dependabot · RodrigoPetter · Mar 4, 2022 · RodrigoPetter · Mar 4, 2022 · deivid-rodriguez
@@ -43,12 +43,12 @@ module Dependabot
   module Docker
     class UpdateChecker < Dependabot::UpdateCheckers::Base
       VERSION_REGEX =
-        /v?(?<version>[0-9]+(?:(?:\.[a-z0-9]+)|(?:-(?:kb)?[0-9]+))*)/i.freeze
-      VERSION_WITH_SFX = /^#{VERSION_REGEX}(?<suffix>-[a-z0-9.\-]+)?$/i.freeze
-      VERSION_WITH_PFX = /^(?<prefix>[a-z0-9.\-]+-)?#{VERSION_REGEX}$/i.freeze
-      VERSION_WITH_PFX_AND_SFX =
-        /^(?<prefix>[a-z\-]+-)?#{VERSION_REGEX}(?<suffix>-[a-z\-]+)?$/i.
-        freeze
+        /v?(?<version>[0-9]+(?:(?:\.[a-z0-9]+)|(?:-(?:kb)?[0-9]+)|(?:_[0-9]+))*)/i.freeze
+      PREFIX = /^(?<prefix>[a-z0-9.\-_]+(?:-|_))?/i.freeze
+      SUFFIX = /(?<suffix>(?:-|_)[a-z0-9.\-_]+)?$/i.freeze
+      VERSION_WITH_PFX = /#{PREFIX}#{VERSION_REGEX}$/i.freeze
+      VERSION_WITH_SFX = /^#{VERSION_REGEX}#{SUFFIX}/i.freeze
+      VERSION_WITH_PFX_AND_SFX = /#{PREFIX}#{VERSION_REGEX}#{SUFFIX}/i.freeze
       NAME_WITH_VERSION =
         /
           #{VERSION_WITH_PFX}|
@@ -316,7 +316,7 @@ def prerelease?(tag)
       def numeric_version_from(tag)
         return unless tag.match?(NAME_WITH_VERSION)
 
-        tag.match(NAME_WITH_VERSION).named_captures.fetch("version").downcase
+        tag.match(NAME_WITH_VERSION).named_captures.fetch("version").downcase.gsub(/_/i, ".")
       end
 
       def registry_hostname

@@ -413,6 +413,59 @@
       it { is_expected.to eq("jdk-11.0.2.9-alpine-slim") }
     end
 
+    context "when the dependencies have a underscore" do
+      let(:dependency_name) { "eclipse-temurin" }
+      let(:tags_fixture_name) { "eclipse-temurin.json" }
+      let(:repo_url) do
+        "https://registry.hub.docker.com/v2/library/eclipse-temurin/"
+      end
+      let(:headers_response) do
+        fixture("docker", "registry_manifest_headers", "ubuntu_17.10.json")
+      end
+      before do
+        stub_request(:get, repo_url + "tags/list").
+          and_return(status: 200, body: registry_tags)
+
+        stub_request(:head, repo_url + "manifests/#{version}").
+          and_return(
+            status: 200,
+            body: "",
+            headers: JSON.parse(headers_response)
+          )
+
+        # Stub the latest version to return a different digest
+        ["17.0.2_8-jre-alpine", "latest", "prefix1_jre_11.0.16",
+         "11.0.16_suffix1_jre", "prefix2_jre_11.0.16_suffix2_jre"].each do |version|
+          stub_request(:head, repo_url + "manifests/#{version}").
+            and_return(
+              status: 200,
+              body: "",
+              headers: JSON.parse(headers_response.gsub("3ea1ca1", "4da71a2"))
+            )
+        end
+      end
+
+      context "followed by numbers" do
+        let(:version) { "17.0.1_12-jre-alpine" }
+        it { is_expected.to eq("17.0.2_8-jre-alpine") }
+      end
+
+      context "in the prefix" do
+        let(:version) { "prefix1_jre_11.0.14" }
+        it { is_expected.to eq("prefix1_jre_11.0.16") }
+      end
+
+      context "followed by letters (suffix)" do
+        let(:version) { "11.0.14_suffix1_jre" }
+        it { is_expected.to eq("11.0.16_suffix1_jre") }
+      end
+
+      context "in the prefix and suffix" do
+        let(:version) { "prefix2_jre_11.0.14_suffix2_jre" }
+        it { is_expected.to eq("prefix2_jre_11.0.16_suffix2_jre") }
+      end
+    end
+
     context "when the dependency has a namespace" do
       let(:dependency_name) { "moj/ruby" }
       let(:tags_fixture_name) { "ruby.json" }

@@ -0,0 +1,17 @@
+{
+    "name": "library/eclipse-temurin",
+    "tags": [
+        "17.0.1_12-jre-windowsservercore-ltsc2022",
+        "17.0.2_8-jre-alpine",
+        "17.0.1_12-jre-alpine",
+        "17-jre-alpine",
+        "11.0.14_9-jre-alpine",
+        "11-jre-alpine",
+        "prefix1_jre_11.0.16",
+        "prefix1_jre_11.0.14",
+        "11.0.16_suffix1_jre",
+        "11.0.14_suffix1_jre",
+        "prefix2_jre_11.0.16_suffix2_jre",
+        "prefix2_jre_11.0.14_suffix2_jre"
+    ]
+}