Refactor DockerReference to ContainerImageReference#1768
Open
Refactor DockerReference to ContainerImageReference#1768
DockerReference to ContainerImageReference#1768Conversation
Agent-Logs-Url: https://github.com/microsoft/component-detection/sessions/9860c8d6-0524-43bf-b32e-771dac00cf91 Co-authored-by: jpinz <8357054+jpinz@users.noreply.github.com>
Agent-Logs-Url: https://github.com/microsoft/component-detection/sessions/9860c8d6-0524-43bf-b32e-771dac00cf91 Co-authored-by: jpinz <8357054+jpinz@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
jpinz
April 7, 2026 16:43
View session
Contributor
There was a problem hiding this comment.
Pull request overview
Renames the Docker-specific “DockerReference” component type and related utilities/models to a registry-agnostic “ContainerImageReference”, enabling reuse across multiple detectors (e.g., Dockerfile, Helm, Kubernetes) without Docker-centric naming.
Changes:
- Renamed
ComponentType.DockerReference/DetectorClass.DockerReferencetoContainerImageReferenceequivalents and updated all references. - Moved/renamed Docker-reference parsing utilities/exceptions/regex to
ContainerImageReference*. - Updated Dockerfile detector registration to emit
ContainerImageReferencetyped components; updated tests and schema/docs to match.
Show a summary per file
| File | Description |
|---|---|
| test/Microsoft.ComponentDetection.Common.Tests/ContainerImageReferenceUtilityTests.cs | Updates tests to use ContainerImageReferenceUtility and renamed test class. |
| src/Microsoft.ComponentDetection.Detectors/dockerfile/DockerfileComponentDetector.cs | Updates detector category/component type and emits ContainerImageReferenceComponent. |
| src/Microsoft.ComponentDetection.Contracts/TypedComponent/ContainerImageReferenceComponent.cs | Renamed typed component for container image references. |
| src/Microsoft.ComponentDetection.Contracts/TypedComponent/ComponentType.cs | Renames enum value to ContainerImageReference. |
| src/Microsoft.ComponentDetection.Contracts/DetectorClass.cs | Renames detector class enum to ContainerImageReference. |
| src/Microsoft.ComponentDetection.Contracts/ContainerImageReference.cs | Renames reference model hierarchy and conversion to typed component. |
| src/Microsoft.ComponentDetection.Contracts/BcdeModels/TypedComponentMapping.cs | Updates polymorphic type discriminator mapping for the renamed typed component. |
| src/Microsoft.ComponentDetection.Common/ContainerImageReference/DigestUtility.cs | Updates digest validation to use ContainerImageRegex. |
| src/Microsoft.ComponentDetection.Common/ContainerImageReference/ContainerImageRegex.cs | Renames regex helper class to container-image terminology. |
| src/Microsoft.ComponentDetection.Common/ContainerImageReference/ContainerImageReferenceUtility.cs | Renames parsing utility class and updates regex usage. |
| src/Microsoft.ComponentDetection.Common/ContainerImageReference/ContainerImageReferenceException.cs | Renames exception base type/messages to container-image terminology. |
| docs/schema/manifest.schema.json | Updates schema enums from DockerReference to ContainerImageReference. |
| docs/detectors/dockerfile.md | Updates docs to reference ContainerImageReferenceUtility. |
Copilot's findings
Comments suppressed due to low confidence (6)
src/Microsoft.ComponentDetection.Contracts/ContainerImageReference.cs:127
CanonicalReference.ToString()formats the digest as@${Digest}(includes a literal$), producing an invalid container image reference string (e.g.,repo@$sha256:...). This should be formatted as@{Digest}without the$.
This issue also appears on line 204 of the same file.
src/Microsoft.ComponentDetection.Contracts/ContainerImageReference.cs:207
DualReference.ToString()formats the digest as@${Digest}(includes a literal$), producing an invalid container image reference string. Remove the$so the string matches standardname:tag@digestsyntax.
src/Microsoft.ComponentDetection.Contracts/TypedComponent/ContainerImageReferenceComponent.cs:47ContainerImageReferenceComponent.ComputeBaseId()excludesDomain, so references to the same repository/tag/digest from different registries (e.g.,docker.io/library/nginxvsghcr.io/library/nginx) will collide and be treated as the same component. IncludeDomain(and consider normalizing nulls) in the base identity to keep component IDs unique across registries.
docs/schema/manifest.schema.json:158- The manifest schema enum now only allows
ContainerImageReference. Any older manifests that still containDockerReferenceinsupportedComponentTypeswill fail schema validation. If backward compatibility is desired, consider allowing both values (or versioning the schema) while the rename is rolling out.
"type": "string",
"enum": [
"Other",
"NuGet",
"Npm",
"Maven",
"Git",
"RubyGems",
"Cargo",
"Pip",
"Go",
"DockerImage",
"Pod",
"Linux",
"Conda",
"Spdx",
"Vcpkg",
"ContainerImageReference",
"Conan",
"Swift",
"DotNet",
"CppSdk"
]
src/Microsoft.ComponentDetection.Common/ContainerImageReference/ContainerImageReferenceUtility.cs:93
- The utility is now container-image generic, but the public API still exposes
SplitDockerDomain(...). Consider renaming this to a container-image/registry-neutral name (and optionally keepingSplitDockerDomainas an[Obsolete]wrapper) to align with the refactor and avoid reintroducing Docker-specific terminology into shared code.
src/Microsoft.ComponentDetection.Contracts/ContainerImageReference.cs:152 - The comment for
RepositoryReferencesays it representsdocker.io/library/ubuntu, butRepositoryReference.ToString()currently returns onlyRepository(no domain). Either updateToString()to include the domain or adjust the comment so it accurately describes the string representation.
- Files reviewed: 13/13 changed files
- Comments generated: 1
src/Microsoft.ComponentDetection.Contracts/BcdeModels/TypedComponentMapping.cs
Show resolved
Hide resolved
Member
|
@copilot fix the failing verification tests |
…x tests Agent-Logs-Url: https://github.com/microsoft/component-detection/sessions/5d2c034a-0637-4527-b5f4-0dbe614d5671 Co-authored-by: jpinz <8357054+jpinz@users.noreply.github.com>
…DockerReference alias Agent-Logs-Url: https://github.com/microsoft/component-detection/sessions/5d2c034a-0637-4527-b5f4-0dbe614d5671 Co-authored-by: jpinz <8357054+jpinz@users.noreply.github.com>
Agent-Logs-Url: https://github.com/microsoft/component-detection/sessions/5d2c034a-0637-4527-b5f4-0dbe614d5671 Co-authored-by: jpinz <8357054+jpinz@users.noreply.github.com>
Contributor
Author
Fixed in 8f9bb09. The verification tests were failing because old scan manifests contain
Warning Firewall rules blocked me from connecting to one or more addresses (expand for details)I tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
jpinz
reviewed
Apr 7, 2026
|
|
||
| # Dev nupkgs | ||
| dev-source | ||
| .nuget/ |
Member
There was a problem hiding this comment.
for some reason copilot kept trying to check in .nuget/nuget.exe so this removes that.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Renames
ComponentType.DockerReference→ComponentType.ContainerImageReferenceand all related types, files, and directories. This type will be shared by Helm and Kubernetes detectors, so the naming should not be Docker-specific.Renamed types
ComponentType.DockerReference→ContainerImageReferenceDetectorClass.DockerReference→ContainerImageReferenceDockerReferenceclass hierarchy →ContainerImageReference(incl.DockerReferenceKind→ContainerImageReferenceKind)DockerReferenceComponent→ContainerImageReferenceComponentDockerReferenceUtility→ContainerImageReferenceUtilityDockerReferenceException→ContainerImageReferenceExceptionDockerRegex→ContainerImageRegexRenamed files/directories
Common/DockerReference/→Common/ContainerImageReference/(all 4 files within)Contracts/DockerReference.cs→ContainerImageReference.csTypedComponent/DockerReferenceComponent.cs→ContainerImageReferenceComponent.csUpdated references
TypedComponentMapping,DockerfileComponentDetector,DigestUtility, schema docsBackward compatibility
DockerReference = ContainerImageReferenceenum alias (marked[Obsolete]) inComponentTypeso old JSON manifests containing"DockerReference"still deserialize correctly"DockerReference"→ContainerImageReferenceComponententry inTypedComponentMappingso old component type discriminators in manifests resolve correctlymanifest.schema.jsonto include bothContainerImageReferenceandDockerReferenceenum valuesTypedComponentMapping_AllMappedTypes_AreUniquetest to account for the backward-compat aliasNot changed
Workflow files and
VerificationTest.ps1use--DetectorArgs DockerReference=EnableIfDefaultOff— this keys on the detector'sIdstring, not theComponentType, so it remains unchanged.New Detector Checklist
IDefaultOffComponentDetector