You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What would you like to be added:
When we import syft into our projects via the .tar.gz package for example, the version is indicated in 2 places in a different format (with and without the v): https://github.com/anchore/syft/releases/download/v0.60.3/syft_0.60.3_linux_amd64.tar.gz
It would be useful to standardize the tags with the versions indicated in the package names: put the "v" nowhere or everywhere.
Why is this needed:
If Renovate can't automatically identify a dependency, it needs to be told so via a regex. In this regex, we need to specify where the version is located. This poses a problem when 2 versions in the same package have a different format. It therefore fails to update the dependency correctly.
Thanks to this standardization, it would be able to correctly modify the version in both places.
The text was updated successfully, but these errors were encountered:
Hi @EmyLIEUTAUD, thanks for filing the issue. We aren't familiar with Renovate over here. We would prefer not to change our url scheme at this point, but we'd be happy to help you find a suitable workaround. Perhaps just include the "v" character in your template, something like this:
I already tried with the "v" exclude from the version but when Renovate find the new version, it add a "v" in front of the 2 versions, which will not work.
With an environment variable to have only one place with the version, it's normally possible but I need a GitHub token to be able to find the new version directly on GitHub without passing by Artifactory, which is not what I want.
Maybe we will find another solution, or wait for an uniformization of the version and tag for the release, or an update on Renovate side to be able to identify 2 different versions into a same dependency.
What would you like to be added:
When we import syft into our projects via the .tar.gz package for example, the version is indicated in 2 places in a different format (with and without the v):
https://github.com/anchore/syft/releases/download/v0.60.3/syft_0.60.3_linux_amd64.tar.gz
It would be useful to standardize the tags with the versions indicated in the package names: put the "v" nowhere or everywhere.
Why is this needed:
If Renovate can't automatically identify a dependency, it needs to be told so via a regex. In this regex, we need to specify where the version is located. This poses a problem when 2 versions in the same package have a different format. It therefore fails to update the dependency correctly.
Thanks to this standardization, it would be able to correctly modify the version in both places.
The text was updated successfully, but these errors were encountered: