Class: Dependabot::Python::DependencyGrapher

Inherits:

DependencyGraphers::Base

• Object
• DependencyGraphers::Base
• Dependabot::Python::DependencyGrapher

Defined in:

lib/dependabot/python/dependency_grapher.rb,
lib/dependabot/python/dependency_grapher/lockfile_generator.rb

Defined Under Namespace

Classes: LockfileGenerator

Constant Summary

REQUIREMENTS_TXT_REGEX =

Matches “requirements” preceded by a hyphen, period, underscore, start-of-string, or slash, followed by non-whitespace chars and “.txt”. Examples: requirements.txt, requirements.prod.txt, requirements/production.txt

T.let(%r{(?:[-._]|^|/)requirements[^\s]*\.txt$}i, Regexp)

REQUIRE_TXT_REGEX =

More lenient: matches “require” with optional prefix (no dots/whitespace) and optional hyphen/underscore/slash suffix. Does not match “require” as a substring. Examples: require.txt, require-test.txt, py3-require.txt, pyenv_require_e2e.txt

T.let(%r{[^\s|.]*require(?:[-_/][^\s|.]*)?\.txt$}i, Regexp)

DEPENDENCIES_TXT_REGEX =

Matches “dependencies” / “dependency” preceded by a hyphen, period, underscore, start-of-string, or slash, followed by non-whitespace chars and “.txt”. Examples: dependencies.txt, my-dependencies.txt, dependencies/python/ansible-lint.txt

T.let(%r{(?:[-._]|^|/)dependenc(?:y|ies)[^\s]*\.txt$}i, Regexp)

DEPEND_TXT_REGEX =

More lenient: matches “depend” / “depends” with optional prefix (no dots/whitespace) and optional hyphen/underscore/slash suffix. Does not match “depend” as a substring. Examples: depend.txt, depends.txt, depend-test.txt, py3-depends.txt

T.let(%r{[^\s|.]*depend(?:s)?(?:[-_/][^\s|.]*)?\.txt$}i, Regexp)

Instance Method Summary

• #prepare! ⇒ Object
• #relevant_dependency_file ⇒ Object

Instance Method Details

#prepare! ⇒ Object

# File 'lib/dependabot/python/dependency_grapher.rb', line 66

def prepare!
  if poetry_project_without_lockfile?
    Dependabot.logger.info("No poetry.lock found, generating ephemeral lockfile for dependency graphing")
    generate_ephemeral_lockfile!
    emit_missing_lockfile_warning! if @ephemeral_lockfile_generated
  end
  super
end

#relevant_dependency_file ⇒ Object

Raises:

• (DependabotError)

# File 'lib/dependabot/python/dependency_grapher.rb', line 46

def relevant_dependency_file
  dependency_files_by_package_manager = T.let(
    {
      PipenvPackageManager::NAME => [pipfile_lock, pipfile],
      PoetryPackageManager::NAME => [committed_poetry_lock, pyproject_toml],
      PipCompilePackageManager::NAME => [pip_compile_lockfile, pip_compile_manifest, pyproject_toml],
      PipPackageManager::NAME => [pip_requirements_file, pyproject_toml, pipfile_lock, pipfile, setup_file,
                                  setup_cfg_file]
    },
    T::Hash[String, T::Array[T.nilable(Dependabot::DependencyFile)]]
  )

  candidates = dependency_files_by_package_manager.fetch(python_package_manager, [])
  relevant_file = candidates.compact.first
  return relevant_file if relevant_file

  raise DependabotError, "No supported dependency file present."
end