Class: Dependabot::Python::SharedFileFetcher

Inherits:

FileFetchers::Base

• Object
• FileFetchers::Base
• Dependabot::Python::SharedFileFetcher

Extended by:

T::Helpers, T::Sig

Defined in:

lib/dependabot/python/shared_file_fetcher.rb

Direct Known Subclasses

FileFetcher

Constant Summary

CHILD_REQUIREMENT_REGEX =

T.let(/^-r\s?(?<path>.*\.(?:txt|in))/, Regexp)

CONSTRAINT_REGEX =

T.let(/^-c\s?(?<path>.*\.(?:txt|in))/, Regexp)

DEPENDENCY_TYPES =

T.let(%w(packages dev-packages).freeze, T::Array[String])

MAX_FILE_SIZE =

T.let(500_000, Integer)

REQUIREMENTS_TXT_REGEX =

Regex patterns for detecting Python requirements.txt manifest variants. Ported from github/dependency-snapshots-api.

Matches “requirements” preceded by a hyphen, period, underscore, start-of-string, or slash, followed by non-whitespace chars and “.txt”. Examples: requirements.txt, requirements.prod.txt, requirements/production.txt

T.let(%r{(?:[-._]|^|/)requirements[^\s]*\.txt$}i, Regexp)

REQUIRE_TXT_REGEX =

More lenient: matches “require” with optional prefix (no dots/whitespace) and optional hyphen/underscore/slash suffix. Does not match “require” as a substring. Examples: require.txt, require-test.txt, py3-require.txt, pyenv_require_e2e.txt

T.let(%r{[^\s|.]*require(?:[-_/][^\s|.]*)?\.txt$}i, Regexp)

Class Method Summary

• .ecosystem_specific_required_files ⇒ Object
• .required_files_in?(filenames) ⇒ Boolean

Instance Method Summary

• #ecosystem_versions ⇒ Object
• #fetch_files ⇒ Object

Class Method Details

.ecosystem_specific_required_files ⇒ Object

# File 'lib/dependabot/python/shared_file_fetcher.rb', line 43

def self.ecosystem_specific_required_files; end

.required_files_in?(filenames) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/dependabot/python/shared_file_fetcher.rb', line 46

def self.required_files_in?(filenames)
  return true if filenames.any? { |name| name.end_with?(".txt", ".in") }
  return true if filenames.include?("requirements")
  return true if filenames.include?("pyproject.toml")
  return true if filenames.any? { |name| ecosystem_specific_required_files.include?(name) }

  false
end

Instance Method Details

#ecosystem_versions ⇒ Object

# File 'lib/dependabot/python/shared_file_fetcher.rb', line 56

def ecosystem_versions
  python_requirement_parser = FileParser::PythonRequirementParser.new(dependency_files: files)
  language_version_manager = LanguageVersionManager.new(python_requirement_parser: python_requirement_parser)
  Dependabot.logger.info("Dependabot is using Python version '#{language_version_manager.python_version}'.")
  {
    languages: {
      python: {
        "raw" => language_version_manager.user_specified_python_version || "unknown",
        "max" => language_version_manager.python_major_minor || "unknown"
      }
    }
  }
end

#fetch_files ⇒ Object

# File 'lib/dependabot/python/shared_file_fetcher.rb', line 71

def fetch_files
  fetched_files = []

  fetched_files += ecosystem_specific_files
  fetched_files += pyproject_files

  fetched_files += requirements_in_files
  fetched_files += requirement_files if requirements_txt_files.any?

  fetched_files += project_files
  fetched_files << python_version_file if python_version_file

  uniques = uniq_files(fetched_files)
  uniques.reject do |file|
    Dependabot::FileFiltering.should_exclude_path?(file.name, "file from final collection", @exclude_paths)
  end
end