class Dependabot::Python::FileUpdater::PyprojectPreparer
Attributes
lockfile[R]
rubocop:enable Metrics/AbcSize rubocop:enable Metrics/PerceivedComplexity
pyproject_content[R]
rubocop:enable Metrics/AbcSize rubocop:enable Metrics/PerceivedComplexity
Public Class Methods
new(pyproject_content:, lockfile: nil)
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 16 def initialize(pyproject_content:, lockfile: nil) @pyproject_content = pyproject_content @lockfile = lockfile end
Public Instance Methods
freeze_top_level_dependencies_except(dependencies)
click to toggle source
rubocop:disable Metrics/PerceivedComplexity rubocop:disable Metrics/AbcSize
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 40 def freeze_top_level_dependencies_except(dependencies) return pyproject_content unless lockfile pyproject_object = TomlRB.parse(pyproject_content) poetry_object = pyproject_object["tool"]["poetry"] excluded_names = dependencies.map(&:name) + ["python"] Dependabot::Python::FileParser::PoetryFilesParser::POETRY_DEPENDENCY_TYPES.each do |key| next unless poetry_object[key] poetry_object.fetch(key).each do |dep_name, _| next if excluded_names.include?(normalise(dep_name)) locked_details = locked_details(dep_name) next unless (locked_version = locked_details&.fetch("version")) next if locked_details&.dig("source", "type") == "directory" if locked_details&.dig("source", "type") == "git" poetry_object[key][dep_name] = { "git" => locked_details&.dig("source", "url"), "rev" => locked_details&.dig("source", "reference") } elsif poetry_object[key][dep_name].is_a?(Hash) poetry_object[key][dep_name]["version"] = locked_version else poetry_object[key][dep_name] = locked_version end end end TomlRB.dump(pyproject_object) end
replace_sources(credentials)
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 21 def replace_sources(credentials) pyproject_object = TomlRB.parse(pyproject_content) poetry_object = pyproject_object.fetch("tool").fetch("poetry") sources = pyproject_sources + config_variable_sources(credentials) poetry_object["source"] = sources if sources.any? TomlRB.dump(pyproject_object) end
sanitize()
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 31 def sanitize # {{ name }} syntax not allowed pyproject_content. gsub(/\{\{.*?\}\}/, "something"). gsub('#{', "{") end
Private Instance Methods
config_variable_sources(credentials)
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 102 def config_variable_sources(credentials) @config_variable_sources ||= credentials. select { |cred| cred["type"] == "python_index" }. map do |c| { "url" => AuthedUrlBuilder.authed_url(credential: c), "name" => SecureRandom.hex[0..3], "default" => c["replaces-base"] }.compact end end
locked_details(dep_name)
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 81 def locked_details(dep_name) parsed_lockfile.fetch("package"). find { |d| d["name"] == normalise(dep_name) } end
normalise(name)
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 86 def normalise(name) NameNormaliser.normalise(name) end
parsed_lockfile()
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 115 def parsed_lockfile @parsed_lockfile ||= TomlRB.parse(lockfile.content) end
pyproject_sources()
click to toggle source
# File lib/dependabot/python/file_updater/pyproject_preparer.rb, line 90 def pyproject_sources return @pyproject_sources if @pyproject_sources pyproject_sources ||= TomlRB.parse(pyproject_content). dig("tool", "poetry", "source") @pyproject_sources ||= (pyproject_sources || []). map { |h| h.dup.merge("url" => h["url"].gsub(%r{/*$}, "") + "/") } end