如何让 dependentabot 忽略 docker 次要版本
我试图在最新的 python 版本之后保留一个小版本,我希望使用 dependentabot 来帮助解决这个问题。
我使用 python slim docker 映像作为我的基本映像,并基于该映像加上 dependentabot 文档,我已将以下内容添加到我的 dependentabot.yml 中:
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
ignore:
- dependency-name: "python"
versions: [ "3.10.x" ]
这不起作用。然而,当我告诉 3.10 PR“忽略这个次要版本”时,它成功地做到了这一点,并指出它不会再让我担心 3.10.x 版本了,所以很明显,逻辑就在那里某处
I'm trying to stay one minor version behind the latest python version, and I was hoping to use dependabot to help with that.
I'm using the python slim docker image as my base image, and based on that plus the dependabot docs I've added the following to my dependabot.yml:
- package-ecosystem: "docker"
directory: "/"
schedule:
interval: "daily"
ignore:
- dependency-name: "python"
versions: [ "3.10.x" ]
This is not working. When I tell the 3.10 PR to "ignore this minor version", however, it does so successfully and states that it won't bother me about 3.10.x versions anymore, so clearly the logic is in there somewhere
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
它在这里使用
Gem::Requirement: https://github.com/dependabot/dependabot-core/blob/c0945b376ef12f3551e22f185dc6f20c56049296/docker/lib/dependabot/docker/requirement.rb#L8我还没有测试过这个特定场景,但我是使用类似的东西就成功了。我认为这会起作用:
无论如何,在针对
Gem::Requirement进行测试时:It is using
Gem::Requirementhere: https://github.com/dependabot/dependabot-core/blob/c0945b376ef12f3551e22f185dc6f20c56049296/docker/lib/dependabot/docker/requirement.rb#L8I haven't tested this specific scenario, but I am using something similar with success. I think this will work:
It appears to anyway, when testing against
Gem::Requirement: