Bump github.com/styrainc/regal from 0.25.0 to 0.28.0

[dependabot]

Bumps github.com/styrainc/regal from 0.25.0 to 0.28.0.

Release notes

Sourced from github.com/styrainc/regal's releases.

v0.28.0

New Rule: missing-metadata #1131

The new missing-metadata rule helps ensure policies are documented by requiring METADATA comments on public packages and rules. Metadata comments are used to explain functionality and annotate Rego constructs with other data.

Note: missing-metadata is a custom rule and so is not enabled by default for all users.

fixer: Automated fixing of directory-package-mismatch

This release brings improvements to regal fix, the command to automatically fix supported violations (#1120, #1127).

Fixes for the directory-package-mismatch violations involve moving files based on their packages. For example a file with package foo.bar in policies/policy.rego would need to be moved to foo/policy.rego. In previous versions of Regal, when multiple files in a large code base with the same filename needed to be moved to the same package directory, Regal would output a confusing error message.

Regal v0.28.0 outputs a clear error message by default and adds a new --on-conflict=rename modifying flag to allow conflicting files to automatically be renamed when this scenario is encountered.

Linter Improvements

• Support for linting Rego syntax passed to Regal via Standard Input (stdin).
• An important yet under-the-hood improvement to use a new data format for AST node locations. This makes violation locations more specific and brings a 5% linting speed improvement too.

Language Server Performance Improvements

• An update to the implementation of the server to reduce the number of expensive ‘full workspace’ linting jobs. By caching the aggregate rule data and updating it incrementally, full workspace jobs can now be completed in less than a third of the time previously taken.
• Making CodeLenses configurable makes supporting other clients easier. Thanks @​rinx for the work in #1176 and for all the work you do to make Regal and Neovim play nice.
• Update to the server templating to better handle projects without a Regal config file. Files in the workspace root will no longer be templated either, but will still violate directory-package-mismatch.
• Makes an improvement to ensure the loading of the Regal rules happens once, saving around 30ms on every keypress-trigger, file diagnostic update event.

Dependency Updates

• anderseknert/roast v0.2.0 -> v0.4.2 #1140, #1170
• open-policy-agent/opa v0.68.0 -> v0.69.0 #1152

Github Actions Updates

• golangci/golangci-lint-action 6.1.0 -> 6.1.1 #1163
• peter-evans/create-pull-request 7.0.3 -> 7.0.5 #1114
• github/codeql-action 3.26.7 -> 3.26.11 #1117, #1137, #1157, #1174
• actions/checkout 4.1.7 -> 4.2.0 #1142
• codecov/codecov-action 4.5.0 -> 4.6.0 #1162, #1164
• actions/cache 4.0.2 -> 4.1.0 #1179

Changelog

• 63ec93dde73cee416bcec70d64a407322edafec4: docs: correct line endings for GIF files (#1114) (@​charlieegan3)
• 980f726a199390d35497c7a5498e6d3aa6139c78: build(deps): bump peter-evans/create-pull-request from 7.0.3 to 7.0.5 (#1116) (@​dependabot[bot])
• 54c8c9db5b081839e9f7a126dd941381b708bc5d: build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 (#1117) (@​dependabot[bot])
• 95a1bf390e5a13c23be53d50670d22be834bcc22: tests: Minor test wait improvement (#1121) (@​charlieegan3)
• 838c6fa83ad36423c6bc3a8c5136fcc27ff1be86: Allow regal lint - to lint from stdin (#1122) (@​anderseknert)

... (truncated)

Commits

• 9503967 feat(lsp): add initialization options about codelenses (#1176)
• ed287dc build(deps): bump actions/cache from 4.0.2 to 4.1.0 (#1179)
• 69fb6ca Use test logger for client handler (#1178)
• b751858 lsp/templating: gracefully handle unknown root (#1171)
• fc88817 Correct example index rego path (#1177)
• f70b892 build(deps): bump github/codeql-action from 3.26.10 to 3.26.11 (#1174)
• 67162e6 lsp: Update LSP linting to run incrementally after file change (#1146)
• 85b7be7 Bump roast to v0.4.2 to solve data race (#1170)
• 8ca0197 Custom rule authoring improvements (#1168)
• 7b5cd08 Exclude print from "function return value in args" check (#1165)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)