dependabot-docker 0.125.0 → 0.125.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/docker/file_parser.rb +4 -12
- data/lib/dependabot/docker/update_checker.rb +3 -9
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cfadfdfd07f64944d1a6d44fbb0468663a3c1c21c64f738d1e4bb18aa4d4407e
|
|
4
|
+
data.tar.gz: 637cd20386e7f53cdaf784f05007b6ff0bc4d796aaaad30b4ed0795b88930db8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 29aebb943d40bb983a88b2ae66fa8d5da9e9e35149cd56fd98f465d320997d1b33db12f1a41ca4143636b8c2023dac53b8d1074c44d5c08c624c108dbd3dee0e
|
|
7
|
+
data.tar.gz: 5f28b0359644035b6747d5d8010407a29b0cc5a28ef44c099d46c6de6b91150483b8772a0b04963c48b39d2c24adfe6f2d5f1794f2d113dd8b4582a6c80cbdd4
|
|
@@ -40,9 +40,7 @@ module Dependabot
|
|
|
40
40
|
next unless FROM_LINE.match?(line)
|
|
41
41
|
|
|
42
42
|
parsed_from_line = FROM_LINE.match(line).named_captures
|
|
43
|
-
if parsed_from_line["registry"] == "docker.io"
|
|
44
|
-
parsed_from_line["registry"] = nil
|
|
45
|
-
end
|
|
43
|
+
parsed_from_line["registry"] = nil if parsed_from_line["registry"] == "docker.io"
|
|
46
44
|
|
|
47
45
|
version = version_from(parsed_from_line)
|
|
48
46
|
next unless version
|
|
@@ -85,17 +83,11 @@ module Dependabot
|
|
|
85
83
|
def source_from(parsed_from_line)
|
|
86
84
|
source = {}
|
|
87
85
|
|
|
88
|
-
if parsed_from_line.fetch("registry")
|
|
89
|
-
source[:registry] = parsed_from_line.fetch("registry")
|
|
90
|
-
end
|
|
86
|
+
source[:registry] = parsed_from_line.fetch("registry") if parsed_from_line.fetch("registry")
|
|
91
87
|
|
|
92
|
-
if parsed_from_line.fetch("tag")
|
|
93
|
-
source[:tag] = parsed_from_line.fetch("tag")
|
|
94
|
-
end
|
|
88
|
+
source[:tag] = parsed_from_line.fetch("tag") if parsed_from_line.fetch("tag")
|
|
95
89
|
|
|
96
|
-
if parsed_from_line.fetch("digest")
|
|
97
|
-
source[:digest] = parsed_from_line.fetch("digest")
|
|
98
|
-
end
|
|
90
|
+
source[:digest] = parsed_from_line.fetch("digest") if parsed_from_line.fetch("digest")
|
|
99
91
|
|
|
100
92
|
source
|
|
101
93
|
end
|
|
@@ -102,9 +102,7 @@ module Dependabot
|
|
|
102
102
|
# Note: It's important that this *always* returns a version (even if
|
|
103
103
|
# it's the existing one) as it is what we later check the digest of.
|
|
104
104
|
def fetch_latest_version
|
|
105
|
-
unless dependency.version.match?(NAME_WITH_VERSION)
|
|
106
|
-
return dependency.version
|
|
107
|
-
end
|
|
105
|
+
return dependency.version unless dependency.version.match?(NAME_WITH_VERSION)
|
|
108
106
|
|
|
109
107
|
# Prune out any downgrade tags before checking for pre-releases
|
|
110
108
|
# (which requires a call to the registry for each tag, so can be slow)
|
|
@@ -264,9 +262,7 @@ module Dependabot
|
|
|
264
262
|
end
|
|
265
263
|
|
|
266
264
|
def prerelease?(tag)
|
|
267
|
-
if numeric_version_from(tag).gsub(/kb/i, "").match?(/[a-zA-Z]/)
|
|
268
|
-
return true
|
|
269
|
-
end
|
|
265
|
+
return true if numeric_version_from(tag).gsub(/kb/i, "").match?(/[a-zA-Z]/)
|
|
270
266
|
|
|
271
267
|
# If we're dealing with a numeric version we can compare it against
|
|
272
268
|
# the digest for the `latest` tag.
|
|
@@ -323,9 +319,7 @@ module Dependabot
|
|
|
323
319
|
version = version_class.new(numeric_version_from(tag))
|
|
324
320
|
ignore_reqs.any? { |r| r.satisfied_by?(version) }
|
|
325
321
|
end
|
|
326
|
-
if @raise_on_ignored && filtered.empty? && candidate_tags.any?
|
|
327
|
-
raise AllVersionsIgnored
|
|
328
|
-
end
|
|
322
|
+
raise AllVersionsIgnored if @raise_on_ignored && filtered.empty? && candidate_tags.any?
|
|
329
323
|
|
|
330
324
|
filtered
|
|
331
325
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.125.
|
|
4
|
+
version: 0.125.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-11-
|
|
11
|
+
date: 2020-11-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.125.
|
|
19
|
+
version: 0.125.5
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.125.
|
|
26
|
+
version: 0.125.5
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -128,14 +128,14 @@ dependencies:
|
|
|
128
128
|
requirements:
|
|
129
129
|
- - "~>"
|
|
130
130
|
- !ruby/object:Gem::Version
|
|
131
|
-
version: 0.
|
|
131
|
+
version: 0.8.0
|
|
132
132
|
type: :development
|
|
133
133
|
prerelease: false
|
|
134
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
135
135
|
requirements:
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
|
-
version: 0.
|
|
138
|
+
version: 0.8.0
|
|
139
139
|
- !ruby/object:Gem::Dependency
|
|
140
140
|
name: vcr
|
|
141
141
|
requirement: !ruby/object:Gem::Requirement
|