dependabot-uv 0.366.0 → 0.367.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 00d7a1251bbd40a2dd5f3d8722884151356bb7410e2171cacc8c962798241b2c
|
|
4
|
+
data.tar.gz: 413a45f364671f58c8988af786dafcf8e8e635eb8e61d510547fe6f0652e500d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 33c2808a0d88713ffb0b5cc5c9e49c18fbef881d7a4876e5cb01be62bf39d24957f1fc91029502428029725d811a37a180e0e700cabc6d48047f527c1e030d0d
|
|
7
|
+
data.tar.gz: 0bd0aaff8e4528123d63b50fc65e7a32e0adf2a4f62cd6478953a0bcceec6f033b40d1935ff703c48a753fedd533261604de50ee3cfcf29035c443e05769fc0f
|
|
@@ -32,12 +32,10 @@ module Dependabot
|
|
|
32
32
|
|
|
33
33
|
sig { override.returns(Dependabot::DependencyFile) }
|
|
34
34
|
def relevant_dependency_file
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
# but this will avoid surprises if anything changes.
|
|
38
|
-
raise DependabotError, "No pyproject.toml present in dependency files." unless pyproject_toml
|
|
35
|
+
return T.must(uv_lock) if uv_lock
|
|
36
|
+
return T.must(pyproject_toml) if pyproject_toml
|
|
39
37
|
|
|
40
|
-
|
|
38
|
+
raise DependabotError, "No uv.lock or pyproject.toml present."
|
|
41
39
|
end
|
|
42
40
|
|
|
43
41
|
private
|
|
@@ -460,8 +460,22 @@ module Dependabot
|
|
|
460
460
|
|
|
461
461
|
sig { params(name: T.any(String, Symbol)).returns(String) }
|
|
462
462
|
def escape_package_name(name)
|
|
463
|
-
|
|
464
|
-
|
|
463
|
+
name_str = name.to_s
|
|
464
|
+
match = name_str.match(/\A([^\[]+)\[([^\]]+)\]\z/)
|
|
465
|
+
|
|
466
|
+
# Handle extras: "pkg[extra1,extra2]" needs flexible matching for
|
|
467
|
+
# whitespace around commas and any ordering of extras in source file
|
|
468
|
+
if match
|
|
469
|
+
base = Regexp.escape(T.must(match[1])).gsub(/\\[-_.]/, "[-_.]")
|
|
470
|
+
extras = T.must(match[2]).split(",").map(&:strip)
|
|
471
|
+
extras_patterns = extras.map { |e| Regexp.escape(e).gsub(/\\[-_.]/, "[-_.]") }
|
|
472
|
+
# Use lookaheads so extras match in any order
|
|
473
|
+
lookaheads = extras_patterns.map { |e| "(?=[^\\]]*#{e})" }.join
|
|
474
|
+
"#{base}\\[#{lookaheads}[^\\]]+\\]"
|
|
475
|
+
else
|
|
476
|
+
# Per PEP 503, Python package names normalize -, _, and . to the same character
|
|
477
|
+
Regexp.escape(name_str).gsub(/\\[-_.]/, "[-_.]")
|
|
478
|
+
end
|
|
465
479
|
end
|
|
466
480
|
|
|
467
481
|
sig { params(file: T.nilable(DependencyFile)).returns(T::Boolean) }
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-uv
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.367.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,28 +15,28 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.367.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.367.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: dependabot-python
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
29
29
|
requirements:
|
|
30
30
|
- - '='
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
|
-
version: 0.
|
|
32
|
+
version: 0.367.0
|
|
33
33
|
type: :runtime
|
|
34
34
|
prerelease: false
|
|
35
35
|
version_requirements: !ruby/object:Gem::Requirement
|
|
36
36
|
requirements:
|
|
37
37
|
- - '='
|
|
38
38
|
- !ruby/object:Gem::Version
|
|
39
|
-
version: 0.
|
|
39
|
+
version: 0.367.0
|
|
40
40
|
- !ruby/object:Gem::Dependency
|
|
41
41
|
name: debug
|
|
42
42
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -300,7 +300,7 @@ licenses:
|
|
|
300
300
|
- MIT
|
|
301
301
|
metadata:
|
|
302
302
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
303
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
303
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.367.0
|
|
304
304
|
rdoc_options: []
|
|
305
305
|
require_paths:
|
|
306
306
|
- lib
|