dependabot-docker 0.368.0 → 0.369.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/docker/update_checker.rb +14 -13
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cde08982fe9953b55ba0e4c54ccab6c7de53577313703f8320b4a54c4f2b5397
|
|
4
|
+
data.tar.gz: 63b1fcfbe7c53feb41add6476b7cd4976207a9f3d340e81d2eeaf92f66b16afe
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a7710d10586d0cfcb57b81056b56f41d45def9692b48bc4ee9e782efe8b2f6c2868d403fbfa6700f45f1620bedf3dfccd696ec63912e2d9b13dc34125804705e
|
|
7
|
+
data.tar.gz: '079e53c368372617361184e05c525320a7d6cbbb9455d4e2db951544c78f2684344f9ee2b24156db578f51f2728f8e83a86761eb01d927e8f060acaccbda9dde'
|
|
@@ -6,6 +6,7 @@ require "sorbet-runtime"
|
|
|
6
6
|
|
|
7
7
|
require "dependabot/update_checkers"
|
|
8
8
|
require "dependabot/update_checkers/base"
|
|
9
|
+
require "dependabot/update_checkers/cooldown_calculation"
|
|
9
10
|
require "dependabot/errors"
|
|
10
11
|
require "dependabot/docker/tag"
|
|
11
12
|
require "dependabot/docker/file_parser"
|
|
@@ -346,7 +347,7 @@ module Dependabot
|
|
|
346
347
|
|
|
347
348
|
next if !details || !details.released_at
|
|
348
349
|
|
|
349
|
-
return [tag] unless cooldown_period?(details.released_at)
|
|
350
|
+
return [tag] unless cooldown_period?(T.must(details.released_at), tag)
|
|
350
351
|
|
|
351
352
|
Dependabot.logger.info("Skipping tag #{tag.name} due to cooldown period")
|
|
352
353
|
end
|
|
@@ -812,7 +813,9 @@ module Dependabot
|
|
|
812
813
|
|
|
813
814
|
sig { returns(T::Boolean) }
|
|
814
815
|
def should_skip_cooldown?
|
|
815
|
-
|
|
816
|
+
Dependabot::UpdateCheckers::CooldownCalculation.skip_cooldown?(
|
|
817
|
+
@update_cooldown, dependency.name, cooldown_enabled: cooldown_enabled?
|
|
818
|
+
)
|
|
816
819
|
end
|
|
817
820
|
|
|
818
821
|
sig { returns(T::Boolean) }
|
|
@@ -825,19 +828,17 @@ module Dependabot
|
|
|
825
828
|
Dependabot::Experiments.enabled?(:docker_pin_digests)
|
|
826
829
|
end
|
|
827
830
|
|
|
828
|
-
sig
|
|
829
|
-
|
|
830
|
-
end
|
|
831
|
-
def cooldown_days_for
|
|
831
|
+
sig { params(release_date: Time, candidate_tag: Dependabot::Docker::Tag).returns(T::Boolean) }
|
|
832
|
+
def cooldown_period?(release_date, candidate_tag)
|
|
832
833
|
cooldown = @update_cooldown
|
|
834
|
+
return false unless cooldown
|
|
833
835
|
|
|
834
|
-
|
|
835
|
-
|
|
836
|
-
|
|
837
|
-
|
|
838
|
-
|
|
839
|
-
days
|
|
840
|
-
(Time.now.to_i - release_date.to_i) < (days * 24 * 60 * 60)
|
|
836
|
+
current_version = dependency.version ? comparable_version_from(version_tag) : nil
|
|
837
|
+
new_version = comparable_version_from(candidate_tag)
|
|
838
|
+
days = Dependabot::UpdateCheckers::CooldownCalculation.cooldown_days_for(
|
|
839
|
+
cooldown, current_version, new_version
|
|
840
|
+
)
|
|
841
|
+
Dependabot::UpdateCheckers::CooldownCalculation.within_cooldown_window?(release_date, days)
|
|
841
842
|
end
|
|
842
843
|
|
|
843
844
|
# Fetches the "created" timestamp from the image config blob for a given tag.
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.369.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.369.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.369.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -261,7 +261,7 @@ licenses:
|
|
|
261
261
|
- MIT
|
|
262
262
|
metadata:
|
|
263
263
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
264
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
264
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.369.0
|
|
265
265
|
rdoc_options: []
|
|
266
266
|
require_paths:
|
|
267
267
|
- lib
|