diff --git a/python/helpers/requirements.txt b/python/helpers/requirements.txt index 3b15e2d4d50..4cae666d451 100644 --- a/python/helpers/requirements.txt +++ b/python/helpers/requirements.txt @@ -4,7 +4,7 @@ flake8==5.0.4 hashin==0.17.0 pipenv==2022.4.8 pipfile==0.0.2 -poetry==1.1.15 +poetry>=1.1.15,<=1.2.0 wheel==0.37.1 # Some dependencies will only install if Cython is present diff --git a/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb b/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb index 613441cd56c..5a973af5c79 100644 --- a/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb +++ b/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb @@ -3,6 +3,7 @@ require "excon" require "toml-rb" require "open3" +require "uri" require "dependabot/dependency" require "dependabot/errors" require "dependabot/shared_helpers" @@ -23,18 +24,26 @@ class UpdateChecker # This class does version resolution for pyproject.toml files. class PoetryVersionResolver GIT_REFERENCE_NOT_FOUND_REGEX = / - 'git'.*pypoetry-git-(?.+?).{8}', + (?:'git'.*pypoetry-git-(?.+?).{8}', 'checkout', '(?.+?)' - /x.freeze + | + ...Failedtoclone + (?.+?).gitat'(?.+?)', + verifyrefexistsonremote) + /x.freeze # TODO: remove the first clause and | when py3.6 support is EoL GIT_DEPENDENCY_UNREACHABLE_REGEX = / - '\['git', - \s+'clone', - \s+'--recurse-submodules', - \s+'(--)?', - \s+'(?.+?)'.* - \s+exit\s+status\s+128 - /mx.freeze + (?:'\['git', + \s+'clone', + \s+'--recurse-submodules', + \s+'(--)?', + \s+'(?.+?)'.* + \s+exit\s+status\s+128 + | + \s+Failed\sto\sclone + \s+(?.+?), + \s+check\syour\sgit\sconfiguration) + /mx.freeze # TODO: remove the first clause and | when py3.6 support is EoL attr_reader :dependency, :dependency_files, :credentials @@ -61,7 +70,8 @@ def resolvable?(version:) false end rescue SharedHelpers::HelperSubprocessFailed => e - raise unless e.message.include?("SolverProblemError") + raise unless e.message.include?("SolverProblemError") || # TODO: Remove once py3.6 is EoL + e.message.include?("version solving failed.") @resolvable[version] = false end @@ -118,8 +128,13 @@ def fetch_version_from_parsed_lockfile(updated_lockfile) def handle_poetry_errors(error) if error.message.gsub(/\s/, "").match?(GIT_REFERENCE_NOT_FOUND_REGEX) message = error.message.gsub(/\s/, "") - name = message.match(GIT_REFERENCE_NOT_FOUND_REGEX). - named_captures.fetch("name") + match = message.match(GIT_REFERENCE_NOT_FOUND_REGEX) + name = if (url = match.named_captures.fetch("url")) + File.basename(URI.parse(url).path) + else + message.match(GIT_REFERENCE_NOT_FOUND_REGEX). + named_captures.fetch("name") + end raise GitDependencyReferenceNotFound, name end @@ -130,7 +145,8 @@ def handle_poetry_errors(error) end raise unless error.message.include?("SolverProblemError") || - error.message.include?("PackageNotFound") + error.message.include?("PackageNotFound") || + error.message.include?("version solving failed.") check_original_requirements_resolvable @@ -161,7 +177,8 @@ def check_original_requirements_resolvable @original_reqs_resolvable = true rescue SharedHelpers::HelperSubprocessFailed => e raise unless e.message.include?("SolverProblemError") || - e.message.include?("PackageNotFound") + e.message.include?("PackageNotFound") || + e.message.include?("version solving failed.") msg = clean_error_message(e.message) raise DependencyFileNotResolvable, msg