dependabot-terraform 0.253.0 → 0.255.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/terraform/file_fetcher.rb +31 -12
  3. data/lib/dependabot/terraform/file_filter.rb +24 -0
  4. data/lib/dependabot/terraform/file_selector.rb +30 -17
  5. metadata +31 -16
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c3b3c08a5267066244616f19aeeed5fea49ec19cbaa6b57ccc2c9dab6ba815ea
4
- data.tar.gz: 8144d85b7f023b0ae02ac1041df97d79c33657189236d493f47830d505a19c95
3
+ metadata.gz: b86ff97e37a0fd8c3156a5bed89492c56564d444a8fea552b93498a34089ffed
4
+ data.tar.gz: e841cdee87c46bfeabd69cb7ca3bd707122ce22ed021f04289cb22bc434065ac
5
5
  SHA512:
6
- metadata.gz: b7ae5cbb2156fd7b1f69db28df2e50d766ca1735ffef4a33aaafd64c027929b5994af24a4284635cabc79d4eb46d5e6fd79e6fe7a344561ff21dd5acf4635943
7
- data.tar.gz: f31b47af9ca0f0a2be750d76de8cdc7c33877dfb59d3d60d6e963861d6341938bb1fbc5dd33c8fdbfb9bd0c9aa2474e7fae8effc9c8d206960f476a80fb3a429
6
+ metadata.gz: a2010ee735c7e9674f5fd3445ecefd81d640b93caa3638377582f66180ad24237437809778ee09f4b066cbae6145ec5d4a9d9f02649bb1c690298563fa474521
7
+ data.tar.gz: 78c86fe178f4662a637faa9e6fb37b9b6755211c74e6fcf4f5eb7a6f7ac7ee6314bd67afe31fcca194b96ee424dbffc8cc60ad857b5f2dc01c0aaa6522347a5d
data/lib/dependabot/terraform/file_fetcher.rb CHANGED
@@ -1,7 +1,8 @@
1
- # typed: false
1
+ # typed: strict
2
2
  # frozen_string_literal: true
3
3
 
4
4
  require "sorbet-runtime"
5
+
5
6
  require "dependabot/file_fetchers"
6
7
  require "dependabot/file_fetchers/base"
7
8
  require "dependabot/terraform/file_selector"
@@ -12,15 +13,17 @@ module Dependabot
12
13
  extend T::Sig
13
14
  extend T::Helpers
14
15
 
15
- include FileSelector
16
+ include FileFilter
16
17
 
17
18
  # https://www.terraform.io/docs/language/modules/sources.html#local-paths
18
19
  LOCAL_PATH_SOURCE = %r{source\s*=\s*['"](?<path>..?\/[^'"]+)}
19
20
 
21
+ sig { override.params(filenames: T::Array[String]).returns(T::Boolean) }
20
22
  def self.required_files_in?(filenames)
21
23
  filenames.any? { |f| f.end_with?(".tf", ".hcl") }
22
24
  end
23
25
 
26
+ sig { override.returns(String) }
24
27
  def self.required_files_message
25
28
  "Repo must contain a Terraform configuration file."
26
29
  end
@@ -37,22 +40,35 @@ module Dependabot
37
40
 
38
41
  private
39
42
 
43
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
40
44
  def terraform_files
41
- @terraform_files ||=
45
+ @terraform_files ||= T.let(
42
46
  repo_contents(raise_errors: false)
43
47
  .select { |f| f.type == "file" && f.name.end_with?(".tf") }
44
- .map { |f| fetch_file_from_host(f.name) }
48
+ .map { |f| fetch_file_from_host(f.name) },
49
+ T.nilable(T::Array[Dependabot::DependencyFile])
50
+ )
45
51
  end
46
52
 
53
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
47
54
  def terragrunt_files
48
- @terragrunt_files ||=
55
+ @terragrunt_files ||= T.let(
49
56
  repo_contents(raise_errors: false)
50
57
  .select { |f| f.type == "file" && terragrunt_file?(f.name) }
51
- .map { |f| fetch_file_from_host(f.name) }
58
+ .map { |f| fetch_file_from_host(f.name) },
59
+ T.nilable(T::Array[Dependabot::DependencyFile])
60
+ )
52
61
  end
53
62
 
63
+ sig do
64
+ params(
65
+ files: T::Array[Dependabot::DependencyFile],
66
+ dir: String
67
+ )
68
+ .returns(T::Array[Dependabot::DependencyFile])
69
+ end
54
70
  def local_path_module_files(files, dir: ".")
55
- terraform_files = []
71
+ terraform_files = T.let([], T::Array[Dependabot::DependencyFile])
56
72
 
57
73
  files.each do |file|
58
74
  terraform_file_local_module_details(file).each do |path|
@@ -71,19 +87,22 @@ module Dependabot
71
87
  terraform_files.tap { |fs| fs.each { |f| f.support_file = true } }
72
88
  end
73
89
 
90
+ sig { params(file: Dependabot::DependencyFile).returns(T::Array[String]) }
74
91
  def terraform_file_local_module_details(file)
75
92
  return [] unless file.name.end_with?(".tf")
76
- return [] unless file.content.match?(LOCAL_PATH_SOURCE)
93
+ return [] unless file.content&.match?(LOCAL_PATH_SOURCE)
77
94
 
78
- file.content.scan(LOCAL_PATH_SOURCE).flatten.map do |path|
95
+ T.must(file.content).scan(LOCAL_PATH_SOURCE).flatten.map do |path|
79
96
  Pathname.new(path).cleanpath.to_path
80
97
  end
81
98
  end
82
99
 
100
+ sig { returns(T.nilable(Dependabot::DependencyFile)) }
83
101
  def lockfile
84
- return @lockfile if defined?(@lockfile)
85
-
86
- @lockfile = fetch_file_if_present(".terraform.lock.hcl")
102
+ @lockfile ||= T.let(
103
+ fetch_file_if_present(".terraform.lock.hcl"),
104
+ T.nilable(Dependabot::DependencyFile)
105
+ )
87
106
  end
88
107
  end
89
108
  end
data/lib/dependabot/terraform/file_filter.rb ADDED
@@ -0,0 +1,24 @@
1
+ # typed: strong
2
+ # frozen_string_literal: true
3
+
4
+ require "sorbet-runtime"
5
+
6
+ module Dependabot
7
+ module Terraform
8
+ module FileFilter
9
+ extend T::Sig
10
+
11
+ private
12
+
13
+ sig { params(file_name: String).returns(T::Boolean) }
14
+ def terragrunt_file?(file_name)
15
+ !lockfile?(file_name) && file_name.end_with?(".hcl")
16
+ end
17
+
18
+ sig { params(filename: String).returns(T::Boolean) }
19
+ def lockfile?(filename)
20
+ filename == ".terraform.lock.hcl"
21
+ end
22
+ end
23
+ end
24
+ end
data/lib/dependabot/terraform/file_selector.rb CHANGED
@@ -1,26 +1,39 @@
1
- # typed: false
1
+ # typed: strong
2
2
  # frozen_string_literal: true
3
3
 
4
- module FileSelector
5
- private
4
+ require "sorbet-runtime"
6
5
 
7
- def terraform_files
8
- dependency_files.select { |f| f.name.end_with?(".tf") }
9
- end
6
+ require "dependabot/terraform/file_filter"
10
7
 
11
- def terragrunt_files
12
- dependency_files.select { |f| terragrunt_file?(f.name) }
13
- end
8
+ module Dependabot
9
+ module Terraform
10
+ module FileSelector
11
+ extend T::Sig
12
+ extend T::Helpers
14
13
 
15
- def terragrunt_file?(file_name)
16
- !lockfile?(file_name) && file_name.end_with?(".hcl")
17
- end
14
+ abstract!
18
15
 
19
- def lockfile?(filename)
20
- filename == ".terraform.lock.hcl"
21
- end
16
+ sig { abstract.returns(T::Array[Dependabot::DependencyFile]) }
17
+ def dependency_files; end
18
+
19
+ private
20
+
21
+ include FileFilter
22
+
23
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
24
+ def terraform_files
25
+ dependency_files.select { |f| f.name.end_with?(".tf") }
26
+ end
27
+
28
+ sig { returns(T::Array[Dependabot::DependencyFile]) }
29
+ def terragrunt_files
30
+ dependency_files.select { |f| terragrunt_file?(f.name) }
31
+ end
22
32
 
23
- def lockfile
24
- dependency_files.find { |f| lockfile?(f.name) }
33
+ sig { returns(T.nilable(Dependabot::DependencyFile)) }
34
+ def lockfile
35
+ dependency_files.find { |f| lockfile?(f.name) }
36
+ end
37
+ end
25
38
  end
26
39
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-terraform
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.253.0
4
+ version: 0.255.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-04-18 00:00:00.000000000 Z
11
+ date: 2024-05-03 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,28 +16,28 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.253.0
19
+ version: 0.255.0
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.253.0
26
+ version: 0.255.0
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: debug
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
31
  - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.8.0
33
+ version: 1.9.2
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
38
  - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.8.0
40
+ version: 1.9.2
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: gpgme
43
43
  requirement: !ruby/object:Gem::Requirement
@@ -114,56 +114,70 @@ dependencies:
114
114
  requirements:
115
115
  - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 1.58.0
117
+ version: 1.63.2
118
118
  type: :development
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
122
  - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 1.58.0
124
+ version: 1.63.2
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rubocop-performance
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
129
  - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 1.19.0
131
+ version: 1.21.0
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
136
  - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 1.19.0
138
+ version: 1.21.0
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: rubocop-rspec
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
143
  - - "~>"
144
144
  - !ruby/object:Gem::Version
145
- version: 2.27.1
145
+ version: 2.29.1
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
150
  - - "~>"
151
151
  - !ruby/object:Gem::Version
152
- version: 2.27.1
152
+ version: 2.29.1
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: rubocop-sorbet
155
155
  requirement: !ruby/object:Gem::Requirement
156
156
  requirements:
157
157
  - - "~>"
158
158
  - !ruby/object:Gem::Version
159
- version: 0.7.3
159
+ version: 0.8.1
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - "~>"
165
+ - !ruby/object:Gem::Version
166
+ version: 0.8.1
167
+ - !ruby/object:Gem::Dependency
168
+ name: simplecov
169
+ requirement: !ruby/object:Gem::Requirement
170
+ requirements:
171
+ - - "~>"
172
+ - !ruby/object:Gem::Version
173
+ version: 0.22.0
160
174
  type: :development
161
175
  prerelease: false
162
176
  version_requirements: !ruby/object:Gem::Requirement
163
177
  requirements:
164
178
  - - "~>"
165
179
  - !ruby/object:Gem::Version
166
- version: 0.7.3
180
+ version: 0.22.0
167
181
  - !ruby/object:Gem::Dependency
168
182
  name: turbo_tests
169
183
  requirement: !ruby/object:Gem::Requirement
@@ -231,6 +245,7 @@ files:
231
245
  - helpers/build
232
246
  - lib/dependabot/terraform.rb
233
247
  - lib/dependabot/terraform/file_fetcher.rb
248
+ - lib/dependabot/terraform/file_filter.rb
234
249
  - lib/dependabot/terraform/file_parser.rb
235
250
  - lib/dependabot/terraform/file_selector.rb
236
251
  - lib/dependabot/terraform/file_updater.rb
@@ -245,7 +260,7 @@ licenses:
245
260
  - Nonstandard
246
261
  metadata:
247
262
  bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
248
- changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.253.0
263
+ changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.255.0
249
264
  post_install_message:
250
265
  rdoc_options: []
251
266
  require_paths:
@@ -261,7 +276,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
261
276
  - !ruby/object:Gem::Version
262
277
  version: 3.1.0
263
278
  requirements: []
264
- rubygems_version: 3.3.26
279
+ rubygems_version: 3.5.9
265
280
  signing_key:
266
281
  specification_version: 4
267
282
  summary: Provides Dependabot support for Terraform