dependabot-docker 0.230.0 → 0.232.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e7f9ec1567dc6f2465b0e00af81ac36a01ec8c17058c5d226d96951982e27abe
4
- data.tar.gz: 2c79b115b7166fe15906392ed34c19e8c45af370fca4a65230b154b8895d469b
3
+ metadata.gz: f7ec65c65ca477422b595797fb972fe21b52c3682ff698eb288a390c202711fa
4
+ data.tar.gz: 19059ec95f6e3736c32e399baa981fa6383f0c89d3a479081a892b89fad97d75
5
5
  SHA512:
6
- metadata.gz: 7ed5661fab2361174a4fb439bb7c25ac5ed15af7d58235898e594a929853478aec51bcaf96e00799121397d0861c451ca958e47a185a7a9ae133de03f4ec7b52
7
- data.tar.gz: 919c3bd8aa5df43df618e8b439d1dde6aff253fc445cb4ad126e02a0820d6308a1a7eb8e6c330030c016f9cdb948c0dff31f14e5356684dee1ee243d1fb6eae7
6
+ metadata.gz: 15d29aefbd1242ef3cddbd26b4d6621b9291b21ca5eaef7e56753db4efec6bca471b164db686af3194618893d3c7a41f63c5183cc42bda1789245311d331f1ff
7
+ data.tar.gz: 249371addc50a8d769162c3cb9de62d7919da568a0221b6d438f18606deede62f5d6883f8351693ac6d11cc83eb5e7f19b1ee930f447114a6985d88d3e2840f3
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/docker/utils/helpers"
@@ -49,9 +50,9 @@ module Dependabot
49
50
 
50
51
  def dockerfiles
51
52
  @dockerfiles ||=
52
- repo_contents(raise_errors: false).
53
- select { |f| f.type == "file" && f.name.match?(DOCKER_REGEXP) }.
54
- map { |f| fetch_file_from_host(f.name) }
53
+ repo_contents(raise_errors: false)
54
+ .select { |f| f.type == "file" && f.name.match?(DOCKER_REGEXP) }
55
+ .map { |f| fetch_file_from_host(f.name) }
55
56
  end
56
57
 
57
58
  def correctly_encoded_dockerfiles
@@ -64,9 +65,9 @@ module Dependabot
64
65
 
65
66
  def yamlfiles
66
67
  @yamlfiles ||=
67
- repo_contents(raise_errors: false).
68
- select { |f| f.type == "file" && f.name.match?(YAML_REGEXP) }.
69
- map { |f| fetch_file_from_host(f.name) }
68
+ repo_contents(raise_errors: false)
69
+ .select { |f| f.type == "file" && f.name.match?(YAML_REGEXP) }
70
+ .map { |f| fetch_file_from_host(f.name) }
70
71
  end
71
72
 
72
73
  def likely_kubernetes_resource?(resource)
@@ -1,3 +1,4 @@
1
+ # typed: false
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "docker_registry2"
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/docker/utils/helpers"
@@ -85,9 +86,9 @@ module Dependabot
85
86
  old_declaration_regex = /^#{FROM_REGEX}\s+.*@sha256:#{old_digest}/
86
87
 
87
88
  previous_content.gsub(old_declaration_regex) do |old_dec|
88
- old_dec.
89
- gsub("@sha256:#{old_digest}", "@sha256:#{new_digest}").
90
- gsub(":#{old_tag}", ":#{new_tag}")
89
+ old_dec
90
+ .gsub("@sha256:#{old_digest}", "@sha256:#{new_digest}")
91
+ .gsub(":#{old_tag}", ":#{new_tag}")
91
92
  end
92
93
  end
93
94
 
@@ -116,13 +117,13 @@ module Dependabot
116
117
  end
117
118
 
118
119
  def new_tags(file)
119
- requirements(file).
120
- map { |r| r.fetch(:source)[:tag] }
120
+ requirements(file)
121
+ .map { |r| r.fetch(:source)[:tag] }
121
122
  end
122
123
 
123
124
  def old_tags(file)
124
- previous_requirements(file).
125
- map { |r| r.fetch(:source)[:tag] }
125
+ previous_requirements(file)
126
+ .map { |r| r.fetch(:source)[:tag] }
126
127
  end
127
128
 
128
129
  def private_registry_url(source)
@@ -207,13 +208,13 @@ module Dependabot
207
208
  end
208
209
 
209
210
  def requirements(file)
210
- dependency.requirements.
211
- select { |r| r[:file] == file.name }
211
+ dependency.requirements
212
+ .select { |r| r[:file] == file.name }
212
213
  end
213
214
 
214
215
  def previous_requirements(file)
215
- dependency.previous_requirements.
216
- select { |r| r[:file] == file.name }
216
+ dependency.previous_requirements
217
+ .select { |r| r[:file] == file.name }
217
218
  end
218
219
  end
219
220
  end
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/metadata_finders"
@@ -30,5 +31,5 @@ module Dependabot
30
31
  end
31
32
  end
32
33
 
33
- Dependabot::MetadataFinders.
34
- register("docker", Dependabot::Docker::MetadataFinder)
34
+ Dependabot::MetadataFinders
35
+ .register("docker", Dependabot::Docker::MetadataFinder)
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/utils"
@@ -30,5 +31,5 @@ module Dependabot
30
31
  end
31
32
  end
32
33
 
33
- Dependabot::Utils.
34
- register_requirement_class("docker", Dependabot::Docker::Requirement)
34
+ Dependabot::Utils
35
+ .register_requirement_class("docker", Dependabot::Docker::Requirement)
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/docker/file_parser"
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "docker_registry2"
@@ -174,11 +175,11 @@ module Dependabot
174
175
  def latest_tag
175
176
  return unless latest_digest
176
177
 
177
- tags_from_registry.
178
- select(&:canonical?).
179
- sort_by { |t| comparable_version_from(t) }.
180
- reverse.
181
- find { |t| digest_of(t.name) == latest_digest }
178
+ tags_from_registry
179
+ .select(&:canonical?)
180
+ .sort_by { |t| comparable_version_from(t) }
181
+ .reverse
182
+ .find { |t| digest_of(t.name) == latest_digest }
182
183
  end
183
184
 
184
185
  def updated_digest
@@ -324,8 +325,8 @@ module Dependabot
324
325
 
325
326
  def filter_ignored(candidate_tags)
326
327
  filtered =
327
- candidate_tags.
328
- reject do |tag|
328
+ candidate_tags
329
+ .reject do |tag|
329
330
  version = comparable_version_from(tag)
330
331
  ignore_requirements.any? { |r| r.satisfied_by?(version) }
331
332
  end
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "aws-sdk-ecr"
@@ -18,9 +19,9 @@ module Dependabot
18
19
 
19
20
  def credentials_for_registry(registry_hostname)
20
21
  registry_details =
21
- credentials.
22
- select { |cred| cred["type"] == "docker_registry" }.
23
- find { |cred| cred.fetch("registry") == registry_hostname }
22
+ credentials
23
+ .select { |cred| cred["type"] == "docker_registry" }
24
+ .find { |cred| cred.fetch("registry") == registry_hostname }
24
25
  return unless registry_details
25
26
  return registry_details unless registry_hostname.match?(AWS_ECR_URL)
26
27
 
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  module Dependabot
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  require "dependabot/version"
@@ -14,13 +15,21 @@ module Dependabot
14
15
  def initialize(version)
15
16
  release_part, update_part = version.split("_", 2)
16
17
 
17
- @release_part = Dependabot::Version.new(release_part.tr("-", "."))
18
+ @release_part = Dependabot::Version.new(release_part.sub("v", "").tr("-", "."))
18
19
 
19
20
  @update_part = Dependabot::Version.new(update_part&.start_with?(/[0-9]/) ? update_part : 0)
21
+
22
+ super(@release_part)
20
23
  end
21
24
 
22
25
  def self.correct?(version)
23
- super(new(version).to_semver)
26
+ return true if version.is_a?(Gem::Version)
27
+
28
+ # We can't call new here because Gem::Version calls self.correct? in its initialize method
29
+ # causing an infinite loop, so instead we check if the release_part of the version is correct
30
+ release_part, = version.split("_", 2)
31
+ release_part = release_part.sub("v", "").tr("-", ".")
32
+ super(release_part)
24
33
  rescue ArgumentError
25
34
  # if we can't instantiate a version, it can't be correct
26
35
  false
@@ -47,5 +56,5 @@ module Dependabot
47
56
  end
48
57
  end
49
58
 
50
- Dependabot::Utils.
51
- register_version_class("docker", Dependabot::Docker::Version)
59
+ Dependabot::Utils
60
+ .register_version_class("docker", Dependabot::Docker::Version)
@@ -1,3 +1,4 @@
1
+ # typed: true
1
2
  # frozen_string_literal: true
2
3
 
3
4
  # These all need to be required so the various classes can be registered in a
@@ -11,8 +12,8 @@ require "dependabot/docker/requirement"
11
12
  require "dependabot/docker/version"
12
13
 
13
14
  require "dependabot/pull_request_creator/labeler"
14
- Dependabot::PullRequestCreator::Labeler.
15
- register_label_details("docker", name: "docker", colour: "21ceff")
15
+ Dependabot::PullRequestCreator::Labeler
16
+ .register_label_details("docker", name: "docker", colour: "21ceff")
16
17
 
17
18
  require "dependabot/dependency"
18
19
  Dependabot::Dependency.register_production_check("docker", ->(_) { true })
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-docker
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.230.0
4
+ version: 0.232.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-09-08 00:00:00.000000000 Z
11
+ date: 2023-09-14 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.230.0
19
+ version: 0.232.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.230.0
26
+ version: 0.232.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -136,6 +136,20 @@ dependencies:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
138
  version: 1.19.0
139
+ - !ruby/object:Gem::Dependency
140
+ name: rubocop-sorbet
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - "~>"
144
+ - !ruby/object:Gem::Version
145
+ version: 0.7.3
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - "~>"
151
+ - !ruby/object:Gem::Version
152
+ version: 0.7.3
139
153
  - !ruby/object:Gem::Dependency
140
154
  name: stackprof
141
155
  requirement: !ruby/object:Gem::Requirement
@@ -202,7 +216,7 @@ licenses:
202
216
  - Nonstandard
203
217
  metadata:
204
218
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
205
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.230.0
219
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.232.0
206
220
  post_install_message:
207
221
  rdoc_options: []
208
222
  require_paths: