You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have some strange version checks with popular images and I think there is something missing in the checking algorithm.
For the image grafana/grafana version-checker says the latest version is 9799770991, which is obviously correct if you compare just version numbers. But this tag is 8 months old and the actual latest tag currently would be 10.2.2. Another example would be quay.io/jetstack/cert-manager-webhook-arm64: v1.13.2 vs. 608111629.
I am wondering if it would be better to always take the publish date into account when checking versions?
Maybe there is another trick how to avoid these false positives?
The text was updated successfully, but these errors were encountered:
Hi @michbeck100, Thanks for raising this... I have seen this myself and was meant to raise an issue about it! I think the publish date needs to play some part in the sorting process. Its actually an area of version-checker I've not explored just yet.
I was looking into validating some "latest" images and came across 2 cases where this type of problem is present with other tooling such as oras. I think it could have something to do with the API returning Lexical ordering.
Take this example making use of the --last feature
In that case above because of the alphabetic ordering, the second command actually brings back many more results than the first, despite what you would imagine to be less.
I'll have to review the code here, but I suspect that version-checker might be doing something similar perhaps?
I have some strange version checks with popular images and I think there is something missing in the checking algorithm.
For the image
grafana/grafana
version-checker says the latest version is 9799770991, which is obviously correct if you compare just version numbers. But this tag is 8 months old and the actual latest tag currently would be 10.2.2. Another example would bequay.io/jetstack/cert-manager-webhook-arm64
: v1.13.2 vs. 608111629.I am wondering if it would be better to always take the publish date into account when checking versions?
Maybe there is another trick how to avoid these false positives?
The text was updated successfully, but these errors were encountered: