# Last-known-good versions of bundled / pulled dependencies.
# The check-windows-updates GitHub workflow reads this file weekly and
# opens a tracking issue when upstream state has drifted from these
# values. Two drift signals are tracked:
#
# - Release tag (``dockur=`` / ``dockur-arm=``): a new dockur release on
#   GitHub. The issue links the release notes.
# - ``:latest`` digest (``dockur-digest=`` / ``dockur-arm-digest=``):
#   the image was rebuilt without a release tag bump. This is usually
#   an upstream security patch baked into the same tag; the issue
#   nudges a deliberate pin update.
#
# When you bump a value here, also refresh the matching pin in
# ``src/winpodx/core/config.py`` (``DOCKUR_IMAGE_PIN`` /
# ``DOCKUR_IMAGE_ARM_PIN``) if you intend to roll the new image
# forward. The pin and these baselines are decoupled on purpose:
# baselines describe what the upstream currently ships; the pin
# describes what winpodx deliberately uses.
#
# Format: <key>=<value>
dockur=v5.16
dockur-digest=sha256:3633f055f31aadf76bb650b1ca86897ab45b76ad8eb2cf81e86389ace5eb45ac
dockur-arm=v5.15
dockur-arm-digest=sha256:7c28ddbbe69eb02900bef3b7ab3ad60fbd5fb409524a307a60a3c934f80a9dd5
