Bump go-getter to v2.2.1 #200
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nywilken
approved these changes
Aug 4, 2023
There was a problem hiding this comment.
Hi @zliang-akamai thanks for this contribution. The change looks good and is warranted. I'm approving but will not merge immediately as I would like to give the 0.5.1 release the weekend to see if any issues are reported. This will be part of the next release 0.5.2 shortly after the pausing period.
|
@nywilken Yep, no need to rush. Thank you for the review! |
nywilken
added
security
dependencies
jooola
referenced
this pull request
in hetznercloud/packer-plugin-hcloud
Nov 28, 2023
…123) [](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/hashicorp/packer-plugin-sdk](https://github.com/hashicorp/packer-plugin-sdk) | require | patch | `v0.5.1` -> `v0.5.2` | --- ### Release Notes <details> <summary>hashicorp/packer-plugin-sdk (github.com/hashicorp/packer-plugin-sdk)</summary> ### [`v0.5.2`](https://github.com/hashicorp/packer-plugin-sdk/releases/tag/v0.5.2) [Compare Source](https://github.com/hashicorp/packer-plugin-sdk/compare/v0.5.1...v0.5.2) <!-- Release notes generated using configuration in .github/release.yml at v0.5.2 --> #### Upgrade Notes Upgrading to this release may fail until you've applied one of the fixes documented in [packer-plugin-sdk#187](https://github.com/hashicorp/packer-plugin-sdk/issues/187#user-content-available-fixes). Consumers of the Packer plugin SDK require a replace directive within their plugin's go module file to point to a compatible version of go-cty. The replace directive subject to change in future releases can be applied by running the `packer-sdc fix` sub-command to apply the replace directive to your plugin with a recommended version of the go-cty fork. Plugins already working with Packer Plugin SDK v0.5.1 are advised to apply the updated SDK fixes by re-running `packer-sdc fix` against the plugin's root directory. The updated SDK fixes will bump the supported version of the go-cty fork to v1.13.3, which is required for working with hcl/v2 version 2.17.0 and above. - **Bumped github.com/zclconf/go-cty to v1.13.1**: to bring in the latest supported changes of zclconf/go-cty and hashicorp/hcl/v2 to the SDK. - **Bumped github.com/hashicorp/hcl/v2 to v2.19.1**: to bring in support for the latest HCL/v2 refinements builder and enhancements. Refinements are non-breaking changes but you may see some changed results in your unit test of operations involving unknown values. - **Updated `packer-sdc fix`**: to upgrade the replace version for github.com/nywilken/go-cty from v1.12.1 to v1.13.3. #### What's Changed ##### Exciting New Features 🎉 - Add capability to specify additional build args to be executed when running acceptance tests against builders by [@​lbajolet-hashicorp](https://github.com/lbajolet-hashicorp) in [https://github.com/hashicorp/packer-plugin-sdk/pull/202](https://github.com/hashicorp/packer-plugin-sdk/pull/202) - Bump supported version of go-cty to v1.13.3 by [@​nywilken](https://github.com/nywilken) in [https://github.com/hashicorp/packer-plugin-sdk/pull/215](https://github.com/hashicorp/packer-plugin-sdk/pull/215) ##### Security Changes - Bump go-getter to v2.2.1 by [@​zliang-akamai](https://github.com/zliang-akamai) in [https://github.com/hashicorp/packer-plugin-sdk/pull/200](https://github.com/hashicorp/packer-plugin-sdk/pull/200) - Address reported CVEs along with Go toolchain vulnerabilities by [@​nywilken](https://github.com/nywilken) in [https://github.com/hashicorp/packer-plugin-sdk/pull/208](https://github.com/hashicorp/packer-plugin-sdk/pull/208), [https://github.com/hashicorp/packer-plugin-sdk/pull/213](https://github.com/hashicorp/packer-plugin-sdk/pull/213) ##### Bug Fixes🧑🔧 🐞 - Fix issue where packer-sdc mapstructure-to-hcl was incorrectly mixing underlying structs for types with similar mapstructure tags by [@​nywilken](https://github.com/nywilken) in [https://github.com/hashicorp/packer-plugin-sdk/pull/212](https://github.com/hashicorp/packer-plugin-sdk/pull/212) - hcl2helper: preemptively panic on nil hcl spec by [@​lbajolet-hashicorp](https://github.com/lbajolet-hashicorp) in [https://github.com/hashicorp/packer-plugin-sdk/pull/204](https://github.com/hashicorp/packer-plugin-sdk/pull/204) ##### Other Changes - packer-sdc/struct-markdown: Allow packer-internal as project directory for testing purposes by [@​nywilken](https://github.com/nywilken) in [https://github.com/hashicorp/packer-plugin-sdk/pull/218](https://github.com/hashicorp/packer-plugin-sdk/pull/218) #### New Contributors - [@​zliang-akamai](https://github.com/zliang-akamai) made their first contribution in [https://github.com/hashicorp/packer-plugin-sdk/pull/200](https://github.com/hashicorp/packer-plugin-sdk/pull/200) **Full Changelog**: hashicorp/packer-plugin-sdk@v0.5.1...v0.5.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/hetznercloud/packer-plugin-hcloud). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy41OS44IiwidXBkYXRlZEluVmVyIjoiMzcuNTkuOCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: jo <ljonas@riseup.net>
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
v2.2.0 always trigger our antivirus alert...
And it was fixed in v2.2.1 via hashicorp/go-getter#425