dependabot-terraform 0.230.0 → 0.231.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_fetcher.rb +12 -11
- data/lib/dependabot/terraform/file_parser.rb +5 -4
- data/lib/dependabot/terraform/file_selector.rb +1 -0
- data/lib/dependabot/terraform/file_updater.rb +11 -10
- data/lib/dependabot/terraform/metadata_finder.rb +6 -5
- data/lib/dependabot/terraform/registry_client.rb +7 -6
- data/lib/dependabot/terraform/requirement.rb +3 -2
- data/lib/dependabot/terraform/requirements_updater.rb +6 -5
- data/lib/dependabot/terraform/update_checker.rb +9 -8
- data/lib/dependabot/terraform/version.rb +3 -2
- data/lib/dependabot/terraform.rb +7 -6
- metadata +19 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 30a4af6fe104842d99b8a2213f507de087941aeb51af57909a8ecc96fd38a6a7
|
|
4
|
+
data.tar.gz: 191a1bac8a6c0ab96e6a43e8ef24fd95a39f4c26a398d55f57a060a42b0e5dc5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6d9725c851e3122cfc0565f3e37e53b3e8d2ef20aba77d44b78eeaa1ab826f770a14c83a83e7d49e24b343b98c010701da969bb578f6d607f01ccb96b90219c1
|
|
7
|
+
data.tar.gz: cdd399940d97806c82f33bd77dedaadde5ab0f99dbade0e40668aa153204345296b5c256c9f008a827b500a39ca5babcaa4288d600da86b8b12b72764ce5f68d
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/file_fetchers"
|
|
@@ -39,16 +40,16 @@ module Dependabot
|
|
|
39
40
|
|
|
40
41
|
def terraform_files
|
|
41
42
|
@terraform_files ||=
|
|
42
|
-
repo_contents(raise_errors: false)
|
|
43
|
-
select { |f| f.type == "file" && f.name.end_with?(".tf") }
|
|
44
|
-
map { |f| fetch_file_from_host(f.name) }
|
|
43
|
+
repo_contents(raise_errors: false)
|
|
44
|
+
.select { |f| f.type == "file" && f.name.end_with?(".tf") }
|
|
45
|
+
.map { |f| fetch_file_from_host(f.name) }
|
|
45
46
|
end
|
|
46
47
|
|
|
47
48
|
def terragrunt_files
|
|
48
49
|
@terragrunt_files ||=
|
|
49
|
-
repo_contents(raise_errors: false)
|
|
50
|
-
select { |f| f.type == "file" && terragrunt_file?(f.name) }
|
|
51
|
-
map { |f| fetch_file_from_host(f.name) }
|
|
50
|
+
repo_contents(raise_errors: false)
|
|
51
|
+
.select { |f| f.type == "file" && terragrunt_file?(f.name) }
|
|
52
|
+
.map { |f| fetch_file_from_host(f.name) }
|
|
52
53
|
end
|
|
53
54
|
|
|
54
55
|
def local_path_module_files(files, dir: ".")
|
|
@@ -58,9 +59,9 @@ module Dependabot
|
|
|
58
59
|
terraform_file_local_module_details(file).each do |path|
|
|
59
60
|
base_path = Pathname.new(File.join(dir, path)).cleanpath.to_path
|
|
60
61
|
nested_terraform_files =
|
|
61
|
-
repo_contents(dir: base_path)
|
|
62
|
-
select { |f| f.type == "file" && f.name.end_with?(".tf") }
|
|
63
|
-
map { |f| fetch_file_from_host(File.join(base_path, f.name)) }
|
|
62
|
+
repo_contents(dir: base_path)
|
|
63
|
+
.select { |f| f.type == "file" && f.name.end_with?(".tf") }
|
|
64
|
+
.map { |f| fetch_file_from_host(File.join(base_path, f.name)) }
|
|
64
65
|
terraform_files += nested_terraform_files
|
|
65
66
|
terraform_files += local_path_module_files(nested_terraform_files, dir: path)
|
|
66
67
|
end
|
|
@@ -89,5 +90,5 @@ module Dependabot
|
|
|
89
90
|
end
|
|
90
91
|
end
|
|
91
92
|
|
|
92
|
-
Dependabot::FileFetchers
|
|
93
|
-
register("terraform", Dependabot::Terraform::FileFetcher)
|
|
93
|
+
Dependabot::FileFetchers
|
|
94
|
+
.register("terraform", Dependabot::Terraform::FileFetcher)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "cgi"
|
|
@@ -355,8 +356,8 @@ module Dependabot
|
|
|
355
356
|
def determine_version_for(hostname, namespace, name, constraint)
|
|
356
357
|
return constraint if constraint&.match?(/\A\d/)
|
|
357
358
|
|
|
358
|
-
lock_file_content
|
|
359
|
-
dig("provider", "#{hostname}/#{namespace}/#{name}", 0, "version")
|
|
359
|
+
lock_file_content
|
|
360
|
+
.dig("provider", "#{hostname}/#{namespace}/#{name}", 0, "version")
|
|
360
361
|
end
|
|
361
362
|
|
|
362
363
|
def lock_file_content
|
|
@@ -372,5 +373,5 @@ module Dependabot
|
|
|
372
373
|
end
|
|
373
374
|
end
|
|
374
375
|
|
|
375
|
-
Dependabot::FileParsers
|
|
376
|
-
register("terraform", Dependabot::Terraform::FileParser)
|
|
376
|
+
Dependabot::FileParsers
|
|
377
|
+
.register("terraform", Dependabot::Terraform::FileParser)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/file_updaters"
|
|
@@ -75,8 +76,8 @@ module Dependabot
|
|
|
75
76
|
def updated_terraform_file_content(file)
|
|
76
77
|
content = file.content.dup
|
|
77
78
|
|
|
78
|
-
reqs = dependency.requirements.zip(dependency.previous_requirements)
|
|
79
|
-
|
|
79
|
+
reqs = dependency.requirements.zip(dependency.previous_requirements)
|
|
80
|
+
.reject { |new_req, old_req| new_req == old_req }
|
|
80
81
|
|
|
81
82
|
# Loop through each changed requirement and update the files and lockfile
|
|
82
83
|
reqs.each do |new_req, old_req|
|
|
@@ -125,15 +126,15 @@ module Dependabot
|
|
|
125
126
|
end
|
|
126
127
|
|
|
127
128
|
def extract_provider_h1_hashes(content, declaration_regex)
|
|
128
|
-
content.match(declaration_regex).to_s
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
129
|
+
content.match(declaration_regex).to_s
|
|
130
|
+
.match(hashes_object_regex).to_s
|
|
131
|
+
.split("\n").map { |hash| hash.match(hashes_string_regex).to_s }
|
|
132
|
+
.select { |h| h&.match?(/^h1:/) }
|
|
132
133
|
end
|
|
133
134
|
|
|
134
135
|
def remove_provider_h1_hashes(content, declaration_regex)
|
|
135
|
-
content.match(declaration_regex).to_s
|
|
136
|
-
|
|
136
|
+
content.match(declaration_regex).to_s
|
|
137
|
+
.sub(hashes_object_regex, "")
|
|
137
138
|
end
|
|
138
139
|
|
|
139
140
|
def lockfile_details(new_req)
|
|
@@ -373,5 +374,5 @@ module Dependabot
|
|
|
373
374
|
end
|
|
374
375
|
end
|
|
375
376
|
|
|
376
|
-
Dependabot::FileUpdaters
|
|
377
|
-
register("terraform", Dependabot::Terraform::FileUpdater)
|
|
377
|
+
Dependabot::FileUpdaters
|
|
378
|
+
.register("terraform", Dependabot::Terraform::FileUpdater)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "excon"
|
|
@@ -35,13 +36,13 @@ module Dependabot
|
|
|
35
36
|
info = dependency.requirements.filter_map { |r| r[:source] }.first
|
|
36
37
|
hostname = info[:registry_hostname] || info["registry_hostname"]
|
|
37
38
|
|
|
38
|
-
RegistryClient
|
|
39
|
-
new(hostname: hostname, credentials: credentials)
|
|
40
|
-
source(dependency: dependency)
|
|
39
|
+
RegistryClient
|
|
40
|
+
.new(hostname: hostname, credentials: credentials)
|
|
41
|
+
.source(dependency: dependency)
|
|
41
42
|
end
|
|
42
43
|
end
|
|
43
44
|
end
|
|
44
45
|
end
|
|
45
46
|
|
|
46
|
-
Dependabot::MetadataFinders
|
|
47
|
-
register("terraform", Dependabot::Terraform::MetadataFinder)
|
|
47
|
+
Dependabot::MetadataFinders
|
|
48
|
+
.register("terraform", Dependabot::Terraform::MetadataFinder)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/dependency"
|
|
@@ -61,9 +62,9 @@ module Dependabot
|
|
|
61
62
|
base_url = service_url_for("providers.v1")
|
|
62
63
|
response = http_get!(URI.join(base_url, "#{identifier}/versions"))
|
|
63
64
|
|
|
64
|
-
JSON.parse(response.body)
|
|
65
|
-
|
|
66
|
-
|
|
65
|
+
JSON.parse(response.body)
|
|
66
|
+
.fetch("versions")
|
|
67
|
+
.map { |release| version_class.new(release.fetch("version")) }
|
|
67
68
|
rescue Excon::Error
|
|
68
69
|
raise error("Could not fetch provider versions")
|
|
69
70
|
end
|
|
@@ -79,9 +80,9 @@ module Dependabot
|
|
|
79
80
|
base_url = service_url_for("modules.v1")
|
|
80
81
|
response = http_get!(URI.join(base_url, "#{identifier}/versions"))
|
|
81
82
|
|
|
82
|
-
JSON.parse(response.body)
|
|
83
|
-
|
|
84
|
-
|
|
83
|
+
JSON.parse(response.body)
|
|
84
|
+
.fetch("modules").first.fetch("versions")
|
|
85
|
+
.map { |release| version_class.new(release.fetch("version")) }
|
|
85
86
|
end
|
|
86
87
|
|
|
87
88
|
# Fetch the "source" for a module or provider. We use the API to fetch
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/utils"
|
|
@@ -47,5 +48,5 @@ module Dependabot
|
|
|
47
48
|
end
|
|
48
49
|
end
|
|
49
50
|
|
|
50
|
-
Dependabot::Utils
|
|
51
|
-
register_requirement_class("terraform", Dependabot::Terraform::Requirement)
|
|
51
|
+
Dependabot::Utils
|
|
52
|
+
.register_requirement_class("terraform", Dependabot::Terraform::Requirement)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
####################################################################
|
|
@@ -109,8 +110,8 @@ module Dependabot
|
|
|
109
110
|
|
|
110
111
|
# Updates the version in a "~>" constraint to allow the given version
|
|
111
112
|
def update_twiddle_version(req_string)
|
|
112
|
-
old_version = requirement_class.new(req_string)
|
|
113
|
-
|
|
113
|
+
old_version = requirement_class.new(req_string)
|
|
114
|
+
.requirements.first.last
|
|
114
115
|
updated_version = at_same_precision(latest_version, old_version)
|
|
115
116
|
req_string.sub(old_version.to_s, updated_version)
|
|
116
117
|
end
|
|
@@ -137,9 +138,9 @@ module Dependabot
|
|
|
137
138
|
new_release =
|
|
138
139
|
new_version.to_s.split(".").first(release_precision)
|
|
139
140
|
new_prerelease =
|
|
140
|
-
new_version.to_s.split(".")
|
|
141
|
-
|
|
142
|
-
|
|
141
|
+
new_version.to_s.split(".")
|
|
142
|
+
.drop_while { |i| i.match?(/^\d+$/) }
|
|
143
|
+
.first([prerelease_precision, 1].max)
|
|
143
144
|
|
|
144
145
|
[*new_release, *new_prerelease].join(".")
|
|
145
146
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/update_checkers"
|
|
@@ -122,13 +123,13 @@ module Dependabot
|
|
|
122
123
|
# we want to update that tag. Because we don't have a lockfile, the
|
|
123
124
|
# latest version is the tag itself.
|
|
124
125
|
if git_commit_checker.pinned_ref_looks_like_version?
|
|
125
|
-
latest_tag = git_commit_checker.local_tag_for_latest_version
|
|
126
|
-
fetch(:tag)
|
|
126
|
+
latest_tag = git_commit_checker.local_tag_for_latest_version
|
|
127
|
+
&.fetch(:tag)
|
|
127
128
|
version_rgx = GitCommitChecker::VERSION_REGEX
|
|
128
129
|
return unless latest_tag.match(version_rgx)
|
|
129
130
|
|
|
130
|
-
version = latest_tag.match(version_rgx)
|
|
131
|
-
|
|
131
|
+
version = latest_tag.match(version_rgx)
|
|
132
|
+
.named_captures.fetch("version")
|
|
132
133
|
return version_class.new(version)
|
|
133
134
|
end
|
|
134
135
|
|
|
@@ -142,8 +143,8 @@ module Dependabot
|
|
|
142
143
|
return unless git_commit_checker.pinned?
|
|
143
144
|
return unless git_commit_checker.pinned_ref_looks_like_version?
|
|
144
145
|
|
|
145
|
-
latest_tag = git_commit_checker.local_tag_for_latest_version
|
|
146
|
-
fetch(:tag)
|
|
146
|
+
latest_tag = git_commit_checker.local_tag_for_latest_version
|
|
147
|
+
&.fetch(:tag)
|
|
147
148
|
|
|
148
149
|
version_rgx = GitCommitChecker::VERSION_REGEX
|
|
149
150
|
return unless latest_tag.match(version_rgx)
|
|
@@ -190,5 +191,5 @@ module Dependabot
|
|
|
190
191
|
end
|
|
191
192
|
end
|
|
192
193
|
|
|
193
|
-
Dependabot::UpdateCheckers
|
|
194
|
-
register("terraform", Dependabot::Terraform::UpdateChecker)
|
|
194
|
+
Dependabot::UpdateCheckers
|
|
195
|
+
.register("terraform", Dependabot::Terraform::UpdateChecker)
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
require "dependabot/version"
|
|
@@ -23,5 +24,5 @@ module Dependabot
|
|
|
23
24
|
end
|
|
24
25
|
end
|
|
25
26
|
|
|
26
|
-
Dependabot::Utils
|
|
27
|
-
register_version_class("terraform", Dependabot::Terraform::Version)
|
|
27
|
+
Dependabot::Utils
|
|
28
|
+
.register_version_class("terraform", Dependabot::Terraform::Version)
|
data/lib/dependabot/terraform.rb
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
# typed: false
|
|
1
2
|
# frozen_string_literal: true
|
|
2
3
|
|
|
3
4
|
# These all need to be required so the various classes can be registered in a
|
|
@@ -11,18 +12,18 @@ require "dependabot/terraform/requirement"
|
|
|
11
12
|
require "dependabot/terraform/version"
|
|
12
13
|
|
|
13
14
|
require "dependabot/pull_request_creator/labeler"
|
|
14
|
-
Dependabot::PullRequestCreator::Labeler
|
|
15
|
-
register_label_details("terraform", name: "terraform", colour: "5C4EE5")
|
|
15
|
+
Dependabot::PullRequestCreator::Labeler
|
|
16
|
+
.register_label_details("terraform", name: "terraform", colour: "5C4EE5")
|
|
16
17
|
|
|
17
18
|
require "dependabot/dependency"
|
|
18
|
-
Dependabot::Dependency
|
|
19
|
-
register_production_check("terraform", ->(_) { true })
|
|
19
|
+
Dependabot::Dependency
|
|
20
|
+
.register_production_check("terraform", ->(_) { true })
|
|
20
21
|
|
|
21
22
|
require "dependabot/utils"
|
|
22
23
|
Dependabot::Utils.register_always_clone("terraform")
|
|
23
24
|
|
|
24
|
-
Dependabot::Dependency
|
|
25
|
-
register_display_name_builder(
|
|
25
|
+
Dependabot::Dependency
|
|
26
|
+
.register_display_name_builder(
|
|
26
27
|
"terraform",
|
|
27
28
|
lambda { |name|
|
|
28
29
|
# Only modify the name if it a git source dependency
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.231.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-09-
|
|
11
|
+
date: 2023-09-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.231.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.231.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -136,6 +136,20 @@ dependencies:
|
|
|
136
136
|
- - "~>"
|
|
137
137
|
- !ruby/object:Gem::Version
|
|
138
138
|
version: 1.19.0
|
|
139
|
+
- !ruby/object:Gem::Dependency
|
|
140
|
+
name: rubocop-sorbet
|
|
141
|
+
requirement: !ruby/object:Gem::Requirement
|
|
142
|
+
requirements:
|
|
143
|
+
- - "~>"
|
|
144
|
+
- !ruby/object:Gem::Version
|
|
145
|
+
version: 0.7.3
|
|
146
|
+
type: :development
|
|
147
|
+
prerelease: false
|
|
148
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
149
|
+
requirements:
|
|
150
|
+
- - "~>"
|
|
151
|
+
- !ruby/object:Gem::Version
|
|
152
|
+
version: 0.7.3
|
|
139
153
|
- !ruby/object:Gem::Dependency
|
|
140
154
|
name: stackprof
|
|
141
155
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -203,7 +217,7 @@ licenses:
|
|
|
203
217
|
- Nonstandard
|
|
204
218
|
metadata:
|
|
205
219
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
206
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
220
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.231.0
|
|
207
221
|
post_install_message:
|
|
208
222
|
rdoc_options: []
|
|
209
223
|
require_paths:
|