Renovate: Update the packages inside a Dockerfile

Yes, but first we need to make sure we already have datasources for those, e.g. alpine packages.

Ones like npm would be easier as we already have great npm support.

Yes, but npm we can easily circumvent by importing an external package.json with its lock (yarn.lock or other).

That is not possible with system packages like apk and deb.

Agreed. I was just mentioning that because "npm install" is one of the hadolint examples you gave. I would prefer to start on apk/deb too

For alpine you can use http://dl-cdn.alpinelinux.org/alpine/ as the data source. Note alpine doesn't appear to keep old versions of products, only the latest is present in the repo.

It would be nice if we could include yum support too :)

I think that the datasources should be configurable as users can configure other repositories than the default with more recent packages in them.

I would be interested in this feature too, for alpine-linux package updates

@fullstackzach can you give an example Dockerfile or line in particular?

As a workaround it should be possible to add a custom rule using our new regex-based manager: https://docs.renovatebot.com/modules/manager/regex/
However potentially new datasources are needed first. So far this feature request is short on examples so not possible to be sure.