dependabot-opentofu 0.365.0 → 0.366.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/opentofu/file_parser.rb +11 -6
- data/lib/dependabot/opentofu/file_updater.rb +3 -3
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1cd9365b69d724368980be02ed0167f910e4307d89986cf72368c19bfb85c068
|
|
4
|
+
data.tar.gz: 9c244107e1d9e785bf4e7a787ca226faa00358aac5340319f9e79ef1d44a8c83
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6f75fbaa3b461dfcb9903c2adcb701f20764d6e06a72fa082b42f899453e9d17c0af297b48233d493770cd8bd0c144fe842528054087a0b9907993ba67d99e06
|
|
7
|
+
data.tar.gz: 26d0ea01b13a161243108a6bde3afc911b0569f9b70d2db5ed702e62f6732d09d50302ee8949403e3b481a891bf814e691930e9fb488673649b0e1e8389c71a5
|
|
@@ -250,10 +250,13 @@ module Dependabot
|
|
|
250
250
|
matches = source_address&.match(PROVIDER_SOURCE_ADDRESS)
|
|
251
251
|
matches = {} if matches.nil?
|
|
252
252
|
|
|
253
|
+
# OpenTofu provider source addresses are case-insensitive, so we normalize
|
|
254
|
+
# to lowercase to avoid treating e.g. "Azure/azapi" and "azure/azapi" as
|
|
255
|
+
# different sources when merging dependencies across multiple files.
|
|
253
256
|
[
|
|
254
|
-
matches[:hostname] || DEFAULT_REGISTRY,
|
|
255
|
-
matches[:namespace] || DEFAULT_NAMESPACE,
|
|
256
|
-
matches[:name] || name
|
|
257
|
+
(matches[:hostname] || DEFAULT_REGISTRY).downcase,
|
|
258
|
+
(matches[:namespace] || DEFAULT_NAMESPACE).downcase,
|
|
259
|
+
(matches[:name] || name).downcase
|
|
257
260
|
]
|
|
258
261
|
end
|
|
259
262
|
|
|
@@ -261,17 +264,19 @@ module Dependabot
|
|
|
261
264
|
def registry_source_details_from(source_string)
|
|
262
265
|
parts = source_string.split("//").first.split("/")
|
|
263
266
|
|
|
267
|
+
# Registry module source addresses are case-insensitive, so we normalize
|
|
268
|
+
# to lowercase to avoid treating case-variant declarations as different sources.
|
|
264
269
|
if parts.count == 3
|
|
265
270
|
{
|
|
266
271
|
type: "registry",
|
|
267
272
|
registry_hostname: "registry.opentofu.org",
|
|
268
|
-
module_identifier: source_string.split("//").first
|
|
273
|
+
module_identifier: source_string.split("//").first.downcase
|
|
269
274
|
}
|
|
270
275
|
elsif parts.count == 4
|
|
271
276
|
{
|
|
272
277
|
type: "registry",
|
|
273
|
-
registry_hostname: parts.first,
|
|
274
|
-
module_identifier: parts[1..3].join("/")
|
|
278
|
+
registry_hostname: parts.first.downcase,
|
|
279
|
+
module_identifier: parts[1..3].join("/").downcase
|
|
275
280
|
}
|
|
276
281
|
else
|
|
277
282
|
msg = "Invalid registry source specified: '#{source_string}'"
|
|
@@ -372,11 +372,11 @@ module Dependabot
|
|
|
372
372
|
regex_version_preceeds = %r{
|
|
373
373
|
(((?<!required_)version\s=\s*["'].*["'])
|
|
374
374
|
(\s*source\s*=\s*["'](#{registry_host}/)?#{name}["']|\s*#{name}\s*=\s*\{.*))
|
|
375
|
-
}
|
|
375
|
+
}mxi
|
|
376
376
|
regex_source_preceeds = %r{
|
|
377
377
|
((source\s*=\s*["'](#{registry_host}/)?#{name}["']|\s*#{name}\s*=\s*\{.*)
|
|
378
378
|
(?:(?!^\}).)+)
|
|
379
|
-
}
|
|
379
|
+
}mxi
|
|
380
380
|
|
|
381
381
|
if updated_content.match(regex_version_preceeds)
|
|
382
382
|
regex_version_preceeds
|
|
@@ -396,7 +396,7 @@ module Dependabot
|
|
|
396
396
|
(//modules/\S+)?
|
|
397
397
|
["']
|
|
398
398
|
(?:(?!^\}).)*
|
|
399
|
-
}
|
|
399
|
+
}mxi
|
|
400
400
|
end
|
|
401
401
|
|
|
402
402
|
sig { params(filename: String).returns(Regexp) }
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-opentofu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.366.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.366.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.366.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -262,7 +262,7 @@ licenses:
|
|
|
262
262
|
- MIT
|
|
263
263
|
metadata:
|
|
264
264
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
265
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
265
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.366.0
|
|
266
266
|
rdoc_options: []
|
|
267
267
|
require_paths:
|
|
268
268
|
- lib
|