dependabot-docker 0.352.0 → 0.354.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/docker/update_checker.rb +29 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e457b154c269925fb061d0fafa9b5ce0a6fd930db9acf435aa9591862132c423
|
|
4
|
+
data.tar.gz: 8fe185006bec485af04e7a67ac86b6cc23a1c95dfd7008cef3976a932778dd0d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e8fa19d1a2de032e3197b82f46fed017fa850149230616304dc51e1d9d7e8ea84f204b4b056e3394ebd7b00c712cee2ba3ef7cc1f8b852cbda6c160eb2798108
|
|
7
|
+
data.tar.gz: 15482e7c60898d05a7491eb6ffe5593f421a7399682dc0784074d9e59d1e164a4924ebf0373f5bd92bec74ca37e1d5a57d04d20d9d9007db78aa7e315d94375d
|
|
@@ -219,7 +219,7 @@ module Dependabot
|
|
|
219
219
|
client.digest(docker_repo_name, tag.name)
|
|
220
220
|
end
|
|
221
221
|
|
|
222
|
-
first_digest = digest_info
|
|
222
|
+
first_digest = extract_digest_from_response(digest_info, tag)
|
|
223
223
|
return nil unless first_digest
|
|
224
224
|
|
|
225
225
|
blob_info = with_retries(max_attempts: 3, errors: transient_docker_errors) do
|
|
@@ -240,6 +240,34 @@ module Dependabot
|
|
|
240
240
|
)
|
|
241
241
|
end
|
|
242
242
|
|
|
243
|
+
sig do
|
|
244
|
+
params(
|
|
245
|
+
digest_info: T.untyped,
|
|
246
|
+
tag: Dependabot::Docker::Tag
|
|
247
|
+
).returns(T.nilable(String))
|
|
248
|
+
end
|
|
249
|
+
def extract_digest_from_response(digest_info, tag)
|
|
250
|
+
# digest_info can be either a String or an Array depending on the registry response
|
|
251
|
+
case digest_info
|
|
252
|
+
when Array
|
|
253
|
+
if digest_info.empty?
|
|
254
|
+
Dependabot.logger.warn(
|
|
255
|
+
"Empty digest_info array for #{docker_repo_name}:#{tag.name}"
|
|
256
|
+
)
|
|
257
|
+
return nil
|
|
258
|
+
end
|
|
259
|
+
digest_info.first&.fetch("digest")
|
|
260
|
+
when String
|
|
261
|
+
digest_info
|
|
262
|
+
else
|
|
263
|
+
Dependabot.logger.warn(
|
|
264
|
+
"Unexpected digest_info type for #{docker_repo_name}:#{tag.name}: " \
|
|
265
|
+
"#{digest_info.class} (expected String or Array)"
|
|
266
|
+
)
|
|
267
|
+
nil
|
|
268
|
+
end
|
|
269
|
+
end
|
|
270
|
+
|
|
243
271
|
sig do
|
|
244
272
|
params(
|
|
245
273
|
max_attempts: Integer,
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.354.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.354.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.354.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -261,7 +261,7 @@ licenses:
|
|
|
261
261
|
- MIT
|
|
262
262
|
metadata:
|
|
263
263
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
264
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
264
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.354.0
|
|
265
265
|
rdoc_options: []
|
|
266
266
|
require_paths:
|
|
267
267
|
- lib
|