more fixes

python/lib/dependabot/python/file_parser.rb

@@ -37,8 +37,10 @@ class FileParser < Dependabot::FileParsers::Base
         InvalidRequirement ValueError RecursionError
       ).freeze
 
-      DEFAULT_PACKAGE_MANAGER = "pip"
-      DEFAULT_PACKAGE_MANAGER_VERSION = "24.0"
+      # we use this placeholder version in case we are not able to detect any
+      # PIP version from shell, we are ensuring that the actual update is not blocked
+      # in any way if any metric collection exception start happening
+      UNDETECTED_PACKAGE_MANAGER_VERSION = "0.0"
 
       def parse
         # TODO: setup.py from external dependencies is evaluated. Provide guards before removing this.
@@ -84,23 +86,14 @@ def python_requirement_parser
 
       sig { returns(Ecosystem::VersionManager) }
       def package_manager
-        Dependabot.logger.info(
-          "Package manager #{detected_package_manager.name}, detected version #{detected_package_manager_version}"
-        )
-
         @package_manager ||= detected_package_manager
       end
 
       sig { returns(Ecosystem::VersionManager) }
       def detected_package_manager
         return PeotryPackageManager.new(detect_poetry_version) if poetry_lock && detect_poetry_version
 
-        PipPackageManager.new(DEFAULT_PACKAGE_MANAGER_VERSION)
-      end
-
-      sig { returns(String) }
-      def detected_package_manager_version
-        detect_poetry_version || DEFAULT_PACKAGE_MANAGER_VERSION
+        PipPackageManager.new(detect_pip_version)
       end
 
       def detect_poetry_version
@@ -118,6 +111,18 @@ def detect_poetry_version
         nil
       end
 
+      def detect_pip_version
+        # extracts pip version from current python via executing shell command
+        version = SharedHelpers.run_shell_command("pyenv exec pip -V")
+                               .split("from").first&.split("pip")&.last&.strip
+
+        log_if_version_malformed(PipPackageManager.name, version)
+
+        version&.match?(/^\d+(?:\.\d+)*$/) ? version : UNDETECTED_PACKAGE_MANAGER_VERSION
+      rescue StandardError
+        nil
+      end
+
       def log_if_version_malformed(package_manager, version)
         # logs warning if malformed version is found
         return true if version&.match?(/^\d+(?:\.\d+)*$/)

python/spec/dependabot/python/peotry_package_manager_spec.rb

@@ -19,11 +19,14 @@
       end
     end
 
-    context "when version is a malformed string" do
-      let(:package_manager) { described_class.new("1.8.3)") }
+    context "when poetry version is extracted from pyenv is well formed" do
+      # If this test start failing, you need to adjust the "detect_poetry_version" function
+      # to return a valid version in format x.x, x.x.x etc. examples: 3.12.5, 3.12
+      version = Dependabot::SharedHelpers.run_shell_command("pyenv exec poetry --version")
+                                         .split("version ").last&.split(")")&.first
 
-      it "raises error" do
-        expect { package_manager.version }.to raise_error(Dependabot::BadRequirementError)
+      it "does not raise error" do
+        expect(version.match(/^\d+(?:\.\d+)*$/)).to be_truthy
       end
     end
   end

python/spec/dependabot/python/pip_package_manager_spec.rb

@@ -19,11 +19,14 @@
       end
     end
 
-    context "when version is a malformed string" do
-      let(:package_manager) { described_class.new("1.8.3)") }
+    context "when pip version is extracted from pyenv is well formed" do
+      # If this test start failing, you need to adjust the "detect_poetry_version" function
+      # to return a valid version in format x.x, x.x.x etc. examples: 3.12.5, 3.12
+      version = Dependabot::SharedHelpers.run_shell_command("pyenv exec pip -V")
+                                         .split("from").first&.split("pip")&.last&.strip.to_s
 
-      it "raises error" do
-        expect { package_manager.version }.to raise_error(Dependabot::BadRequirementError)
+      it "does not raise error" do
+        expect(version.match(/^\d+(?:\.\d+)*$/)).to be_truthy
       end
     end
   end