diff --git a/lib/manager/gomod/extract.js b/lib/manager/gomod/extract.js
index 45483d73fb0a7b70866fea84eb61ed39f9345cf2..f6bee6893313cb8229c07b8b19e25c38e0332a7e 100644
--- a/lib/manager/gomod/extract.js
+++ b/lib/manager/gomod/extract.js
@@ -35,6 +35,7 @@ function getDep(lineNumber, match) {
const digestMatch = currentValue.match(/v0\.0.0-\d{14}-([a-f0-9]{12})/);
if (digestMatch) {
[, dep.currentDigest] = digestMatch;
+ dep.digestOneAndOnly = true;
}
return dep;
}
diff --git a/lib/workers/repository/process/lookup/index.js b/lib/workers/repository/process/lookup/index.js
index 418cf6007a4db39472862d4fe1a2ad3ab3d8ef8e..b76d2038b8a6a08611f32d5e76cdf591cf923268 100644
--- a/lib/workers/repository/process/lookup/index.js
+++ b/lib/workers/repository/process/lookup/index.js
@@ -177,11 +177,13 @@ async function lookupUpdates(config) {
// Add digests if necessary
if (supportsDigests(config.purl)) {
if (config.currentDigest) {
- // digest update
- res.updates.push({
- updateType: 'digest',
- newValue: config.currentValue,
- });
+ if (!config.digestOneAndOnly || !res.updates.length) {
+ // digest update
+ res.updates.push({
+ updateType: 'digest',
+ newValue: config.currentValue,
+ });
+ }
} else if (config.pinDigests) {
// Create a pin only if one doesn't already exists
if (!res.updates.some(update => update.updateType === 'pin')) {
diff --git a/test/manager/gomod/__snapshots__/extract.spec.js.snap b/test/manager/gomod/__snapshots__/extract.spec.js.snap
index 4fe3de5d4b1cbe5564323313f51c5a289f6e893e..c5e108aeff9b9b8e06810cd2ff7d37b775a7ca30 100644
--- a/test/manager/gomod/__snapshots__/extract.spec.js.snap
+++ b/test/manager/gomod/__snapshots__/extract.spec.js.snap
@@ -18,6 +18,7 @@ Array [
"depName": "github.com/bgentry/go-netrc",
"depNameShort": "bgentry/go-netrc",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 4,
"multiLine": true,
"purl": "pkg:github/bgentry/go-netrc",
@@ -29,6 +30,7 @@ Array [
"depName": "github.com/cloudfoundry/jibber_jabber",
"depNameShort": "cloudfoundry/jibber_jabber",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 5,
"multiLine": true,
"purl": "pkg:github/cloudfoundry/jibber_jabber",
@@ -90,6 +92,7 @@ Array [
"depName": "github.com/golang-collections/collections",
"depNameShort": "golang-collections/collections",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 11,
"multiLine": true,
"purl": "pkg:github/golang-collections/collections",
@@ -101,6 +104,7 @@ Array [
"depName": "github.com/hashicorp/go-cleanhttp",
"depNameShort": "hashicorp/go-cleanhttp",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 12,
"multiLine": true,
"purl": "pkg:github/hashicorp/go-cleanhttp",
@@ -112,6 +116,7 @@ Array [
"depName": "github.com/hashicorp/go-getter",
"depNameShort": "hashicorp/go-getter",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 13,
"multiLine": true,
"purl": "pkg:github/hashicorp/go-getter",
@@ -123,6 +128,7 @@ Array [
"depName": "github.com/hashicorp/go-safetemp",
"depNameShort": "hashicorp/go-safetemp",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 14,
"multiLine": true,
"purl": "pkg:github/hashicorp/go-safetemp",
@@ -144,6 +150,7 @@ Array [
"depName": "github.com/hashicorp/hcl",
"depNameShort": "hashicorp/hcl",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 16,
"multiLine": true,
"purl": "pkg:github/hashicorp/hcl",
@@ -155,6 +162,7 @@ Array [
"depName": "github.com/heroku/rollrus",
"depNameShort": "heroku/rollrus",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 17,
"multiLine": true,
"purl": "pkg:github/heroku/rollrus",
@@ -166,6 +174,7 @@ Array [
"depName": "github.com/jbenet/go-context",
"depNameShort": "jbenet/go-context",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 18,
"multiLine": true,
"purl": "pkg:github/jbenet/go-context",
@@ -177,6 +186,7 @@ Array [
"depName": "github.com/jesseduffield/go-getter",
"depNameShort": "jesseduffield/go-getter",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 19,
"multiLine": true,
"purl": "pkg:github/jesseduffield/go-getter",
@@ -188,6 +198,7 @@ Array [
"depName": "github.com/jesseduffield/gocui",
"depNameShort": "jesseduffield/gocui",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 20,
"multiLine": true,
"purl": "pkg:github/jesseduffield/gocui",
@@ -199,6 +210,7 @@ Array [
"depName": "github.com/jesseduffield/termbox-go",
"depNameShort": "jesseduffield/termbox-go",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 21,
"multiLine": true,
"purl": "pkg:github/jesseduffield/termbox-go",
@@ -210,6 +222,7 @@ Array [
"depName": "github.com/jmespath/go-jmespath",
"depNameShort": "jmespath/go-jmespath",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 22,
"multiLine": true,
"purl": "pkg:github/jmespath/go-jmespath",
@@ -221,6 +234,7 @@ Array [
"depName": "github.com/kardianos/osext",
"depNameShort": "kardianos/osext",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 23,
"multiLine": true,
"purl": "pkg:github/kardianos/osext",
@@ -232,6 +246,7 @@ Array [
"depName": "github.com/kevinburke/ssh_config",
"depNameShort": "kevinburke/ssh_config",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 24,
"multiLine": true,
"purl": "pkg:github/kevinburke/ssh_config",
@@ -293,6 +308,7 @@ Array [
"depName": "github.com/mitchellh/go-homedir",
"depNameShort": "mitchellh/go-homedir",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 30,
"multiLine": true,
"purl": "pkg:github/mitchellh/go-homedir",
@@ -304,6 +320,7 @@ Array [
"depName": "github.com/mitchellh/go-testing-interface",
"depNameShort": "mitchellh/go-testing-interface",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 31,
"multiLine": true,
"purl": "pkg:github/mitchellh/go-testing-interface",
@@ -315,6 +332,7 @@ Array [
"depName": "github.com/mitchellh/mapstructure",
"depNameShort": "mitchellh/mapstructure",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 32,
"multiLine": true,
"purl": "pkg:github/mitchellh/mapstructure",
@@ -326,6 +344,7 @@ Array [
"depName": "github.com/nicksnyder/go-i18n",
"depNameShort": "nicksnyder/go-i18n",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 33,
"multiLine": true,
"purl": "pkg:github/nicksnyder/go-i18n",
@@ -387,6 +406,7 @@ Array [
"depName": "github.com/shibukawa/configdir",
"depNameShort": "shibukawa/configdir",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 39,
"multiLine": true,
"purl": "pkg:github/shibukawa/configdir",
@@ -428,6 +448,7 @@ Array [
"depName": "github.com/spf13/jwalterweatherman",
"depNameShort": "spf13/jwalterweatherman",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 43,
"multiLine": true,
"purl": "pkg:github/spf13/jwalterweatherman",
@@ -459,6 +480,7 @@ Array [
"depName": "github.com/spkg/bom",
"depNameShort": "spkg/bom",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 46,
"multiLine": true,
"purl": "pkg:github/spkg/bom",
@@ -490,6 +512,7 @@ Array [
"depName": "github.com/stvp/roll",
"depNameShort": "stvp/roll",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 49,
"multiLine": true,
"purl": "pkg:github/stvp/roll",
@@ -531,6 +554,7 @@ Array [
"depName": "golang.org/x/crypto",
"depNameShort": "golang.org/x/crypto",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 53,
"multiLine": true,
"purl": "pkg:go/golang.org/x/crypto",
@@ -542,6 +566,7 @@ Array [
"depName": "golang.org/x/net",
"depNameShort": "golang.org/x/net",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 54,
"multiLine": true,
"purl": "pkg:go/golang.org/x/net",
@@ -553,6 +578,7 @@ Array [
"depName": "golang.org/x/sys",
"depNameShort": "golang.org/x/sys",
"depType": "require",
+ "digestOneAndOnly": true,
"lineNumber": 55,
"multiLine": true,
"purl": "pkg:go/golang.org/x/sys",