Stop specifying all supported python versions

Now that we've dropped Python 3.6 support, we no longer need to explicitly list all python versions down to the `patch` level because the following are true: 1. All python versions that Dependabot supports have a matching major.minor python version that is already pre-installed in the Dockerfile. 2. We completely ignore the patch level when matching the user's desired python with the python versions we support. So we only need to track the explicit version that is pre-downloaded/installed to the Dockerfile.
dependabot · Aug 10, 2023 · d5c395b · d5c395b
1 parent 68ea8f5
commit d5c395b
Show file tree

Hide file tree

Showing 9 changed files with 24 additions and 63 deletions.
diff --git a/python/Dockerfile b/python/Dockerfile
@@ -1,3 +1,5 @@
+# This list must match the versions specified in
+# python/lib/dependabot/python/language_version_manager.rb: PRE_INSTALLED_PYTHON_VERSIONS
 ARG PY_3_11=3.11.4
 ARG PY_3_10=3.10.12
 ARG PY_3_9=3.9.17

diff --git a/python/README.md b/python/README.md
@@ -10,7 +10,7 @@ Updating the list of known versions might be tricky, here are the steps:
 
 1. Update the `pyenv` version in the [`Dockerfile`](https://github.com/dependabot/dependabot-core/blob/main/python/Dockerfile), you may use a commit hash if a new `pyenv` version is not released yet.
 2. Update the `pyenv global` version in the `Dockerfile`. We always use the latest (and greatest) Python version.
-3. Update the list of known Python versions in [`python_versions.rb`](https://github.com/dependabot/dependabot-core/blob/main/python/lib/dependabot/python/python_versions.rb).
+3. Update the list of known Python versions in [`language_version_manager.rb`](https://github.com/dependabot/dependabot-core/blob/main/python/lib/dependabot/python/language_version_manager.rb).
 4. Fix any broken tests.
 
 [Example PR](https://github.com/dependabot/dependabot-core/pull/7412) that does all these things.

diff --git a/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb b/python/lib/dependabot/python/file_updater/pip_compile_file_updater.rb
@@ -9,7 +9,6 @@
 require "dependabot/shared_helpers"
 require "dependabot/python/language_version_manager"
 require "dependabot/python/native_helpers"
-require "dependabot/python/python_versions"
 require "dependabot/python/name_normaliser"
 require "dependabot/python/authed_url_builder"
 

diff --git a/python/lib/dependabot/python/file_updater/poetry_file_updater.rb b/python/lib/dependabot/python/file_updater/poetry_file_updater.rb
@@ -7,7 +7,6 @@
 require "dependabot/python/language_version_manager"
 require "dependabot/python/version"
 require "dependabot/python/requirement"
-require "dependabot/python/python_versions"
 require "dependabot/python/file_parser/python_requirement_parser"
 require "dependabot/python/file_updater"
 require "dependabot/python/native_helpers"

diff --git a/python/lib/dependabot/python/language_version_manager.rb b/python/lib/dependabot/python/language_version_manager.rb
@@ -6,6 +6,15 @@
 module Dependabot
   module Python
     class LanguageVersionManager
+      # This list must match the versions specified at the top of `python/Dockerfile`
+      PRE_INSTALLED_PYTHON_VERSIONS = %w(
+        3.11.4
+        3.10.12
+        3.9.17
+        3.8.17
+        3.7.17
+      ).freeze
+
       def initialize(python_requirement_parser:)
         @python_requirement_parser = python_requirement_parser
       end
@@ -58,32 +67,19 @@ def python_requirement_string
       def python_version_from_supported_versions
         requirement_string = python_requirement_string
 
-        # Ideally, the requirement is satisfied by a Python version we support
-        requirement =
-          Python::Requirement.requirements_array(requirement_string).first
-        version =
-          PythonVersions::SUPPORTED_VERSIONS_TO_ITERATE.
-          find { |v| requirement.satisfied_by?(Python::Version.new(v)) }
-        return version if version
+        # If the requirement string isn't already a range (eg ">3.10"), coerce it to "major.minor.*".
+        # The patch version is ignored because a non-matching patch version is unlikely to affect resolution.
+        requirement_string = requirement_string.gsub(/\.\d+$/, ".*") if requirement_string.start_with?(/\d/)
 
-        # If not, and we're dealing with a simple version string
-        # and changing the patch version would fix things, we do that
-        # as the patch version is unlikely to affect resolution
-        if requirement_string.start_with?(/\d/)
-          requirement =
-            Python::Requirement.new(requirement_string.gsub(/\.\d+$/, ".*"))
-          version =
-            PythonVersions::SUPPORTED_VERSIONS_TO_ITERATE.
-            find { |v| requirement.satisfied_by?(Python::Version.new(v)) }
-          return version if version
-        end
+        # Try to match one of our pre-installed Python versions
+        requirement = Python::Requirement.requirements_array(requirement_string).first
+        version = PRE_INSTALLED_PYTHON_VERSIONS.find { |v| requirement.satisfied_by?(Python::Version.new(v)) }
+        return version if version
 
-        # Otherwise we have to raise, giving details of the Python versions
-        # that Dependabot supports
-        msg = "Dependabot detected the following Python requirement " \
-              "for your project: '#{requirement_string}'.\n\nCurrently, the " \
-              "following Python versions are supported in Dependabot: " \
-              "#{PythonVersions::SUPPORTED_VERSIONS.join(', ')}."
+        # Otherwise we have to raise
+        msg = "Dependabot detected the following Python requirement for your project: '#{python_requirement_string}'." \
+              "\n\nCurrently, the following Python versions are supported in Dependabot: " \
+              "#{PRE_INSTALLED_PYTHON_VERSIONS.map { |x| x.gsub(/\.\d+$/, '.*') }.join(', ')}."
         raise DependencyFileNotResolvable, msg
       end
 
@@ -100,7 +96,7 @@ def python_version_matching_imputed_requirements
       end
 
       def python_version_matching(requirements)
-        PythonVersions::SUPPORTED_VERSIONS_TO_ITERATE.find do |version_string|
+        PRE_INSTALLED_PYTHON_VERSIONS.find do |version_string|
           version = Python::Version.new(version_string)
           requirements.all? do |req|
             next req.any? { |r| r.satisfied_by?(version) } if req.is_a?(Array)

diff --git a/python/lib/dependabot/python/python_versions.rb b/python/lib/dependabot/python/python_versions.rb
diff --git a/python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb b/python/lib/dependabot/python/update_checker/pip_compile_version_resolver.rb
@@ -13,7 +13,6 @@
 require "dependabot/shared_helpers"
 require "dependabot/python/language_version_manager"
 require "dependabot/python/native_helpers"
-require "dependabot/python/python_versions"
 require "dependabot/python/name_normaliser"
 require "dependabot/python/authed_url_builder"
 

diff --git a/python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb b/python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb
@@ -11,7 +11,6 @@
 require "dependabot/python/file_updater/pipfile_preparer"
 require "dependabot/python/file_updater/setup_file_sanitizer"
 require "dependabot/python/update_checker"
-require "dependabot/python/python_versions"
 require "dependabot/python/native_helpers"
 require "dependabot/python/name_normaliser"
 require "dependabot/python/version"

diff --git a/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb b/python/lib/dependabot/python/update_checker/poetry_version_resolver.rb
@@ -14,7 +14,6 @@
 require "dependabot/python/version"
 require "dependabot/python/requirement"
 require "dependabot/python/native_helpers"
-require "dependabot/python/python_versions"
 require "dependabot/python/authed_url_builder"
 require "dependabot/python/name_normaliser"