dependabot-docker 0.294.0 → 0.296.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/docker/update_checker.rb +21 -2
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7d73f1ca0edd3883c63fc068f9193b5cad4cd1d7ab3aa3284b6baaf2b82710e6
|
|
4
|
+
data.tar.gz: 43d31badacfcaf0de6c5fbbf99afcb967e8be37dcf3eac5d86583b8e8e962c4d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 546df875ae2acc06f1801a2daf554fb85ae10df63f6b91e0db1c330b2cb608d3a454afbc4dab4125b97fe5faa63c6130466df40434de55457d955315161fdf4b
|
|
7
|
+
data.tar.gz: 8848b1add1aa64b5a30e2eea1166dcede4371313e2c31960a02500c24f6df209cd148bd23a2072815c72821bd66e76174f5048977ee6fa2deb33fc9fd724f866
|
|
@@ -211,6 +211,9 @@ module Dependabot
|
|
|
211
211
|
raise if using_dockerhub?
|
|
212
212
|
|
|
213
213
|
raise PrivateSourceTimedOut, registry_hostname
|
|
214
|
+
rescue RestClient::ServerBrokeConnection,
|
|
215
|
+
RestClient::TooManyRequests
|
|
216
|
+
raise PrivateSourceBadResponse, registry_hostname
|
|
214
217
|
end
|
|
215
218
|
|
|
216
219
|
def latest_digest
|
|
@@ -232,12 +235,15 @@ module Dependabot
|
|
|
232
235
|
attempt ||= 1
|
|
233
236
|
attempt += 1
|
|
234
237
|
return if attempt > 3 && e.is_a?(DockerRegistry2::NotFound)
|
|
235
|
-
raise if attempt > 3
|
|
238
|
+
raise PrivateSourceBadResponse, registry_hostname if attempt > 3
|
|
236
239
|
|
|
237
240
|
retry
|
|
238
241
|
rescue DockerRegistry2::RegistryAuthenticationException,
|
|
239
242
|
RestClient::Forbidden
|
|
240
243
|
raise PrivateSourceAuthenticationFailure, registry_hostname
|
|
244
|
+
rescue RestClient::ServerBrokeConnection,
|
|
245
|
+
RestClient::TooManyRequests
|
|
246
|
+
raise PrivateSourceBadResponse, registry_hostname
|
|
241
247
|
end
|
|
242
248
|
|
|
243
249
|
def transient_docker_errors
|
|
@@ -300,17 +306,30 @@ module Dependabot
|
|
|
300
306
|
"library/#{dependency.name}"
|
|
301
307
|
end
|
|
302
308
|
|
|
309
|
+
# Defaults from https://github.com/deitch/docker_registry2/blob/bfde04144f0b7fd63c156a1aca83efe19ee78ffd/lib/registry/registry.rb#L26-L27
|
|
310
|
+
DEFAULT_DOCKER_OPEN_TIMEOUT_IN_SECONDS = 2
|
|
311
|
+
DEFAULT_DOCKER_READ_TIMEOUT_IN_SECONDS = 5
|
|
312
|
+
|
|
303
313
|
def docker_registry_client
|
|
304
314
|
@docker_registry_client ||=
|
|
305
315
|
DockerRegistry2::Registry.new(
|
|
306
316
|
"https://#{registry_hostname}",
|
|
307
317
|
user: registry_credentials&.fetch("username", nil),
|
|
308
318
|
password: registry_credentials&.fetch("password", nil),
|
|
309
|
-
read_timeout:
|
|
319
|
+
read_timeout: docker_read_timeout_in_seconds,
|
|
320
|
+
open_timeout: docker_open_timeout_in_seconds,
|
|
310
321
|
http_options: { proxy: ENV.fetch("HTTPS_PROXY", nil) }
|
|
311
322
|
)
|
|
312
323
|
end
|
|
313
324
|
|
|
325
|
+
def docker_open_timeout_in_seconds
|
|
326
|
+
ENV.fetch("DEPENDABOT_DOCKER_OPEN_TIMEOUT_IN_SECONDS", DEFAULT_DOCKER_OPEN_TIMEOUT_IN_SECONDS).to_i
|
|
327
|
+
end
|
|
328
|
+
|
|
329
|
+
def docker_read_timeout_in_seconds
|
|
330
|
+
ENV.fetch("DEPENDABOT_DOCKER_READ_TIMEOUT_IN_SECONDS", DEFAULT_DOCKER_READ_TIMEOUT_IN_SECONDS).to_i
|
|
331
|
+
end
|
|
332
|
+
|
|
314
333
|
def sort_tags(candidate_tags, version_tag)
|
|
315
334
|
candidate_tags.sort do |tag_a, tag_b|
|
|
316
335
|
if comparable_version_from(tag_a) > comparable_version_from(tag_b)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.296.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-
|
|
11
|
+
date: 2025-02-06 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.296.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.296.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -259,7 +259,7 @@ licenses:
|
|
|
259
259
|
- MIT
|
|
260
260
|
metadata:
|
|
261
261
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
262
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
262
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.296.0
|
|
263
263
|
post_install_message:
|
|
264
264
|
rdoc_options: []
|
|
265
265
|
require_paths:
|