search-replace falls back to plain version lookup in some cases

[sanderr]

bumpversion.utils.contains is used as a guard to ensure that when the search pattern is not found, bump2version will not fall back to the default (as mentioned in the README). However, due to inconsistent matching behavior between bumpversion.utils.contains and bumpversion.utils.replace, in some cases it does fall back.

An example: Suppose version.txt contains the following (note the leading spaces):

  name = my_package
  version = 1.0.0
  name = other_package
  version = 1.0.0

An attempt at a bumpversion.cfg file to match this:

[bumpversion]
current_version = 1.0.0

[bumpversion:file:version.txt]
search = name = my_package
  version = {current_version}
replace = name = my_package
  version = {new_version}

• Expected behavior: either this bumps the first 1.0.0 and leaves the other one alone or this fails with an error message.
• Actual behavior: it replaces both occurrences of 1.0.0 with the entire replace string, resulting in the following:

  name = my_package
  version = name = my_package
  version = 1.1.0
  name = other_package
  version = name = my_package
  version = 1.1.0

The cause is that bumpversion.utils.contains uses in to check whether the first and last lines match, while bumpversion.utils.replace uses str.replace. The former matches even if the last line has leading characters not in the search line or if the first line has trailing characters not in the search line. I believe this is incorrect. This method should use == lookbehind[0].lstrip() and == lookbehind[-1].rstrip() instead of in lookbehind[0] and similar.

[sanderr]

I see I accidentally created this issue on the bumpversion repo instead of the bump2version one. I'll close it here.