dependabot-terraform 0.148.8 → 0.148.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_parser.rb +20 -3
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d7ec549a6b6283f3ab90166318138d130e95ee433a8b17ec48157c376b322bfe
|
|
4
|
+
data.tar.gz: fe1e3b9b7e348e614c5da531da53ef226b4be07db71a0744e382a5d863cbbad5
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 11878a5dff8b23bf22568e1dc44734578175012b41eff9b5d0d7e8e774e1040d1720150d135e570f0814234d3c663bd04ed79c0339a5188ab8cc19729167e8f9
|
|
7
|
+
data.tar.gz: ac36440f83d0e54ee77e7aab101790bd58cce625dd8bbe4bbad4a2a90f599cc9356a452b63ecc6784c938619afc87f7c97ec33a3e07a3d136ea6c0dd59703634
|
|
@@ -88,16 +88,16 @@ module Dependabot
|
|
|
88
88
|
|
|
89
89
|
def build_provider_dependency(file, name, details = {})
|
|
90
90
|
source_address = details.fetch("source", nil)
|
|
91
|
-
|
|
91
|
+
version_req = details["version"]&.strip
|
|
92
92
|
hostname, namespace, name = provider_source_from(source_address, name)
|
|
93
93
|
dependency_name = source_address ? "#{namespace}/#{name}" : name
|
|
94
94
|
|
|
95
95
|
Dependency.new(
|
|
96
96
|
name: dependency_name,
|
|
97
|
-
version:
|
|
97
|
+
version: determine_version_for(hostname, namespace, name, version_req),
|
|
98
98
|
package_manager: "terraform",
|
|
99
99
|
requirements: [
|
|
100
|
-
requirement:
|
|
100
|
+
requirement: version_req,
|
|
101
101
|
groups: [],
|
|
102
102
|
file: file.name,
|
|
103
103
|
source: {
|
|
@@ -332,6 +332,23 @@ module Dependabot
|
|
|
332
332
|
|
|
333
333
|
raise "No Terraform configuration file!"
|
|
334
334
|
end
|
|
335
|
+
|
|
336
|
+
def determine_version_for(hostname, namespace, name, constraint)
|
|
337
|
+
return constraint if constraint&.match?(/\A\d/)
|
|
338
|
+
|
|
339
|
+
lock_file_content.
|
|
340
|
+
dig("provider", "#{hostname}/#{namespace}/#{name}", 0, "version")
|
|
341
|
+
end
|
|
342
|
+
|
|
343
|
+
def lock_file_content
|
|
344
|
+
@lock_file_content ||=
|
|
345
|
+
begin
|
|
346
|
+
lock_file = dependency_files.find do |file|
|
|
347
|
+
file.name == ".terraform.lock.hcl"
|
|
348
|
+
end
|
|
349
|
+
lock_file ? parsed_file(lock_file) : {}
|
|
350
|
+
end
|
|
351
|
+
end
|
|
335
352
|
end
|
|
336
353
|
end
|
|
337
354
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.148.
|
|
4
|
+
version: 0.148.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-05-
|
|
11
|
+
date: 2021-05-26 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.148.
|
|
19
|
+
version: 0.148.9
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.148.
|
|
26
|
+
version: 0.148.9
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|