dependabot-docker 0.303.0 → 0.304.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 92752c2e2066e8ac2104cd03a3c0a7764421a45711e9154b51cec34c69bed534
|
|
4
|
+
data.tar.gz: d7c5b9394efdcacb8c6c1aa72a48d440c75afe7a0f4118ad178d1f00916ee087
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: '049f98cf2117b1784f61a556c7f5bf734379b48fbef7babea093c121b6f051e3c3eb8156234c1a8ec4b7fc457b7a896792b035c9ae4d59de073959bccdebcd0f'
|
|
7
|
+
data.tar.gz: feaa4f23cf416cf20ecf0e993fb6ad3f3a4d836b5c52315bce2a4f780b5bbe30af8365de7daa97416083e84bfc5871e700ff6a795014315edc26ffa95fcbaa3d
|
|
@@ -167,10 +167,6 @@ module Dependabot
|
|
|
167
167
|
|
|
168
168
|
sig { params(original_tag: Dependabot::Docker::Tag).returns(T::Array[Dependabot::Docker::Tag]) }
|
|
169
169
|
def comparable_tags_from_registry(original_tag)
|
|
170
|
-
unless Experiments.enabled?(:docker_tag_component_comparison)
|
|
171
|
-
return tags_from_registry.select { |tag| tag.comparable_to?(original_tag) }
|
|
172
|
-
end
|
|
173
|
-
|
|
174
170
|
common_components = identify_common_components(tags_from_registry)
|
|
175
171
|
original_components = extract_tag_components(original_tag.name, common_components)
|
|
176
172
|
Dependabot.logger.info("Original tag components: #{original_components.join(',')}")
|
|
@@ -33,7 +33,13 @@ module Dependabot
|
|
|
33
33
|
|
|
34
34
|
sig { params(parsed_line: T::Hash[String, T.nilable(String)]).returns(T.nilable(String)) }
|
|
35
35
|
def version_from(parsed_line)
|
|
36
|
-
parsed_line.fetch("tag") || parsed_line.fetch("digest")
|
|
36
|
+
return nil unless parsed_line.fetch("tag") || parsed_line.fetch("digest")
|
|
37
|
+
|
|
38
|
+
if parsed_line.fetch("tag") && parsed_line.fetch("digest")
|
|
39
|
+
"#{parsed_line.fetch('tag')}@sha256:#{parsed_line.fetch('digest')}"
|
|
40
|
+
else
|
|
41
|
+
parsed_line.fetch("tag") || "sha256:#{parsed_line.fetch('digest')}"
|
|
42
|
+
end
|
|
37
43
|
end
|
|
38
44
|
|
|
39
45
|
sig { params(parsed_line: T::Hash[String, T.nilable(String)]).returns(T::Hash[String, T.nilable(String)]) }
|
|
@@ -42,7 +48,7 @@ module Dependabot
|
|
|
42
48
|
|
|
43
49
|
source[:registry] = parsed_line.fetch("registry") if parsed_line.fetch("registry")
|
|
44
50
|
source[:tag] = parsed_line.fetch("tag") if parsed_line.fetch("tag")
|
|
45
|
-
source[:digest] = parsed_line.fetch(
|
|
51
|
+
source[:digest] = "sha256:#{parsed_line.fetch('digest')}" if parsed_line.fetch("digest")
|
|
46
52
|
|
|
47
53
|
source
|
|
48
54
|
end
|
|
@@ -17,16 +17,17 @@ module Dependabot
|
|
|
17
17
|
AWS_ECR_URL = /dkr\.ecr\.(?<region>[^.]+)\.amazonaws\.com/
|
|
18
18
|
DEFAULT_DOCKER_HUB_REGISTRY = "registry.hub.docker.com"
|
|
19
19
|
|
|
20
|
-
sig { params(credentials: T::Array[Dependabot::Credential]).void }
|
|
21
|
-
def initialize(credentials)
|
|
20
|
+
sig { params(credentials: T::Array[Dependabot::Credential], private_repository_type: String).void }
|
|
21
|
+
def initialize(credentials, private_repository_type: "docker_registry")
|
|
22
22
|
@credentials = credentials
|
|
23
|
+
@private_repository_type = private_repository_type
|
|
23
24
|
end
|
|
24
25
|
|
|
25
26
|
sig { params(registry_hostname: T.nilable(String)).returns(T.nilable(Dependabot::Credential)) }
|
|
26
27
|
def credentials_for_registry(registry_hostname)
|
|
27
28
|
registry_details =
|
|
28
29
|
credentials
|
|
29
|
-
.select { |cred| cred["type"] ==
|
|
30
|
+
.select { |cred| cred["type"] == private_repository_type }
|
|
30
31
|
.find { |cred| cred.fetch("registry") == registry_hostname }
|
|
31
32
|
return unless registry_details
|
|
32
33
|
return registry_details unless registry_hostname&.match?(AWS_ECR_URL)
|
|
@@ -38,7 +39,7 @@ module Dependabot
|
|
|
38
39
|
def base_registry
|
|
39
40
|
@base_registry ||= T.let(
|
|
40
41
|
credentials.find do |cred|
|
|
41
|
-
cred["type"] ==
|
|
42
|
+
cred["type"] == private_repository_type && cred.replaces_base?
|
|
42
43
|
end,
|
|
43
44
|
T.nilable(Dependabot::Credential)
|
|
44
45
|
)
|
|
@@ -57,6 +58,9 @@ module Dependabot
|
|
|
57
58
|
sig { returns(T::Array[Dependabot::Credential]) }
|
|
58
59
|
attr_reader :credentials
|
|
59
60
|
|
|
61
|
+
sig { returns(String) }
|
|
62
|
+
attr_reader :private_repository_type
|
|
63
|
+
|
|
60
64
|
sig { params(registry_details: Dependabot::Credential).returns(Dependabot::Credential) }
|
|
61
65
|
def build_aws_credentials(registry_details)
|
|
62
66
|
# If credentials have been generated from AWS we can just return them
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.304.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-03
|
|
11
|
+
date: 2025-04-03 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.304.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.304.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -262,7 +262,7 @@ licenses:
|
|
|
262
262
|
- MIT
|
|
263
263
|
metadata:
|
|
264
264
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
265
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
265
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.304.0
|
|
266
266
|
post_install_message:
|
|
267
267
|
rdoc_options: []
|
|
268
268
|
require_paths:
|