dependabot-docker 0.240.0 → 0.241.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2cde1450fa50370c68266de45f8ec3270737b09be9f77db757597903e30d103f
4
- data.tar.gz: 654ce1fed988f44f83acdc52a73da78f6d8f90b37c41c3ee568f0e8218c4b3a1
3
+ metadata.gz: 45c63512a728e3f7919e655a0db6f3631ba24835728e72fd2c8af5709c1c166c
4
+ data.tar.gz: 959aaf1469b148169d84f604b869e57dae8f94ec0589e0928405c8579fde6706
5
5
  SHA512:
6
- metadata.gz: fb973910b24d7a4b40c9b06204a3eebf9188d95373aec054bf943023d874fc66a915087f275ce31b437c58636fa415dac25e8072b1da51a4e2e8a968ca9569da
7
- data.tar.gz: ff2ae8992fe69dae523e3504b1a9e3ded6d4c83299a7124d15b67886bf491331aa868f02865bcb98958c66d47ebc2468193a81799f7075e76b48bc2f09a5654d
6
+ metadata.gz: cabc652ee17078e2bd77bd3d24a0a786f5f1e03077f74c2127cf239c12d4b268048c8d9732dbaf7f5d62a87b91488789939799361904321270a8ab4fabc8d9cd
7
+ data.tar.gz: 6f0b11164025d9b7e10165db185ecab53e038b5e446918696ab5e18587d2b7c6adb45ee346fc6f6a07a422968b9a9da113d51ef117f6975e62c2fab5be496685
@@ -171,17 +171,19 @@ module Dependabot
171
171
  end
172
172
 
173
173
  def parse_helm(img_hash)
174
- repo = img_hash.fetch("repository", nil)
175
174
  tag_value = img_hash.key?("tag") ? img_hash.fetch("tag", nil) : img_hash.fetch("version", nil)
176
- registry = img_hash.fetch("registry", nil)
175
+ return [] unless tag_value
176
+
177
+ repo = img_hash.fetch("repository", nil)
178
+ return [] unless repo
177
179
 
178
180
  tag_details = tag_value.to_s.match(TAG_WITH_DIGEST).named_captures
179
181
  tag = tag_details["tag"]
180
- digest = tag_details["digest"]
181
-
182
- return [] unless repo
183
182
  return [repo] unless tag
184
183
 
184
+ registry = img_hash.fetch("registry", nil)
185
+ digest = tag_details["digest"]
186
+
185
187
  image = "#{repo}:#{tag}"
186
188
  image.prepend("#{registry}/") if registry
187
189
  image << "@sha256:#{digest}/" if digest
@@ -13,7 +13,7 @@ module Dependabot
13
13
  def look_up_source
14
14
  return if dependency.requirements.empty?
15
15
 
16
- new_source = dependency.requirements.first[:source]
16
+ new_source = dependency.requirements.first&.fetch(:source)
17
17
  return unless new_source && new_source[:registry] && new_source[:tag]
18
18
 
19
19
  image_ref = "#{new_source[:registry]}/#{dependency.name}:#{new_source[:tag]}"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-docker
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.240.0
4
+ version: 0.241.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-01-12 00:00:00.000000000 Z
11
+ date: 2024-01-18 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.240.0
19
+ version: 0.241.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.240.0
26
+ version: 0.241.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -244,7 +244,7 @@ licenses:
244
244
  - Nonstandard
245
245
  metadata:
246
246
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
247
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.240.0
247
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.241.0
248
248
  post_install_message:
249
249
  rdoc_options: []
250
250
  require_paths: