terraform-null-label
terraform-null-label copied to clipboard
Published
20 hours ago •
cloudposse
cloudposse
Bump the go_modules group across 1 directory with 8 updates
trafficstars
Bumps the go_modules group with 2 updates in the /test/src directory: github.com/hashicorp/go-getter and gopkg.in/yaml.v3.
Updates github.com/hashicorp/go-getter from 1.5.9 to 1.7.4
Release notes
Sourced from github.com/hashicorp/go-getter's releases.
v1.7.4
What's Changed
- Escape user-provided strings in
gitcommands hashicorp/go-getter#483- Fixed a bug in
.netrchandling if the file does not exist hashicorp/go-getter#433Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.3...v1.7.4
v1.7.3
What's Changed
- SEC-090: Automated trusted workflow pinning (2023-04-21) by
@hashicorp-tsccrin hashicorp/go-getter#432- SEC-090: Automated trusted workflow pinning (2023-09-11) by
@hashicorp-tsccrin hashicorp/go-getter#454- SEC-090: Automated trusted workflow pinning (2023-09-18) by
@hashicorp-tsccrin hashicorp/go-getter#458- don't change GIT_SSH_COMMAND when there is no sshKeyFile by
@jbardinin hashicorp/go-getter#459New Contributors
@hashicorp-tsccrmade their first contribution in hashicorp/go-getter#432Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.2...v1.7.3
v1.7.2
What's Changed
- Don't override
GIT_SSH_COMMANDwhen not needed by@nl-brett-stimehashicorp/go-getter#300Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.7.1...v1.7.2
v1.7.1
No release notes provided.
v1.7.0
What's Changed
- docs: provide logging recommendations by
@mickael-hcin hashicorp/go-getter#371- Update aws sdk version by
@Jukiein hashicorp/go-getter#384- Update S3 URL in README by
@twelvelabsin hashicorp/go-getter#378- Migrate to GHA by
@claire-labryin hashicorp/go-getter#379- [COMPLIANCE] Update MPL 2.0 LICENSE by
@hashicorp-copywritein hashicorp/go-getter#386- remove codesign entirely from go-getter by
@claire-labryin hashicorp/go-getter#408- Add decompression bomb mitigation options for v1 by
@picatzin hashicorp/go-getter#412- v1: decompressors: add LimitedDecompressors helper by
@shoenigin hashicorp/go-getter#413New Contributors
@mickael-hcmade their first contribution in hashicorp/go-getter#371@Jukiemade their first contribution in hashicorp/go-getter#384@twelvelabsmade their first contribution in hashicorp/go-getter#378@hashicorp-copywritemade their first contribution in hashicorp/go-getter#386Full Changelog: https://github.com/hashicorp/go-getter/compare/v1.6.2...v1.7.0
v1.6.2
What's Changed
- Fix
no getter available for X-Terraform-Get source protocolwhen using bare github or bitbucket hostnames: #370
... (truncated)
Commits
268c11cescape user provide string to git (#483)975961fMerge pull request #433 from adrian-bl/netrc-fix0298a22Merge pull request #459 from hashicorp/jbardin/setup-git-envc70d9c9don't change GIT_SSH_COMMAND if there's no keyfile3d5770fMerge pull request #458 from hashicorp/tsccr-auto-pinning/trusted/2023-09-180688979Result of tsccr-helper -log-level=info -pin-all-workflows .e66f244Merge pull request #454 from hashicorp/tsccr-auto-pinning/trusted/2023-09-11e80b3dcResult of tsccr-helper -log-level=info -pin-all-workflows .2d49e24Merge pull request #432 from hashicorp/tsccr-auto-pinning/trusted/2023-04-215ccb39aMake addAuthFromNetrc ignore ENOTDIR errors- Additional commits viewable in compare view
Updates golang.org/x/crypto from 0.0.0-20210513164829-c07d793c2f9a to 0.0.0-20210921155107-089bfa567519
Commits
- See full diff in compare view
Updates golang.org/x/net from 0.0.0-20210614182718-04defd469f4e to 0.1.0
Commits
- See full diff in compare view
Updates golang.org/x/sys from 0.0.0-20210603125802-9665404d3644 to 0.1.0
Commits
- See full diff in compare view
Updates golang.org/x/text from 0.3.6 to 0.4.0
Commits
1bdb400language: remove compatibility with go < 1.2252bee0go.mod: ignore cyclic dependency for taggingecab6e5go.mod: ignore cyclic dependency for tagging369c86ball: fix a few function names on comments434eadclanguage: reject excessively large Accept-Language strings23407e7go.mod: ignore cyclic dependency for taggingb18d3ddsecure/precis: replace bytes.Compare with bytes.Equal795e854all: replace io/ioutil with io and os packageb0ca10finternal/language: bump script types to uint16 and update registryba9b0e1go.mod: update x/tools to HEAD- Additional commits viewable in compare view
Updates google.golang.org/grpc from 1.38.0 to 1.50.1
Release notes
Sourced from google.golang.org/grpc's releases.
Release 1.50.1
New Features
- gcp/observability: support new configuration defined in public preview user guide
Release 1.50.0
Behavior Changes
- client: use proper "@" semantics for connecting to abstract unix sockets. (#5678)
- This is technically a bug fix; the result is that the address was including a trailing NULL byte, which it should not have. This may break users creating the socket in Go by prefixing a NULL instead of an "@", though, so calling it out as a behavior change.
- Special Thanks:
@jachorNew Features
- metadata: add experimental
ValueFromIncomingContextto more efficiently retrieve a single value (#5596)
- Special Thanks:
@horpto- stats: provide peer information in
HandleConncontext (#5589)
- Special Thanks:
@feihu-stripe- xds: add support for Outlier Detection, enabled by default (#5435, #5673)
Bug Fixes
- client: fix deadlock in transport caused by GOAWAY racing with stream creation (#5652)
- This should only occur with an HTTP/2 server that does not follow best practices of an advisory GOAWAY (not a grpc-go server).
- xds/xdsclient: fix a bug which was causing routes with
cluster_specifier_pluginset to be NACKed when GRPC_EXPERIMENTAL_XDS_RLS_LB was off (#5670)- xds/xdsclient: NACK cluster resource if
config_source_specifierinlrs_serveris notself(#5613)- xds/ringhash: fix a bug which sometimes prevents the LB policy from retrying connection attempts (#5601)
- xds/ringhash: do nothing when asked to exit
IDLEinstead of falling back on the default channel behavior of connecting to all addresses (#5614)- xds/rls: fix a bug which was causing the channel to be stuck in
IDLE(#5656)- alts: fix a bug which was setting
WaitForReadyon handshaker service RPCs, thereby delaying fallback when required (#5620)- gcp/observability: fix End() to cleanup global state correctly (#5623)
Release 1.49.0
New Features
- gcp/observability: add support for Environment Variable
GRPC_CONFIG_OBSERVABILITY_JSON(#5525)- gcp/observability: add support for custom tags (#5565)
Behavior Changes
- server: reduce log level from Warning to Info for early connection establishment errors (#5524)
- Special Thanks:
@jpkrohlingBug Fixes
- client: fix race in flow control that could lead to unexpected EOF errors (#5494)
- client: fix a race that could cause RPCs to time out instead of failing more quickly with UNAVAILABLE (#5503)
- client & server: fix a panic caused by passing a
nilstats handler togrpc.WithStatsHandlerorgrpc.StatsHandler(#5543)- transport/server: fix a race that could cause a stray header to be sent (#5513)
- balancer: give precedence to
IDLEoverTRANSIENT_FAILUREwhen aggregating connectivity state (#5473)- xds/xdsclient: request correct resource name when user specifies a new style resource name with empty authority (#5488)
... (truncated)
Commits
4c776ecCherry-pick observability changes from master to v1.50.x and update version t...6576007Change version to 1.50.1-dev (#5686)c1d7d7aChange version to 1.50.0 (#5685)1451c62internal/transport: optimize grpc-message encoding/decoding (#5654)be4b63btest: minor test cleanup (#5679)d83070eChanged Outlier Detection Env Var to default true (#5673)54521b2client: remove trailing null from unix abstract socket address (#5678)36e4810orca: cleanup old code, and get grpc package to use new code (#5627)e8866a8build: harden GitHub Workflow permissions (#5660)8458251xdsclient: ignore routes with cluster_specifier_plugin when GRPC_EXPERIMENTAL...- Additional commits viewable in compare view
Updates google.golang.org/protobuf from 1.26.0 to 1.28.1
Updates gopkg.in/yaml.v3 from 3.0.0-20210107192922-496545a6307b to 3.0.0
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}