build(deps): bump github.com/styrainc/regal from 0.24.0 to 0.25.0

[dependabot]

Bumps github.com/styrainc/regal from 0.24.0 to 0.25.0.

Release notes

Sourced from github.com/styrainc/regal's releases.

v0.25.0

This release brings 2 new rules to the Regal linter as well as a number of improvements to the Regal Language Server.

Rules

New rule unused-output-variable

Category: bugs

In this example, if x is unused later in the rule, it is considered an unused output variable.

package policy
allow if {
some x
role := input.user.roles[x]
# do something with "role", but not "x"

}

Unused output variables should be replaced by wildcards (_), as it makes it clear that the variable isn't going to be used.

For more information, see the docs on unused-output-variable.

New rule use-strings-count

Category: idiomatic

strings.count is a new OPA built-in function and should be used in place of counting indexes (count(indexof_n("foobarbaz", "a"))) as was common before.

Not only is strings.count more readable, but it also performs better.

For more information, see the docs on use-strings-count.

Other Rule Updates

The argument-always-wildcard rule will now ignore mock_ prefixed functions by default, as wildcard arguments are commonly used in mocked functions.

Linter

• The JUnit XML output format is now a supported by regal lint. This can be used by e.g. GitLab CI/CD jobs to have linter violations printed in the code view in GitLab merge requests. Thanks @​sebhoss for the work on this one!
• Regal's version of OPA has been updated to v0.67.0, you'll need to be using this version to use the remediation for the use-strings-count rule.
• The --var-values flag from opa test (added to OPA in v0.66.0) is now supported by the regal test command. This allows custom policy authors to see the the variable values in scope of a failed test.

Regal Language Server

Code Lens Support

... (truncated)

Commits

• 1e14d08 Update capabilities.json to include strings.count (#990)
• e4fcb0f build(deps): bump github/codeql-action from 3.26.1 to 3.26.2 (#988)
• acbdb88 lsp: Implement bundle use in workspace Eval (#987)
• 789fccf build(deps): bump github/codeql-action from 3.26.0 to 3.26.1 (#986)
• c5aa188 lsp: Workspace eval, return rule head locations (#985)
• fc0dc04 Document the Code Lens Evaluation feature (#983)
• 04b8a75 lsp/perf: don't traverse .git or .idea dirs (#984)
• 4ebdd7e Add end location to non-raw-regex-pattern violations (#980)
• e886f35 Add end location to line-length violation (#981)
• 3236efd Add end location to metasyntactic-variable violations (#977)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[stacklok-cloud-staging]

Minder Vulnerability Report ✅

Minder analyzed this PR and found it does not add any new vulnerable dependencies.

Vulnerability scan of 1eae595b:

• 🐞 vulnerable packages: 0
• 🛠 fixes available for: 0

[coveralls]

coverage: 53.97% (-0.004%) from 53.974%
when pulling 1eae595 on dependabot/go_modules/github.com/styrainc/regal-0.25.0
into da3b7b1 on main.