Merge branch 'fix/release-notes-link-bitbucket' of https://github.com…

…/setchy/renovate into fix/release-notes-link-bitbucket
renovatebot · Nov 23, 2024 · 94c6872 · 94c6872
2 parents 8ca888e + 8dbdf78
commit 94c6872
Show file tree

Hide file tree

Showing 31 changed files with 924 additions and 438 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -438,7 +438,7 @@ jobs:
           merge-multiple: true
 
       - name: Codecov
-        uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
+        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           directory: coverage/lcov

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -41,7 +41,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
         with:
           languages: javascript
 
@@ -51,7 +51,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -65,4 +65,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -14,4 +14,4 @@ jobs:
           show-progress: false
 
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
+        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -51,6 +51,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -31,7 +31,7 @@ jobs:
           format: 'sarif'
           output: 'trivy-results.sarif'
 
-      - uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+      - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
         with:
           sarif_file: trivy-results.sarif
           category: 'docker-image-${{ matrix.tag }}'
diff --git a/docs/usage/mend-hosted/migrating-secrets.md b/docs/usage/mend-hosted/migrating-secrets.md
@@ -1,6 +1,6 @@
 # Migrating Secrets from Repo Config to App Settings
 
-On 01-Oct-2024 the Mend Renovate cloud apps will stop reading any encrypted secrets from the Renovate configuration file on your repository.
+Use of encrypted secrets in the Mend Renovate cloud apps has been deprecated and soon the apps will stop reading any encrypted secrets from the Renovate configuration file on your repository.
 Previously, you could encrypt a secret with the [Renovate encryption tool](https://app.renovatebot.com/encrypt) and then put it in your Renovate config file.
 
 Going forward, all secrets must be stored in the App settings on the cloud.

diff --git a/lib/config/options/index.ts b/lib/config/options/index.ts
@@ -1135,6 +1135,7 @@ const options: RenovateOptions[] = [
     supportedManagers: [
       'ansible',
       'bitbucket-pipelines',
+      'buildpacks',
       'crossplane',
       'devcontainer',
       'docker-compose',

diff --git a/lib/modules/datasource/maven/index.spec.ts b/lib/modules/datasource/maven/index.spec.ts
@@ -711,6 +711,21 @@ describe('modules/datasource/maven/index', () => {
       expect(res).toBe(releaseOrig);
     });
 
+    it('returns original value for 200 response with versionOrig', async () => {
+      httpMock
+        .scope(MAVEN_REPO)
+        .head('/foo/bar/1.2.3/bar-1.2.3.pom')
+        .reply(200);
+      const releaseOrig: Release = { version: '1.2', versionOrig: '1.2.3' };
+
+      const res = await postprocessRelease(
+        { datasource, packageName: 'foo:bar', registryUrl: MAVEN_REPO },
+        releaseOrig,
+      );
+
+      expect(res).toBe(releaseOrig);
+    });
+
     it('returns original value for invalid configs', async () => {
       const releaseOrig: Release = { version: '1.2.3' };
       expect(

diff --git a/lib/modules/datasource/maven/index.ts b/lib/modules/datasource/maven/index.ts
@@ -254,7 +254,7 @@ export class MavenDatasource extends Datasource {
       { registryUrl, packageName }: PostprocessReleaseConfig,
       { version, versionOrig }: Release,
     ) =>
-      `postprocessRelease:${registryUrl}:${packageName}:${versionOrig ?? version}`,
+      `postprocessRelease:${registryUrl}:${packageName}:${versionOrig ? `${versionOrig}:${version}` : `${version}`}`,
     ttlMinutes: 24 * 60,
   })
   override async postprocessRelease(

diff --git a/lib/modules/manager/api.ts b/lib/modules/manager/api.ts
@@ -12,6 +12,7 @@ import * as bicep from './bicep';
 import * as bitbucketPipelines from './bitbucket-pipelines';
 import * as bitrise from './bitrise';
 import * as buildkite from './buildkite';
+import * as buildpacks from './buildpacks';
 import * as bun from './bun';
 import * as bunVersion from './bun-version';
 import * as bundler from './bundler';
@@ -117,6 +118,7 @@ api.set('bicep', bicep);
 api.set('bitbucket-pipelines', bitbucketPipelines);
 api.set('bitrise', bitrise);
 api.set('buildkite', buildkite);
+api.set('buildpacks', buildpacks);
 api.set('bun', bun);
 api.set('bun-version', bunVersion);
 api.set('bundler', bundler);

diff --git a/lib/modules/manager/asdf/extract.spec.ts b/lib/modules/manager/asdf/extract.spec.ts
@@ -107,6 +107,7 @@ php 8.1.12
 pnpm 7.26.2
 poetry 1.3.2
 pre-commit 3.3.1
+protoc 28.3
 pulumi 3.57.1
 python 3.11.0
 rebar 3.23.0
@@ -559,6 +560,13 @@ dummy 1.2.3
             depName: 'pre-commit',
             extractVersion: '^v(?<version>.+)',
           },
+          {
+            currentValue: '28.3',
+            datasource: 'github-releases',
+            packageName: 'protocolbuffers/protobuf',
+            depName: 'protoc',
+            extractVersion: '^v(?<version>\\S+)',
+          },
           {
             currentValue: '3.57.1',
             datasource: 'github-releases',
@@ -818,32 +826,6 @@ awscli    2.8.6
           },
         ],
       });
-      const semeruJdkRes = extractPackageFile(
-        'java semeru-openj9-17.0.8.1+1_openj9-0.40.0',
-      );
-      expect(semeruJdkRes).toEqual({
-        deps: [
-          {
-            currentValue: '17.0.8.1+1',
-            datasource: 'java-version',
-            depName: 'java',
-            packageName: 'java-jdk',
-          },
-        ],
-      });
-      const semeruJreRes = extractPackageFile(
-        'java semeru-jre-openj9-17.0.8.1+1_openj9-0.40.0',
-      );
-      expect(semeruJreRes).toEqual({
-        deps: [
-          {
-            currentValue: '17.0.8.1+1',
-            datasource: 'java-version',
-            depName: 'java',
-            packageName: 'java-jre',
-          },
-        ],
-      });
       const temurinJdkRes = extractPackageFile('java temurin-16.0.0+36');
       expect(temurinJdkRes).toEqual({
         deps: [

diff --git a/lib/modules/manager/asdf/upgradeable-tooling.ts b/lib/modules/manager/asdf/upgradeable-tooling.ts
@@ -365,26 +365,6 @@ export const upgradeableTooling: Record<string, ToolingDefinition> = {
           currentValue: adoptOpenJreMatches.version,
         };
       }
-      const semeruJdkMatches = version.match(
-        /^semeru-openj9-(?<version>\d\S+)_openj9-(?<openj9>\d\S+)/,
-      )?.groups;
-      if (semeruJdkMatches) {
-        return {
-          datasource: JavaVersionDatasource.id,
-          packageName: 'java-jdk',
-          currentValue: semeruJdkMatches.version,
-        };
-      }
-      const semeruJreMatches = version.match(
-        /^semeru-jre-openj9-(?<version>\d\S+)_openj9-\d\S+/,
-      )?.groups;
-      if (semeruJreMatches) {
-        return {
-          datasource: JavaVersionDatasource.id,
-          packageName: 'java-jre',
-          currentValue: semeruJreMatches.version,
-        };
-      }
       const temurinJdkMatches = version.match(
         /^temurin-(?<version>\d\S+)/,
       )?.groups;
@@ -589,6 +569,14 @@ export const upgradeableTooling: Record<string, ToolingDefinition> = {
       extractVersion: '^v(?<version>.+)',
     },
   },
+  protoc: {
+    asdfPluginUrl: '/~https://github.com/paxosglobal/asdf-protoc.git',
+    config: {
+      datasource: GithubReleasesDatasource.id,
+      packageName: 'protocolbuffers/protobuf',
+      extractVersion: '^v(?<version>\\S+)',
+    },
+  },
   pulumi: {
     asdfPluginUrl: '/~https://github.com/canha/asdf-pulumi.git',
     config: {

diff --git a/lib/modules/manager/buildpacks/extract.spec.ts b/lib/modules/manager/buildpacks/extract.spec.ts
@@ -0,0 +1,111 @@
+import { codeBlock } from 'common-tags';
+
+import { extractPackageFile } from '.';
+
+describe('modules/manager/buildpacks/extract', () => {
+  describe('extractPackageFile()', () => {
+    it('returns null for invalid files', () => {
+      expect(extractPackageFile('not a project toml', '', {})).toBeNull();
+    });
+
+    it('returns null for empty package.toml', () => {
+      const res = extractPackageFile(
+        '[_]\nschema-version = "0.2"',
+        'project.toml',
+        {},
+      );
+      expect(res).toBeNull();
+    });
+
+    it('extracts builder and buildpack images', () => {
+      const res = extractPackageFile(
+        codeBlock`
+[_]
+schema-version = "0.2"
+
+[io.buildpacks]
+builder = "registry.corp/builder/noble:1.1.1"
+
+[[io.buildpacks.group]]
+uri = "docker://buildpacks/java:2.2.2"
+
+[[io.buildpacks.group]]
+uri = "buildpacks/nodejs:3.3.3"
+
+[[io.buildpacks.group]]
+uri = "example/foo@1.0.0"
+
+[[io.buildpacks.group]]
+uri = "example/registry-cnb"
+
+[[io.buildpacks.group]]
+uri = "urn:cnb:registry:example/foo@1.0.0"
+
+[[io.buildpacks.group]]
+uri = "some-bp@sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
+
+[[io.buildpacks.group]]
+uri = "cnbs/some-bp:some-tag@sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
+
+[[io.buildpacks.group]]
+uri = "from=builder:foobar"
+
+[[io.buildpacks.group]]
+uri = "file://local.oci"
+
+[[io.buildpacks.group]]
+uri = "foo://fake.oci"`,
+        'project.toml',
+        {},
+      );
+      expect(res?.deps).toEqual([
+        {
+          autoReplaceStringTemplate:
+            '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+          commitMessageTopic: 'builder {{depName}}',
+          currentValue: '1.1.1',
+          datasource: 'docker',
+          depName: 'registry.corp/builder/noble',
+          replaceString: 'registry.corp/builder/noble:1.1.1',
+        },
+        {
+          autoReplaceStringTemplate:
+            '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+          currentValue: '2.2.2',
+          datasource: 'docker',
+          depName: 'buildpacks/java',
+          replaceString: 'buildpacks/java:2.2.2',
+        },
+        {
+          autoReplaceStringTemplate:
+            '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+          currentValue: '3.3.3',
+          datasource: 'docker',
+          depName: 'buildpacks/nodejs',
+          replaceString: 'buildpacks/nodejs:3.3.3',
+        },
+        {
+          autoReplaceStringTemplate:
+            '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+          currentDigest:
+            'sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef',
+          datasource: 'docker',
+          depName: 'some-bp',
+          replaceString:
+            'some-bp@sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef',
+        },
+        {
+          autoReplaceStringTemplate:
+            '{{depName}}{{#if newValue}}:{{newValue}}{{/if}}{{#if newDigest}}@{{newDigest}}{{/if}}',
+          currentDigest:
+            'sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef',
+          currentValue: 'some-tag',
+          datasource: 'docker',
+          depName: 'cnbs/some-bp',
+          replaceString:
+            'cnbs/some-bp:some-tag@sha256:0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef',
+        },
+      ]);
+    });
+  });
+});