Class: Dependabot::Uv::DependencyGrapher

Inherits:
DependencyGraphers::Base
  • Object
show all
Defined in:
lib/dependabot/uv/dependency_grapher.rb

Constant Summary collapse

UV_LOCK_COMMAND = 
T.let("pyenv exec uv lock --color never --no-progress && cat uv.lock", String)
UV_TREE_COMMAND = 
T.let("pyenv exec uv tree -q --color never --no-progress --frozen", String)
UV_TREE_LINE_REGEX =

Used to capture package lines from ‘uv tree` output.

Example output:

├── flask v3.1.3
│   ├── click v8.3.1
│   └── jinja2 v3.1.6
│       └── markupsafe v3.0.3

The ‘prefix` contains tree-depth segments (`│ ` or ` `) and `package` is the dependency name token before the `v<version>` marker.

T.let(
  /^(?<prefix>(?:(?:│   )|(?:    ))*)(?:├──|└──)\s(?<package>.+?)\sv[^\s]+(?:\s+\(.*\))?$/,
  Regexp
)

Instance Method Summary collapse

Instance Method Details

#relevant_dependency_fileObject

Raises:

  • (DependabotError) 


34
35
36
37
38
39
 
# File 'lib/dependabot/uv/dependency_grapher.rb', line 34

def relevant_dependency_file
  return T.must(uv_lock) if uv_lock
  return T.must(pyproject_toml) if pyproject_toml

  raise DependabotError, "No uv.lock or pyproject.toml present."
end