac9e1467
|
|
4
|
+
data.tar.gz: 7e69d3bf55fb153155d9bc5418a97e467ac019c58d34a678751ee3ed98c52e7b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2061f0460abf4edb6af49785d5726213608fae84317f9b8d27e3db9a0584b5812e69db0a06febbb11e3a49a6b88e9ff44d2d06266a323c9e55e61c3c4b1bc4df
|
|
7
|
+
data.tar.gz: ae31c936c367b29741d6ec04a3aa8ac400d51d56761eeb55d069f7e7463ee7f0c8d45ae74b7993a782cb8c6580ee745bc54eb910c1c5ee186017fd9fe1859bda
|
data/helpers/lib/parser.py
CHANGED
|
@@ -132,6 +132,28 @@ def parse_pep621_pep735_dependencies(pyproject_path):
|
|
|
132
132
|
)
|
|
133
133
|
dependencies.extend(build_system_dependencies)
|
|
134
134
|
|
|
135
|
+
# Parse UV sources for path dependencies
|
|
136
|
+
if (
|
|
137
|
+
'tool' in project_toml
|
|
138
|
+
and 'uv' in project_toml['tool']
|
|
139
|
+
and 'sources' in project_toml['tool']['uv']
|
|
140
|
+
):
|
|
141
|
+
uv_sources = project_toml['tool']['uv']['sources']
|
|
142
|
+
for dep_name, source_config in uv_sources.items():
|
|
143
|
+
if isinstance(source_config, dict) and 'path' in source_config:
|
|
144
|
+
# Add path dependency info
|
|
145
|
+
# but don't parse as regular dependency
|
|
146
|
+
dependencies.append({
|
|
147
|
+
"name": dep_name,
|
|
148
|
+
"version": None,
|
|
149
|
+
"markers": None,
|
|
150
|
+
"file": pyproject_path,
|
|
151
|
+
"requirement": None,
|
|
152
|
+
"extras": [],
|
|
153
|
+
"path_dependency": True,
|
|
154
|
+
"path": source_config['path']
|
|
155
|
+
})
|
|
156
|
+
|
|
135
157
|
return json.dumps({"result": dependencies})
|
|
136
158
|
|
|
137
159
|
|
|
@@ -277,7 +277,8 @@ module Dependabot
|
|
|
277
277
|
def path_dependencies
|
|
278
278
|
[
|
|
279
279
|
*requirement_txt_path_dependencies,
|
|
280
|
-
*requirement_in_path_dependencies
|
|
280
|
+
*requirement_in_path_dependencies,
|
|
281
|
+
*uv_sources_path_dependencies
|
|
281
282
|
]
|
|
282
283
|
end
|
|
283
284
|
|
|
@@ -322,6 +323,23 @@ module Dependabot
|
|
|
322
323
|
@requirements_in_file_matcher ||= RequiremenstFileMatcher.new(requirements_in_files)
|
|
323
324
|
end
|
|
324
325
|
|
|
326
|
+
def uv_sources_path_dependencies
|
|
327
|
+
return [] unless pyproject
|
|
328
|
+
|
|
329
|
+
uv_sources = parsed_pyproject.dig("tool", "uv", "sources")
|
|
330
|
+
return [] unless uv_sources
|
|
331
|
+
|
|
332
|
+
uv_sources.filter_map do |name, source_config|
|
|
333
|
+
if source_config.is_a?(Hash) && source_config["path"]
|
|
334
|
+
{
|
|
335
|
+
name: name,
|
|
336
|
+
path: source_config["path"],
|
|
337
|
+
file: pyproject.name
|
|
338
|
+
}
|
|
339
|
+
end
|
|
340
|
+
end
|
|
341
|
+
end
|
|
342
|
+
|
|
325
343
|
def fetch_requirement_files_from_path(path = nil)
|
|
326
344
|
contents = path ? repo_contents(dir: path) : repo_contents
|
|
327
345
|
filter_requirement_files(contents, base_path: path)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-uv
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.324.
|
|
4
|
+
version: 0.324.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.324.
|
|
18
|
+
version: 0.324.1
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.324.
|
|
25
|
+
version: 0.324.1
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -284,7 +284,7 @@ licenses:
|
|
|
284
284
|
- MIT
|
|
285
285
|
metadata:
|
|
286
286
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
287
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.324.
|
|
287
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.324.1
|
|
288
288
|
rdoc_options: []
|
|
289
289
|
require_paths:
|
|
290
290
|
- lib
|