Skip to content

chore(deps): update docker.io/library/nextcloud docker tag to v32.0.7#655

Open
renovate-bot-cbcoutinho[bot] wants to merge 1 commit intomasterfrom
renovate/docker.io-library-nextcloud-32.x
Open

chore(deps): update docker.io/library/nextcloud docker tag to v32.0.7#655
renovate-bot-cbcoutinho[bot] wants to merge 1 commit intomasterfrom
renovate/docker.io-library-nextcloud-32.x

Conversation

@renovate-bot-cbcoutinho
Copy link
Copy Markdown
Contributor

@renovate-bot-cbcoutinho renovate-bot-cbcoutinho bot commented Mar 27, 2026
edited
Loading

This PR contains the following updates:

Package Update Change
docker.io/library/nextcloud patch 32.0.632.0.7

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@claude
Copy link
Copy Markdown

claude bot commented Mar 27, 2026

PR Review: Nextcloud Docker Image Bump (32.0.6 → 32.0.7)

This is a straightforward Renovate-generated patch version bump. Here is my assessment:

Summary

The PR updates the Nextcloud Docker image from 32.0.6 to 32.0.7 in two places:

  • .github/workflows/test.yml (test matrix)
  • docker-compose.yml (default dev environment)

Code Quality

Looks good. Both files are updated consistently and the change is minimal and correct.

Security

Good practice observed: The image is pinned by SHA256 digest (@sha256:...) rather than just the tag. This is a strong security posture — it prevents tag mutation attacks and ensures reproducible builds. The new digest (b1a4ecea5eb06f9ec762b8b2acb112855026b49690726210afe0c8f4cfbd1f64) corresponds to the published 32.0.7 image.

Risk Assessment

Low risk. Patch releases in Nextcloud typically contain bug fixes, security patches, and minor compatibility improvements. No breaking changes are expected between 32.0.6 and 32.0.7.

Recommendation

Approve and merge once CI passes. This is a routine maintenance update and the change is correct and consistent across all relevant files.

Review generated by Claude Code

@renovate-bot-cbcoutinho renovate-bot-cbcoutinho bot force-pushed the renovate/docker.io-library-nextcloud-32.x branch from 848dcc4 to 2406a62 Compare March 28, 2026 10:13
@claude
Copy link
Copy Markdown

claude bot commented Mar 28, 2026

PR Review

This is a straightforward Renovate-generated patch update for the Nextcloud Docker image (32.0.632.0.7).

Assessment: ✅ Looks good

Positive observations

  • SHA256 digest is updated alongside the tag — this is the correct and secure pattern. Pinning by digest prevents tag mutation attacks and ensures reproducible builds.
  • Patch version bump — low risk; Nextcloud patch releases typically contain bug fixes and security patches.

No concerns

  • Single-line change with no logic impact
  • No configuration or API changes expected from a patch release
  • The NEXTCLOUD_IMAGE env var override still works as before

Recommendation

Safe to merge. If CI passes (integration tests against the new image), this should be a routine merge.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants