dependabot-terraform 0.214.0 → 0.216.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/terraform/file_parser.rb +5 -3
  3. data/lib/dependabot/terraform/file_updater.rb +27 -6
  4. data/lib/dependabot/terraform/version.rb +3 -1
  5. metadata +35 -32
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4f71bc92463c650b0017996b239e934c11e142bf358346d933199809a421cdcc
4
- data.tar.gz: 04cd2a28c3d5de1ba21e5b11d380e39245bba354cc5baaaa21f10469f56c7cf6
3
+ metadata.gz: 47e5e7dfe44ac13f182788861b073b1c61713a7351059d3a663180edc721b005
4
+ data.tar.gz: 8953918498a2b4c920451daaa75be3e203c9d329e2057fee38fbe3434a69f905
5
5
  SHA512:
6
- metadata.gz: cf3a1762094ffe3a008ef7ed4780ddf246d84742df03aad54e94d5d9a8f200380dd8099aa7c64ce8f2db553d4066071828b4927eaad84af223d496bdee1bc07b
7
- data.tar.gz: a63c4421a9c42b476ae9bfd9c21b72a096c95585875d105b880b7694ed50e2c3989a190918a0d53aecb99895ad9ec8a8b4ba7994ccf96378fb92ae3c56ab624b
6
+ metadata.gz: 82f815ff536060350f9a10237af8d22db39c898d16f88f3da763502634b0aacd3b01954cdaea951ba2c0af2a77c273f34d63e63b239c73b7e9d8a009c9ac073d
7
+ data.tar.gz: d0ec94565cae327074a7ca7baf23952c93698543726538ae265fc0f52a91a36a3d26f574d06ce75c943c601d380a8f6dfd6ad875e2bf3d7c86c513c20960949c
data/lib/dependabot/terraform/file_parser.rb CHANGED
@@ -186,10 +186,12 @@ module Dependabot
186
186
 
187
187
  def provider_source_from(source_address, name)
188
188
  matches = source_address&.match(PROVIDER_SOURCE_ADDRESS)
189
+ matches = {} if matches.nil?
190
+
189
191
  [
190
- matches.try(:[], :hostname) || DEFAULT_REGISTRY,
191
- matches.try(:[], :namespace) || DEFAULT_NAMESPACE,
192
- matches.try(:[], :name) || name
192
+ matches[:hostname] || DEFAULT_REGISTRY,
193
+ matches[:namespace] || DEFAULT_NAMESPACE,
194
+ matches[:name] || name
193
195
  ]
194
196
  end
195
197
 
data/lib/dependabot/terraform/file_updater.rb CHANGED
@@ -112,7 +112,11 @@ module Dependabot
112
112
  end
113
113
 
114
114
  def update_registry_declaration(new_req, old_req, updated_content)
115
- regex = new_req[:source][:type] == "provider" ? provider_declaration_regex : registry_declaration_regex
115
+ regex = if new_req[:source][:type] == "provider"
116
+ provider_declaration_regex(updated_content)
117
+ else
118
+ registry_declaration_regex
119
+ end
116
120
  updated_content.gsub!(regex) do |regex_match|
117
121
  regex_match.sub(/^\s*version\s*=.*/) do |req_line_match|
118
122
  req_line_match.sub(old_req[:requirement], new_req[:requirement])
@@ -173,7 +177,10 @@ module Dependabot
173
177
  # Terraform will update the lockfile in place so we use a fresh lockfile for each lookup
174
178
  File.write(".terraform.lock.hcl", lockfile_hash_removed)
175
179
 
176
- SharedHelpers.run_shell_command("terraform providers lock -platform=#{arch} #{provider_source} -no-color")
180
+ SharedHelpers.run_shell_command(
181
+ "terraform providers lock -platform=#{arch} #{provider_source} -no-color",
182
+ fingerprint: "terraform providers lock -platform=<arch> <provider_source> -no-color"
183
+ )
177
184
 
178
185
  updated_lockfile = File.read(".terraform.lock.hcl")
179
186
  updated_hashes = extract_provider_h1_hashes(updated_lockfile, declaration_regex)
@@ -228,7 +235,10 @@ module Dependabot
228
235
 
229
236
  File.write(".terraform.lock.hcl", lockfile_dependency_removed)
230
237
 
231
- SharedHelpers.run_shell_command("terraform providers lock #{platforms} #{provider_source}")
238
+ SharedHelpers.run_shell_command(
239
+ "terraform providers lock #{platforms} #{provider_source}",
240
+ fingerprint: "terraform providers lock <platforms> <provider_source>"
241
+ )
232
242
 
233
243
  updated_lockfile = File.read(".terraform.lock.hcl")
234
244
  updated_dependency = updated_lockfile.scan(declaration_regex).first
@@ -301,12 +311,23 @@ module Dependabot
301
311
  /(?<=\").*(?=\")/
302
312
  end
303
313
 
304
- def provider_declaration_regex
314
+ def provider_declaration_regex(updated_content)
305
315
  name = Regexp.escape(dependency.name)
306
- %r{
307
- ((source\s*=\s*["'](#{Regexp.escape(registry_host_for(dependency))}/)?#{name}["']|\s*#{name}\s*=\s*\{.*)
316
+ registry_host = Regexp.escape(registry_host_for(dependency))
317
+ regex_version_preceeds = %r{
318
+ (((?<!required_)version\s=\s*["'].*["'])
319
+ (\s*source\s*=\s*["'](#{registry_host}/)?#{name}["']|\s*#{name}\s*=\s*\{.*))
320
+ }mx
321
+ regex_source_preceeds = %r{
322
+ ((source\s*=\s*["'](#{registry_host}/)?#{name}["']|\s*#{name}\s*=\s*\{.*)
308
323
  (?:(?!^\}).)+)
309
324
  }mx
325
+
326
+ if updated_content.match(regex_version_preceeds)
327
+ regex_version_preceeds
328
+ else
329
+ regex_source_preceeds
330
+ end
310
331
  end
311
332
 
312
333
  def registry_declaration_regex
data/lib/dependabot/terraform/version.rb CHANGED
@@ -1,5 +1,7 @@
1
1
  # frozen_string_literal: true
2
2
 
3
+ require "dependabot/version"
4
+
3
5
  # Terraform pre-release versions use 1.0.1-rc1 syntax, which Gem::Version
4
6
  # converts into 1.0.1.pre.rc1. We override the `to_s` method to stop that
5
7
  # alteration.
@@ -8,7 +10,7 @@
8
10
 
9
11
  module Dependabot
10
12
  module Terraform
11
- class Version < Gem::Version
13
+ class Version < Dependabot::Version
12
14
  def initialize(version)
13
15
  @version_string = version.to_s
14
16
  super
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-terraform
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.214.0
4
+ version: 0.216.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-12-01 00:00:00.000000000 Z
11
+ date: 2023-04-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.214.0
19
+ version: 0.216.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.214.0
26
+ version: 0.216.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ">="
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.0.0
33
+ version: 1.7.1
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ">="
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.0.0
40
+ version: 1.7.1
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: gpgme
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -58,14 +58,14 @@ dependencies:
58
58
  requirements:
59
59
  - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 4.0.0
61
+ version: 4.2.0
62
62
  type: :development
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 4.0.0
68
+ version: 4.2.0
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: rake
71
71
  requirement: !ruby/object:Gem::Requirement
@@ -86,70 +86,70 @@ dependencies:
86
86
  requirements:
87
87
  - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: '3.8'
89
+ version: '3.12'
90
90
  type: :development
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
94
  - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: '3.8'
96
+ version: '3.12'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: rspec-its
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: '1.2'
103
+ version: '1.3'
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: '1.2'
110
+ version: '1.3'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: rubocop
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.39.0
117
+ version: 1.48.0
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.39.0
124
+ version: 1.48.0
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop-performance
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.15.0
131
+ version: 1.17.1
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.15.0
138
+ version: 1.17.1
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: simplecov
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
143
  - - "~>"
144
144
  - !ruby/object:Gem::Version
145
- version: 0.21.0
145
+ version: 0.22.0
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
150
  - - "~>"
151
151
  - !ruby/object:Gem::Version
152
- version: 0.21.0
152
+ version: 0.22.0
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: simplecov-console
155
155
  requirement: !ruby/object:Gem::Requirement
@@ -182,33 +182,34 @@ dependencies:
182
182
  name: vcr
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
- - - '='
185
+ - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: 6.1.0
187
+ version: '6.1'
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
- - - '='
192
+ - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: 6.1.0
194
+ version: '6.1'
195
195
  - !ruby/object:Gem::Dependency
196
196
  name: webmock
197
197
  requirement: !ruby/object:Gem::Requirement
198
198
  requirements:
199
199
  - - "~>"
200
200
  - !ruby/object:Gem::Version
201
- version: '3.4'
201
+ version: '3.18'
202
202
  type: :development
203
203
  prerelease: false
204
204
  version_requirements: !ruby/object:Gem::Requirement
205
205
  requirements:
206
206
  - - "~>"
207
207
  - !ruby/object:Gem::Version
208
- version: '3.4'
209
- description: Automated dependency management for Ruby, JavaScript, Python, PHP, Elixir,
210
- Rust, Java, .NET, Elm and Go
211
- email: support@dependabot.com
208
+ version: '3.18'
209
+ description: Dependabot-Terraform provides support for bumping Terraform modules via
210
+ Dependabot. If you want support for multiple package managers, you probably want
211
+ the meta-gem dependabot-omnibus.
212
+ email: opensource@github.com
212
213
  executables: []
213
214
  extensions: []
214
215
  extra_rdoc_files: []
@@ -228,7 +229,9 @@ files:
228
229
  homepage: https://github.com/dependabot/dependabot-core
229
230
  licenses:
230
231
  - Nonstandard
231
- metadata: {}
232
+ metadata:
233
+ issue_tracker_uri: https://github.com/dependabot/dependabot-core/issues
234
+ changelog_uri: https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG.md
232
235
  post_install_message:
233
236
  rdoc_options: []
234
237
  require_paths:
@@ -244,8 +247,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
244
247
  - !ruby/object:Gem::Version
245
248
  version: 3.1.0
246
249
  requirements: []
247
- rubygems_version: 3.3.7
250
+ rubygems_version: 3.3.26
248
251
  signing_key:
249
252
  specification_version: 4
250
- summary: Terraform support for dependabot
253
+ summary: Provides Dependabot support for Terraform
251
254
  test_files: []