# Last-known-good versions of bundled / pulled dependencies.
# The check-windows-updates GitHub workflow reads this file weekly and
# opens a tracking issue when upstream state has drifted from these
# values. Two drift signals are tracked:
#
# - Release tag (``dockur=`` / ``dockur-arm=``): a new dockur release on
#   GitHub. The issue links the release notes.
# - ``:latest`` digest (``dockur-digest=`` / ``dockur-arm-digest=``):
#   the image was rebuilt without a release tag bump. This is usually
#   an upstream security patch baked into the same tag; the issue
#   nudges a deliberate pin update.
#
# When you bump a value here, also refresh the matching pin in
# ``src/winpodx/core/config.py`` (``DOCKUR_IMAGE_PIN`` /
# ``DOCKUR_IMAGE_ARM_PIN``) if you intend to roll the new image
# forward. The pin and these baselines are decoupled on purpose:
# baselines describe what the upstream currently ships; the pin
# describes what winpodx deliberately uses.
#
# Format: <key>=<value>
dockur=v5.15
dockur-digest=sha256:32abe0836aeeb744b8ff8af25688fcd348cc66016a1378fe1bd0768c8c67022c
dockur-arm=v5.15
dockur-arm-digest=sha256:5775bcfd335bad14fe35001460dd6640e131eb660601c2f3c90af43005a9532a
