class Dependabot::Python::FileUpdater::SetupFileSanitizer

Take a setup.py, parses it (carefully!) and then create a new, clean setup.py using only the information which will appear in the lockfile.

Attributes

setup_cfg[R]
setup_file[R]

Public Class Methods

new(setup_file:, setup_cfg:) click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 12
def initialize(setup_file:, setup_cfg:)
  @setup_file = setup_file
  @setup_cfg = setup_cfg
end

Public Instance Methods

sanitized_content() click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 17
def sanitized_content
  # The part of the setup.py that Pipenv cares about appears to be the
  # install_requires. A name and version are required by don't end up
  # in the lockfile.
  content =
    "from setuptools import setup\n\n"\
    "setup(name=\"sanitized-package\",version=\"0.0.1\","\
    "install_requires=#{install_requires_array.to_json},"\
    "extras_require=#{extras_require_hash.to_json}"

  content += ',setup_requires=["pbr"],pbr=True' if include_pbr?
  content + ")"
end

Private Instance Methods

extras_require_hash() click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 59
def extras_require_hash
  @extras_require_hash ||=
    begin
      hash = {}
      parsed_setup_file.dependencies.each do |dep|
        dep.requirements.first[:groups].each do |group|
          next unless group.start_with?("extras_require:")

          hash[group.split(":").last] ||= []
          hash[group.split(":").last] <<
            dep.name + dep.requirements.first[:requirement].to_s
        end
      end

      hash
    end
end
include_pbr?() click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 35
def include_pbr?
  setup_requires_array.any? { |d| d.start_with?("pbr") }
end
install_requires_array() click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 39
def install_requires_array
  @install_requires_array ||=
    parsed_setup_file.dependencies.map do |dep|
      next unless dep.requirements.first[:groups].
                  include?("install_requires")

      dep.name + dep.requirements.first[:requirement].to_s
    end.compact
end
parsed_setup_file() click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 77
def parsed_setup_file
  @parsed_setup_file ||=
    Python::FileParser::SetupFileParser.new(
      dependency_files: [
        setup_file&.dup&.tap { |f| f.name = "setup.py" },
        setup_cfg&.dup&.tap { |f| f.name = "setup.cfg" }
      ].compact
    ).dependency_set
end
setup_requires_array() click to toggle source
# File lib/dependabot/python/file_updater/setup_file_sanitizer.rb, line 49
def setup_requires_array
  @setup_requires_array ||=
    parsed_setup_file.dependencies.map do |dep|
      next unless dep.requirements.first[:groups].
                  include?("setup_requires")

      dep.name + dep.requirements.first[:requirement].to_s
    end.compact
end