dependabot-uv 0.344.1 → 0.346.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/helpers/lib/hasher.py +13 -0
- data/lib/dependabot/uv/file_parser/pyproject_files_parser.rb +2 -2
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bd324866800eaff108d045f243b404590ac6e20e1429cf8731be5bf9bfdee060
|
|
4
|
+
data.tar.gz: 902ae6d7f0042bda65cab499aa8accbecc8280959fd2f478c427fcfaad3056e2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5e4e1bf5db3c269503def24ed8ae3cdbcd59a66965c6122bc7bf321ff3e635893f114a23d96490e7bf62bba78c664774645f3627ba7795f0920dd680bddf2d76
|
|
7
|
+
data.tar.gz: 9cd14b2fab76a7821496d52c7f7ab7a3ca293e0f232e61b54d652df953d536015dd6b7fd1140449e5873511c794d982c7b7ab7fb86816aceebc5187f763c6ec1
|
data/helpers/lib/hasher.py
CHANGED
|
@@ -1,7 +1,9 @@
|
|
|
1
1
|
import hashin
|
|
2
2
|
import json
|
|
3
3
|
import plette
|
|
4
|
+
import ssl
|
|
4
5
|
import traceback
|
|
6
|
+
from urllib.error import URLError
|
|
5
7
|
from poetry.factory import Factory
|
|
6
8
|
|
|
7
9
|
|
|
@@ -21,6 +23,17 @@ def get_dependency_hash(dependency_name, dependency_version, algorithm,
|
|
|
21
23
|
"error_class:": e.__class__.__name__,
|
|
22
24
|
"trace:": ''.join(traceback.format_stack())
|
|
23
25
|
})
|
|
26
|
+
except (URLError, ssl.SSLError) as e:
|
|
27
|
+
# Handle SSL certificate verification errors
|
|
28
|
+
error_msg = str(e)
|
|
29
|
+
if "CERTIFICATE_VERIFY_FAILED" in error_msg:
|
|
30
|
+
return json.dumps({
|
|
31
|
+
"error": "CERTIFICATE_VERIFY_FAILED: " + error_msg,
|
|
32
|
+
"error_class:": e.__class__.__name__,
|
|
33
|
+
"trace:": ''.join(traceback.format_stack())
|
|
34
|
+
})
|
|
35
|
+
# Re-raise if it's not a certificate verification error
|
|
36
|
+
raise
|
|
24
37
|
|
|
25
38
|
|
|
26
39
|
def get_pipfile_hash(directory):
|
|
@@ -84,10 +84,10 @@ module Dependabot
|
|
|
84
84
|
parse_pep621_pep735_dependencies.each do |dep|
|
|
85
85
|
# If a requirement has a `<` or `<=` marker then updating it is
|
|
86
86
|
# probably blocked. Ignore it.
|
|
87
|
-
next if dep["markers"]
|
|
87
|
+
next if dep["markers"]&.include?("<")
|
|
88
88
|
|
|
89
89
|
# In uv no constraint means any version is acceptable
|
|
90
|
-
requirement_value = dep["requirement"].empty? ? "*" : dep["requirement"]
|
|
90
|
+
requirement_value = dep["requirement"] && dep["requirement"].empty? ? "*" : dep["requirement"]
|
|
91
91
|
|
|
92
92
|
dependencies <<
|
|
93
93
|
Dependency.new(
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-uv
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.346.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.346.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.346.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -284,7 +284,7 @@ licenses:
|
|
|
284
284
|
- MIT
|
|
285
285
|
metadata:
|
|
286
286
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
287
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
287
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.346.0
|
|
288
288
|
rdoc_options: []
|
|
289
289
|
require_paths:
|
|
290
290
|
- lib
|