dependabot-terraform 0.212.0 → 0.213.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ea09f7b5541cb5d4312fc3a71c476238017f1a581fa310e81101e34cf394ad35
|
|
4
|
+
data.tar.gz: c8ba129b49830caf26533b356c5753ff96822d5a7ca25427de53885fc0fd908d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6078a25195ced921328ca94c4e26a6d7dcdb6e9e9b6435fdf4f5ffa4513376fbd9c0dc41accfc945a8f242db4a63dd2f8413f32fb61913eff8d0308ff9728542
|
|
7
|
+
data.tar.gz: b073da62d0f06cedaef1867b2f589d434bb265dd6a22507c654d7638182010c98b00dd788bd5d0d1dc1dae0dd6bb38806c115b1648174194af74dd851ddafabf
|
|
@@ -10,7 +10,7 @@ module Dependabot
|
|
|
10
10
|
include FileSelector
|
|
11
11
|
|
|
12
12
|
# https://www.terraform.io/docs/language/modules/sources.html#local-paths
|
|
13
|
-
LOCAL_PATH_SOURCE = %r{source\s*=\s*['"](?<path>..?\/[^'"]+)}
|
|
13
|
+
LOCAL_PATH_SOURCE = %r{source\s*=\s*['"](?<path>..?\/[^'"]+)}
|
|
14
14
|
|
|
15
15
|
def self.required_files_in?(filenames)
|
|
16
16
|
filenames.any? { |f| f.end_with?(".tf", ".hcl") }
|
|
@@ -24,7 +24,7 @@ module Dependabot
|
|
|
24
24
|
DEFAULT_REGISTRY = "registry.terraform.io"
|
|
25
25
|
DEFAULT_NAMESPACE = "hashicorp"
|
|
26
26
|
# https://www.terraform.io/docs/language/providers/requirements.html#source-addresses
|
|
27
|
-
PROVIDER_SOURCE_ADDRESS = %r{\A((?<hostname>.+)/)?(?<namespace>.+)/(?<name>.+)\z}
|
|
27
|
+
PROVIDER_SOURCE_ADDRESS = %r{\A((?<hostname>.+)/)?(?<namespace>.+)/(?<name>.+)\z}
|
|
28
28
|
|
|
29
29
|
def parse
|
|
30
30
|
dependency_set = DependencySet.new
|
|
@@ -11,9 +11,9 @@ module Dependabot
|
|
|
11
11
|
class FileUpdater < Dependabot::FileUpdaters::Base
|
|
12
12
|
include FileSelector
|
|
13
13
|
|
|
14
|
-
PRIVATE_MODULE_ERROR = /Could not download module.*code from\n.*\"(?<repo>\S+)\"
|
|
15
|
-
MODULE_NOT_INSTALLED_ERROR = /Module not installed.*module\s*\"(?<mod>\S+)\"/m
|
|
16
|
-
GIT_HTTPS_PREFIX = %r{^git::https://}
|
|
14
|
+
PRIVATE_MODULE_ERROR = /Could not download module.*code from\n.*\"(?<repo>\S+)\":/
|
|
15
|
+
MODULE_NOT_INSTALLED_ERROR = /Module not installed.*module\s*\"(?<mod>\S+)\"/m
|
|
16
|
+
GIT_HTTPS_PREFIX = %r{^git::https://}
|
|
17
17
|
|
|
18
18
|
def self.updated_files_regex
|
|
19
19
|
[/\.tf$/, /\.hcl$/]
|
|
@@ -48,6 +48,30 @@ module Dependabot
|
|
|
48
48
|
|
|
49
49
|
private
|
|
50
50
|
|
|
51
|
+
# Terraform allows to use a module from the same source multiple times
|
|
52
|
+
# To detect any changes in dependencies we need to overwrite an implementation from the base class
|
|
53
|
+
#
|
|
54
|
+
# Example (for simplicity other parameters are skipped):
|
|
55
|
+
# previous_requirements = [{requirement: "0.9.1"}, {requirement: "0.11.0"}]
|
|
56
|
+
# requirements = [{requirement: "0.11.0"}, {requirement: "0.11.0"}]
|
|
57
|
+
#
|
|
58
|
+
# Simple difference between arrays gives:
|
|
59
|
+
# requirements - previous_requirements
|
|
60
|
+
# => []
|
|
61
|
+
# which loses an information that one of our requirements has changed.
|
|
62
|
+
#
|
|
63
|
+
# By using symmetric difference:
|
|
64
|
+
# (requirements - previous_requirements) | (previous_requirements - requirements)
|
|
65
|
+
# => [{requirement: "0.9.1"}]
|
|
66
|
+
# we can detect that change.
|
|
67
|
+
def requirement_changed?(file, dependency)
|
|
68
|
+
changed_requirements =
|
|
69
|
+
(dependency.requirements - dependency.previous_requirements) |
|
|
70
|
+
(dependency.previous_requirements - dependency.requirements)
|
|
71
|
+
|
|
72
|
+
changed_requirements.any? { |f| f[:file] == file.name }
|
|
73
|
+
end
|
|
74
|
+
|
|
51
75
|
def updated_terraform_file_content(file)
|
|
52
76
|
content = file.content.dup
|
|
53
77
|
|
|
@@ -89,7 +113,7 @@ module Dependabot
|
|
|
89
113
|
|
|
90
114
|
def update_registry_declaration(new_req, old_req, updated_content)
|
|
91
115
|
regex = new_req[:source][:type] == "provider" ? provider_declaration_regex : registry_declaration_regex
|
|
92
|
-
updated_content.
|
|
116
|
+
updated_content.gsub!(regex) do |regex_match|
|
|
93
117
|
regex_match.sub(/^\s*version\s*=.*/) do |req_line_match|
|
|
94
118
|
req_line_match.sub(old_req[:requirement], new_req[:requirement])
|
|
95
119
|
end
|
|
@@ -12,7 +12,7 @@ module Dependabot
|
|
|
12
12
|
# https://www.terraform.io/docs/registry/modules/publish.html#requirements
|
|
13
13
|
OPERATORS = OPS.keys.map { |key| Regexp.quote(key) }.join("|").freeze
|
|
14
14
|
PATTERN_RAW = "\\s*(#{OPERATORS})?\\s*v?(#{Gem::Version::VERSION_PATTERN})\\s*"
|
|
15
|
-
PATTERN = /\A#{PATTERN_RAW}\z
|
|
15
|
+
PATTERN = /\A#{PATTERN_RAW}\z/
|
|
16
16
|
|
|
17
17
|
def self.parse(obj)
|
|
18
18
|
return ["=", Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
|
|
@@ -27,7 +27,7 @@ module Dependabot
|
|
|
27
27
|
[matches[1] || "=", Terraform::Version.new(matches[2])]
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
# For consistency with other
|
|
30
|
+
# For consistency with other languages, we define a requirements array.
|
|
31
31
|
# Terraform doesn't have an `OR` separator for requirements, so it
|
|
32
32
|
# always contains a single element.
|
|
33
33
|
def self.requirements_array(requirement_string)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.213.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,42 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.213.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
27
|
-
- !ruby/object:Gem::Dependency
|
|
28
|
-
name: debase
|
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
|
30
|
-
requirements:
|
|
31
|
-
- - '='
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.2.3
|
|
34
|
-
type: :development
|
|
35
|
-
prerelease: false
|
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
-
requirements:
|
|
38
|
-
- - '='
|
|
39
|
-
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.2.3
|
|
41
|
-
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: debase-ruby_core_source
|
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
|
44
|
-
requirements:
|
|
45
|
-
- - '='
|
|
46
|
-
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.10.16
|
|
48
|
-
type: :development
|
|
49
|
-
prerelease: false
|
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
-
requirements:
|
|
52
|
-
- - '='
|
|
53
|
-
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.10.16
|
|
26
|
+
version: 0.213.0
|
|
55
27
|
- !ruby/object:Gem::Dependency
|
|
56
28
|
name: debug
|
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -86,14 +58,14 @@ dependencies:
|
|
|
86
58
|
requirements:
|
|
87
59
|
- - "~>"
|
|
88
60
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: 3.
|
|
61
|
+
version: 3.13.0
|
|
90
62
|
type: :development
|
|
91
63
|
prerelease: false
|
|
92
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
65
|
requirements:
|
|
94
66
|
- - "~>"
|
|
95
67
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: 3.
|
|
68
|
+
version: 3.13.0
|
|
97
69
|
- !ruby/object:Gem::Dependency
|
|
98
70
|
name: rake
|
|
99
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -142,42 +114,28 @@ dependencies:
|
|
|
142
114
|
requirements:
|
|
143
115
|
- - "~>"
|
|
144
116
|
- !ruby/object:Gem::Version
|
|
145
|
-
version: 1.
|
|
117
|
+
version: 1.37.1
|
|
146
118
|
type: :development
|
|
147
119
|
prerelease: false
|
|
148
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
149
121
|
requirements:
|
|
150
122
|
- - "~>"
|
|
151
123
|
- !ruby/object:Gem::Version
|
|
152
|
-
version: 1.
|
|
124
|
+
version: 1.37.1
|
|
153
125
|
- !ruby/object:Gem::Dependency
|
|
154
126
|
name: rubocop-performance
|
|
155
127
|
requirement: !ruby/object:Gem::Requirement
|
|
156
128
|
requirements:
|
|
157
129
|
- - "~>"
|
|
158
130
|
- !ruby/object:Gem::Version
|
|
159
|
-
version: 1.
|
|
160
|
-
type: :development
|
|
161
|
-
prerelease: false
|
|
162
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
163
|
-
requirements:
|
|
164
|
-
- - "~>"
|
|
165
|
-
- !ruby/object:Gem::Version
|
|
166
|
-
version: 1.14.2
|
|
167
|
-
- !ruby/object:Gem::Dependency
|
|
168
|
-
name: ruby-debug-ide
|
|
169
|
-
requirement: !ruby/object:Gem::Requirement
|
|
170
|
-
requirements:
|
|
171
|
-
- - "~>"
|
|
172
|
-
- !ruby/object:Gem::Version
|
|
173
|
-
version: 0.7.3
|
|
131
|
+
version: 1.15.0
|
|
174
132
|
type: :development
|
|
175
133
|
prerelease: false
|
|
176
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
177
135
|
requirements:
|
|
178
136
|
- - "~>"
|
|
179
137
|
- !ruby/object:Gem::Version
|
|
180
|
-
version:
|
|
138
|
+
version: 1.15.0
|
|
181
139
|
- !ruby/object:Gem::Dependency
|
|
182
140
|
name: simplecov
|
|
183
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -279,14 +237,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
279
237
|
requirements:
|
|
280
238
|
- - ">="
|
|
281
239
|
- !ruby/object:Gem::Version
|
|
282
|
-
version:
|
|
240
|
+
version: 3.1.0
|
|
283
241
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
284
242
|
requirements:
|
|
285
243
|
- - ">="
|
|
286
244
|
- !ruby/object:Gem::Version
|
|
287
|
-
version:
|
|
245
|
+
version: 3.1.0
|
|
288
246
|
requirements: []
|
|
289
|
-
rubygems_version: 3.
|
|
247
|
+
rubygems_version: 3.3.7
|
|
290
248
|
signing_key:
|
|
291
249
|
specification_version: 4
|
|
292
250
|
summary: Terraform support for dependabot
|