dependabot-terraform 0.355.0 → 0.357.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_fetcher.rb +3 -2
- data/lib/dependabot/terraform/file_parser.rb +20 -17
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7a2cbf57fa6c093093300b03f98684c1fc7b118fb12398619ffbf4dc3a01c7a7
|
|
4
|
+
data.tar.gz: d4ec66bdf562393a60374dfc64068d01fc811e1541df629efa148bdf1f800954
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f4549e8bccd588fe4ea943bda4088de9750a933157f1ac26c073c05984f09135b2f8eca6552f59b105c9b615a337bfe063153a28b6283604583cc42880dfa0e6
|
|
7
|
+
data.tar.gz: de1c0555586234d67c7a6e3cc804a8cef167ac0c0cb5452ed938c29a68a8d10b82d6dd3e64c7b80f4d75ea43b4a88604e9863461fdbed0bbf37147c91b5285c1
|
|
@@ -94,8 +94,9 @@ module Dependabot
|
|
|
94
94
|
end
|
|
95
95
|
end
|
|
96
96
|
|
|
97
|
-
# NOTE:
|
|
98
|
-
#
|
|
97
|
+
# NOTE: Mark local module files as support files. The FileParser will
|
|
98
|
+
# still parse provider requirements from these files, but will skip
|
|
99
|
+
# module declarations (since we can't update local path modules)
|
|
99
100
|
terraform_files.tap { |fs| fs.each { |f| f.support_file = true } }
|
|
100
101
|
end
|
|
101
102
|
|
|
@@ -1,7 +1,6 @@
|
|
|
1
1
|
# typed: strict
|
|
2
2
|
# frozen_string_literal: true
|
|
3
3
|
|
|
4
|
-
require "cgi"
|
|
5
4
|
require "excon"
|
|
6
5
|
require "nokogiri"
|
|
7
6
|
require "open3"
|
|
@@ -61,27 +60,31 @@ module Dependabot
|
|
|
61
60
|
sig { params(dependency_set: Dependabot::FileParsers::Base::DependencySet).void }
|
|
62
61
|
def parse_terraform_files(dependency_set)
|
|
63
62
|
terraform_files.each do |file|
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
override_terraform_files.
|
|
70
|
-
|
|
71
|
-
|
|
63
|
+
# Process module declarations only for non-support files
|
|
64
|
+
# (we can't update local path modules in support files)
|
|
65
|
+
unless file.support_file?
|
|
66
|
+
modules = parsed_file(file).fetch("module", {})
|
|
67
|
+
# If override.tf files are present, we need to merge the modules
|
|
68
|
+
if override_terraform_files.any?
|
|
69
|
+
override_terraform_files.each do |override_file|
|
|
70
|
+
override_modules = parsed_file(override_file).fetch("module", {})
|
|
71
|
+
modules = merge_modules(override_modules, modules)
|
|
72
|
+
end
|
|
72
73
|
end
|
|
73
|
-
end
|
|
74
74
|
|
|
75
|
-
|
|
76
|
-
|
|
75
|
+
modules.each do |name, details|
|
|
76
|
+
details = details.first
|
|
77
77
|
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
78
|
+
source = source_from(details)
|
|
79
|
+
# Cannot update local path modules, skip
|
|
80
|
+
next if source && source[:type] == "path"
|
|
81
81
|
|
|
82
|
-
|
|
82
|
+
dependency_set << build_terraform_dependency(file, name, T.must(source), details)
|
|
83
|
+
end
|
|
83
84
|
end
|
|
84
85
|
|
|
86
|
+
# Always process provider requirements, even in support files
|
|
87
|
+
# (nested local modules can have their own provider requirements)
|
|
85
88
|
parsed_file(file).fetch("terraform", []).each do |terraform|
|
|
86
89
|
required_providers = terraform.fetch("required_providers", {})
|
|
87
90
|
required_providers.each do |provider|
|
|
@@ -305,7 +308,7 @@ module Dependabot
|
|
|
305
308
|
type: "git",
|
|
306
309
|
url: git_url,
|
|
307
310
|
branch: nil,
|
|
308
|
-
ref:
|
|
311
|
+
ref: URI.decode_www_form(querystr.to_s).to_h["ref"]&.split(%r{(?<!:)//})&.first
|
|
309
312
|
}
|
|
310
313
|
end
|
|
311
314
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.357.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.357.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.357.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -262,7 +262,7 @@ licenses:
|
|
|
262
262
|
- MIT
|
|
263
263
|
metadata:
|
|
264
264
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
265
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
265
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.357.0
|
|
266
266
|
rdoc_options: []
|
|
267
267
|
require_paths:
|
|
268
268
|
- lib
|
|
@@ -277,7 +277,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
277
277
|
- !ruby/object:Gem::Version
|
|
278
278
|
version: 3.3.0
|
|
279
279
|
requirements: []
|
|
280
|
-
rubygems_version: 3.
|
|
280
|
+
rubygems_version: 3.7.2
|
|
281
281
|
specification_version: 4
|
|
282
282
|
summary: Provides Dependabot support for Terraform
|
|
283
283
|
test_files: []
|