dependabot-terraform 0.365.0 → 0.366.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_parser.rb +11 -6
- data/lib/dependabot/terraform/file_updater.rb +3 -3
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 56789c562ec73d04e7007932c0e43de547846052b5c6b733bb8c8f8e03c1c135
|
|
4
|
+
data.tar.gz: 28b9548394102c654c739c418f26687f546e527410cded37a6df51f628a930f9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 5dab7a30b4f667ddb928da2a9cd8b9720f489d0a0c16f5c0a50e464737e5c3cd8c5e50c864a5b79f5b227efc1d884e1e931d18b2fbe77ca2d36fa0525ad23eec
|
|
7
|
+
data.tar.gz: 48067bf39c1f9e2d2e1aefd331f71894c226d89b3be6ecd7f13761b621e24cb488c0cb97ca77d6c82e5eccc6e1b9a33b1bc211cc32cf88353350e378fe575dd7
|
|
@@ -245,10 +245,13 @@ module Dependabot
|
|
|
245
245
|
matches = source_address&.match(PROVIDER_SOURCE_ADDRESS)
|
|
246
246
|
matches = {} if matches.nil?
|
|
247
247
|
|
|
248
|
+
# Terraform provider source addresses are case-insensitive, so we normalize
|
|
249
|
+
# to lowercase to avoid treating e.g. "Azure/azapi" and "azure/azapi" as
|
|
250
|
+
# different sources when merging dependencies across multiple files.
|
|
248
251
|
[
|
|
249
|
-
matches[:hostname] || DEFAULT_REGISTRY,
|
|
250
|
-
matches[:namespace] || DEFAULT_NAMESPACE,
|
|
251
|
-
matches[:name] || name
|
|
252
|
+
(matches[:hostname] || DEFAULT_REGISTRY).downcase,
|
|
253
|
+
(matches[:namespace] || DEFAULT_NAMESPACE).downcase,
|
|
254
|
+
(matches[:name] || name).downcase
|
|
252
255
|
]
|
|
253
256
|
end
|
|
254
257
|
|
|
@@ -256,17 +259,19 @@ module Dependabot
|
|
|
256
259
|
def registry_source_details_from(source_string)
|
|
257
260
|
parts = source_string.split("//").first.split("/")
|
|
258
261
|
|
|
262
|
+
# Registry module source addresses are case-insensitive, so we normalize
|
|
263
|
+
# to lowercase to avoid treating case-variant declarations as different sources.
|
|
259
264
|
if parts.count == 3
|
|
260
265
|
{
|
|
261
266
|
type: "registry",
|
|
262
267
|
registry_hostname: "registry.terraform.io",
|
|
263
|
-
module_identifier: source_string.split("//").first
|
|
268
|
+
module_identifier: source_string.split("//").first.downcase
|
|
264
269
|
}
|
|
265
270
|
elsif parts.count == 4
|
|
266
271
|
{
|
|
267
272
|
type: "registry",
|
|
268
|
-
registry_hostname: parts.first,
|
|
269
|
-
module_identifier: parts[1..3].join("/")
|
|
273
|
+
registry_hostname: parts.first.downcase,
|
|
274
|
+
module_identifier: parts[1..3].join("/").downcase
|
|
270
275
|
}
|
|
271
276
|
else
|
|
272
277
|
msg = "Invalid registry source specified: '#{source_string}'"
|
|
@@ -372,11 +372,11 @@ module Dependabot
|
|
|
372
372
|
regex_version_preceeds = %r{
|
|
373
373
|
(((?<!required_)version\s=\s*["'].*["'])
|
|
374
374
|
(\s*source\s*=\s*["'](#{registry_host}/)?#{name}["']|\s*#{name}\s*=\s*\{.*))
|
|
375
|
-
}
|
|
375
|
+
}mxi
|
|
376
376
|
regex_source_preceeds = %r{
|
|
377
377
|
((source\s*=\s*["'](#{registry_host}/)?#{name}["']|\s*#{name}\s*=\s*\{.*)
|
|
378
378
|
(?:(?!^\}).)+)
|
|
379
|
-
}
|
|
379
|
+
}mxi
|
|
380
380
|
|
|
381
381
|
if updated_content.match(regex_version_preceeds)
|
|
382
382
|
regex_version_preceeds
|
|
@@ -396,7 +396,7 @@ module Dependabot
|
|
|
396
396
|
(//modules/\S+)?
|
|
397
397
|
["']
|
|
398
398
|
(?:(?!^\}).)*
|
|
399
|
-
}
|
|
399
|
+
}mxi
|
|
400
400
|
end
|
|
401
401
|
|
|
402
402
|
sig { params(filename: String).returns(Regexp) }
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.366.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.366.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.366.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -262,7 +262,7 @@ licenses:
|
|
|
262
262
|
- MIT
|
|
263
263
|
metadata:
|
|
264
264
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
265
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
265
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.366.0
|
|
266
266
|
rdoc_options: []
|
|
267
267
|
require_paths:
|
|
268
268
|
- lib
|