# Last-known-good versions of bundled / pulled dependencies.
# The check-windows-updates GitHub workflow reads this file weekly and
# opens a tracking issue when upstream state has drifted from these
# values. Two drift signals are tracked:
#
# - Release tag (``dockur=`` / ``dockur-arm=``): a new dockur release on
#   GitHub. The issue links the release notes.
# - ``:latest`` digest (``dockur-digest=`` / ``dockur-arm-digest=``):
#   the image was rebuilt without a release tag bump. This is usually
#   an upstream security patch baked into the same tag; the issue
#   nudges a deliberate pin update.
#
# When you bump a value here, also refresh the matching pin in
# ``src/winpodx/core/config.py`` (``DOCKUR_IMAGE_PIN`` /
# ``DOCKUR_IMAGE_ARM_PIN``) if you intend to roll the new image
# forward. The pin and these baselines are decoupled on purpose:
# baselines describe what the upstream currently ships; the pin
# describes what winpodx deliberately uses.
#
# Format: <key>=<value>
dockur=v5.14
dockur-digest=sha256:272b42c66e7377dc68e5da5d06d011308cf48f7a62201bc63f3caf973b87cdd9
dockur-arm=v5.14
dockur-arm-digest=sha256:a19114b03bed6433d95f61df39ea7ef249c953647973968b8f1fda495975f821
