dependabot-uv 0.384.0 → 0.385.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: a1172331c14f9b7fd9b124f80ccdd4c63313eb78704764d631bef9069313d578
4
- data.tar.gz: 666eb7365f22a5b84cde319d7e33cc3157694dce1b245b7b45e6db80b4aee99a
3
+ metadata.gz: b27887feca6e05276a0219581805762553eb6b94c300b30bac15f816ccc01011
4
+ data.tar.gz: 7f80bf8bcda56d65f2b05ee7800928b740ff539326c27b787572a1ef236f2117
5
5
  SHA512:
6
- metadata.gz: 0c5cd676427e2a316600cac0cde218e5196d4630a3f2dc0d73ac12304cda14ebd2987e0999e2f32e1fc0451bc90013b57696c2e7539086768a44c9d7d4f9ee74
7
- data.tar.gz: 73b617c4293455bdc6140023aa4fbff11e4484a9dc2182e619cc4c21df35c59f34b3028c3049a592694585706f43632689b575dc0bfe7268a8e8062fd2399d81
6
+ metadata.gz: 17735f62633b1d8114dd41b7ac482a04347d099e7e96b8a3f9571e7c3890563eba4cfebfc58a2a8343b9aa1347201a520fe77f001624e9d5fbdca45dc09f9577
7
+ data.tar.gz: ae24b3cbcd20e0bafb4f7fd0a3e2e1236f3740ead9269cab2bb91282ae7c73c99fd73a7e30eff16b23dcb0574713f9342b56f17279fe644aead8da3ca16e04eb
@@ -370,14 +370,49 @@ module Dependabot
370
370
 
371
371
  sig { returns(T::Array[String]) }
372
372
  def lock_index_options
373
- filtered_credentials = credentials
374
- .select { |cred| cred["type"] == "python_index" }
375
- .reject do |cred|
376
- cred.replaces_base? ? defined_in_pyproject?(cred) : explicit_index?(cred)
377
- end
378
-
373
+ filtered_credentials = filtered_python_index_credentials
379
374
  options = T.let([], T::Array[String])
380
375
  used_credential_urls = T.let([], T::Array[String])
376
+ default_index_used = T.let(false, T::Boolean)
377
+
378
+ default_index_used = add_lockfile_registry_options(
379
+ filtered_credentials: filtered_credentials,
380
+ options: options,
381
+ used_credential_urls: used_credential_urls,
382
+ default_index_used: default_index_used
383
+ )
384
+
385
+ add_fallback_index_options(
386
+ filtered_credentials: filtered_credentials,
387
+ options: options,
388
+ used_credential_urls: used_credential_urls,
389
+ default_index_used: default_index_used
390
+ )
391
+
392
+ options.uniq
393
+ end
394
+
395
+ sig { returns(T::Array[Dependabot::Credential]) }
396
+ def filtered_python_index_credentials
397
+ credentials
398
+ .select { |cred| cred["type"] == "python_index" }
399
+ .reject { |cred| skip_lock_index_credential?(cred) }
400
+ end
401
+
402
+ sig { params(credential: Dependabot::Credential).returns(T::Boolean) }
403
+ def skip_lock_index_credential?(credential)
404
+ credential.replaces_base? ? defined_in_pyproject?(credential) : explicit_index?(credential)
405
+ end
406
+
407
+ sig do
408
+ params(
409
+ filtered_credentials: T::Array[Dependabot::Credential],
410
+ options: T::Array[String],
411
+ used_credential_urls: T::Array[String],
412
+ default_index_used: T::Boolean
413
+ ).returns(T::Boolean)
414
+ end
415
+ def add_lockfile_registry_options(filtered_credentials:, options:, used_credential_urls:, default_index_used:)
381
416
  credential_matcher = LockIndexCredentialMatcher.new(credentials: filtered_credentials)
382
417
 
383
418
  uv_lock_registry_urls.each do |registry_url|
@@ -385,23 +420,59 @@ module Dependabot
385
420
  next unless credential
386
421
 
387
422
  used_credential_urls << credential["index-url"].to_s
388
- options << option_for_credential_url(credential, authed_registry_url(credential, registry_url))
423
+ default_index_used = add_lock_index_option(
424
+ credential: credential,
425
+ url: authed_registry_url(credential, registry_url),
426
+ options: options,
427
+ default_index_used: default_index_used
428
+ )
389
429
  end
390
430
 
431
+ default_index_used
432
+ end
433
+
434
+ sig do
435
+ params(
436
+ filtered_credentials: T::Array[Dependabot::Credential],
437
+ options: T::Array[String],
438
+ used_credential_urls: T::Array[String],
439
+ default_index_used: T::Boolean
440
+ ).returns(T::Boolean)
441
+ end
442
+ def add_fallback_index_options(filtered_credentials:, options:, used_credential_urls:, default_index_used:)
391
443
  # Fall back to credential URLs for indices not represented in uv.lock.
392
444
  filtered_credentials.each do |credential|
393
445
  next if used_credential_urls.include?(credential["index-url"].to_s)
394
446
 
395
- authed_url = AuthedUrlBuilder.authed_url(credential: credential)
396
- options << option_for_credential_url(credential, authed_url)
447
+ default_index_used = add_lock_index_option(
448
+ credential: credential,
449
+ url: AuthedUrlBuilder.authed_url(credential: credential),
450
+ options: options,
451
+ default_index_used: default_index_used
452
+ )
397
453
  end
398
454
 
399
- options.uniq
455
+ default_index_used
456
+ end
457
+
458
+ sig do
459
+ params(
460
+ credential: Dependabot::Credential,
461
+ url: String,
462
+ options: T::Array[String],
463
+ default_index_used: T::Boolean
464
+ ).returns(T::Boolean)
465
+ end
466
+ def add_lock_index_option(credential:, url:, options:, default_index_used:)
467
+ options << option_for_credential_url(credential, url, default_index_used: default_index_used)
468
+ default_index_used || credential.replaces_base?
400
469
  end
401
470
 
402
- sig { params(credential: Dependabot::Credential, url: String).returns(String) }
403
- def option_for_credential_url(credential, url)
404
- if credential.replaces_base?
471
+ sig do
472
+ params(credential: Dependabot::Credential, url: String, default_index_used: T::Boolean).returns(String)
473
+ end
474
+ def option_for_credential_url(credential, url, default_index_used:)
475
+ if credential.replaces_base? && !default_index_used
405
476
  "--default-index #{url}"
406
477
  else
407
478
  "--index #{url}"
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-uv
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.384.0
4
+ version: 0.385.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
@@ -15,28 +15,28 @@ dependencies:
15
15
  requirements:
16
16
  - - '='
17
17
  - !ruby/object:Gem::Version
18
- version: 0.384.0
18
+ version: 0.385.0
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - '='
24
24
  - !ruby/object:Gem::Version
25
- version: 0.384.0
25
+ version: 0.385.0
26
26
  - !ruby/object:Gem::Dependency
27
27
  name: dependabot-python
28
28
  requirement: !ruby/object:Gem::Requirement
29
29
  requirements:
30
30
  - - '='
31
31
  - !ruby/object:Gem::Version
32
- version: 0.384.0
32
+ version: 0.385.0
33
33
  type: :runtime
34
34
  prerelease: false
35
35
  version_requirements: !ruby/object:Gem::Requirement
36
36
  requirements:
37
37
  - - '='
38
38
  - !ruby/object:Gem::Version
39
- version: 0.384.0
39
+ version: 0.385.0
40
40
  - !ruby/object:Gem::Dependency
41
41
  name: debug
42
42
  requirement: !ruby/object:Gem::Requirement
@@ -301,7 +301,7 @@ licenses:
301
301
  - MIT
302
302
  metadata:
303
303
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
304
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.384.0
304
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.385.0
305
305
  rdoc_options: []
306
306
  require_paths:
307
307
  - lib