dependabot-docker 0.242.0 → 0.243.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 002b261a4a996e970d8f37056762003569b118ca3b4af1bfde130d5ff014fa20
|
4
|
+
data.tar.gz: 7bf62a18be31221b95678b9730fff15e3409b0f548f8cbb93c16467962455eca
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9f00b3d93f0fc3273b1d9338122f737a7fcdbd54101247ddbc437e116b88f7b01f08b2f54c471c4bc1ddede41e65b6074aa83878e21ab1d9faaadad02545e24b
|
7
|
+
data.tar.gz: 24d59d4decea8f5ed2b379b1bfb3fb9c45a4d9fbfd4b4c348c69c87d88210504a1012992e66e12eef8ba89780650033dd0e13ec65047da54cbf5ce3fcf6f3386
|
@@ -13,6 +13,8 @@ module Dependabot
|
|
13
13
|
class FileParser < Dependabot::FileParsers::Base
|
14
14
|
require "dependabot/file_parsers/base/dependency_set"
|
15
15
|
|
16
|
+
YAML_REGEXP = /^[^\.].*\.ya?ml$/i
|
17
|
+
|
16
18
|
# Details of Docker regular expressions is at
|
17
19
|
# https://github.com/docker/distribution/blob/master/reference/regexp.go
|
18
20
|
DOMAIN_COMPONENT = /(?:[[:alnum:]]|[[:alnum:]][[[:alnum:]]-]*[[:alnum:]])/
|
@@ -75,7 +77,7 @@ module Dependabot
|
|
75
77
|
|
76
78
|
def dockerfiles
|
77
79
|
# The Docker file fetcher fetches Dockerfiles and yaml files. Reject yaml files.
|
78
|
-
dependency_files.reject { |f| f.type == "file" && f.name.match?(
|
80
|
+
dependency_files.reject { |f| f.type == "file" && f.name.match?(YAML_REGEXP) }
|
79
81
|
end
|
80
82
|
|
81
83
|
def version_from(parsed_from_line)
|
@@ -167,7 +169,7 @@ module Dependabot
|
|
167
169
|
|
168
170
|
def manifest_files
|
169
171
|
# Dependencies include both Dockerfiles and yaml, select yaml.
|
170
|
-
dependency_files.select { |f| f.type == "file" && f.name.match?(
|
172
|
+
dependency_files.select { |f| f.type == "file" && f.name.match?(YAML_REGEXP) }
|
171
173
|
end
|
172
174
|
|
173
175
|
def parse_helm(img_hash)
|
@@ -11,10 +11,13 @@ module Dependabot
|
|
11
11
|
class FileUpdater < Dependabot::FileUpdaters::Base
|
12
12
|
FROM_REGEX = /FROM(\s+--platform\=\S+)?/i
|
13
13
|
|
14
|
+
YAML_REGEXP = /^[^\.].*\.ya?ml$/i
|
15
|
+
DOCKER_REGEXP = /dockerfile/i
|
16
|
+
|
14
17
|
def self.updated_files_regex
|
15
18
|
[
|
16
|
-
|
17
|
-
|
19
|
+
DOCKER_REGEXP,
|
20
|
+
YAML_REGEXP
|
18
21
|
]
|
19
22
|
end
|
20
23
|
|
@@ -23,7 +26,7 @@ module Dependabot
|
|
23
26
|
dependency_files.each do |file|
|
24
27
|
next unless requirement_changed?(file, dependency)
|
25
28
|
|
26
|
-
updated_files << if file.name.match?(
|
29
|
+
updated_files << if file.name.match?(YAML_REGEXP)
|
27
30
|
updated_file(
|
28
31
|
file: file,
|
29
32
|
content: updated_yaml_content(file)
|
@@ -63,12 +66,7 @@ module Dependabot
|
|
63
66
|
updated_content = file.content
|
64
67
|
|
65
68
|
old_sources.zip(new_sources).each do |old_source, new_source|
|
66
|
-
updated_content =
|
67
|
-
if specified_with_digest?(old_source)
|
68
|
-
update_digest_and_tag(updated_content, old_source, new_source)
|
69
|
-
else
|
70
|
-
update_tag(updated_content, old_source, new_source)
|
71
|
-
end
|
69
|
+
updated_content = update_digest_and_tag(updated_content, old_source, new_source)
|
72
70
|
end
|
73
71
|
|
74
72
|
raise "Expected content to change!" if updated_content == file.content
|
@@ -83,35 +81,38 @@ module Dependabot
|
|
83
81
|
old_tag = old_source[:tag]
|
84
82
|
new_tag = new_source[:tag]
|
85
83
|
|
86
|
-
old_declaration_regex = /^#{FROM_REGEX}\s+.*@sha256:#{old_digest}/
|
87
|
-
|
88
|
-
previous_content.gsub(old_declaration_regex) do |old_dec|
|
89
|
-
old_dec
|
90
|
-
.gsub("@sha256:#{old_digest}", "@sha256:#{new_digest}")
|
91
|
-
.gsub(":#{old_tag}", ":#{new_tag}")
|
92
|
-
end
|
93
|
-
end
|
94
|
-
|
95
|
-
def update_tag(previous_content, old_source, new_source)
|
96
|
-
old_tag = old_source[:tag]
|
97
|
-
new_tag = new_source[:tag]
|
98
|
-
|
99
84
|
old_declaration =
|
100
85
|
if private_registry_url(old_source) then "#{private_registry_url(old_source)}/"
|
101
86
|
else
|
102
87
|
""
|
103
88
|
end
|
104
|
-
old_declaration +=
|
89
|
+
old_declaration += dependency.name
|
90
|
+
old_declaration +=
|
91
|
+
if specified_with_tag?(old_source) then ":#{old_tag}"
|
92
|
+
else
|
93
|
+
""
|
94
|
+
end
|
95
|
+
old_declaration +=
|
96
|
+
if specified_with_digest?(old_source) then "@sha256:#{old_digest}"
|
97
|
+
else
|
98
|
+
""
|
99
|
+
end
|
105
100
|
escaped_declaration = Regexp.escape(old_declaration)
|
106
101
|
|
107
102
|
old_declaration_regex =
|
108
103
|
%r{^#{FROM_REGEX}\s+(docker\.io/)?#{escaped_declaration}(?=\s|$)}
|
109
104
|
|
110
105
|
previous_content.gsub(old_declaration_regex) do |old_dec|
|
111
|
-
old_dec
|
106
|
+
old_dec
|
107
|
+
.gsub("@sha256:#{old_digest}", "@sha256:#{new_digest}")
|
108
|
+
.gsub(":#{old_tag}", ":#{new_tag}")
|
112
109
|
end
|
113
110
|
end
|
114
111
|
|
112
|
+
def specified_with_tag?(source)
|
113
|
+
source[:tag]
|
114
|
+
end
|
115
|
+
|
115
116
|
def specified_with_digest?(source)
|
116
117
|
source[:digest]
|
117
118
|
end
|
@@ -30,7 +30,7 @@ module Dependabot
|
|
30
30
|
|
31
31
|
def base_registry
|
32
32
|
@base_registry ||= credentials.find do |cred|
|
33
|
-
cred["type"] == "docker_registry" && cred
|
33
|
+
cred["type"] == "docker_registry" && cred.replaces_base?
|
34
34
|
end
|
35
35
|
@base_registry ||= { "registry" => DEFAULT_DOCKER_HUB_REGISTRY, "credentials" => nil }
|
36
36
|
@base_registry["registry"]
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-docker
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.243.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-
|
11
|
+
date: 2024-02-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.243.0
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.243.0
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: debug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -244,7 +244,7 @@ licenses:
|
|
244
244
|
- Nonstandard
|
245
245
|
metadata:
|
246
246
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
247
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
247
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.243.0
|
248
248
|
post_install_message:
|
249
249
|
rdoc_options: []
|
250
250
|
require_paths:
|