From ef4ef5be06c6e01005c80de5fad090e561b0948d Mon Sep 17 00:00:00 2001 From: David Chen Date: Tue, 28 Nov 2023 05:03:03 +0800 Subject: [PATCH] fix #8414 follow peotry source constraint (#8422) --- .../lib/dependabot/python/update_checker/index_finder.rb | 8 ++++---- .../dependabot/python/update_checker/index_finder_spec.rb | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/python/lib/dependabot/python/update_checker/index_finder.rb b/python/lib/dependabot/python/update_checker/index_finder.rb index 649a861b13..1d57de4af2 100644 --- a/python/lib/dependabot/python/update_checker/index_finder.rb +++ b/python/lib/dependabot/python/update_checker/index_finder.rb @@ -123,14 +123,14 @@ def pyproject_index_urls # If source is PyPI, skip it, and let it pick the default URI next if source["name"].casecmp?("PyPI") - if source["default"] + if @dependency.all_sources.include?(source["name"]) + # If dependency has specified this source, use it + return { main: source["url"], extra: [] } + elsif source["default"] urls[:main] = source["url"] elsif source["priority"] != "explicit" # if source is not explicit, add it to extra urls[:extra] << source["url"] - elsif @dependency.all_sources.include?(source["name"]) - # if source is explicit, and dependency has specified it as a source, add it to extra - urls[:extra] << source["url"] end end urls[:extra] = urls[:extra].uniq diff --git a/python/spec/dependabot/python/update_checker/index_finder_spec.rb b/python/spec/dependabot/python/update_checker/index_finder_spec.rb index 80343089a0..ed5d3cbe1d 100644 --- a/python/spec/dependabot/python/update_checker/index_finder_spec.rb +++ b/python/spec/dependabot/python/update_checker/index_finder_spec.rb @@ -352,7 +352,7 @@ it "gets the right index URLs" do expect(index_urls).to match_array( - ["https://pypi.org/simple/", "https://some.internal.registry.com/pypi/"] + ["https://some.internal.registry.com/pypi/"] ) end end