chore(deps): update dependency open-policy-agent/conftest to v0.66.0 (aqua/imports) #6444
+25
−19
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Contributor
Author
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
conftest v0.66.0 requires Rego v1 by default. Update all policy files to use Rego v1 syntax: add `import rego.v1`, `if`/`contains` keywords, and `:=` assignment operator. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
renovate
bot
deleted the
renovate/aqua/imports-open-policy-agent-conftest-0.x
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.46.0→v0.66.0Release Notes
open-policy-agent/conftest (open-policy-agent/conftest)
v0.66.0Compare Source
Changelog
OPA Changes
08529c7: build(deps): bump github.com/open-policy-agent/opa from 1.11.0 to 1.12.1 (#1240) (@dependabot[bot])Other Changes
10434c1: build(deps): bump actions/setup-python from 6.0.0 to 6.1.0 (#1225) (@dependabot[bot])25bee5d: build(deps): bump alpine from 3.22.2 to 3.23.0 (#1229) (@dependabot[bot])6cafc0f: build(deps): bump github.com/BurntSushi/toml from 1.5.0 to 1.6.0 (#1238) (@dependabot[bot])f6b8fa9: build(deps): bump github.com/moby/buildkit from 0.26.2 to 0.26.3 (#1235) (@dependabot[bot])233776f: build(deps): bump golang from 1.25.4-alpine to 1.25.5-alpine (#1228) (@dependabot[bot])7a86f94: chore: Remove dependency on github.com/pkg/errors (#1233) (@jalseth)5a394b8: ci(golangci-lint): Disable revive skip-package-name-collision-with-go-std (#1232) (@jalseth)v0.65.0Compare Source
Changelog
New Features
7de1f99: feat: Add location to SARIF output (#1207) (@jalseth)Bug Fixes
94bb769: fix(build): Include Git version when using 'make build' (#1218) (@jalseth)ff4e456: fix(sarif): Include conftest version number (#1206) (@jalseth)OPA Changes
8c4cfa6: build(deps): bump github.com/open-policy-agent/opa from 1.10.1 to 1.11.0 (#1224) (@dependabot[bot])Other Changes
3dab980: build(deps): bump cuelang.org/go from 0.15.0 to 0.15.1 (#1217) (@dependabot[bot])cfa85ca: build(deps): bump github.com/moby/buildkit from 0.25.2 to 0.26.2 (#1216) (@dependabot[bot])dd7e3bc: build(deps): bump golang from 1.25.3-alpine to 1.25.4-alpine (#1210) (@dependabot[bot])bbbb04c: chore: Include goreleaser in Nix devshell (#1219) (@jalseth)ac3146f: ci: Pin GitHub Actions to the Git SHA using ratchet (#1204) (@jalseth)v0.64.0Compare Source
Changelog
New Features
00b02b2: feat: Include location in the result output (#1196) (@jalseth)ee91078: feat: Refactor GitHub outputter to support locations from Rego policy (#1197) (@jalseth)d359466: feat: add conftest-fmt and conftest-pull pre-commit hooks (#1192) (@dkolepp)Bug Fixes
997f5ce: fix: Fix XDG writable check on Windows (#1185) (@jalseth)fb9c88d: fix: Only use XDG directories for plugin if they are writable (#1182) (@jalseth)4a2ddd6: fix: Use "python3" instead of "python" in the Makefile (#1184) (@jalseth)OPA Changes
347388d: build(deps): bump github.com/open-policy-agent/opa from 1.9.0 to 1.10.1 (#1201) (@dependabot[bot])Other Changes
75449c3: build(deps): bump alpine from 3.22.1 to 3.22.2 (#1191) (@dependabot[bot])0ade44b: build(deps): bump cuelang.org/go from 0.14.1 to 0.15.0 (#1202) (@dependabot[bot])1ef4588: build(deps): bump github.com/hashicorp/go-getter from 1.8.2 to 1.8.3 (#1199) (@dependabot[bot])d2e56c3: build(deps): bump github.com/moby/buildkit from 0.25.0 to 0.25.2 (#1200) (@dependabot[bot])5242185: build(deps): bump golang from 1.25.1-alpine to 1.25.3-alpine (#1193) (@dependabot[bot])58ace24: build: Add Nix devshell (#1186) (@jalseth)6189512: chore: Fix gitignore for acceptance tests (#1195) (@jalseth)7d41238: ci: Run validation job on Linux, macOS, Windows (#1181) (@jalseth)v0.63.0Compare Source
Changelog
New Features
30b9a8d: feat: add reformat command for JSON output conversion (#1153) (@thevilledev)Bug Fixes
ffb6ce3: fix: Add explicit line-number to GitHub output (#1173) (@tun0)OPA Changes
64bf641: build(deps): bump github.com/open-policy-agent/opa from 1.6.0 to 1.7.1 (#1156) (@dependabot[bot])981983b: build(deps): bump github.com/open-policy-agent/opa from 1.7.1 to 1.8.0 (#1165) (@dependabot[bot])c7aa1d4: build(deps): bump github.com/open-policy-agent/opa from 1.8.0 to 1.9.0 (#1175) (@dependabot[bot])Other Changes
0d903ce: build(deps): bump actions/checkout from 4 to 5 (#1158) (@dependabot[bot])364cf32: build(deps): bump actions/setup-go from 5 to 6 (#1171) (@dependabot[bot])d4aa81f: build(deps): bump actions/setup-python from 5 to 6 (#1172) (@dependabot[bot])a1ecf3f: build(deps): bump alpine from 3.22.0 to 3.22.1 (#1152) (@dependabot[bot])b87ca5f: build(deps): bump cuelang.org/go from 0.13.2 to 0.14.1 (#1159) (@dependabot[bot])1c5abaa: build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.2 to 0.9.3 (#1177) (@dependabot[bot])2a509fe: build(deps): bump github.com/hashicorp/go-getter from 1.7.8 to 1.7.9 (#1162) (@dependabot[bot])a433ed0: build(deps): bump github.com/hashicorp/go-getter from 1.7.9 to 1.8.0 (#1169) (@dependabot[bot])d9dca30: build(deps): bump github.com/hashicorp/go-getter from 1.8.0 to 1.8.1 (#1174) (@dependabot[bot])b51f6d9: build(deps): bump github.com/hashicorp/go-getter from 1.8.1 to 1.8.2 (#1178) (@dependabot[bot])c664099: build(deps): bump github.com/moby/buildkit from 0.23.2 to 0.24.0 (#1166) (@dependabot[bot])5378cc3: build(deps): bump github.com/moby/buildkit from 0.24.0 to 0.25.0 (#1176) (@dependabot[bot])fb4c503: build(deps): bump golang from 1.25.0-alpine to 1.25.1-alpine (#1170) (@dependabot[bot])0d6e3b4: chore(deps): bump Go version to 1.25 (#1160) (@thevilledev)v0.62.0Compare Source
Changelog
OPA Changes
ebb167d: build(deps): bump github.com/open-policy-agent/opa from 1.5.1 to 1.6.0 (#1149) (@dependabot[bot])Other Changes
4c22f26: build(deps): bump alpine from 3.21.3 to 3.22.0 (#1135) (@dependabot[bot])7cf3311: build(deps): bump cuelang.org/go from 0.13.0 to 0.13.2 (#1148) (@dependabot[bot])2d33645: build(deps): bump github.com/moby/buildkit from 0.22.0 to 0.23.2 (#1150) (@dependabot[bot])89ef4d5: build(deps): bump golang from 1.24.3-alpine to 1.24.4-alpine (#1140) (@dependabot[bot])c7f6f8f: chore: Replace OPA v0 with v1 import paths (#1142) (@jalseth)91d8de7: chore: Use uppercase for all Dockerfile build keywords (#1143) (@jalseth)060ea76: ci: Run docker builds in parallel during release (#1139) (@jalseth)v0.61.2Compare Source
Changelog
Other Changes
e156f0d: Switch back to originalconftest test --updatebehavior (#1138) (@iamleot)v0.61.1Compare Source
Changelog
OPA Changes
8e47770: build(deps): bump github.com/open-policy-agent/opa from 1.5.0 to 1.5.1 (#1137) (@dependabot[bot])v0.61.0Compare Source
Changelog
Bug Fixes
ed0ff0a: fix(test): clean updated policies after test run (#1109) (@kirecek)f82f556: fix: Use v1 as rego version for fmt, too (#1128) (@msw-kialo)OPA Changes
bcba55e: build(deps): bump github.com/open-policy-agent/opa from 1.4.2 to 1.5.0 (#1134) (@dependabot[bot])Other Changes
a826a0b: build(deps): bump cuelang.org/go from 0.12.1 to 0.13.0 (#1131) (@dependabot[bot])d44b480: build(deps): bump github.com/moby/buildkit from 0.21.1 to 0.22.0 (#1129) (@dependabot[bot])f09428f: build(deps): bump golang from 1.24.2-alpine to 1.24.3-alpine (#1124) (@dependabot[bot])1e43dc0: deps: update jsonc import path (#1133) (@st3penta)v0.60.0Compare Source
Announcements
We have set the default version of Rego syntax to v1. This is a breaking change if your Rego policies are not compatible with the v1 syntax.
import rego.v1to the policy.rego-versionflag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag tov0.For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.
Changelog
New Features
06658d4: feat(output): redirect trace output to stderr (#1084) (@thevilledev)18a0f14: feat(runner): add support for symlinks (#1098) (@siliconsheep)OPA Changes
2797c99: build(deps): bump github.com/open-policy-agent/opa from 1.3.0 to 1.4.1 (#1113) (@dependabot[bot])Other Changes
67a3c3e: build(deps): bump actions/setup-go from 4 to 5 (#1102) (@dependabot[bot])609490f: build(deps): bump bats-core/bats-action from 1.5.4 to 3.0.1 (#1104) (@dependabot[bot])9e56924: build(deps): bump github.com/google/go-jsonnet from 0.20.0 to 0.21.0 (#1120) (@dependabot[bot])5ea0446: build(deps): bump github.com/moby/buildkit from 0.20.2 to 0.21.0 (#1101) (@dependabot[bot])21a73eb: build(deps): bump github.com/moby/buildkit from 0.21.0 to 0.21.1 (#1111) (@dependabot[bot])b3d0491: build(deps): bump golangci/golangci-lint-action from 6 to 7 (#1103) (@dependabot[bot])e894c43: build(deps): bump golangci/golangci-lint-action from 7 to 8 (#1119) (@dependabot[bot])3ae2e78: chore: Update Github Actions via Dependabot (#1100) (@mrueg)4c5e5f5: ci: Move docker build to separate job in the PR workflow (#1105) (@jalseth)3907482: cli: Make Rego v1 syntax the default (#1114) (@jalseth)v0.59.0Compare Source
Announcements
Breaking Changes⚠️
Breaking Changes Reminder
In the v0.60 release of conftest (in May 2025), we will change the default version of Rego syntax from v0 to v1. This will be a breaking change if your Rego policies are not compatible with the v1 syntax.
import rego.v1to the policy.rego-versionflag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag tov0.For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.
Changelog
New Features
21e1163: feat: add pre-commit hook support (#1077) (@thevilledev)OPA Changes
eac6f5e: build(deps): bump github.com/open-policy-agent/opa from 1.2.0 to 1.3.0 (#1092) (@dependabot[bot])Other Changes
813f329: build(deps): bump cuelang.org/go from 0.12.0 to 0.12.1 (#1094) (@dependabot[bot])45bf533: build(deps): bump github.com/BurntSushi/toml from 1.4.0 to 1.5.0 (#1089) (@dependabot[bot])19f1eaf: build(deps): bump github.com/magiconair/properties from 1.8.9 to 1.8.10 (#1097) (@dependabot[bot])a20159b: build(deps): bump github.com/moby/buildkit from 0.20.0 to 0.20.1 (#1083) (@dependabot[bot])32aac49: build(deps): bump github.com/moby/buildkit from 0.20.1 to 0.20.2 (#1091) (@dependabot[bot])1b1ce3a: build(deps): bump golang from 1.24.0-alpine to 1.24.1-alpine (#1086) (@dependabot[bot])cb88a17: build(deps): bump golang from 1.24.1-alpine to 1.24.2-alpine (#1096) (@dependabot[bot])8c8b13f: ci: Remove PR workflow access to all permissions from GITHUB_TOKEN (#1088) (@jalseth)688c88f: deps: Bump hcl2json to v0.6.7 (#1074) (@jalseth)e9612c3: refactor(ci): replace Makefile-based Docker builds with GitHub Action (#1082) (@Amamgbu)v0.58.0Compare Source
Announcements
In the v0.59 release of conftest (in April 2025), we will bump the
hcl2jsonlibrary which is used by the HCL2 parser. This makes the behavior of the conversion more consistent by always using arrays for blocks that can be repeated. See #1074 and #1006 for more info.ℹ️ Breaking Changes Reminder ℹ️
In the v0.60 release of conftest (in May 2025), we will change the default version of Rego syntax from v0 to v1. This will be a breaking change if your Rego policies are not compatible with the v1 syntax.
import rego.v1to the policy.rego-versionflag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag tov0.For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.
Changelog
New Features
4154949: feat(test): Enable inter-query cache (#1073) (@jalseth)d62aa8d: feat: add --absolute-paths flag to pull command (#1078) (@thevilledev)Bug Fixes
4435c65: fix: Conftest can now successfully load files using a file URL (e.g.,file:///C:/path/to/data.yaml) on windows (#999) (@pckvcode)OPA Changes
6424545: build(deps): bump github.com/open-policy-agent/opa from 1.1.0 to 1.2.0 (#1080) (@dependabot[bot])Other Changes
8e0fdf2: build(deps): bump alpine from 3.21.2 to 3.21.3 (#1072) (@dependabot[bot])6cb9d19: build(deps): bump github.com/moby/buildkit from 0.19.0 to 0.20.0 (#1076) (@dependabot[bot])43264f4: build(deps): bump golang from 1.23.6-alpine to 1.24.0-alpine (#1071) (@dependabot[bot])155cd3c: chore: Change empty interface{} to any throughout the codebase (#1057) (@jalseth)278f735: chore: Update all examples to OPA V1 syntax (#1058) (@jalseth)39bd5fc: ci: Revert "replace Makefile-based Docker builds with GitHub Action… (#1075)" (#1081) (@jalseth)854183b: refactor(ci): replace Makefile-based Docker builds with GitHub Action… (#1075) (@Amamgbu)cdd65ba: refactor(output): Add CheckResults type and helpers (#1063) (@jalseth)v0.57.0Compare Source
Announcements
In the May 2025 release of conftest, we will change the default version of Rego syntax from v0 to v1. This will be a breaking change if your Rego policies are not compatible with the v1 syntax.
--rego-versionflag tov1.import rego.v1to the policy.rego-versionflag will remain available indefinitely, and users who do not wish to update their Rego policies can continue to use v0 syntax by setting this flag tov0.For more information about upgrading to Rego v1 syntax, see the upstream docs at https://www.openpolicyagent.org/docs/latest/v0-upgrade/.
Changelog
New Features
eacba23: feat(engine): add query metadata to evaluation results (#1061) (@thevilledev)5decd18: feat(parser): handle UTF-8 BOM in JSON input (#1065) (@thevilledev)abad255: feat: Implement SARIF output (#1042) (@thevilledev)aa9e3c8: feat: enable relative jsonnet imports by setting a path-aware importer (@thevilledev)3f67b78: feature: Documentation command (#1009) (@xNok)Bug Fixes
151643b: fix: add output and tests for GitHub and Azure DevOps (@thevilledev)a770d29: fix: correct linters-settings in .golangci.yaml to enable misspell (@thevilledev)8e541da: fix: improve handling for YAML version directives (@thevilledev)4f6bc40: fix: make sure lookup_ip_addr throwing builtin-err in test (#1017) (@boranx)0bbb473: fix: max stack size already set by jsonnet.MakeVM() (@thevilledev)163bdd8: fix: prevent policy file overwrite on downloads (#1039) (@thevilledev)8b34fcb: fix: remove redundant error check in push command (@thevilledev)7428841: fix: set jsonnet VM stack limits and add test coverage (@thevilledev)OPA Changes
a8d6544: build(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0 (#1016) (@dependabot[bot])19c82bc: build(deps): bump github.com/open-policy-agent/opa from 0.70.0 to 1.1.0 (#1050) (@dependabot[bot])Other Changes
356ede4: Merge pull request #1035 from open-policy-agent/dependabot/docker/alpine-3.21.2 (@anderseknert)d5e8a77: Merge pull request #1036 from open-policy-agent/dependabot/go_modules/github.com/hashicorp/go-getter-1.7.8 (@anderseknert)a603656: Merge pull request #1037 from thevilledev/fix/recursive-jsonnet (@anderseknert)3096ca7: Merge pull request #1038 from thevilledev/fix/yaml-preamble-multidoc (@anderseknert)6b31946: Merge pull request #1040 from thevilledev/fix/missing-outputs (@anderseknert)5063084: Merge pull request #1041 from thevilledev/fix/impossible-nil (@anderseknert)1a25844: Merge pull request #1043 from open-policy-agent/dependabot/docker/golang-1.23.5-alpine (@anderseknert)326a1a4: Merge pull request #1044 from thevilledev/fix/jsonnet-library-imports (@anderseknert)744f867: Merge pull request #1046 from open-policy-agent/dependabot/go_modules/github.com/moby/buildkit-0.19.0 (@anderseknert)ea55b61: Merge pull request #1051 from open-policy-agent/dependabot/go_modules/cuelang.org/go-0.12.0 (@anderseknert)6c867fc: Merge pull request #1052 from thevilledev/fix/linters-settings (@anderseknert)f110dde: Merge pull request #1053 from thevilledev/style/enable-nilness-lint (@anderseknert)26b6c24: Merge pull request #1054 from thevilledev/test/registry-store-init (@anderseknert)4299ce7: build(deps): bump alpine from 3.20.3 to 3.21.0 (#1026) (@dependabot[bot])154c1aa: build(deps): bump alpine from 3.21.0 to 3.21.2 (@dependabot[bot])33d468d: build(deps): bump cuelang.org/go from 0.10.0 to 0.10.1 (#1013) (@dependabot[bot])103315d: build(deps): bump cuelang.org/go from 0.10.1 to 0.11.0 (#1020) (@dependabot[bot])4df824c: build(deps): bump cuelang.org/go from 0.11.0 to 0.12.0 (@dependabot[bot])5b3e926: build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.9.1 to 0.9.2 (#1028) (@dependabot[bot])1d47ac3: build(deps): bump github.com/hashicorp/go-getter from 1.7.6 to 1.7.8 (@dependabot[bot])642e7cd: build(deps): bump github.com/magiconair/properties from 1.8.7 to 1.8.9 (#1027) (@dependabot[bot])77f985f: build(deps): bump github.com/moby/buildkit from 0.16.0 to 0.17.1 (#1018) (@dependabot[bot])0709be2: build(deps): bump github.com/moby/buildkit from 0.17.1 to 0.17.2 (#1021) (@dependabot[bot])621bcbf: build(deps): bump github.com/moby/buildkit from 0.17.2 to 0.18.0 (#1023) (@dependabot[bot])8da347b: build(deps): bump github.com/moby/buildkit from 0.18.0 to 0.18.1 (#1024) (@dependabot[bot])1a4a428: build(deps): bump github.com/moby/buildkit from 0.18.1 to 0.19.0 (@dependabot[bot])66b0970: build(deps): bump golang from 1.23.2-alpine to 1.23.3-alpine (#1019) (@dependabot[bot])1e7d052: build(deps): bump golang from 1.23.3-alpine to 1.23.4-alpine (#1025) (@dependabot[bot])c4e656f: build(deps): bump golang from 1.23.4-alpine to 1.23.5-alpine (@dependabot[bot])6da5673: build(deps): bump golang from 1.23.5-alpine to 1.23.6-alpine (#1062) (@dependabot[bot])874f0bc: chore: add nilness check to govet linter (@thevilledev)24e9ca8: chore: optimize yaml document separator handling (@thevilledev)8a44613: engine: Refactor to allow for Rego version to be specified (#1059) (@jalseth)v0.56.0Compare Source
Changelog
Bug Fixes
56d742d: fix: missing space causing printing error on azuredevops (#988) (@naoufalzerai)OPA Changes
8d1c1ae: build(deps): bump github.com/open-policy-agent/opa from 0.67.0 to 0.67.1 (#980) (@dependabot[bot])Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.