v0.13.0

This release brings 3 new linter rules, several performance improvements, and many fixes and tweaks to existing rules.

New rules: use-if and use-contains

Category: idiomatic

The if and contains keywords are considered idiomatic in modern Rego, as they help both with readability as well as to remove some ambiguities from earlier versions of the language. In fact, both of the keywords will be made mandatory in the upcoming OPA 1.0 release. There's no need to wait for that though! The use-if and use-contains rules helps you get ahead of the curve and enforce the use of these keywords today.

For more information, see the docs on use-if and use-contains.

Thanks @tsandall for suggesting these rules!

New rule: if-empty-object

Category: bugs

With the introduction of the if keyword, an empty pair of curly braces ({}) is no longer considered a rule body, but an empty object. While previous versions of Rego would treat an empty body as an error, allow if {} would be result in allow assigned to true, as an empty object is a "truthy" value. This is likely a mistake, and the if-empty-object rule will help you find and fix it.

For more information, see the docs on if-empty-object

Performance improvements

While Regal will scan most policy repositories in under a second, repos with thousands of policies are necessarily more demanding. This release brings many performance improvements, which should improve the experience working with Regal even for largest Rego repos. These improvements include:

• More efficient use of the walk built-in in linter rules
• Remove the file attribute from AST nodes, resulting in less nodes to traverse
• Parsing of input files now done concurrently
• Various smaller optimizations in many linter rules

Other improvements

• The compact output format now prints a prettier compact table

Bugs fixed

• Fix false positive in unnecessary-some rule
• Error out if --config-file is explictly provided but non-existent (thanks @mcguiresm!)
• detached-metadata: allow detached annotaton for document scope (thanks @hans-d for reporting!)
• line-length: use 120 character fallback if no limit found in config

Changelog

• eef06e5: Refactor: collect rules to run only once (#454) (@anderseknert)
• bb207cf: Optimization: less use of walk (#455) (@anderseknert)
• 6727c3a: e2e: fix custom caps assertions (#456) (@srenatus)
• 2a9dff6: No more "file" in locations! (#458) (@anderseknert)
• 21d0405: Fix false positive in unnecessary-some (#460) (@anderseknert)
• d634dfa: Error out if config-file is explictly provided but non-existent (#463) (@mcguiresm)
• 0598111: Various micro-optimizations (#467) (@anderseknert)
• a0b1df9: Concurrent parse in InputFromPaths (#464) (@anderseknert)
• fe6f14e: Rule: if-empty-body (#461) (@anderseknert)
• be7ed72: detached-metadata: allow detached if document scope (#469) (@anderseknert)
• b36f696: Use 120 characters as max line length if not configured (#473) (@anderseknert)
• 660dc30: Rule: use-if and use-contains (#470) (@anderseknert)
• 459bcc8: InputFromPaths: return if err != nil (@anderseknert)
• 5b3855f: Use import rego.v1 (#471) (@anderseknert)
• c8c7487: Use capabilities from v0.58.0 (#475) (@anderseknert)
• 93295d1: release: Create draft releases (#478) (@charlieegan3)
• 920b9e3: Do not truncate location in pretty reporter (#477) (@anderseknert)
• 227e454: Remove uitable dependency (#480) (@anderseknert)