dependabot-docker 0.238.0 → 0.240.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2cde1450fa50370c68266de45f8ec3270737b09be9f77db757597903e30d103f
|
|
4
|
+
data.tar.gz: 654ce1fed988f44f83acdc52a73da78f6d8f90b37c41c3ee568f0e8218c4b3a1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fb973910b24d7a4b40c9b06204a3eebf9188d95373aec054bf943023d874fc66a915087f275ce31b437c58636fa415dac25e8072b1da51a4e2e8a968ca9569da
|
|
7
|
+
data.tar.gz: ff2ae8992fe69dae523e3504b1a9e3ded6d4c83299a7124d15b67886bf491331aa868f02865bcb98958c66d47ebc2468193a81799f7075e76b48bc2f09a5654d
|
|
@@ -111,7 +111,9 @@ module Dependabot
|
|
|
111
111
|
|
|
112
112
|
images.each do |string|
|
|
113
113
|
# TODO: Support Docker references and path references
|
|
114
|
-
details = string.match(IMAGE_SPEC)
|
|
114
|
+
details = string.match(IMAGE_SPEC)&.named_captures
|
|
115
|
+
next if details.nil?
|
|
116
|
+
|
|
115
117
|
details["registry"] = nil if details["registry"] == "docker.io"
|
|
116
118
|
|
|
117
119
|
version = version_from(details)
|
|
@@ -182,7 +184,7 @@ module Dependabot
|
|
|
182
184
|
|
|
183
185
|
image = "#{repo}:#{tag}"
|
|
184
186
|
image.prepend("#{registry}/") if registry
|
|
185
|
-
image
|
|
187
|
+
image << "@sha256:#{digest}/" if digest
|
|
186
188
|
[image]
|
|
187
189
|
end
|
|
188
190
|
end
|
|
@@ -1,15 +1,21 @@
|
|
|
1
1
|
# typed: true
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
|
|
6
|
+
require "dependabot/requirement"
|
|
4
7
|
require "dependabot/utils"
|
|
5
8
|
|
|
6
9
|
module Dependabot
|
|
7
10
|
module Docker
|
|
8
11
|
# Lifted from the bundler package manager
|
|
9
|
-
class Requirement <
|
|
12
|
+
class Requirement < Dependabot::Requirement
|
|
13
|
+
extend T::Sig
|
|
14
|
+
|
|
10
15
|
# For consistency with other languages, we define a requirements array.
|
|
11
16
|
# Ruby doesn't have an `OR` separator for requirements, so it always
|
|
12
17
|
# contains a single element.
|
|
18
|
+
sig { override.params(requirement_string: T.nilable(String)).returns(T::Array[Requirement]) }
|
|
13
19
|
def self.requirements_array(requirement_string)
|
|
14
20
|
[new(requirement_string)]
|
|
15
21
|
end
|
|
@@ -41,7 +41,7 @@ module Dependabot
|
|
|
41
41
|
|
|
42
42
|
release_part, = parsed_version[:version].split("_", 2)
|
|
43
43
|
release_part = Tag.new(release_part.chomp(".").chomp("-").chomp("_")).numeric_version || parsed_version
|
|
44
|
-
super(release_part)
|
|
44
|
+
super(release_part.to_s)
|
|
45
45
|
rescue ArgumentError
|
|
46
46
|
# if we can't instantiate a version, it can't be correct
|
|
47
47
|
false
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.240.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2024-01-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.240.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.240.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,14 +114,14 @@ dependencies:
|
|
|
114
114
|
requirements:
|
|
115
115
|
- - "~>"
|
|
116
116
|
- !ruby/object:Gem::Version
|
|
117
|
-
version: 1.
|
|
117
|
+
version: 1.58.0
|
|
118
118
|
type: :development
|
|
119
119
|
prerelease: false
|
|
120
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
121
121
|
requirements:
|
|
122
122
|
- - "~>"
|
|
123
123
|
- !ruby/object:Gem::Version
|
|
124
|
-
version: 1.
|
|
124
|
+
version: 1.58.0
|
|
125
125
|
- !ruby/object:Gem::Dependency
|
|
126
126
|
name: rubocop-performance
|
|
127
127
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -206,6 +206,20 @@ dependencies:
|
|
|
206
206
|
- - "~>"
|
|
207
207
|
- !ruby/object:Gem::Version
|
|
208
208
|
version: '3.18'
|
|
209
|
+
- !ruby/object:Gem::Dependency
|
|
210
|
+
name: webrick
|
|
211
|
+
requirement: !ruby/object:Gem::Requirement
|
|
212
|
+
requirements:
|
|
213
|
+
- - ">="
|
|
214
|
+
- !ruby/object:Gem::Version
|
|
215
|
+
version: '1.7'
|
|
216
|
+
type: :development
|
|
217
|
+
prerelease: false
|
|
218
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
219
|
+
requirements:
|
|
220
|
+
- - ">="
|
|
221
|
+
- !ruby/object:Gem::Version
|
|
222
|
+
version: '1.7'
|
|
209
223
|
description: Dependabot-Docker provides support for bumping Docker image tags via
|
|
210
224
|
Dependabot. If you want support for multiple package managers, you probably want
|
|
211
225
|
the meta-gem dependabot-omnibus.
|
|
@@ -230,7 +244,7 @@ licenses:
|
|
|
230
244
|
- Nonstandard
|
|
231
245
|
metadata:
|
|
232
246
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
233
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
247
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.240.0
|
|
234
248
|
post_install_message:
|
|
235
249
|
rdoc_options: []
|
|
236
250
|
require_paths:
|