Releases: StyraInc/regal
v0.34.0
After a month of development, we're happy to announce Regal v0.34. This version of the OPA community's favorite linter and language server brings you new 3 linter rules, performance improvements and much more.
With the v0.34.0 release, Regal now ships with more than 100 linter rules! 🎉
Which is pretty close to one new rule per week since the project started.
New rules
unresolved-reference
Category: imports
This one is particularly exciting! The new unresolved-reference rule reports any references (like data.users.permissions) that cannot be resolved (i.e. found) anywhere in the project. Some projects will have valid references that can't be resolved at the time Regal lints the project, and the rule provides configuration options to mark certain references, or entire paths (like data.users.*) as resolved. See the docs for the rule for more details.
This rule was contributed by @HookFirebolt and @bdumpp at Bankdata. Great work, and thank you both!
pointless-import
Category: imports
The new pointless-import rule will flags imports of the same package, and other import forms where the import has no real effect.
single-item-in
Category: idiomatic
The single-item-in rule reports cases of in being used on a single item collection, and suggests using an equality check instead.
Performance
- Use OPA v1.5.0, which brings performance improvements to
walkreducing linting time by about 10%. - Faster linting by avoiding
walkin a few locations where possible. - Improve performance of aggregate rules.
- Several performance optimizations to Regal's linter rules.
API
- The
linterAPI now has a newPreparemethod that can be used to prepare the linter before reusing it across several runs.
Various
- Some rules that would previously only scan the topmost level of a rule body will now recursively scan the whole rule.
- The input completions provider has been rewritten in Rego (previously Go).
- The automatic version check has been rewritten in Rego (previously Go).
Bugs
- Fix false positive in custom one-liner-rule.
Docs
- Updated roadmap. Go check it out!
- Move rules table from README and into a more interactive form on the Styra docs. Take a look!
- Add link to Renovating Rego blog.
- README: add link to KubeCon London talk, which prominently featured Regal.
- Update links to adapt to OPA's new documentation.
- Update outdated information in README.
Changelog
- 45bff44: Add link to KubeCon London talk (#1498) (@anderseknert)
- ee041e5: lsp: Handle and log case of no Href for diagnostic (#1502) (@charlieegan3)
- fef38cf: refactor: continued work to improve config handling and tests (#1500) (@anderseknert)
- b24a7a9: perf: walk less, save allocations (#1503) (@anderseknert)
- d2b4b94: Add Prepare method for reusing state across linter runs (#1506) (@anderseknert)
- 3a2f3ec: Port input completion provider to Rego (#1505) (@anderseknert)
- 4edddb2: Scan nested expressions (#1504) (@anderseknert)
- 0a127fc: Add Renovating Rego blog (#1509) (@anderseknert)
- 58b8152: build(deps): bump github/codeql-action in the dependencies group (#1507) (@dependabot[bot])
- d31b341: lsp: log handleTextDocumentCodeAction params (#1511) (@charlieegan3)
- bebff27: Move more of version check to Rego (#1513) (@anderseknert)
- 5d69c12: Rule: unresolved-reference (@HookFirebolt)
- 2eab703: Have redundant-existence-check flag subset terms (#1514) (@anderseknert)
- 0896ce8: build(deps): bump the dependencies group with 2 updates (#1521) (@dependabot[bot])
- abe5fff: docs: Fix annotations link (#1522) (@charlieegan3)
- e6c87d3: perf: improve performance of new unresolved-reference rule (#1530) (@anderseknert)
- b156f5d: perf: improve aggregate rules (#1531) (@anderseknert)
- 23303ae: [create-pull-request] automated change (#1528) (@github-actions[bot])
- acf16dd: Fix false positive in one-liner-rule (#1534) (@anderseknert)
- 0e92eb3: Enable prefer-values-in-head (#1535) (@anderseknert)
- 0d02763: OPA v1.4.2, Roast v0.9.0 (#1538) (@anderseknert)
- 152e87d: Rule: pointless-import (#1539) (@anderseknert)
- a75398c: Bump golangci-lint (#1541) (@anderseknert)
- 214c573: refactor: simplify test format (#1540) (@anderseknert)
- 90f4b64: Apply modernize fixes (#1543) (@anderseknert)
- 8d26d35: build(deps): bump the dependencies group with 2 updates (#1544) (@dependabot[bot])
- 129ea57: Various small fixes (#1545) (@anderseknert)
- cb21bd4: perf: various optimizations (#1547) (@anderseknert)
- 9746dc3: Rule: single-item-in (#1546) (@anderseknert)
- 7b64a08: docs: update some sections with outdated content (#1548) (@anderseknert)
- 80956fb: perf: some Rego micro-optimizations (#1549) (@anderseknert)
- bf2c719: perf: Rego optimizations to avoid alloactions (#1550) (@anderseknert)
- 838fea0: build(deps): bump the dependencies group with 2 updates (#1551) (@dependabot[bot])
- 2cfc3c5: perf: improve unresolved_reference rule (#1533) (@HookFirebolt)
- b23df09: docs: Update links to opa docs (#1552) (@charlieegan3)
- ba2e2a1: docs: Update roadmap for Regal 1.0 (#1561) (@charlieegan3)
- ad0834f: Various small fixes (#1562) (@anderseknert)
- 4136f01: Small perf fixes (#1563) (@anderseknert)
- 9cbd022: docs: Remove rules table from README and build (#1565) (@charlieegan3)
- eee47fb: Small fixes before next release (#1566) (@anderseknert)
- 47c70f0: OPA v1.5.0, improved report formatting (#1569) (@anderseknert)
Contributors
Assets 8
v0.33.1
This release adds 4 new linter rules to Regal, alongside significant performance improvements and several bug fixes.
New Rule: in-wildcard-key
Using a wildcard variable (_) for the key in the key-value form of iteration (some _, value in collection) is never needed, and can be replaced by the simple some value in … form . This rule flags cases where the key iteration is redundant. (Read more)
package policy
allow if {
# Avoid: key iteration ('_') is redundant if only 'user' is used
some _, user in input.users
# do something with each user
}
allow if {
# Prefer: clearer intent when only iterating values
some user in input.users
# do something with each user
}PR #1466
New Rule: confusing-alias
While import aliases can improve readability, aliasing an import reference that is also imported without an alias is confusing, as both names point to the same resource. This rule catches such cases. (Read more)
package policy
# Avoid: both 'users' and 'employees' point to data.resources.users
import data.resources.users
import data.resources.users as employees
# Prefer: a single import for any given resource
# import data.resources.usersPR #1470
New Rule: mixed-iteration
Rego supports different styles of collection iteration. While "reference style" iteration (collection[_]) can be concise for deeply nested structures, mixing it with the some .. in style within a single iteration expression makes for code that’s more difficult to follow. This rule encourages consistency within a single iteration statement. (Read more)
package policy
allow if {
# mixing 'some .. in' and reference iteration
some resource in input.assets[_]
# do something with resource
}
allow if {
# using 'some .. in' iteration consistently
some asset in input.assets
some resource in asset
# do something with resource
}PR #1475
New Rule: narrow-argument
This new rule analyzes function arguments to suggest narrowing them down to the minimal value the function depends on. This can improve clarity and reusability. The rule considers incrementally defined functions across all their definitions. This is a powerful but opinionated rule and is thus in the custom category and is not on by default. See the documentation for how to enable it if you’re curious to try it out! (Read more)
package policy
# Avoid: the function only uses the 'email' property of the 'user' object
valid_user(user) if endswith(user.email, "acmecorp.com")
valid_user(user) if endswith(user.email, "acmecorp.org")
# Prefer: narrowing the argument to only what the function needs
valid_email(email) if endswith(email, "acmecorp.com")
valid_email(email) if endswith(email, "acmecorp.org")PR #1488
Performance Improvements
Several improvements have been made to reduce memory allocations and improve overall linting performance. Numbers below refer to Regal’s benchmark for linting its own policies.
- Optimized config loading and parsing, saving around 2.7 million allocations (#1491).
- Reduced allocations by approximately 2 million (#1494).
- Improved the performance of the
use-strings-countrule, saving almost 1 million allocations (#1465). - Optimized reference comparisons and small iteration patterns, saving around 300k allocations (#1472).
- Included performance enhancements alongside an update to the
external-referencerule to make it more configurable (#1496).
OPA v1.3.0
Regal has been upgraded to use OPA v1.3.0. This brings several upstream improvements, including support for the new one-liner grouping in formatting (see OPA#6760). (#1459)
Bug Fixes
- Fixed a bug in the handling of Rego input from stdin. Thanks @tokyowizard for the report! (#1474)
- Fixed a panic that could occur in
FindConfigRootswhen supplied with unexpected arguments. (#1487)
Other Rule Updates
- The
external-referencerule can now be configured with a maximum number of allowed external references, instead of solely flagging all external uses within a function. If you previously had this rule disabled, you might want to try enabling it now, and possibly tweak its configuration to your liking. (#1496) - The
rule-lengthrule now has a separate setting (max-test-rule-length) with a higher default value (60 vs 30) for test rules, acknowledging that tests often include substantial data. (#1476) - Updated documentation for the
rule-named-ifrule based on community feedback received via the page feedback form (please let us know if you see issues! & thanks for the report!) (#1463)
Dependencies
This release also updates Regals dependencies as follows.
Go Mod:
- github.com/open-policy-agent/opa v1.2.0 -> v1.3.0
- github.com/prometheus/client_golang v1.21.0 -> v1.21.1
- go.opentelemetry.io/otel v1.34.0 -> v1.35.0
- go.opentelemetry.io/otel/metric v1.34.0 -> v1.35.0
- go.opentelemetry.io/otel/sdk v1.34.0 -> v1.35.0
- go.opentelemetry.io/otel/trace v1.34.0 -> v1.35.0
- golang.org/x/crypto v0.35.0 -> v0.36.0
- golang.org/x/net v0.36.0 -> v0.38.0
- golang.org/x/sync v0.11.0 -> v0.12.0
- golang.org/x/sys v0.30.0 -> v0.31.0
- golang.org/x/text v0.22.0 -> v0.23.0
- google.golang.org/protobuf v1.36.4 -> v1.36.5
GitHub Actions:
- codecov/codecov-action v5.4.0 -> v5.4.2
- github/codeql-action/analyze v3.28.12 -> v3.28.15
- github/codeql-action/autobuild v3.28.12 -> v3.28.15
- github/codeql-action/init v3.28.12 -> v3.28.15
- github/codeql-action/upload-sarif v3.28.12 -> v3.28.15
- goreleaser/goreleaser-action v6.2.1 -> v6.3.0
Changelog
- automated: update capabilities by @github-actions in #1458
- OPA 1.3.0 by @anderseknert in #1459
- Parameterize some tests by @anderseknert in #1460
- automated: update capabilities by @github-actions in #1461
- build(deps): bump the dependencies group with 2 updates by @dependabot in #1462
- docs: rule-named-if by @charlieegan3 in #1463
- Some perf fixes by @anderseknert in #1465
- Rule: in-wildcard-key by @anderseknert in #1466
- Increase coverage by @anderseknert in #1467
- build(deps): bump github/codeql-action from 3.28.13 to 3.28.14 in the dependencies group by @dependabot in #1468
- perf: various improvements by @anderseknert in #1472
- Rule: confusing-alias by @anderseknert in #1470
- Add benchmark for testing all rules individually by @anderseknert in #1469
- Rule: mixed-iteration by @anderseknert in #1475
- Add max-test-rule-length setting to rule-length rule by @anderseknert in #1476
- fix: ensure policy from stdin is enumerated correctly by @anderseknert in #1474
- automated: update capabilities by @github-actions in #1477
- builtins.RegalIsFormatted: recover from formatter panics by @srenatus in #1481
- automated: update capabilities by @github-actions in #1482
- build(deps): bump github/codeql-action from 3.28.14 to 3.28.15 in the dependencies group by @dependabot in #1484
- Fix unnecessary-some rule not working after OPA 1.0+ by @anderseknert in #1485
- FindConfigRoots: return error, not panic by @srenatus in #1487
- perf: Improve how config is parsed, and when by @anderseknert in #1491
- Rule: narrow-argument by @anderseknert in #1488
- build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0 by @dependabot in #1490
- build(deps): bump codecov/codecov-action from 5.4.0 to 5.4.2 in the dependencies group by @dependabot in #1495
- Make external-reference rule less annoying by @anderseknert in https://gi...
Contributors
Assets 8
v0.33.0
v0.32.0
This release adds 3 new linter rules to Regal, as well as many improvements and fixes.
New Rule: redundant-loop-count
A loop iterating over empty collections evaluates to nothing, and counting the collection before the loop to ensure it's not empty is therefore redundant. This rule catches cases where this check is not needed. (Read more)
package policy
allow if {
# redundant count and > comparison
count(input.user.roles) > 0
some role in input.user.roles
# .. do more with role ..
}PR #1452.
New Rule: import-shadows-rule
This new rule catches cases where users have named rules the same as an import. Imported identifier have higher precedence than rules and this can lead to confusing behaviours. (Read more)
package policy
import data.resources
# 'resources' shadowed by import
resources contains resource if {
# ...
}PR #1450.
Thanks @kroekle for suggesting this rule!
New Rule: time-now-ns-twice
This new rule will catch cases where time.now_ns() is called multiple times within a single rule. This does not work in Rego since both calls will return the same value. This rule catches this case early and directs users to read about more appropriate tools. (Read more)
package policy
timed if {
now := time.now_ns()
# do some work here
# this doesn't work! result is always 0
print("work done in:", time.now_ns() - now, "ns)
}PR #1457.
Other Rule Updates
>, >=, <, <=operators added to the style/yoda-condition rule (#1454).- Fixed a false positive in the performance/non-loop-expression rule (#1438).
- Ignored tests in style/messy-rule (#1449).
OPA v1.2.0
While this may not seem too exciting, OPA v1.2.0 contains some performance improvements that has quite a substantial impact on Regal. We know, because we made those improvements in OPA largely to speed up Regal's linting! v0.32.0 should be considerably faster than previous versions, which should be noticeable in large policy projects in particular.
Language Server
In the language server, we addressed two bugs relating to the fixing of the idiomatic/directory-package-mismatch rule. See #1427 & #1432.
Dependencies
Go Mod:
- github.com/go-git/go-git/v5 v5.13.2 -> v5.14.0
- github.com/google/go-cmp v0.6.0 -> v0.7.0
- github.com/open-policy-agent/opa v1.1.0 -> v1.2.0
- github.com/spf13/cobra v1.8.1 -> v1.9.1
GitHub Actions:
- actions/cache v4.2.1 -> v4.2.3
- actions/setup-go v5.3.0 -> v5.4.0
- actions/upload-artifact v4.6.1 -> v4.6.2
- codecov/codecov-action v5.3.1 -> v5.4.0
- github/codeql-action/analyze v3.28.10 -> v3.28.12
- github/codeql-action/autobuild v3.28.10 -> v3.28.12
- github/codeql-action/init v3.28.10 -> v3.28.12
- github/codeql-action/upload-sarif v3.28.10 -> v3.28.12
- golangci/golangci-lint-action v6.5.0 -> v7.0.0
- peter-evans/create-pull-request v7.0.7 -> v7.0.8
See #1453, #1442, #1435, #1426, #1422 and #1423 for PRs making the above updates. golangci-lint v2 update in #1455. OPA 1.2 update in #1429.
New Users
- mise via its aqua backend and aqua's regal definition added in #1437.
Add yourself to docs/adopters.md to get here next time!
New Contributors
Changelog
- 253207c: docs: Add debug code lens to LS docs (#1421) (@charlieegan3)
- 9981393: build(deps): bump the dependencies group with 4 updates (#1422) (@dependabot[bot])
- 5f1be97: build(deps): bump the dependencies group with 2 updates (#1423) (@dependabot[bot])
- 58f9c79: [create-pull-request] automated change (#1424) (@github-actions[bot])
- 26b9cb1: build(deps): bump the dependencies group with 2 updates (#1426) (@dependabot[bot])
- c1ac66c: lsp: Correct path when fixing dir package mismatch (#1427) (@charlieegan3)
- 62cba31: lsp: Ensure rename target is within workspace root (#1432) (@charlieegan3)
- bd21ef1: OPA v1.2.0 (#1429) (@anderseknert)
- 7bb7cb2: test: fix deadline exceeded test issue in GitHub runners (#1433) (@anderseknert)
- f01af9c: [create-pull-request] automated change (@charlieegan3)
- b5422fb: adopters: mention mise+aqua (#1437) (@srenatus)
- 9ccd217: build(deps): bump golang.org/x/net from 0.35.0 to 0.36.0 (#1435) (@dependabot[bot])
- be88d57: Fix non-loop-expression false positive (#1438) (@anderseknert)
- 52e1a39: build: Make novelty package opt-in (#1430) (@jalseth)
- 1bc309c: [create-pull-request] automated change (@charlieegan3)
- 644a554: [create-pull-request] automated change (@srenatus)
- 4e5bff7: docs: Update slack inviter link (#1441) (@charlieegan3)
- a00e950: build(deps): bump golangci/golangci-lint-action (#1442) (@dependabot[bot])
- 455e1bc: Ignore tests in messy-rule (#1449) (@anderseknert)
- d3e144d: Rule: import-shadows-rule (#1450) (@anderseknert)
- 74a9f3f: Rule: redundant-loop-count (#1452) (@anderseknert)
- a36f32b: Add >, >=, <, <= to yoda-condition rule (#1454) (@anderseknert)
- 5ea70b6: build(deps): bump the dependencies group with 5 updates (#1453) (@dependabot[bot])
- 6b54316: Rule: time-now-ns-twice (#1457) (@anderseknert)
- fe6de2e: golangci-lint v2 (#1455) (@anderseknert)
Contributors
Assets 8
v0.31.1
This patch release fixes some issues reported by users, as well as some encountered while working on Regal. Most notably:
- Fix issue where an absolute path to the config file wouldn't work on Windows (thanks @geirs73 for reporting this!)
- Fix issue where configured
ignorevalues had no effect if Regal ran from the root directory (thanks @nevumx for the issue!) - Fix issue in language server when files with
:in their name are present in the workspace - Fix issue in language server where Code Lens annotations (like Evaluate and Debug) would appear and reappear quickly when parse errors where encountered and fixed, leading to a "flickering" editor window
Changelog
- dcecdab: docs: Use strings for non-loop expression role (#1409) (@charlieegan3)
- c09bc93: docs: Make editor support link clearer in README (#1411) (@charlieegan3)
- 3177417: build(deps): bump the dependencies group with 2 updates (#1413) (@dependabot[bot])
- f472f40: Bump Go to 1.23, and replace archived dependency (#1410) (@anderseknert)
- 772aeb0: cmd/lint: Fix windows Abs path handling (#1416) (@charlieegan3)
- 48e2ef9: build(deps): bump the dependencies group with 5 updates (#1417) (@dependabot[bot])
- eeec210: lint: Handle root filesystem root prefix (#1418) (@charlieegan3)
- 25bde5a: lsp: URI/Path handling fixes (#1419) (@charlieegan3)
- 4fd08cb: lsp: Fix Code Lenses jank (#1420) (@charlieegan3)
Contributors
Assets 8
v0.31.0
This release of Regal updates to OPA v1.1.0, continuing to solidify support for v1 Rego with some nice new rules, performance improvements and bug fixes too.
New Rule: use-object-keys
There are some cases where using object.keys is preferred over using comprehensions. For example:
Avoid
package policy
keys := {k | some k, _ in input.object}Prefer
package policy
keys := object.keys(input.object)This is preferred as it more clearly communicates the intent of the code, that is, to get the keys of the object rather than loop over it and collect the keys as you go. More details can be found on the use-object-keys rule page.
New Rule: non-loop-expression
Expressions in loops are evaluated in each iteration of the loop and so it's advisable to avoid using expressions which do not depend on the loop variable within the looping part of a rule in order to improve performance.
Avoid
package policy
allow if {
some email in input.emails
admin in input.roles # <- this is not required in the loop
endswith(email, "@example.com")
}Prefer
package policy
allow if {
admin in input.roles # <- moved out of the loop
some email in input.emails
endswith(email, "@example.com")
}This rule can't catch all cases, so still be on the look out. More details can be found on the non-loop-expression rule page.
Fixing non-raw-regex-pattern
The non-raw-regex-pattern rule can now be automatically fixed with regal fix or with a CodeAction for language server clients. #1382
Configuration File Loading< 8000 /h1>
Regal will now use a ~/.config/regal if no parent configuration is found. This is useful when working on Rego in temporary directories. #1378
Regal's language server will now use configuration files in the workspace tree if they exist rather than only looking at parent directories. This more closely matches the behavior of the lint command. #1372
Notable Improvements
- Avoid 'error' paths in our linting Rego to reduce allocations. #1351, #1360, #1374
- Implement the
opa-fmtrule using in Rego, removing the need for a Go rule
linting path entirely. #1393 - More consistently use shared functions and remove dead code to make Regal easier to maintain. #1349,
#1392, #1383, #1379, #1358, #1356, #1355 - @anaypurohit0907 made their first PR in #1369 adding a new summary to the end of the compact report showing the number of files and violations. Also, #1387 adds a similar improvement to the end of the default 'Pretty' reporter output breaking down errors and warnings.
- Documentation for the
deprecated-builtinrule now explains the upgrade process. #1366, thanks @tsandall for the suggestion!
Notable Fixes & Updates
- The
use-ifrule will now use only the rule name as the violation location, rather than the whole rule. #1362 - Parse errors are now shown in file diagnostics to language server clients
after a regression. #1408 - @jglasovic made their first PR in #1345
fixing a bug where the Debug CodeLens was left enabled. - Better handling of
.regal.yamlfile use. #1357, thanks @grosser for the input here. - Some great new open source adopters! #1384, thanks @chendrix for the Regal amigurumi!
Changelog
- 1eff70a: fix: lsp - filter out
regal.debugcodelens (#1345) (@jglasovic) - 93faa40: [create-pull-request] automated change (@charlieegan3)
- 193224a: [create-pull-request] automated change (@charlieegan3)
- 434dabf: build(deps): bump golangci/golangci-lint-action (#1350) (@dependabot[bot])
- d7f522e: Add workspace folder type, and "support" that capability (#1347) (@anderseknert)
- a5d1742: Language server refactoring (#1349) (@anderseknert)
- 7b693ee: perf: move config check out of loop (#1351) (@anderseknert)
- d9749f4: lsp: Ensure parse errors are saved as diagnostics correctly (#1352) (@charlieegan3)
- bea7398: Fix missing annotations in LSP parsing (#1354) (@anderseknert)
- 0a17534: chore: Use regal's parse options following (#1355) (@charlieegan3)
- 760b484: fix: Remove mandatory fixes (#1356) (@charlieegan3)
- 2b25493: config: Search for .regal.yaml and use for roots (#1357) (@charlieegan3)
- 6880526: Remove custom Ref stringer (#1359) (@anderseknert)
- 0d506bb: refactor: better use of test helpers (#1358) (@anderseknert)
- b29ad44: perf: always include
ignore_filesin data (#1360) (@anderseknert) - 856bf50: The compact output format should include a summary #1364 (#1369) (@anaypurohit0907)
- 9020000: Some style fixes (#1370) (@anderseknert)
- f78f94b: fix: better location reporting in
use-ifrule (#1362) (@anderseknert) - 1175266: docs: deprecated built-in replacements (#1366) (@anderseknert)
- 33408e5: Add optional govet checks (#1368) (@anderseknert)
- 1db229a: Small fixes (#1367) (@anderseknert)
- 6430f86: build(deps): bump the dependencies group with 3 updates (#1371) (@dependabot[bot])
- 14cbc3b: Bump OPA to v1.1.0 (#1373) (@anderseknert)
- e1247ea: Don't return error from
regal.last(#1374) (@anderseknert) - 0e794a2: lsp: Use nested workspace configuration if found (#1372) (@charlieegan3)
- d41c3da: [create-pull-request] automated change (#1376) (@github-actions[bot])
- 1f9e2e4: Use .Keys() and .KeysSorted() from OPA (#1379) (@anderseknert)
- a295fef: config: Use global user config if required (#1378) (@charlieegan3)
- 1a3fcfb: linter: Show error if rule or category is invalid (#1381) (@charlieegan3)
- 0e38b37: Add a few more adopters (#1384) (@anderseknert)
- cb81676: build(deps): bump the dependencies group with 2 updates (#1385) (@dependabot[bot])
- 4777c2b: build(deps): bump github/codeql-action in the dependencies group (#1386) (@dependabot[bot])
- be9bc33: fix: non-raw regex pattern (#1382) (@charlieegan3)
- 13a4980: lsp: Add statsviz for profiling visuals (#1388) (@charlieegan3)
- ba53d75: Consistently use new
Settype (#1383) (@anderseknert) - 4347b8a: lsp/test: Error in test should be log instead (#1389) (@charlieegan3)
- 8c15f1c: [create-pull-request] automated change (@charlieegan3)
- a283bee: Remove unused fixer code (#1392) (@anderseknert)
- 194116f: Rego-based opa-fmt (#1393) (@anderseknert)
- 69e3756: Be specific about number of errors vs warnings in regal lint summary #821 (#1387) (@anaypurohit0907)
- 48c9e5e: Some minor cleanups in reporter code (#1397) (@anderseknert)
- a4e3592: Fix false positive in
unused-output-variable(#1398) (@anderseknert) - c75d66f: Rule:
use-object-keys(#1399) (@anderseknert) - 52c7c9b: refactor: simplify data bundle creation (#1400) (@anderseknert)
- 3e6ef5b: [create-pull-request] automated change (#1402) (@github-actions[bot])
- 674e441: lsp: update log messages for root dir note (#1395) (@charlieegan3)
- 76e0760: build(deps): bump the dependencies group with 2 updates (#1404) (@dependabot[bot])
- c6d1a9d: Roast v0.8.1 (#1406) (@anderseknert)
- 539ba39: bundle: Add non-loop-expression rule (#1401) (@charlieegan3)
- 06af4df: lsp: Correctly parse eval and debug params (#1407) (@charlieegan3)
- b29e759: lsp: show parse errors in diagnostics (#1408) (@charlieegan3)
Contributors
Assets 8
v0.30.2
This release includes a fix for an issue where a missing Regal dir would cause a fatal error when running regal fix (#1341), thanks @grosser for the report again.
Also included is an a fix for an issue where Regal would template files without a Regal extension after renaming them from a Rego file.
Changelog
- df90dec: lsp: ignore after rename if not Rego (#1340) (@charlieegan3)
- 2c6ee8e: fix: add error based on expected regal dir (#1343) (@charlieegan3)
Contributors
Assets 8
v0.30.1
Regal v0.30.1 is a patch release following the significant v0.30.0 release with first class OPA v1.0.0 support. This patch release addresses some issues discovered in the language server relating to the OPA update as well as a minor new feature.
New options for Regal config location
In addition to the .regal/config.yaml path we've used thus far, it's now possible to use a .regal.yaml instead. This is intended to be used by those preferring a single file rather than a dedicated directory. The config directory will still be required for users with custom rules. It is not possible to use $root/.regal/config.yaml and $root/.regal.yaml in the same directory at the same time. Regal will still use the config file nearest the root in the directory hierarchy, even if they are of different types. Thanks to @grosser for the suggestion!
Changelog
- lsp/completions: Reorder for cheap rego.v1 check by @charlieegan3 in #1335
- docs: op F438 a-fmt v1/v0 notes by @charlieegan3 in #1336
- tidy: Use cmp.Or in a few places by @charlieegan3 in #1337
- Upgrade Roast to v0.6.0 by @anderseknert in #1338
- lsp: Rename correctly when conflicting by @charlieegan3 in #1334
- config: Allow loading of .regal.yaml file too by @charlieegan3 in #1339
Full Changelog: v0.30.0...v0.30.1
Contributors
Assets 8
v0.30.0
Regal v0.30.0 is the first release to fully support OPA 1.0 while at the same time being fully compatible with older versions of OPA and Rego. This process helped improve both Regal and OPA, as a few things to fix in both projects got identified along the way!
Full support for OPA 1.0, while maintaining compatibility with earlier versions
Regal now seamlessly supports working with both pre-1.0 and 1.0+ policies, or even a mix of both! See Regal's new documentation on OPA 1.0 to learn more about how to get the most out of Regal when working with Rego of any version.
As part of this upgrade, all the Regal docs have now been updated to use OPA/Rego 1.0 syntax, in examples and anywhere else Rego is used.
Finally, and perhaps needless to say — Regal itself and all of its linter policies are now upgraded to OPA 1.0!
Much Faster Linting
A mission that started out with the goal of improving the performance of Regal's linter, ended up with multiple PR's
to improve evaluation performance in OPA. This of course benefits not just Regal, but all users of OPA! However, since
the regal lint command was used for benchmarking, most optimizations have been along the hot path of that command.
Linting with Regal is now almost 2x as fast as before, while consuming 2/3 of the memory previously needed. And we have
more improvements lined up in OPA for the next release, so stay tuned!
Notable Improvements
- The evaluation code lens now supports using an
input.yamlfile as input, in addition toinput.json. Thanks @mrgadgil for suggesting this feature! - The redundant-existence-check rule now also reports redudant checks of function arguments
- New
InputFromTextWithOptionsfunctions for users of the Go API - Faster evaluation by avoiding custom function calls in hot path
- Reduced time to evaluation by performance improvements in Roast input conversion
- The language server now logs the version of Regal and the path to the binary at startup, helping users know which Regal binary is being used
Notable Fixes
- Fixed issue where
--forcewasn't honored byregal fix. Thanks @grosser for reporting that! - Fixed false positive in pointless-reassignment rule
- Fixed false positive in top-level-iteration rule
- Fixed false positive in external-reference rule. Thanks @tsandall for reporting the issue!
- The evaluate code lens now works even when
input.json/input.yamlisn't found - Improved docs for directory-package-mismatch
- Fixed nil dereference in JUnit reporter. Thanks @OhMyGuus for reporting the issue!
Changelog
- 5b7d423: build(deps): bump codecov/codecov-action from 4.6.0 to 5.0.0 (#1263) (@dependabot[bot])
- 99752a0: build(deps): bump github/codeql-action from 3.27.3 to 3.27.4 (#1264) (@dependabot[bot])
- f078127: build(deps): bump codecov/codecov-action from 5.0.0 to 5.0.2 (#1268) (@dependabot[bot])
- c8a0329: lsp: Use notify for sending messages (#1267) (@charlieegan3)
- abd9504: build(deps): bump cross-spawn from 7.0.3 to 7.0.5 in /build (#1266) (@dependabot[bot])
- acd22f7: Add support for using input.yaml in Evaluate code lens (#1269) (@anderseknert)
- 183584a: build(deps): bump codecov/codecov-action from 5.0.2 to 5.0.4 (#1270) (@dependabot[bot])
- 6716d37: Less frequent, and grouped dependabot updates (#1271) (@anderseknert)
- aa65332: build(deps): bump smol-toml from 1.3.0 to 1.3.1 in /build (#1272) (@dependabot[bot])
- 34ba147: build(deps): bump github/codeql-action from 3.27.4 to 3.27.5 (#1274) (@dependabot[bot])
- f61f52b: build(deps): bump codecov/codecov-action from 5.0.4 to 5.0.7 (#1273) (@dependabot[bot])
- 46d913b: rules: Add InputFromTextWithOptions for go users (#1278) (@charlieegan3)
- 2d6b61c: Fix issue where --force wasn't honored in git check (#1282) (@anderseknert)
- da251c9: Enable a few more golangci-lint rules (#1280) (@anderseknert)
- 87c2ff3: Have
redundant-existence-checkinclude function args (#1279) (@anderseknert) - 0a88ab3: Fix false positive in
top-level-assignment(#1287) (@anderseknert) - c0ac18f: Fix false positive in
pointless-reassignment(#1286) (@anderseknert) - 8759f08: Fix false positive in external-reference and vars in composite values (#1284) (@anderseknert)
- 0db5b5f: Avoid allocations by not calling custom functions on hot path (#1289) (@anderseknert)
- 69b43a8: build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 (#1292) (@dependabot[bot])
- 981ac1d: build(deps): bump actions/cache from 4.1.2 to 4.2.0 (#1291) (@dependabot[bot])
- bc46bd6: build(deps): bump codecov/codecov-action from 5.0.7 to 5.1.1 (#1290) (@dependabot[bot])
- 668950a: dev: Fix golangci-lint reporting issues in ignored files in VS Code (#1296) (@anderseknert)
- 36a72d4: Roast v0.5.0, faster input conversion (#1293) (@anderseknert)
- 8a096a1: build(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0 (#1297) (@dependabot[bot])
- 9102b94: Evaluate should work even when input missing (#1295) (@anderseknert)
- 00e5341: dev: Fix integration test that used old URL for capabilities (#1304) (@anderseknert)
- 8d0d888: docs: add note about roots in directory-package-mismatch rule (#1303) (@charlieegan3)
- 44182c7: build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 (#1301) (@dependabot[bot])
- d3d096d: build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 (#1302) (@dependabot[bot])
- 7f8e54d: [create-pull-request] automated change (@charlieegan3)
- 748c2e8: Fix nil pointer dereference in JUnit reporter (#1307) (@anderseknert)
- 0673c09: hints: remove tail anchor for multiple-default-rules hint (#1314) (@srenatus)
- bac6333: build(deps): bump github/codeql-action from 3.27.9 to 3.28.0 (#1311) (@dependabot[bot])
- cc08ab1: build(deps): bump actions/upload-artifact from 4.4.3 to 4.5.0 (#1309) (@dependabot[bot])
- 46c5205: build(deps): bump codecov/codecov-action from 5.1.1 to 5.1.2 (#1310) (@dependabot[bot])
- fb3ac2e: build(deps): bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (#1312) (@dependabot[bot])
- 550d05c: build(deps): bump github.com/go-git/go-git/v5 in the dependencies group (#1313) (@dependabot[bot])
- e31c132: dependabot: Update GHA dependencies in groups (#1315) (@charlieegan3)
- 4459436: build(deps): bump github.com/go-git/go-git/v5 in the dependencies group (#1316) (@dependabot[bot])
- 34f9827: Use concurrent map implementation (#1318) (@anderseknert)
- 2d7753f: tests: Skip server multi file test (#1320) (@charlieegan3)
- 6fecf4c: Add new blog! (#1308) (@anderseknert)
- b909a5c: [create-pull-request] automated change (@charlieegan3)
- d445931: cmd/languageserver: Log path & version at startup (#1326) (@charlieegan3)
- 4434de2: [create-pull-request] automated change (#1330) (@github-actions[bot])
- cf1632a: build(deps): bump the dependencies group with 2 updates (#1331) (@dependabot[bot])
- d569e50: Prepare for OPA 1.0 (#1317) (@anderseknert)
- 75b57bb: build(deps): bump actions/upload-artifact in the dependencies group (#1332) (@dependabot[bot])
- 351b5bb: Update badge to 1.0.0 (#1333) (@anderseknert)
Contributors
Assets 8
v0.29.2
This patch release fixes an issue where the new defer-assignment rule would sometimes report a false positive when the variable was used inside of a with clause on the next line.
Thanks @nevumx for reporting the issue!
Changelog
- 7e74d12: [create-pull-request] automated change (#1261) (@github-actions[bot])
- 20a5cfa: Fix false positive in defer-assignment and
with(#1262) (@anderseknert)