Skip to content

v0.31.0

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 11 Feb 16:56
· 2 commits to main since this release
v0.31.0
b29e759
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

This release of Regal updates to OPA v1.1.0, continuing to solidify support for v1 Rego with some nice new rules, performance improvements and bug fixes too.

New Rule: use-object-keys

There are some cases where using object.keys is preferred over using comprehensions. For example:

Avoid

package policy

keys := {k | some k, _ in input.object}

Prefer

package policy

keys := object.keys(input.object)

This is preferred as it more clearly communicates the intent of the code, that is, to get the keys of the object rather than loop over it and collect the keys as you go. More details can be found on the use-object-keys rule page.

New Rule: non-loop-expression

Expressions in loops are evaluated in each iteration of the loop and so it's advisable to avoid using expressions which do not depend on the loop variable within the looping part of a rule in order to improve performance.

Avoid

package policy
allow if {
    some email in input.emails
    admin in input.roles # <- this is not required in the loop
    endswith(email, "@example.com")
}

Prefer

package policy
allow if {
    admin in input.roles # <- moved out of the loop
    some email in input.emails
    endswith(email, "@example.com")
}

This rule can't catch all cases, so still be on the look out. More details can be found on the non-loop-expression rule page.

Fixing non-raw-regex-pattern

The non-raw-regex-pattern rule can now be automatically fixed with regal fix or with a CodeAction for language server clients. #1382

Configuration File Loading

Regal will now use a ~/.config/regal if no parent configuration is found. This is useful when working on Rego in temporary directories. #1378

Regal's language server will now use configuration files in the workspace tree if they exist rather than only looking at parent directories. This more closely matches the behavior of the lint command. #1372

Notable Improvements

  • Avoid 'error' paths in our linting Rego to reduce allocations. #1351, #1360, #1374
  • Implement the opa-fmt rule using in Rego, removing the need for a Go rule
    linting path entirely. #1393
  • More consistently use shared functions and remove dead code to make Regal easier to maintain. #1349,
    #1392, #1383, #1379, #1358, #1356, #1355
  • @anaypurohit0907 made their first PR in #1369 adding a new summary to the end of the compact report showing the number of files and violations. Also, #1387 adds a similar improvement to the end of the default 'Pretty' reporter output breaking down errors and warnings.
  • Documentation for the deprecated-builtin rule now explains the upgrade process. #1366, thanks @tsandall for the suggestion!

Notable Fixes & Updates

  • The use-if rule will now use only the rule name as the violation location, rather than the whole rule. #1362
  • Parse errors are now shown in file diagnostics to language server clients
    after a regression. #1408
  • @jglasovic made their first PR in #1345
    fixing a bug where the Debug CodeLens was left enabled.
  • Better handling of .regal.yaml file use. #1357, thanks @grosser for the input here.
  • Some great new open source adopters! #1384, thanks @chendrix for the Regal amigurumi!

Changelog

Contributors

grosser, tsandall, and 6 other contributors
Assets 8
Loading