dependabot-docker 0.353.0 → 0.354.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/docker/update_checker.rb +3 -24
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: e457b154c269925fb061d0fafa9b5ce0a6fd930db9acf435aa9591862132c423
|
|
4
|
+
data.tar.gz: 8fe185006bec485af04e7a67ac86b6cc23a1c95dfd7008cef3976a932778dd0d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e8fa19d1a2de032e3197b82f46fed017fa850149230616304dc51e1d9d7e8ea84f204b4b056e3394ebd7b00c712cee2ba3ef7cc1f8b852cbda6c160eb2798108
|
|
7
|
+
data.tar.gz: 15482e7c60898d05a7491eb6ffe5593f421a7399682dc0784074d9e59d1e164a4924ebf0373f5bd92bec74ca37e1d5a57d04d20d9d9007db78aa7e315d94375d
|
|
@@ -101,33 +101,12 @@ module Dependabot
|
|
|
101
101
|
comparable_version_from(latest_tag) <= comparable_version_from(version_tag)
|
|
102
102
|
end
|
|
103
103
|
|
|
104
|
-
# Digest requirements come in two forms:
|
|
105
|
-
#
|
|
106
|
-
# - Tag + digest (e.g. `image:debug@sha256:<digest>`):
|
|
107
|
-
# the tag is the source of truth, so the expected digest is the digest of the tag.
|
|
108
|
-
#
|
|
109
|
-
# - Digest-only (e.g. `image@sha256:<digest>`):
|
|
110
|
-
# there is no tag to resolve, so the expected digest is `updated_digest`.
|
|
111
|
-
#
|
|
112
|
-
# A dependency may have multiple digest requirements (across multiple files), so
|
|
113
|
-
# we compute the expected digest per requirement rather than using a single
|
|
114
|
-
# global value.
|
|
115
104
|
sig { returns(T::Boolean) }
|
|
116
105
|
def digest_up_to_date?
|
|
117
|
-
return true unless updated_digest
|
|
118
|
-
|
|
119
106
|
digest_requirements.all? do |req|
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
expected_digest =
|
|
125
|
-
if source_tag
|
|
126
|
-
digest_of(source_tag)
|
|
127
|
-
else
|
|
128
|
-
updated_digest
|
|
129
|
-
end
|
|
130
|
-
source_digest == expected_digest
|
|
107
|
+
next true unless updated_digest
|
|
108
|
+
|
|
109
|
+
req.fetch(:source).fetch(:digest) == updated_digest
|
|
131
110
|
end
|
|
132
111
|
end
|
|
133
112
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-docker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.354.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.354.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.354.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -261,7 +261,7 @@ licenses:
|
|
|
261
261
|
- MIT
|
|
262
262
|
metadata:
|
|
263
263
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
264
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
264
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.354.0
|
|
265
265
|
rdoc_options: []
|
|
266
266
|
require_paths:
|
|
267
267
|
- lib
|