dependabot-terraform 0.266.0 → 0.268.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/update_checker.rb +53 -14
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dfafcf14f07de855d5852c1b18e058e06ad589702cd65d520424b1b14800ba5c
|
|
4
|
+
data.tar.gz: 6af17e4d1fd4044c9d28c85e31a69ed20f620387bfe68cb088f521dcbef4b234
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d5dd70285d03158dc1245066f3ced39dfea1f5288d22098a7003ce6b7a7c686092beb32265c5839c0a76938a6e7f5a9f85b88bc4b8ae8660b1f3263831ad5e6d
|
|
7
|
+
data.tar.gz: 95b840a8d8ab35ece09fe671d8d477bfe2babbb131fe3f6db0b88fe10637952d42cac7a63240c394712cb0fd8cdc5a32c398a12c4b74e3c69dcdf8cc19e94b77
|
|
@@ -1,6 +1,8 @@
|
|
|
1
|
-
# typed:
|
|
1
|
+
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
+
require "sorbet-runtime"
|
|
5
|
+
|
|
4
6
|
require "dependabot/update_checkers"
|
|
5
7
|
require "dependabot/update_checkers/base"
|
|
6
8
|
require "dependabot/git_commit_checker"
|
|
@@ -12,8 +14,14 @@ require "dependabot/terraform/registry_client"
|
|
|
12
14
|
module Dependabot
|
|
13
15
|
module Terraform
|
|
14
16
|
class UpdateChecker < Dependabot::UpdateCheckers::Base
|
|
15
|
-
|
|
17
|
+
extend T::Sig
|
|
18
|
+
|
|
19
|
+
ELIGIBLE_SOURCE_TYPES = T.let(
|
|
20
|
+
%w(git provider registry).freeze,
|
|
21
|
+
T::Array[String]
|
|
22
|
+
)
|
|
16
23
|
|
|
24
|
+
sig { override.returns(T.nilable(T.any(String, Gem::Version))) }
|
|
17
25
|
def latest_version
|
|
18
26
|
return latest_version_for_git_dependency if git_dependency?
|
|
19
27
|
return latest_version_for_registry_dependency if registry_dependency?
|
|
@@ -22,17 +30,20 @@ module Dependabot
|
|
|
22
30
|
# Other sources (mercurial, path dependencies) just return `nil`
|
|
23
31
|
end
|
|
24
32
|
|
|
33
|
+
sig { override.returns(T.nilable(T.any(String, Gem::Version))) }
|
|
25
34
|
def latest_resolvable_version
|
|
26
35
|
# No concept of resolvability for terraform modules (that we're aware
|
|
27
36
|
# of - there may be in future).
|
|
28
37
|
latest_version
|
|
29
38
|
end
|
|
30
39
|
|
|
40
|
+
sig { override.returns(T.nilable(T.any(String, Dependabot::Version))) }
|
|
31
41
|
def latest_resolvable_version_with_no_unlock
|
|
32
42
|
# Irrelevant, since Terraform doesn't have a lockfile
|
|
33
43
|
nil
|
|
34
44
|
end
|
|
35
45
|
|
|
46
|
+
sig { override.returns(T::Array[T::Hash[Symbol, T.untyped]]) }
|
|
36
47
|
def updated_requirements
|
|
37
48
|
RequirementsUpdater.new(
|
|
38
49
|
requirements: dependency.requirements,
|
|
@@ -41,6 +52,7 @@ module Dependabot
|
|
|
41
52
|
).updated_requirements
|
|
42
53
|
end
|
|
43
54
|
|
|
55
|
+
sig { returns(T::Boolean) }
|
|
44
56
|
def requirements_unlocked_or_can_be?
|
|
45
57
|
# If the requirement comes from a proxy URL then there's no way for
|
|
46
58
|
# us to update it
|
|
@@ -49,15 +61,18 @@ module Dependabot
|
|
|
49
61
|
|
|
50
62
|
private
|
|
51
63
|
|
|
64
|
+
sig { override.returns(T::Boolean) }
|
|
52
65
|
def latest_version_resolvable_with_full_unlock?
|
|
53
66
|
# Full unlock checks aren't relevant for Terraform files
|
|
54
67
|
false
|
|
55
68
|
end
|
|
56
69
|
|
|
70
|
+
sig { override.returns(T::Array[Dependabot::Dependency]) }
|
|
57
71
|
def updated_dependencies_after_full_unlock
|
|
58
72
|
raise NotImplementedError
|
|
59
73
|
end
|
|
60
74
|
|
|
75
|
+
sig { returns(T.nilable(Dependabot::Terraform::Version)) }
|
|
61
76
|
def latest_version_for_registry_dependency
|
|
62
77
|
return unless registry_dependency?
|
|
63
78
|
|
|
@@ -67,26 +82,36 @@ module Dependabot
|
|
|
67
82
|
versions.reject!(&:prerelease?) unless wants_prerelease?
|
|
68
83
|
versions.reject! { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
|
|
69
84
|
|
|
70
|
-
@latest_version_for_registry_dependency =
|
|
85
|
+
@latest_version_for_registry_dependency = T.let(
|
|
86
|
+
versions.max,
|
|
87
|
+
T.nilable(Dependabot::Terraform::Version)
|
|
88
|
+
)
|
|
71
89
|
end
|
|
72
90
|
|
|
91
|
+
sig { returns(T::Array[Dependabot::Terraform::Version]) }
|
|
73
92
|
def all_module_versions
|
|
74
|
-
identifier = dependency_source_details
|
|
93
|
+
identifier = dependency_source_details&.fetch(:module_identifier)
|
|
75
94
|
registry_client.all_module_versions(identifier: identifier)
|
|
76
95
|
end
|
|
77
96
|
|
|
97
|
+
sig { returns(T::Array[Dependabot::Terraform::Version]) }
|
|
78
98
|
def all_provider_versions
|
|
79
|
-
identifier = dependency_source_details
|
|
99
|
+
identifier = dependency_source_details&.fetch(:module_identifier)
|
|
80
100
|
registry_client.all_provider_versions(identifier: identifier)
|
|
81
101
|
end
|
|
82
102
|
|
|
103
|
+
sig { returns(Dependabot::Terraform::RegistryClient) }
|
|
83
104
|
def registry_client
|
|
84
|
-
@registry_client ||=
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
105
|
+
@registry_client ||= T.let(
|
|
106
|
+
begin
|
|
107
|
+
hostname = dependency_source_details&.fetch(:registry_hostname)
|
|
108
|
+
RegistryClient.new(hostname: hostname, credentials: credentials)
|
|
109
|
+
end,
|
|
110
|
+
T.nilable(Dependabot::Terraform::RegistryClient)
|
|
111
|
+
)
|
|
88
112
|
end
|
|
89
113
|
|
|
114
|
+
sig { returns(T.nilable(Dependabot::Terraform::Version)) }
|
|
90
115
|
def latest_version_for_provider_dependency
|
|
91
116
|
return unless provider_dependency?
|
|
92
117
|
|
|
@@ -96,9 +121,13 @@ module Dependabot
|
|
|
96
121
|
versions.reject!(&:prerelease?) unless wants_prerelease?
|
|
97
122
|
versions.reject! { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }
|
|
98
123
|
|
|
99
|
-
@latest_version_for_provider_dependency =
|
|
124
|
+
@latest_version_for_provider_dependency = T.let(
|
|
125
|
+
versions.max,
|
|
126
|
+
T.nilable(Dependabot::Terraform::Version)
|
|
127
|
+
)
|
|
100
128
|
end
|
|
101
129
|
|
|
130
|
+
sig { returns(T::Boolean) }
|
|
102
131
|
def wants_prerelease?
|
|
103
132
|
current_version = dependency.version
|
|
104
133
|
if current_version &&
|
|
@@ -112,6 +141,7 @@ module Dependabot
|
|
|
112
141
|
end
|
|
113
142
|
end
|
|
114
143
|
|
|
144
|
+
sig { returns(T.nilable(T.any(Dependabot::Version, String))) }
|
|
115
145
|
def latest_version_for_git_dependency
|
|
116
146
|
# If the module isn't pinned then there's nothing for us to update
|
|
117
147
|
# (since there's no lockfile to update the version in). We still
|
|
@@ -138,6 +168,7 @@ module Dependabot
|
|
|
138
168
|
nil
|
|
139
169
|
end
|
|
140
170
|
|
|
171
|
+
sig { returns(T.nilable(String)) }
|
|
141
172
|
def tag_for_latest_version
|
|
142
173
|
return unless git_commit_checker.git_dependency?
|
|
143
174
|
return unless git_commit_checker.pinned?
|
|
@@ -152,40 +183,48 @@ module Dependabot
|
|
|
152
183
|
latest_tag
|
|
153
184
|
end
|
|
154
185
|
|
|
186
|
+
sig { returns(T::Boolean) }
|
|
155
187
|
def proxy_requirement?
|
|
156
188
|
dependency.requirements.any? do |req|
|
|
157
189
|
req.fetch(:source)&.fetch(:proxy_url, nil)
|
|
158
190
|
end
|
|
159
191
|
end
|
|
160
192
|
|
|
193
|
+
sig { returns(T::Boolean) }
|
|
161
194
|
def registry_dependency?
|
|
162
195
|
return false if dependency_source_details.nil?
|
|
163
196
|
|
|
164
|
-
dependency_source_details
|
|
197
|
+
dependency_source_details&.fetch(:type) == "registry"
|
|
165
198
|
end
|
|
166
199
|
|
|
200
|
+
sig { returns(T::Boolean) }
|
|
167
201
|
def provider_dependency?
|
|
168
202
|
return false if dependency_source_details.nil?
|
|
169
203
|
|
|
170
|
-
dependency_source_details
|
|
204
|
+
dependency_source_details&.fetch(:type) == "provider"
|
|
171
205
|
end
|
|
172
206
|
|
|
207
|
+
sig { returns(T.nilable(T::Hash[T.any(String, Symbol), T.untyped])) }
|
|
173
208
|
def dependency_source_details
|
|
174
209
|
dependency.source_details(allowed_types: ELIGIBLE_SOURCE_TYPES)
|
|
175
210
|
end
|
|
176
211
|
|
|
212
|
+
sig { returns(T::Boolean) }
|
|
177
213
|
def git_dependency?
|
|
178
214
|
git_commit_checker.git_dependency?
|
|
179
215
|
end
|
|
180
216
|
|
|
217
|
+
sig { returns(Dependabot::GitCommitChecker) }
|
|
181
218
|
def git_commit_checker
|
|
182
|
-
@git_commit_checker ||=
|
|
219
|
+
@git_commit_checker ||= T.let(
|
|
183
220
|
GitCommitChecker.new(
|
|
184
221
|
dependency: dependency,
|
|
185
222
|
credentials: credentials,
|
|
186
223
|
ignored_versions: ignored_versions,
|
|
187
224
|
raise_on_ignored: raise_on_ignored
|
|
188
|
-
)
|
|
225
|
+
),
|
|
226
|
+
T.nilable(Dependabot::GitCommitChecker)
|
|
227
|
+
)
|
|
189
228
|
end
|
|
190
229
|
end
|
|
191
230
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.268.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-
|
|
11
|
+
date: 2024-08-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.268.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.268.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: debug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -260,7 +260,7 @@ licenses:
|
|
|
260
260
|
- MIT
|
|
261
261
|
metadata:
|
|
262
262
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
263
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
263
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.268.0
|
|
264
264
|
post_install_message:
|
|
265
265
|
rdoc_options: []
|
|
266
266
|
require_paths:
|