terraform-lockfile-insights is a utility designed to surface information about the Terraform providers used within a project. It recursively crawls a specified directory, parsing each Terraform lockfile using tree-sitter, and provides a report showing which providers and versions are used in each file.

Building this tool helped me get hands-on experience with both Golang and tree-sitter. I often work with repositories containing numerous Terraform modules, where managing provider versions and keeping the dependency scope small is crucial. Since terraform-lockfile-insights outputs its findings as JSON to stdout, it’s well-suited for CI environments where teams might want to enforce policies around consistent provider versioning across a repository.

Example output (using --pretty):

{
  "registry.opentofu.org/cloudflare/cloudflare": {
    "versions": {
      "4.19.0": [
        "infrastructure/terraform/foo/.terraform.lock.hcl",
        "infrastructure/terraform/bar/.terraform.lock.hcl",
        "infrastructure/terraform/baz/.terraform.lock.hcl"
      ]
    }
  }
}