dependabot-terraform 0.148.8 → 0.148.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_parser.rb +20 -3
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d7ec549a6b6283f3ab90166318138d130e95ee433a8b17ec48157c376b322bfe
|
|
4
|
+
data.tar.gz: fe1e3b9b7e348e614c5da531da53ef226b4be07db71a0744e382a5d863cbbad5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 11878a5dff8b23bf22568e1dc44734578175012b41eff9b5d0d7e8e774e1040d1720150d135e570f0814234d3c663bd04ed79c0339a5188ab8cc19729167e8f9
|
|
7
|
+
data.tar.gz: ac36440f83d0e54ee77e7aab101790bd58cce625dd8bbe4bbad4a2a90f599cc9356a452b63ecc6784c938619afc87f7c97ec33a3e07a3d136ea6c0dd59703634
|
|
@@ -88,16 +88,16 @@ module Dependabot
|
|
|
88
88
|
|
|
89
89
|
def build_provider_dependency(file, name, details = {})
|
|
90
90
|
source_address = details.fetch("source", nil)
|
|
91
|
-
|
|
91
|
+
version_req = details["version"]&.strip
|
|
92
92
|
hostname, namespace, name = provider_source_from(source_address, name)
|
|
93
93
|
dependency_name = source_address ? "#{namespace}/#{name}" : name
|
|
94
94
|
|
|
95
95
|
Dependency.new(
|
|
96
96
|
name: dependency_name,
|
|
97
|
-
version:
|
|
97
|
+
version: determine_version_for(hostname, namespace, name, version_req),
|
|
98
98
|
package_manager: "terraform",
|
|
99
99
|
requirements: [
|
|
100
|
-
requirement:
|
|
100
|
+
requirement: version_req,
|
|
101
101
|
groups: [],
|
|
102
102
|
file: file.name,
|
|
103
103
|
source: {
|
|
@@ -332,6 +332,23 @@ module Dependabot
|
|
|
332
332
|
|
|
333
333
|
raise "No Terraform configuration file!"
|
|
334
334
|
end
|
|
335
|
+
|
|
336
|
+
def determine_version_for(hostname, namespace, name, constraint)
|
|
337
|
+
return constraint if constraint&.match?(/\A\d/)
|
|
338
|
+
|
|
339
|
+
lock_file_content.
|
|
340
|
+
dig("provider", "#{hostname}/#{namespace}/#{name}", 0, "version")
|
|
341
|
+
end
|
|
342
|
+
|
|
343
|
+
def lock_file_content
|
|
344
|
+
@lock_file_content ||=
|
|
345
|
+
begin
|
|
346
|
+
lock_file = dependency_files.find do |file|
|
|
347
|
+
file.name == ".terraform.lock.hcl"
|
|
348
|
+
end
|
|
349
|
+
lock_file ? parsed_file(lock_file) : {}
|
|
350
|
+
end
|
|
351
|
+
end
|
|
335
352
|
end
|
|
336
353
|
end
|
|
337
354
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.148.
|
|
4
|
+
version: 0.148.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-05-
|
|
11
|
+
date: 2021-05-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.148.
|
|
19
|
+
version: 0.148.9
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.148.
|
|
26
|
+
version: 0.148.9
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|