dependabot-docker 0.236.0 → 0.237.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/docker/file_fetcher.rb +7 -2
- data/lib/dependabot/docker/tag.rb +2 -2
- data/lib/dependabot/docker/version.rb +6 -1
- metadata +21 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2ee0f465e1956f66ab257358ae18109b4c99ffcc6d0cc898b0bcf63a233be756
|
|
4
|
+
data.tar.gz: a2d1202209b70f51a04327460e5bb8b1a0053f40d3aa2cfa0ce2219170a8a467
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 28eb1c0b65e43ed4ff71952c8d77c70319e7127cee827052a1e2b02d537153d5af2ec1698d89f0554073fbebf0e64711780d04a87c6dde77ed0626cfb42165f3
|
|
7
|
+
data.tar.gz: bf928c4fb9e5a3de42d953630b72f186eccf083d18b54ba921d038ee6d8aabb383b4e9ba396616190d9d8ca7ba759a3545e2dcc6bfd058c762c10127d62f72f5
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# typed: false
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
4
5
|
require "dependabot/docker/utils/helpers"
|
|
5
6
|
require "dependabot/file_fetchers"
|
|
6
7
|
require "dependabot/file_fetchers/base"
|
|
@@ -8,6 +9,9 @@ require "dependabot/file_fetchers/base"
|
|
|
8
9
|
module Dependabot
|
|
9
10
|
module Docker
|
|
10
11
|
class FileFetcher < Dependabot::FileFetchers::Base
|
|
12
|
+
extend T::Sig
|
|
13
|
+
extend T::Helpers
|
|
14
|
+
|
|
11
15
|
YAML_REGEXP = /^[^\.]+\.ya?ml$/i
|
|
12
16
|
DOCKER_REGEXP = /dockerfile/i
|
|
13
17
|
|
|
@@ -20,8 +24,7 @@ module Dependabot
|
|
|
20
24
|
"Repo must contain a Dockerfile or Kubernetes YAML files."
|
|
21
25
|
end
|
|
22
26
|
|
|
23
|
-
|
|
24
|
-
|
|
27
|
+
sig { override.returns(T::Array[DependencyFile]) }
|
|
25
28
|
def fetch_files
|
|
26
29
|
fetched_files = []
|
|
27
30
|
fetched_files += correctly_encoded_dockerfiles
|
|
@@ -48,6 +51,8 @@ module Dependabot
|
|
|
48
51
|
end
|
|
49
52
|
end
|
|
50
53
|
|
|
54
|
+
private
|
|
55
|
+
|
|
51
56
|
def dockerfiles
|
|
52
57
|
@dockerfiles ||=
|
|
53
58
|
repo_contents(raise_errors: false)
|
|
@@ -33,7 +33,7 @@ module Dependabot
|
|
|
33
33
|
end
|
|
34
34
|
|
|
35
35
|
def looks_like_prerelease?
|
|
36
|
-
numeric_version.
|
|
36
|
+
numeric_version.match?(/[a-zA-Z]/)
|
|
37
37
|
end
|
|
38
38
|
|
|
39
39
|
def comparable_to?(other)
|
|
@@ -110,7 +110,7 @@ module Dependabot
|
|
|
110
110
|
def numeric_version
|
|
111
111
|
return unless comparable?
|
|
112
112
|
|
|
113
|
-
version.gsub(/-[a-z]+/, "").downcase
|
|
113
|
+
version.gsub(/kb/i, "").gsub(/-[a-z]+/, "").downcase
|
|
114
114
|
end
|
|
115
115
|
|
|
116
116
|
def precision
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
|
|
4
4
|
require "dependabot/version"
|
|
5
5
|
require "dependabot/utils"
|
|
6
|
+
require "dependabot/docker/tag"
|
|
6
7
|
|
|
7
8
|
module Dependabot
|
|
8
9
|
module Docker
|
|
@@ -14,9 +15,13 @@ module Dependabot
|
|
|
14
15
|
class Version < Dependabot::Version
|
|
15
16
|
def initialize(version)
|
|
16
17
|
release_part, update_part = version.split("_", 2)
|
|
18
|
+
release_part = release_part.sub("v", "")
|
|
17
19
|
|
|
18
|
-
|
|
20
|
+
# The numeric_version is needed here to validate the version string (ex: 20.9.0-alpine3.18)
|
|
21
|
+
# when the call is made via Depenedabot Api to convert the image version to semver.
|
|
22
|
+
release_part = Tag.new(release_part).numeric_version
|
|
19
23
|
|
|
24
|
+
@release_part = Dependabot::Version.new(release_part.tr("-", "."))
|
|
20
25
|
@update_part = Dependabot::Version.new(update_part&.start_with?(/[0-9]/) ? update_part : 0)
|
|
21
26
|
|
|
22
27
|
super(@release_part)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.237.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-11-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.237.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.237.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -94,20 +94,34 @@ dependencies:
|
|
|
94
94
|
- - "~>"
|
|
95
95
|
- !ruby/object:Gem::Version
|
|
96
96
|
version: '1.3'
|
|
97
|
+
- !ruby/object:Gem::Dependency
|
|
98
|
+
name: rspec-sorbet
|
|
99
|
+
requirement: !ruby/object:Gem::Requirement
|
|
100
|
+
requirements:
|
|
101
|
+
- - "~>"
|
|
102
|
+
- !ruby/object:Gem::Version
|
|
103
|
+
version: 1.9.2
|
|
104
|
+
type: :development
|
|
105
|
+
prerelease: false
|
|
106
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
107
|
+
requirements:
|
|
108
|
+
- - "~>"
|
|
109
|
+
- !ruby/object:Gem::Version
|
|
110
|
+
version: 1.9.2
|
|
97
111
|
- !ruby/object:Gem::Dependency
|
|
98
112
|
name: rubocop
|
|
99
113
|
requirement: !ruby/object:Gem::Requirement
|
|
100
114
|
requirements:
|
|
101
115
|
- - "~>"
|
|
102
116
|
- !ruby/object:Gem::Version
|
|
103
|
-
version: 1.
|
|
117
|
+
version: 1.57.2
|
|
104
118
|
type: :development
|
|
105
119
|
prerelease: false
|
|
106
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
107
121
|
requirements:
|
|
108
122
|
- - "~>"
|
|
109
123
|
- !ruby/object:Gem::Version
|
|
110
|
-
version: 1.
|
|
124
|
+
version: 1.57.2
|
|
111
125
|
- !ruby/object:Gem::Dependency
|
|
112
126
|
name: rubocop-performance
|
|
113
127
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -216,7 +230,7 @@ licenses:
|
|
|
216
230
|
- Nonstandard
|
|
217
231
|
metadata:
|
|
218
232
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
219
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
233
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.237.0
|
|
220
234
|
post_install_message:
|
|
221
235
|
rdoc_options: []
|
|
222
236
|
require_paths:
|