diff --git a/.github/workflows/build-oci.yaml b/.github/workflows/build-oci.yaml index 8896d8d59..82ada5c22 100644 --- a/.github/workflows/build-oci.yaml +++ b/.github/workflows/build-oci.yaml @@ -78,7 +78,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Download mapt oci flatten images - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: mapt-* - name: copy both artifacts into single directory @@ -100,7 +100,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Download mapt oci flatten images - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: mapt-* diff --git a/.github/workflows/push-oci-pr.yml b/.github/workflows/push-oci-pr.yml index e171b2ac6..bf0482f4d 100644 --- a/.github/workflows/push-oci-pr.yml +++ b/.github/workflows/push-oci-pr.yml @@ -35,7 +35,7 @@ jobs: packages: write steps: - name: Download mapt assets - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: run-id: ${{ github.event.workflow_run.id }} github-token: ${{ github.token }} diff --git a/Makefile b/Makefile index 446dd7c00..f65666566 100644 --- a/Makefile +++ b/Makefile @@ -7,7 +7,7 @@ TKN_IMG ?= quay.io/redhat-developer/mapt:v${VERSION}-tkn # Integrations # renovate: datasource=github-releases depName=cirruslabs/cirrus-cli -CIRRUS_CLI ?= v0.165.0 +CIRRUS_CLI ?= v0.165.2 # renovate: datasource=github-releases depName=actions/runner GITHUB_RUNNER ?= 2.332.0 # renovate: datasource=gitlab-releases depName=gitlab-org/gitlab-runner diff --git a/go.mod b/go.mod index 4cedd2830..c159b3532 100644 --- a/go.mod +++ b/go.mod @@ -18,11 +18,11 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resourcegraph/armresourcegraph v0.9.0 github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.2.0 github.com/aws/amazon-ec2-instance-selector/v3 v3.1.3 - github.com/aws/aws-sdk-go-v2 v1.41.3 - github.com/aws/aws-sdk-go-v2/config v1.32.11 - github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.0 + github.com/aws/aws-sdk-go-v2 v1.41.4 + github.com/aws/aws-sdk-go-v2/config v1.32.12 + github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.1 github.com/aws/aws-sdk-go-v2/service/s3 v1.96.4 - github.com/aws/aws-sdk-go-v2/service/sts v1.41.8 + github.com/aws/aws-sdk-go-v2/service/sts v1.41.9 github.com/pulumi/pulumi-aws-native/sdk v1.57.0 github.com/pulumi/pulumi-aws/sdk/v7 v7.21.0 github.com/pulumi/pulumi-awsx/sdk/v3 v3.3.0 @@ -47,15 +47,15 @@ require ( github.com/leodido/go-urn v1.4.0 // indirect github.com/pgavlin/fx/v2 v2.0.12 // indirect github.com/pulumi/pulumi-azure-native-sdk/v3 v3.15.0 // indirect - github.com/pulumi/pulumi-docker/sdk/v4 v4.11.0 // indirect + github.com/pulumi/pulumi-docker/sdk/v4 v4.11.1 // indirect ) require ( - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.6 // indirect - github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.20 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.11 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.19 // indirect - github.com/aws/aws-sdk-go-v2/service/pricing v1.40.13 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.7 // indirect + github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.21 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.12 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.20 // indirect + github.com/aws/aws-sdk-go-v2/service/pricing v1.40.14 // indirect github.com/blang/semver/v4 v4.0.0 // indirect github.com/evertras/bubble-table v0.19.2 // indirect github.com/hashicorp/hcl/v2 v2.24.0 // indirect @@ -78,23 +78,23 @@ require ( github.com/agext/levenshtein v1.2.3 // indirect github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect github.com/atotto/clipboard v0.1.4 // indirect - github.com/aws/aws-sdk-go-v2/credentials v1.19.11 // indirect - github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.19 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19 // indirect - github.com/aws/aws-sdk-go-v2/internal/ini v1.8.5 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6 // indirect - github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19 // indirect - github.com/aws/aws-sdk-go-v2/service/signin v1.0.7 // indirect - github.com/aws/aws-sdk-go-v2/service/sso v1.30.12 // indirect - github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.16 // indirect + github.com/aws/aws-sdk-go-v2/credentials v1.19.12 // indirect + github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.20 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.20 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.20 // indirect + github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7 // indirect + github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.20 // indirect + github.com/aws/aws-sdk-go-v2/service/signin v1.0.8 // indirect + github.com/aws/aws-sdk-go-v2/service/sso v1.30.13 // indirect + github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.17 // indirect github.com/aws/smithy-go v1.24.2 // indirect github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect github.com/cenkalti/backoff/v5 v5.0.3 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/charmbracelet/bubbles v1.0.0 // indirect github.com/charmbracelet/bubbletea v1.3.10 // indirect - github.com/charmbracelet/colorprofile v0.4.2 // indirect + github.com/charmbracelet/colorprofile v0.4.3 // indirect github.com/charmbracelet/lipgloss v1.1.0 // indirect github.com/charmbracelet/x/ansi v0.11.6 // indirect github.com/charmbracelet/x/cellbuf v0.0.15 // indirect @@ -178,9 +178,9 @@ require ( require ( github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armsubscriptions v1.3.0 github.com/Microsoft/go-winio v0.6.2 // indirect - github.com/ProtonMail/go-crypto v1.4.0 // indirect + github.com/ProtonMail/go-crypto v1.4.1 // indirect github.com/aws/aws-sdk-go-v2/service/ecs v1.73.1 - github.com/aws/aws-sdk-go-v2/service/iam v1.53.4 + github.com/aws/aws-sdk-go-v2/service/iam v1.53.6 github.com/blang/semver v3.5.1+incompatible // indirect github.com/cheggaaa/pb v1.0.29 // indirect github.com/djherbis/times v1.6.0 // indirect @@ -220,7 +220,7 @@ require ( golang.org/x/sys v0.42.0 // indirect golang.org/x/term v0.40.0 // indirect golang.org/x/text v0.34.0 // indirect - google.golang.org/grpc v1.79.2 // indirect + google.golang.org/grpc v1.79.3 // indirect google.golang.org/protobuf v1.36.11 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect diff --git a/go.sum b/go.sum index 9a832a22a..ef7580a1f 100644 --- a/go.sum +++ b/go.sum @@ -37,8 +37,8 @@ github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXY github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY= github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY= github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU= -github.com/ProtonMail/go-crypto v1.4.0 h1:Zq/pbM3F5DFgJiMouxEdSVY44MVoQNEKp5d5QxIQceQ= -github.com/ProtonMail/go-crypto v1.4.0/go.mod h1:e1OaTyu5SYVrO9gKOEhTc+5UcXtTUa+P3uLudwcgPqo= +github.com/ProtonMail/go-crypto v1.4.1 h1:9RfcZHqEQUvP8RzecWEUafnZVtEvrBVL9BiF67IQOfM= +github.com/ProtonMail/go-crypto v1.4.1/go.mod h1:e1OaTyu5SYVrO9gKOEhTc+5UcXtTUa+P3uLudwcgPqo= github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo= github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558= github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8= @@ -51,50 +51,50 @@ github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI= github.com/aws/amazon-ec2-instance-selector/v3 v3.1.3 h1:13qtG4reL2+2UiCm2U7gM9QJthDO8hPPzvn7hTjHask= github.com/aws/amazon-ec2-instance-selector/v3 v3.1.3/go.mod h1:wdlMRtz9G4IO6H1yZPsqfGBxR8E6B/bdxHlGkls4kGQ= -github.com/aws/aws-sdk-go-v2 v1.41.3 h1:4kQ/fa22KjDt13QCy1+bYADvdgcxpfH18f0zP542kZA= -github.com/aws/aws-sdk-go-v2 v1.41.3/go.mod h1:mwsPRE8ceUUpiTgF7QmQIJ7lgsKUPQOUl3o72QBrE1o= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.6 h1:N4lRUXZpZ1KVEUn6hxtco/1d2lgYhNn1fHkkl8WhlyQ= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.6/go.mod h1:lyw7GFp3qENLh7kwzf7iMzAxDn+NzjXEAGjKS2UOKqI= -github.com/aws/aws-sdk-go-v2/config v1.32.11 h1:ftxI5sgz8jZkckuUHXfC/wMUc8u3fG1vQS0plr2F2Zs= -github.com/aws/aws-sdk-go-v2/config v1.32.11/go.mod h1:twF11+6ps9aNRKEDimksp923o44w/Thk9+8YIlzWMmo= -github.com/aws/aws-sdk-go-v2/credentials v1.19.11 h1:NdV8cwCcAXrCWyxArt58BrvZJ9pZ9Fhf9w6Uh5W3Uyc= -github.com/aws/aws-sdk-go-v2/credentials v1.19.11/go.mod h1:30yY2zqkMPdrvxBqzI9xQCM+WrlrZKSOpSJEsylVU+8= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.19 h1:INUvJxmhdEbVulJYHI061k4TVuS3jzzthNvjqvVvTKM= -github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.19/go.mod h1:FpZN2QISLdEBWkayloda+sZjVJL+e9Gl0k1SyTgcswU= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19 h1:/sECfyq2JTifMI2JPyZ4bdRN77zJmr6SrS1eL3augIA= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19/go.mod h1:dMf8A5oAqr9/oxOfLkC/c2LU/uMcALP0Rgn2BD5LWn0= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19 h1:AWeJMk33GTBf6J20XJe6qZoRSJo0WfUhsMdUKhoODXE= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19/go.mod h1:+GWrYoaAsV7/4pNHpwh1kiNLXkKaSoppxQq9lbH8Ejw= -github.com/aws/aws-sdk-go-v2/internal/ini v1.8.5 h1:clHU5fm//kWS1C2HgtgWxfQbFbx4b6rx+5jzhgX9HrI= -github.com/aws/aws-sdk-go-v2/internal/ini v1.8.5/go.mod h1:O3h0IK87yXci+kg6flUKzJnWeziQUKciKrLjcatSNcY= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.20 h1:qi3e/dmpdONhj1RyIZdi6DKKpDXS5Lb8ftr3p7cyHJc= -github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.20/go.mod h1:V1K+TeJVD5JOk3D9e5tsX2KUdL7BlB+FV6cBhdobN8c= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.0 h1:776KnBqePBBR6zEDi0bUIHXzUBOISa2WgAKEgckUF8M= -github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.0/go.mod h1:rB577GvkmJADVOFGY8/j9sPv/ewcsEtQNsd9Lrn7Zx0= +github.com/aws/aws-sdk-go-v2 v1.41.4 h1:10f50G7WyU02T56ox1wWXq+zTX9I1zxG46HYuG1hH/k= +github.com/aws/aws-sdk-go-v2 v1.41.4/go.mod h1:mwsPRE8ceUUpiTgF7QmQIJ7lgsKUPQOUl3o72QBrE1o= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.7 h1:3kGOqnh1pPeddVa/E37XNTaWJ8W6vrbYV9lJEkCnhuY= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.7/go.mod h1:lyw7GFp3qENLh7kwzf7iMzAxDn+NzjXEAGjKS2UOKqI= +github.com/aws/aws-sdk-go-v2/config v1.32.12 h1:O3csC7HUGn2895eNrLytOJQdoL2xyJy0iYXhoZ1OmP0= +github.com/aws/aws-sdk-go-v2/config v1.32.12/go.mod h1:96zTvoOFR4FURjI+/5wY1vc1ABceROO4lWgWJuxgy0g= +github.com/aws/aws-sdk-go-v2/credentials v1.19.12 h1:oqtA6v+y5fZg//tcTWahyN9PEn5eDU/Wpvc2+kJ4aY8= +github.com/aws/aws-sdk-go-v2/credentials v1.19.12/go.mod h1:U3R1RtSHx6NB0DvEQFGyf/0sbrpJrluENHdPy1j/3TE= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.20 h1:zOgq3uezl5nznfoK3ODuqbhVg1JzAGDUhXOsU0IDCAo= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.20/go.mod h1:z/MVwUARehy6GAg/yQ1GO2IMl0k++cu1ohP9zo887wE= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.20 h1:CNXO7mvgThFGqOFgbNAP2nol2qAWBOGfqR/7tQlvLmc= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.20/go.mod h1:oydPDJKcfMhgfcgBUZaG+toBbwy8yPWubJXBVERtI4o= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.20 h1:tN6W/hg+pkM+tf9XDkWUbDEjGLb+raoBMFsTodcoYKw= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.20/go.mod h1:YJ898MhD067hSHA6xYCx5ts/jEd8BSOLtQDL3iZsvbc= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6 h1:qYQ4pzQ2Oz6WpQ8T3HvGHnZydA72MnLuFK9tJwmrbHw= +github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6/go.mod h1:O3h0IK87yXci+kg6flUKzJnWeziQUKciKrLjcatSNcY= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.21 h1:SwGMTMLIlvDNyhMteQ6r8IJSBPlRdXX5d4idhIGbkXA= +github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.21/go.mod h1:UUxgWxofmOdAMuqEsSppbDtGKLfR04HGsD0HXzvhI1k= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.1 h1:c2BbWVkQ0hVqls6SruYCRxfN5W46qvL+hIg7VLhXpg8= +github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.1/go.mod h1:T6ndRfdhnXLIY5oKBHjYZDVj706los2zGdpThppquvA= github.com/aws/aws-sdk-go-v2/service/ecs v1.73.1 h1:TSmcWx+RzhGJrPNoFkuqANafJQ7xY3W2UBg6ShN3ae8= github.com/aws/aws-sdk-go-v2/service/ecs v1.73.1/go.mod h1:KWILGx+bRowcGyJU/va2Ift48c658blP5e1qvldnIRE= -github.com/aws/aws-sdk-go-v2/service/iam v1.53.4 h1:FUWGS7m97SYL0bk9Kb+Q4bVpcSrKOHNiIbEXIRFTRW4= -github.com/aws/aws-sdk-go-v2/service/iam v1.53.4/go.mod h1:seDE466zJ4haVuAVcRk+yIH4DWb3s6cqt3Od8GxnGAA= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6 h1:XAq62tBTJP/85lFD5oqOOe7YYgWxY9LvWq8plyDvDVg= -github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6/go.mod h1:x0nZssQ3qZSnIcePWLvcoFisRXJzcTVvYpAAdYX8+GI= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.11 h1:BYf7XNsJMzl4mObARUBUib+j2tf0U//JAAtTnYqvqCw= -github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.11/go.mod h1:aEUS4WrNk/+FxkBZZa7tVgp4pGH+kFGW40Y8rCPqt5g= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19 h1:X1Tow7suZk9UCJHE1Iw9GMZJJl0dAnKXXP1NaSDHwmw= -github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19/go.mod h1:/rARO8psX+4sfjUQXp5LLifjUt8DuATZ31WptNJTyQA= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.19 h1:JnQeStZvPHFHeyky/7LbMlyQjUa+jIBj36OlWm0pzIk= -github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.19/go.mod h1:HGyasyHvYdFQeJhvDHfH7HXkHh57htcJGKDZ+7z+I24= -github.com/aws/aws-sdk-go-v2/service/pricing v1.40.13 h1:zuo2FmpYZfANk5REBqD8OaEoDR+p28WDm799D3ySqUY= -github.com/aws/aws-sdk-go-v2/service/pricing v1.40.13/go.mod h1:sVKRpoK0drDqf/V7cSBMu0xL/dV3YTNKtRbfF+u5hDA= +github.com/aws/aws-sdk-go-v2/service/iam v1.53.6 h1:GPQvvxy8+FDnD9xKYzGKJMjIm5xkVM5pd3bFgRldNSo= +github.com/aws/aws-sdk-go-v2/service/iam v1.53.6/go.mod h1:RJNVc52A0K41fCDJOnsCLeWJf8mwa0q30fM3CfE9U18= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7 h1:5EniKhLZe4xzL7a+fU3C2tfUN4nWIqlLesfrjkuPFTY= +github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7/go.mod h1:x0nZssQ3qZSnIcePWLvcoFisRXJzcTVvYpAAdYX8+GI= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.12 h1:qtJZ70afD3ISKWnoX3xB0J2otEqu3LqicRcDBqsj0hQ= +github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.12/go.mod h1:v2pNpJbRNl4vEUWEh5ytQok0zACAKfdmKS51Hotc3pQ= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.20 h1:2HvVAIq+YqgGotK6EkMf+KIEqTISmTYh5zLpYyeTo1Y= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.20/go.mod h1:V4X406Y666khGa8ghKmphma/7C0DAtEQYhkq9z4vpbk= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.20 h1:siU1A6xjUZ2N8zjTHSXFhB9L/2OY8Dqs0xXiLjF30jA= +github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.20/go.mod h1:4TLZCmVJDM3FOu5P5TJP0zOlu9zWgDWU7aUxWbr+rcw= +github.com/aws/aws-sdk-go-v2/service/pricing v1.40.14 h1:Z3GB0K5jp4NA7h8jF+47NpMFEcEhk2cC/3cp+sNVnZI= +github.com/aws/aws-sdk-go-v2/service/pricing v1.40.14/go.mod h1:kIKQg3oQXFIQhLS0VHI1oCdml2mApKG9cSgfVPrYuY4= github.com/aws/aws-sdk-go-v2/service/s3 v1.96.4 h1:4ExZyubQ6LQQVuF2Qp9OsfEvsTdAWh5Gfwf6PgIdLdk= github.com/aws/aws-sdk-go-v2/service/s3 v1.96.4/go.mod h1:NF3JcMGOiARAss1ld3WGORCw71+4ExDD2cbbdKS5PpA= -github.com/aws/aws-sdk-go-v2/service/signin v1.0.7 h1:Y2cAXlClHsXkkOvWZFXATr34b0hxxloeQu/pAZz2row= -github.com/aws/aws-sdk-go-v2/service/signin v1.0.7/go.mod h1:idzZ7gmDeqeNrSPkdbtMp9qWMgcBwykA7P7Rzh5DXVU= -github.com/aws/aws-sdk-go-v2/service/sso v1.30.12 h1:iSsvB9EtQ09YrsmIc44Heqlx5ByGErqhPK1ZQLppias= -github.com/aws/aws-sdk-go-v2/service/sso v1.30.12/go.mod h1:fEWYKTRGoZNl8tZ77i61/ccwOMJdGxwOhWCkp6TXAr0= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.16 h1:EnUdUqRP1CNzt2DkV67tJx6XDN4xlfBFm+bzeNOQVb0= -github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.16/go.mod h1:Jic/xv0Rq/pFNCh3WwpH4BEqdbSAl+IyHro8LbibHD8= -github.com/aws/aws-sdk-go-v2/service/sts v1.41.8 h1:XQTQTF75vnug2TXS8m7CVJfC2nniYPZnO1D4Np761Oo= -github.com/aws/aws-sdk-go-v2/service/sts v1.41.8/go.mod h1:Xgx+PR1NUOjNmQY+tRMnouRp83JRM8pRMw/vCaVhPkI= +github.com/aws/aws-sdk-go-v2/service/signin v1.0.8 h1:0GFOLzEbOyZABS3PhYfBIx2rNBACYcKty+XGkTgw1ow= +github.com/aws/aws-sdk-go-v2/service/signin v1.0.8/go.mod h1:LXypKvk85AROkKhOG6/YEcHFPoX+prKTowKnVdcaIxE= +github.com/aws/aws-sdk-go-v2/service/sso v1.30.13 h1:kiIDLZ005EcKomYYITtfsjn7dtOwHDOFy7IbPXKek2o= +github.com/aws/aws-sdk-go-v2/service/sso v1.30.13/go.mod h1:2h/xGEowcW/g38g06g3KpRWDlT+OTfxxI0o1KqayAB8= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.17 h1:jzKAXIlhZhJbnYwHbvUQZEB8KfgAEuG0dc08Bkda7NU= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.17/go.mod h1:Al9fFsXjv4KfbzQHGe6V4NZSZQXecFcvaIF4e70FoRA= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.9 h1:Cng+OOwCHmFljXIxpEVXAGMnBia8MSU6Ch5i9PgBkcU= +github.com/aws/aws-sdk-go-v2/service/sts v1.41.9/go.mod h1:LrlIndBDdjA/EeXeyNBle+gyCwTlizzW5ycgWnvIxkk= github.com/aws/smithy-go v1.24.2 h1:FzA3bu/nt/vDvmnkg+R8Xl46gmzEDam6mZ1hzmwXFng= github.com/aws/smithy-go v1.24.2/go.mod h1:YE2RhdIuDbA5E5bTdciG9KrW3+TiEONeUWCqxX9i1Fc= github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k= @@ -114,8 +114,8 @@ github.com/charmbracelet/bubbles v1.0.0 h1:12J8/ak/uCZEMQ6KU7pcfwceyjLlWsDLAxB5f github.com/charmbracelet/bubbles v1.0.0/go.mod h1:9d/Zd5GdnauMI5ivUIVisuEm3ave1XwXtD1ckyV6r3E= github.com/charmbracelet/bubbletea v1.3.10 h1:otUDHWMMzQSB0Pkc87rm691KZ3SWa4KUlvF9nRvCICw= github.com/charmbracelet/bubbletea v1.3.10/go.mod h1:ORQfo0fk8U+po9VaNvnV95UPWA1BitP1E0N6xJPlHr4= -github.com/charmbracelet/colorprofile v0.4.2 h1:BdSNuMjRbotnxHSfxy+PCSa4xAmz7szw70ktAtWRYrY= -github.com/charmbracelet/colorprofile v0.4.2/go.mod h1:0rTi81QpwDElInthtrQ6Ni7cG0sDtwAd4C4le060fT8= +github.com/charmbracelet/colorprofile v0.4.3 h1:QPa1IWkYI+AOB+fE+mg/5/4HRMZcaXex9t5KX76i20Q= +github.com/charmbracelet/colorprofile v0.4.3/go.mod h1:/zT4BhpD5aGFpqQQqw7a+VtHCzu+zrQtt1zhMt9mR4Q= github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY= github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30= github.com/charmbracelet/x/ansi v0.11.6 h1:GhV21SiDz/45W9AnV2R61xZMRri5NlLnl6CVF7ihZW8= @@ -360,8 +360,8 @@ github.com/pulumi/pulumi-command/sdk v1.2.1 h1:mAziZ91a/9U+5IjZH5Skcar80OSmpBSYl github.com/pulumi/pulumi-command/sdk v1.2.1/go.mod h1:hQxv9DXg6bFjcd9BEiNdMImQ/V1rnC9D115q5VXYNps= github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.15 h1:K6F/3o44gGj+ljRS4spCGvAXMSwECHITjaCccfjXNyE= github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild v0.0.15/go.mod h1:cZyHs6q34kbQZJYaBjWUJhPsgwUFoL6xyjo7sRqBcv4= -github.com/pulumi/pulumi-docker/sdk/v4 v4.11.0 h1:I8nJlJcQQiMs0njR1/CvXWk2y0dzhwSXIW62xuVaZQc= -github.com/pulumi/pulumi-docker/sdk/v4 v4.11.0/go.mod h1:TbjBDNYFkMGmDZdrV6grRy+7AADkGLTcPjLHY9gh8dg= +github.com/pulumi/pulumi-docker/sdk/v4 v4.11.1 h1:ZLhod/vxak+FxWn3GZIWgWpVyp7nhH0JuN7yb7z6RK4= +github.com/pulumi/pulumi-docker/sdk/v4 v4.11.1/go.mod h1:Y0BR/VxVVDTtjgXLdMNZAy6g5S/DBwd677AQS1kyv54= github.com/pulumi/pulumi-gitlab/sdk/v8 v8.11.0 h1:nR406lhXeltZVfLXH8E4J5JetflNZePBgXz2eyHT7RM= github.com/pulumi/pulumi-gitlab/sdk/v8 v8.11.0/go.mod h1:TU9R5gbZHqe1iJ054UW3ygPU8PxQcOi4J2n/YsnTviE= github.com/pulumi/pulumi-kubernetes/sdk/v4 v4.27.0 h1:l33vcOD62jlEIiD/POknlKrVF4JG2ZV87khzavYwkR0= @@ -548,8 +548,8 @@ google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171 h1: google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171/go.mod h1:M5krXqk4GhBKvB596udGL3UyjL4I1+cTbK0orROM9ng= google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 h1:ggcbiqK8WWh6l1dnltU4BgWGIGo+EVYxCaAPih/zQXQ= google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8= -google.golang.org/grpc v1.79.2 h1:fRMD94s2tITpyJGtBBn7MkMseNpOZU8ZxgC3MMBaXRU= -google.golang.org/grpc v1.79.2/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ= +google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE= +google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ= google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE= google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/tools/go.mod b/tools/go.mod index 8f5f43214..6248d9271 100644 --- a/tools/go.mod +++ b/tools/go.mod @@ -2,7 +2,7 @@ module github.com/redhat-developer/mapt/tools go 1.25.0 -require github.com/golangci/golangci-lint/v2 v2.11.2 +require github.com/golangci/golangci-lint/v2 v2.11.3 require ( github.com/charmbracelet/x/cellbuf v0.0.15 // indirect @@ -67,7 +67,7 @@ require ( github.com/ccojocar/zxcvbn-go v1.0.4 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/charithe/durationcheck v0.0.11 // indirect - github.com/charmbracelet/colorprofile v0.4.2 // indirect + github.com/charmbracelet/colorprofile v0.4.3 // indirect github.com/charmbracelet/lipgloss v1.1.0 // indirect github.com/charmbracelet/x/ansi v0.11.6 // indirect github.com/charmbracelet/x/term v0.2.2 // indirect @@ -171,10 +171,10 @@ require ( github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 // indirect github.com/sashamelentyev/interfacebloat v1.1.0 // indirect github.com/sashamelentyev/usestdlibvars v1.29.0 // indirect - github.com/securego/gosec/v2 v2.24.7 // indirect + github.com/securego/gosec/v2 v2.24.8-0.20260309165252-619ce2117e08 // indirect github.com/sirupsen/logrus v1.9.4 // indirect github.com/sivchari/containedctx v1.0.3 // indirect - github.com/sonatard/noctx v0.5.0 // indirect + github.com/sonatard/noctx v0.5.1 // indirect github.com/sourcegraph/go-diff v0.7.0 // indirect github.com/spf13/afero v1.15.0 // indirect github.com/spf13/cast v1.10.0 // indirect diff --git a/tools/go.sum b/tools/go.sum index 48fd00e8c..c38c8266e 100644 --- a/tools/go.sum +++ b/tools/go.sum @@ -84,8 +84,8 @@ github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UF github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/charithe/durationcheck v0.0.11 h1:g1/EX1eIiKS57NTWsYtHDZ/APfeXKhye1DidBcABctk= github.com/charithe/durationcheck v0.0.11/go.mod h1:x5iZaixRNl8ctbM+3B2RrPG5t856TxRyVQEnbIEM2X4= -github.com/charmbracelet/colorprofile v0.4.2 h1:BdSNuMjRbotnxHSfxy+PCSa4xAmz7szw70ktAtWRYrY= -github.com/charmbracelet/colorprofile v0.4.2/go.mod h1:0rTi81QpwDElInthtrQ6Ni7cG0sDtwAd4C4le060fT8= +github.com/charmbracelet/colorprofile v0.4.3 h1:QPa1IWkYI+AOB+fE+mg/5/4HRMZcaXex9t5KX76i20Q= +github.com/charmbracelet/colorprofile v0.4.3/go.mod h1:/zT4BhpD5aGFpqQQqw7a+VtHCzu+zrQtt1zhMt9mR4Q= github.com/charmbracelet/lipgloss v1.1.0 h1:vYXsiLHVkK7fp74RkV7b2kq9+zDLoEU4MZoFqR/noCY= github.com/charmbracelet/lipgloss v1.1.0/go.mod h1:/6Q8FR2o+kj8rz4Dq0zQc3vYf7X+B0binUUBwA0aL30= github.com/charmbracelet/x/ansi v0.11.6 h1:GhV21SiDz/45W9AnV2R61xZMRri5NlLnl6CVF7ihZW8= @@ -177,8 +177,8 @@ github.com/golangci/go-printf-func-name v0.1.1 h1:hIYTFJqAGp1iwoIfsNTpoq1xZAarog github.com/golangci/go-printf-func-name v0.1.1/go.mod h1:Es64MpWEZbh0UBtTAICOZiB+miW53w/K9Or/4QogJss= github.com/golangci/gofmt v0.0.0-20250106114630-d62b90e6713d h1:viFft9sS/dxoYY0aiOTsLKO2aZQAPT4nlQCsimGcSGE= github.com/golangci/gofmt v0.0.0-20250106114630-d62b90e6713d/go.mod h1:ivJ9QDg0XucIkmwhzCDsqcnxxlDStoTl89jDMIoNxKY= -github.com/golangci/golangci-lint/v2 v2.11.2 h1:4Icd3mEqthcFcFww8L67OBtfKB/obXxko8aFUMqP/5w= -github.com/golangci/golangci-lint/v2 v2.11.2/go.mod h1:wexdFBIQNhHNhDe1oqzlGFE5dYUqlfccWJKWjoWF1GI= +github.com/golangci/golangci-lint/v2 v2.11.3 h1:ySX1GtLwlwOEzcLKJifI/aIVesrcHDno+5mrro8rWes= +github.com/golangci/golangci-lint/v2 v2.11.3/go.mod h1:HmDEVZuxz77cNLumPfNNHAFyMX/b7IbA0tpmAbwiVfo= github.com/golangci/golines v0.15.0 h1:Qnph25g8Y1c5fdo1X7GaRDGgnMHgnxh4Gk4VfPTtRx0= github.com/golangci/golines v0.15.0/go.mod h1:AZjXd23tbHMpowhtnGlj9KCNsysj72aeZVVHnVcZx10= github.com/golangci/misspell v0.8.0 h1:qvxQhiE2/5z+BVRo1kwYA8yGz+lOlu5Jfvtx2b04Jbg= @@ -357,8 +357,8 @@ github.com/sashamelentyev/interfacebloat v1.1.0 h1:xdRdJp0irL086OyW1H/RTZTr1h/tM github.com/sashamelentyev/interfacebloat v1.1.0/go.mod h1:+Y9yU5YdTkrNvoX0xHc84dxiN1iBi9+G8zZIhPVoNjQ= github.com/sashamelentyev/usestdlibvars v1.29.0 h1:8J0MoRrw4/NAXtjQqTHrbW9NN+3iMf7Knkq057v4XOQ= github.com/sashamelentyev/usestdlibvars v1.29.0/go.mod h1:8PpnjHMk5VdeWlVb4wCdrB8PNbLqZ3wBZTZWkrpZZL8= -github.com/securego/gosec/v2 v2.24.7 h1:3k5yJnrhT1TTdsG0ZsnenlfCcT+7Y/+zeCPHbL7QAn8= -github.com/securego/gosec/v2 v2.24.7/go.mod h1:AdDJbjcG/XxFgVv7pW19vMNYlFM6+Q6Qy3t6lWAUcEY= +github.com/securego/gosec/v2 v2.24.8-0.20260309165252-619ce2117e08 h1:AoLtJX4WUtZkhhUUMFy3GgecAALp/Mb4S1iyQOA2s0U= +github.com/securego/gosec/v2 v2.24.8-0.20260309165252-619ce2117e08/go.mod h1:+XLCJiRE95ga77XInNELh2M6zQP+PdqiT9Zpm0D9Wpk= github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ= github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/shurcooL/go v0.0.0-20180423040247-9e1955d9fb6e/go.mod h1:TDJrrUr11Vxrven61rcy3hJMUqaf/CLWYhHNPmT14Lk= @@ -367,8 +367,8 @@ github.com/sirupsen/logrus v1.9.4 h1:TsZE7l11zFCLZnZ+teH4Umoq5BhEIfIzfRDZ1Uzql2w github.com/sirupsen/logrus v1.9.4/go.mod h1:ftWc9WdOfJ0a92nsE2jF5u5ZwH8Bv2zdeOC42RjbV2g= github.com/sivchari/containedctx v1.0.3 h1:x+etemjbsh2fB5ewm5FeLNi5bUjK0V8n0RB+Wwfd0XE= github.com/sivchari/containedctx v1.0.3/go.mod h1:c1RDvCbnJLtH4lLcYD/GqwiBSSf4F5Qk0xld2rBqzJ4= -github.com/sonatard/noctx v0.5.0 h1:e/jdaqAsuWVOKQ0P6NWiIdDNHmHT5SwuuSfojFjzwrw= -github.com/sonatard/noctx v0.5.0/go.mod h1:64XdbzFb18XL4LporKXp8poqZtPKbCrqQ402CV+kJas= +github.com/sonatard/noctx v0.5.1 h1:wklWg9c9ZYugOAk7qG4yP4PBrlQsmSLPTvW1K4PRQMs= +github.com/sonatard/noctx v0.5.1/go.mod h1:64XdbzFb18XL4LporKXp8poqZtPKbCrqQ402CV+kJas= github.com/sourcegraph/go-diff v0.7.0 h1:9uLlrd5T46OXs5qpp8L/MTltk0zikUGi0sNNyCpA8G0= github.com/sourcegraph/go-diff v0.7.0/go.mod h1:iBszgVvyxdc8SFZ7gm69go2KDdt3ag071iBaWPF6cjs= github.com/spf13/afero v1.15.0 h1:b/YBCLWAJdFWJTN9cLhiXXcD7mzKn9Dm86dNnfyQw1I= diff --git a/tools/vendor/github.com/charmbracelet/colorprofile/writer.go b/tools/vendor/github.com/charmbracelet/colorprofile/writer.go index 1a88e2b7b..c96e61a95 100644 --- a/tools/vendor/github.com/charmbracelet/colorprofile/writer.go +++ b/tools/vendor/github.com/charmbracelet/colorprofile/writer.go @@ -40,9 +40,11 @@ func (w *Writer) Write(p []byte) (int, error) { case w.Profile == TrueColor: return w.Forward.Write(p) //nolint:wrapcheck case w.Profile <= NoTTY: - return io.WriteString(w.Forward, ansi.Strip(string(p))) //nolint:wrapcheck + _, err := io.WriteString(w.Forward, ansi.Strip(string(p))) + return len(p), err case w.Profile == ASCII, w.Profile == ANSI, w.Profile == ANSI256: - return w.downsample(p) + _, err := w.downsample(p) + return len(p), err default: return 0, fmt.Errorf("invalid profile: %v", w.Profile) } diff --git a/tools/vendor/github.com/securego/gosec/v2/README.md b/tools/vendor/github.com/securego/gosec/v2/README.md index 89c268a94..6f6d27d12 100644 --- a/tools/vendor/github.com/securego/gosec/v2/README.md +++ b/tools/vendor/github.com/securego/gosec/v2/README.md @@ -3,9 +3,6 @@ Inspects source code for security problems by scanning the Go AST and SSA code representation. -> ⚠️ Container image migration notice: `gosec` images have been migrated from Docker Hub to `ghcr.io/securego/gosec`. -> Starting with the next release, Docker Hub images will no longer be published. - ## Quick links @@ -17,6 +14,9 @@ Inspects source code for security problems by scanning the Go AST and SSA code r - [Selecting rules](#selecting-rules) - [Output formats](#output-formats) +> ⚠️ Container image migration notice: `gosec` images was migrated from Docker Hub to `ghcr.io/securego/gosec`. +> Starting with release `v2.24.7` the image is no longer published in Docker Hub. + ## Features - **Pattern-based rules** for detecting common security issues in Go code @@ -48,7 +48,7 @@ You may obtain a copy of the License [here](http://www.apache.org/licenses/LICEN You can run `gosec` as a GitHub action as follows: -Use a versioned tag (for example `@v2`) instead of `@master` for stable behavior. +Use the versioned tag with `@master` which is pinned to the latest stable release. This will provide a stable behavior. ```yaml name: Run Gosec @@ -68,7 +68,7 @@ jobs: - name: Checkout Source uses: actions/checkout@v3 - name: Run Gosec Security Scanner - uses: securego/gosec@v2 + uses: securego/gosec@master with: args: ./... ``` diff --git a/tools/vendor/github.com/securego/gosec/v2/action.yml b/tools/vendor/github.com/securego/gosec/v2/action.yml index 58bd5edc8..dce577945 100644 --- a/tools/vendor/github.com/securego/gosec/v2/action.yml +++ b/tools/vendor/github.com/securego/gosec/v2/action.yml @@ -10,7 +10,7 @@ inputs: runs: using: "docker" - image: "docker://ghcr.io/securego/gosec:2.24.6" + image: "docker://ghcr.io/securego/gosec:2.24.7" args: - ${{ inputs.args }} diff --git a/tools/vendor/github.com/securego/gosec/v2/analyzer.go b/tools/vendor/github.com/securego/gosec/v2/analyzer.go index c3c8876b4..ed03efc69 100644 --- a/tools/vendor/github.com/securego/gosec/v2/analyzer.go +++ b/tools/vendor/github.com/securego/gosec/v2/analyzer.go @@ -194,8 +194,18 @@ func (m *Metrics) Merge(other *Metrics) { // Analyzer object is the main object of gosec. It has methods to load and analyze // packages, traverse ASTs, and invoke the correct checking rules on each node as required. type Analyzer struct { - ignoreNosec bool - ruleset RuleSet + ignoreNosec bool + ruleset RuleSet + // ruleBuilders and ruleSuppressed store the original arguments passed to + // LoadRules so that checkRules can call buildPackageRuleset to produce a + // goroutine-local RuleSet for every concurrent package walk. Each walk + // therefore owns its own freshly allocated rule instances, which means + // rules are free to keep per-package mutable state (e.g. maps tracking + // cleaned or joined variables) without any synchronisation. The shared + // gosec.ruleset is kept for callers that use the public CheckRules API + // directly (backward-compatible path). + ruleBuilders map[string]RuleBuilder + ruleSuppressed map[string]bool context *Context config Config logger *log.Logger @@ -254,12 +264,32 @@ func (gosec *Analyzer) Config() Config { // LoadRules instantiates all the rules to be used when analyzing source // packages func (gosec *Analyzer) LoadRules(ruleDefinitions map[string]RuleBuilder, ruleSuppressed map[string]bool) { + // Persist the builders so checkRules can produce per-package rule + // instances via buildPackageRuleset, eliminating shared mutable state + // across concurrent goroutines without requiring locks inside rules. + gosec.ruleBuilders = ruleDefinitions + gosec.ruleSuppressed = ruleSuppressed + for id, def := range ruleDefinitions { r, nodes := def(id, gosec.config) gosec.ruleset.Register(r, ruleSuppressed[id], nodes...) } } +// buildPackageRuleset constructs a brand-new RuleSet by re-invoking every +// stored RuleBuilder. The returned ruleset is intended to be used for a single +// package walk: because each concurrent worker calls buildPackageRuleset +// independently, every goroutine gets its own rule instances with their own +// internal state (maps, caches, etc.), so rules require no synchronisation. +func (gosec *Analyzer) buildPackageRuleset() RuleSet { + rs := NewRuleSet() + for id, def := range gosec.ruleBuilders { + r, nodes := def(id, gosec.config) + rs.Register(r, gosec.ruleSuppressed[id], nodes...) + } + return rs +} + // LoadAnalyzers instantiates all the analyzers to be used when analyzing source // packages func (gosec *Analyzer) LoadAnalyzers(analyzerDefinitions map[string]analyzers.AnalyzerDefinition, analyzerSuppressed map[string]bool) { @@ -460,8 +490,20 @@ func (gosec *Analyzer) checkRules(pkg *packages.Package) ([]*issue.Issue, *Metri callCachePool.Put(callCache) }() + // Build a goroutine-local RuleSet so this package walk owns its own fresh + // rule instances. Rules with internal maps (e.g. readfile.cleanedVar, + // joinedVar) are therefore safe to use without any synchronisation: each + // concurrent worker has completely independent rule objects. Falls back to + // the shared ruleset when builders are unavailable (direct CheckRules path). + var pkgRuleset *RuleSet + if len(gosec.ruleBuilders) > 0 { + rs := gosec.buildPackageRuleset() + pkgRuleset = &rs + } + visitor := &astVisitor{ gosec: gosec, + ruleset: pkgRuleset, issues: make([]*issue.Issue, 0, 16), stats: stats, ignoreNosec: gosec.ignoreNosec, @@ -502,7 +544,7 @@ func (gosec *Analyzer) checkRules(pkg *packages.Package) ([]*issue.Issue, *Metri visitor.context = ctx visitor.updateIgnores() - if len(gosec.ruleset.Rules) > 0 { + if len(visitor.activeRuleset().Rules) > 0 { ast.Walk(visitor, file) } stats.NumFiles++ @@ -811,7 +853,12 @@ func findNoSecTag(text, tag string) (bool, string) { // astVisitor implements ast.Visitor for per-file rule checking and issue collection. type astVisitor struct { - gosec *Analyzer + gosec *Analyzer + // ruleset is a package-local RuleSet built fresh by buildPackageRuleset + // for each concurrent package walk. It is non-nil when invoked through + // the normal Process → checkRules path and nil when the public CheckRules + // API is called directly (falling back to the shared gosec.ruleset). + ruleset *RuleSet context *Context issues []*issue.Issue stats *Metrics @@ -820,13 +867,22 @@ type astVisitor struct { trackSuppressions bool } +// activeRuleset returns the package-local ruleset when available, falling back +// to the shared analyzer ruleset for direct CheckRules callers. +func (v *astVisitor) activeRuleset() *RuleSet { + if v.ruleset != nil { + return v.ruleset + } + return &v.gosec.ruleset +} + func (v *astVisitor) Visit(n ast.Node) ast.Visitor { switch i := n.(type) { case *ast.File: v.context.Imports.TrackFile(i) } - for _, rule := range v.gosec.ruleset.RegisteredFor(n) { + for _, rule := range v.activeRuleset().RegisteredFor(n) { issue, err := rule.Match(n, v.context) if err != nil { file, line := GetLocation(n, v.context) @@ -1012,5 +1068,7 @@ func (gosec *Analyzer) Reset() { gosec.issues = make([]*issue.Issue, 0, 16) gosec.stats = &Metrics{} gosec.ruleset = NewRuleSet() + gosec.ruleBuilders = nil + gosec.ruleSuppressed = nil gosec.analyzerSet = analyzers.NewAnalyzerSet() } diff --git a/tools/vendor/github.com/securego/gosec/v2/analyzers/context_propagation.go b/tools/vendor/github.com/securego/gosec/v2/analyzers/context_propagation.go index 4ece39e08..0136d660d 100644 --- a/tools/vendor/github.com/securego/gosec/v2/analyzers/context_propagation.go +++ b/tools/vendor/github.com/securego/gosec/v2/analyzers/context_propagation.go @@ -705,6 +705,11 @@ func isCancelCalled(cancelValue ssa.Value, allFuncs []*ssa.Function) bool { if isCancelCalledViaStructField(fa, allFuncs) { return true } + // Check if the struct containing this field is returned, + // transferring cancel responsibility to the caller. + if isStructFieldReturnedFromFunc(fa) { + return true + } } queue = append(queue, r.Addr) case *ssa.UnOp: @@ -725,6 +730,52 @@ func isCancelCalled(cancelValue ssa.Value, allFuncs []*ssa.Function) bool { if r.X == current { queue = append(queue, r) } + case *ssa.MakeClosure: + // The cancel value is captured as a free variable in a closure. + // Find the corresponding FreeVar inside the closure body and + // follow it so that calls within the closure are detected. + if fn, ok := r.Fn.(*ssa.Function); ok { + for i, binding := range r.Bindings { + if binding == current && i < len(fn.FreeVars) { + queue = append(queue, fn.FreeVars[i]) + } + } + } + case *ssa.Return: + // Cancel function is returned to the caller — responsibility + // is transferred; treat as "called". + for _, result := range r.Results { + if result == current { + return true + } + } + } + } + } + + return false +} + +// isStructFieldReturnedFromFunc checks whether the struct that owns a FieldAddr +// is loaded and returned from the enclosing function. When a cancel is stored in +// a struct field and the struct is returned, responsibility for calling the +// cancel is transferred to the caller. +func isStructFieldReturnedFromFunc(fa *ssa.FieldAddr) bool { + structBase := fa.X + if structBase == nil { + return false + } + + // Follow referrers of the struct base pointer to find loads (*struct) + // that are then returned. + for _, ref := range safeReferrers(structBase) { + load, ok := ref.(*ssa.UnOp) + if !ok || load.Op != token.MUL { + continue + } + for _, loadRef := range safeReferrers(load) { + if _, ok := loadRef.(*ssa.Return); ok { + return true } } } diff --git a/tools/vendor/github.com/securego/gosec/v2/analyzers/conversion_overflow.go b/tools/vendor/github.com/securego/gosec/v2/analyzers/conversion_overflow.go index 0881d4904..23a350b47 100644 --- a/tools/vendor/github.com/securego/gosec/v2/analyzers/conversion_overflow.go +++ b/tools/vendor/github.com/securego/gosec/v2/analyzers/conversion_overflow.go @@ -17,6 +17,7 @@ package analyzers import ( "fmt" "go/types" + "math" "golang.org/x/tools/go/analysis" "golang.org/x/tools/go/analysis/passes/buildssa" @@ -216,7 +217,11 @@ func (s *overflowState) validateRangeLimits(v ssa.Value, res *rangeResult, dstIn } minSafe := true if srcInt.Min < 0 { - minSafe = minValueSet && toInt64(minValue) >= 0 + minBound := int64(0) + if res.isRangeCheck && maxValueSet && toInt64(maxValue) > signedMaxForUnsignedSize(dstInt.Size) { + minBound = signedMinForUnsignedSize(dstInt.Size) + } + minSafe = minValueSet && toInt64(minValue) >= minBound } maxSafe := true if srcInt.Max > dstInt.Max { @@ -225,36 +230,81 @@ func (s *overflowState) validateRangeLimits(v ssa.Value, res *rangeResult, dstIn return minSafe && maxSafe } +func signedMinForUnsignedSize(size int) int64 { + if size >= 64 { + return math.MinInt64 + } + return -(int64(1) << (size - 1)) +} + +func signedMaxForUnsignedSize(size int) int64 { + if size >= 64 { + return math.MaxInt64 + } + return (int64(1) << (size - 1)) - 1 +} + func (s *overflowState) isSafeFromPredecessor(v ssa.Value, dstInt IntTypeInfo, pred *ssa.BasicBlock, targetBlock *ssa.BasicBlock) bool { - if vIf, ok := pred.Instrs[len(pred.Instrs)-1].(*ssa.If); ok { - isSrcUnsigned := isUint(v) - for i, succ := range pred.Succs { - if succ == targetBlock { - // We took this specific edge. - result := s.Analyzer.getResultRangeForIfEdge(vIf, i == 0, v) - defer s.Analyzer.releaseResult(result) - - if result.isRangeCheck { - var safe bool - if dstInt.Signed { - if isSrcUnsigned { - safe = result.maxValueSet && result.maxValue <= dstInt.Max - } else { - safe = (result.minValueSet && toInt64(result.minValue) >= dstInt.Min) && (result.maxValueSet && toInt64(result.maxValue) <= toInt64(dstInt.Max)) - } - } else { - if isSrcUnsigned { - safe = result.maxValueSet && result.maxValue <= dstInt.Max - } else { - safe = (result.minValueSet && toInt64(result.minValue) >= 0) && (result.maxValueSet && result.maxValue <= dstInt.Max) - } - } - if safe { + edgeValue := v + if phi, ok := v.(*ssa.Phi); ok && phi.Block() == targetBlock { + for i, p := range targetBlock.Preds { + if p == pred && i < len(phi.Edges) { + edgeValue = phi.Edges[i] + break + } + } + } + + if len(pred.Instrs) > 0 { + if vIf, ok := pred.Instrs[len(pred.Instrs)-1].(*ssa.If); ok { + for i, succ := range pred.Succs { + if succ == targetBlock { + result := s.Analyzer.getResultRangeForIfEdge(vIf, i == 0, edgeValue) + defer s.Analyzer.releaseResult(result) + if s.isSafeIfEdgeResult(edgeValue, dstInt, result) { return true } } } } } + + if len(pred.Preds) == 1 { + parent := pred.Preds[0] + if len(parent.Instrs) > 0 { + if vIf, ok := parent.Instrs[len(parent.Instrs)-1].(*ssa.If); ok { + for i, succ := range parent.Succs { + if succ == pred { + result := s.Analyzer.getResultRangeForIfEdge(vIf, i == 0, edgeValue) + defer s.Analyzer.releaseResult(result) + if s.isSafeIfEdgeResult(edgeValue, dstInt, result) { + return true + } + } + } + } + } + } + return false } + +func (s *overflowState) isSafeIfEdgeResult(v ssa.Value, dstInt IntTypeInfo, result *rangeResult) bool { + if !result.isRangeCheck { + return false + } + + isSrcUnsigned := isUint(v) + if dstInt.Signed { + if isSrcUnsigned { + return result.maxValueSet && result.maxValue <= dstInt.Max + } + return (result.minValueSet && toInt64(result.minValue) >= dstInt.Min) && (result.maxValueSet && toInt64(result.maxValue) <= toInt64(dstInt.Max)) + } + + if isSrcUnsigned { + return result.maxValueSet && result.maxValue <= dstInt.Max + } + + return (result.minValueSet && toInt64(result.minValue) >= 0) && (result.maxValueSet && result.maxValue <= dstInt.Max) +} diff --git a/tools/vendor/github.com/securego/gosec/v2/taint/taint.go b/tools/vendor/github.com/securego/gosec/v2/taint/taint.go index d0b669a1b..d53b14f2f 100644 --- a/tools/vendor/github.com/securego/gosec/v2/taint/taint.go +++ b/tools/vendor/github.com/securego/gosec/v2/taint/taint.go @@ -1073,6 +1073,12 @@ func (a *Analyzer) isFieldTaintedViaCall(call *ssa.Call, fieldIdx int, callee *s return false } + // Prevent re-analyzing the same call site + if visited[call] { + return false + } + visited[call] = true + // If we don't have SSA blocks (external function or no body), use fallback logic: // Assume the field is tainted if any argument to the constructor is tainted. if callee.Blocks == nil { @@ -1114,6 +1120,11 @@ func (a *Analyzer) isFieldOfAllocTaintedInCallee(alloc *ssa.Alloc, fieldIdx int, if alloc.Referrers() == nil || depth > maxTaintDepth { return false } + + if visited[alloc] { + return false + } + visited[alloc] = true for _, ref := range *alloc.Referrers() { fa, ok := ref.(*ssa.FieldAddr) if !ok || fa.Field != fieldIdx { @@ -1144,6 +1155,12 @@ func (a *Analyzer) isCalleValueTainted(v ssa.Value, callee *ssa.Function, call * return false } + // Prevent infinite recursion on cyclic SSA value graphs + if visited[v] { + return false + } + visited[v] = true + // If the value is a callee parameter, map it to the caller's argument if param, ok := v.(*ssa.Parameter); ok { for i, p := range callee.Params { diff --git a/tools/vendor/github.com/sonatard/noctx/.goreleaser.yml b/tools/vendor/github.com/sonatard/noctx/.goreleaser.yml index 2e3653cde..04f6a0da0 100644 --- a/tools/vendor/github.com/sonatard/noctx/.goreleaser.yml +++ b/tools/vendor/github.com/sonatard/noctx/.goreleaser.yml @@ -25,6 +25,8 @@ builds: ignore: - goos: darwin goarch: 386 + - goos: windows + goarch: arm archives: - id: noctx diff --git a/tools/vendor/modules.txt b/tools/vendor/modules.txt index 879a72e0f..9489539b3 100644 --- a/tools/vendor/modules.txt +++ b/tools/vendor/modules.txt @@ -154,8 +154,8 @@ github.com/cespare/xxhash/v2 # github.com/charithe/durationcheck v0.0.11 ## explicit; go 1.16 github.com/charithe/durationcheck -# github.com/charmbracelet/colorprofile v0.4.2 -## explicit; go 1.24.2 +# github.com/charmbracelet/colorprofile v0.4.3 +## explicit; go 1.25.0 github.com/charmbracelet/colorprofile # github.com/charmbracelet/lipgloss v1.1.0 ## explicit; go 1.18 @@ -317,7 +317,7 @@ github.com/golangci/go-printf-func-name/pkg/analyzer # github.com/golangci/gofmt v0.0.0-20250106114630-d62b90e6713d ## explicit; go 1.22.0 github.com/golangci/gofmt/gofmt -# github.com/golangci/golangci-lint/v2 v2.11.2 +# github.com/golangci/golangci-lint/v2 v2.11.3 ## explicit; go 1.25.0 github.com/golangci/golangci-lint/v2/cmd/golangci-lint github.com/golangci/golangci-lint/v2/internal/cache @@ -792,7 +792,7 @@ github.com/sashamelentyev/interfacebloat/pkg/analyzer ## explicit; go 1.23.0 github.com/sashamelentyev/usestdlibvars/pkg/analyzer github.com/sashamelentyev/usestdlibvars/pkg/analyzer/internal/mapping -# github.com/securego/gosec/v2 v2.24.7 +# github.com/securego/gosec/v2 v2.24.8-0.20260309165252-619ce2117e08 ## explicit; go 1.25.0 github.com/securego/gosec/v2 github.com/securego/gosec/v2/analyzers @@ -807,7 +807,7 @@ github.com/sirupsen/logrus # github.com/sivchari/containedctx v1.0.3 ## explicit; go 1.17 github.com/sivchari/containedctx -# github.com/sonatard/noctx v0.5.0 +# github.com/sonatard/noctx v0.5.1 ## explicit; go 1.23.0 github.com/sonatard/noctx # github.com/sourcegraph/go-diff v0.7.0 diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go index e28d7c710..1408e1120 100644 --- a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go +++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/generic.go @@ -78,7 +78,7 @@ func (c *genericCurve) GenerateECDSA(rand io.Reader) (x, y, secret *big.Int, err func (c *genericCurve) Encaps(rand io.Reader, point []byte) (ephemeral, sharedSecret []byte, err error) { xP, yP := elliptic.Unmarshal(c.Curve, point) if xP == nil { - panic("invalid point") + return nil, nil, errors.KeyInvalidError(fmt.Sprintf("ecc (%s): invalid point", c.Curve.Params().Name)) } d, x, y, err := elliptic.GenerateKey(c.Curve, rand) @@ -99,6 +99,9 @@ func (c *genericCurve) Encaps(rand io.Reader, point []byte) (ephemeral, sharedSe func (c *genericCurve) Decaps(ephemeral, secret []byte) (sharedSecret []byte, err error) { x, y := elliptic.Unmarshal(c.Curve, ephemeral) + if x == nil { + return nil, errors.KeyInvalidError(fmt.Sprintf("ecc (%s): invalid point", c.Curve.Params().Name)) + } zbBig, _ := c.Curve.ScalarMult(x, y, secret) byteLen := (c.Curve.Params().BitSize + 7) >> 3 zb := make([]byte, byteLen) diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go index cc5140b70..b46a0afcb 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/go_module_metadata.go @@ -3,4 +3,4 @@ package aws // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.41.3" +const goModuleVersion = "1.41.4" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md index c292c41b6..af105a52d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.7.7 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. + # v1.7.6 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go index cdac6dbc0..21414d681 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/go_module_metadata.go @@ -3,4 +3,4 @@ package eventstream // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.7.6" +const goModuleVersion = "1.7.7" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go index 360344791..39efd848c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/protocol/query/middleware.go @@ -3,7 +3,7 @@ package query import ( "context" "fmt" - "io/ioutil" + "io" "github.com/aws/smithy-go/middleware" smithyhttp "github.com/aws/smithy-go/transport/http" @@ -52,7 +52,7 @@ func (m *asGetRequest) HandleSerialize( delim = "&" } - b, err := ioutil.ReadAll(stream) + b, err := io.ReadAll(stream) if err != nil { return out, metadata, fmt.Errorf("unable to get request body %w", err) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go index c7ef0acc4..49cc31205 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/aws/transport/http/client.go @@ -300,6 +300,17 @@ func limitedRedirect(r *http.Request, via []*http.Request) error { switch resp.StatusCode { case 307, 308: // Only allow 307 and 308 redirects as they preserve the method. + + // If redirecting to a different host, remove X-Amz-Security-Token header + // to prevent credentials from being sent to a different host, similar to + // how Authorization header is handled by the HTTP client. + if len(via) > 0 { + lastRequest := via[len(via)-1] + if lastRequest.URL.Host != r.URL.Host { + r.Header.Del("X-Amz-Security-Token") + } + } + return nil } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md index bd9f7eb3c..0c2a7d9f0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/CHANGELOG.md @@ -1,3 +1,8 @@ +# v1.32.12 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. +* **Dependency Update**: Updated to the latest SDK module versions + # v1.32.11 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go index 511862f49..202b9574b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/go_module_metadata.go @@ -3,4 +3,4 @@ package config // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.32.11" +const goModuleVersion = "1.32.12" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go index f56839a4b..a71c105d9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve.go @@ -5,7 +5,7 @@ import ( "crypto/tls" "crypto/x509" "fmt" - "io/ioutil" + "io" "net/http" "os" @@ -69,7 +69,7 @@ func resolveCustomCABundle(ctx context.Context, cfg *aws.Config, cfgs configs) e tr.TLSClientConfig.RootCAs = x509.NewCertPool() } - b, err := ioutil.ReadAll(pemCerts) + b, err := io.ReadAll(pemCerts) if err != nil { appendErr = fmt.Errorf("failed to read custom CA bundle PEM file") } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go index de8398599..4f8c324e0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/resolve_credentials.go @@ -3,7 +3,6 @@ package config import ( "context" "fmt" - "io/ioutil" "net" "net/url" "os" @@ -346,7 +345,7 @@ func resolveHTTPCredProvider(ctx context.Context, cfg *aws.Config, url, authToke options.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { var contents []byte var err error - if contents, err = ioutil.ReadFile(authFilePath); err != nil { + if contents, err = os.ReadFile(authFilePath); err != nil { return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) } return string(contents), nil diff --git a/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go b/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go index 5a0fea222..44c616fd5 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/config/shared_config.go @@ -6,7 +6,6 @@ import ( "errors" "fmt" "io" - "io/ioutil" "os" "path/filepath" "strings" @@ -502,7 +501,7 @@ func (c SharedConfig) getCustomCABundle(context.Context) (io.Reader, bool, error return nil, false, nil } - b, err := ioutil.ReadFile(c.CustomCABundle) + b, err := os.ReadFile(c.CustomCABundle) if err != nil { return nil, false, err } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md index 28a661c68..a5705a194 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/CHANGELOG.md @@ -1,3 +1,8 @@ +# v1.19.12 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. +* **Dependency Update**: Updated to the latest SDK module versions + # v1.19.11 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go index 5f3728594..97ad19cb7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/go_module_metadata.go @@ -3,4 +3,4 @@ package credentials // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.19.11" +const goModuleVersion = "1.19.12" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go index 46ae2f923..1fb6b2f0d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/ssocreds/sso_cached_token.go @@ -5,7 +5,6 @@ import ( "encoding/hex" "encoding/json" "fmt" - "io/ioutil" "os" "path/filepath" "strconv" @@ -145,7 +144,7 @@ func getTokenFieldRFC3339(v interface{}, value **rfc3339) error { } func loadCachedToken(filename string) (token, error) { - fileBytes, err := ioutil.ReadFile(filename) + fileBytes, err := os.ReadFile(filename) if err != nil { return token{}, fmt.Errorf("failed to read cached SSO token file, %w", err) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go b/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go index 5f4286dda..e3d4a3cd4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/credentials/stscreds/web_identity_provider.go @@ -3,7 +3,7 @@ package stscreds import ( "context" "fmt" - "io/ioutil" + "os" "strconv" "strings" "time" @@ -80,7 +80,7 @@ type IdentityTokenFile string // GetIdentityToken retrieves the JWT token from the file and returns the contents as a []byte func (j IdentityTokenFile) GetIdentityToken() ([]byte, error) { - b, err := ioutil.ReadFile(string(j)) + b, err := os.ReadFile(string(j)) if err != nil { return nil, fmt.Errorf("unable to read file at %s: %v", string(j), err) } diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md index 4c3fb21d2..a2be438e9 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/CHANGELOG.md @@ -1,3 +1,8 @@ +# v1.18.20 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. +* **Dependency Update**: Updated to the latest SDK module versions + # v1.18.19 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go index 01102aee3..1ce3f98b7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/go_module_metadata.go @@ -3,4 +3,4 @@ package imds // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.18.19" +const goModuleVersion = "1.18.20" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go index b25910afd..0585f144d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/feature/ec2/imds/request_middleware.go @@ -4,7 +4,7 @@ import ( "bytes" "context" "fmt" - "io/ioutil" + "io" "net/url" "path" "time" @@ -176,11 +176,11 @@ func (m *deserializeResponse) HandleDeserialize( // read the full body so that any operation timeouts cleanup will not race // the body being read. - body, err := ioutil.ReadAll(resp.Body) + body, err := io.ReadAll(resp.Body) if err != nil { return out, metadata, fmt.Errorf("read response body failed, %w", err) } - resp.Body = ioutil.NopCloser(bytes.NewReader(body)) + resp.Body = io.NopCloser(bytes.NewReader(body)) // Anything that's not 200 |< 300 is error if resp.StatusCode < 200 || resp.StatusCode >= 300 { diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md index 71066a9c6..46942eee7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.4.20 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.4.19 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go index c42653ca4..2a210bd10 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/configsources/go_module_metadata.go @@ -3,4 +3,4 @@ package configsources // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.4.19" +const goModuleVersion = "1.4.20" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md index f1ea7ea00..2673108d3 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/CHANGELOG.md @@ -1,3 +1,7 @@ +# v2.7.20 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v2.7.19 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go index 628a5269b..d4052854e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2/go_module_metadata.go @@ -3,4 +3,4 @@ package endpoints // goModuleVersion is the tagged release for this module -const goModuleVersion = "2.7.19" +const goModuleVersion = "2.7.20" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md index 6983e0d02..fdf434a5e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.8.6 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. + # v1.8.5 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go index be846f8f3..1dc2e12aa 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/ini/go_module_metadata.go @@ -3,4 +3,4 @@ package ini // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.8.5" +const goModuleVersion = "1.8.6" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md index 87e6e587b..48f2bf86c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.4.21 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.4.20 (2026-03-05) * **Bug Fix**: Read the correct auth property for SigV4A signing names. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go index 87221df0a..7dd2a095b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/internal/v4a/go_module_metadata.go @@ -3,4 +3,4 @@ package v4a // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.4.20" +const goModuleVersion = "1.4.21" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/CHANGELOG.md index e659edf76..ea3e3e2b2 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.294.1 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.294.0 (2026-03-05) * **Feature**: Added metadata field to CapacityAllocation. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/go_module_metadata.go index 2fecab13b..5f9be675d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ec2/go_module_metadata.go @@ -3,4 +3,4 @@ package ec2 // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.294.0" +const goModuleVersion = "1.294.1" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/CHANGELOG.md index a85f450ec..b9d519c19 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/CHANGELOG.md @@ -1,3 +1,11 @@ +# v1.53.6 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + +# v1.53.5 (2026-03-09) + +* **Documentation**: Added support for CloudWatch Logs long-term API keys, currently available in Preview + # v1.53.4 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateServiceSpecificCredential.go b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateServiceSpecificCredential.go index cc007d878..19113286b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateServiceSpecificCredential.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/api_op_CreateServiceSpecificCredential.go @@ -18,8 +18,8 @@ import ( // You can have a maximum of two sets of service-specific credentials for each // supported service per user. // -// You can create service-specific credentials for Amazon Bedrock, CodeCommit and -// Amazon Keyspaces (for Apache Cassandra). +// You can create service-specific credentials for Amazon Bedrock, Amazon +// CloudWatch Logs, CodeCommit and Amazon Keyspaces (for Apache Cassandra). // // You can reset the password to a new service-generated value by calling [ResetServiceSpecificCredential]. // @@ -66,8 +66,8 @@ type CreateServiceSpecificCredentialInput struct { UserName *string // The number of days until the service specific credential expires. This field is - // only valid for Bedrock API keys and must be a positive integer. When not - // specified, the credential will not expire. + // only valid for Bedrock and CloudWatch Logs API keys and must be a positive + // integer. When not specified, the credential will not expire. CredentialAgeDays *int32 noSmithyDocumentSerde diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/go_module_metadata.go index 0d63c2a99..8eb5086c0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/go_module_metadata.go @@ -3,4 +3,4 @@ package iam // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.53.4" +const goModuleVersion = "1.53.6" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/types/types.go b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/types/types.go index eded7a6a2..32d9d370b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/iam/types/types.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/iam/types/types.go @@ -310,7 +310,9 @@ type DelegationRequest struct { // The expiry time of this delegation request // - // See the Understanding the Request Lifecycle for details on the life time of a delegation request at each state. + // See the [Understanding the Request Lifecycle] for details on the life time of a delegation request at each state. + // + // [Understanding the Request Lifecycle]: https://docs.aws.amazon.com/IAM/latest/UserGuide/temporary-delegation-building-integration.html#temporary-delegation-request-lifecycle ExpirationTime *time.Time // Notes added to this delegation request, if this request was updated via the [UpdateDelegationRequest] @@ -364,7 +366,9 @@ type DelegationRequest struct { // If the PermissionPolicy includes role creation permissions, this element will // include the list of permissions boundary policies associated with the role - // creation. See Permissions boundaries for IAM entitiesfor more details about IAM permission boundaries. + // creation. See [Permissions boundaries for IAM entities]for more details about IAM permission boundaries. + // + // [Permissions boundaries for IAM entities]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html RolePermissionRestrictionArns []string // The life-time of the requested session credential. @@ -372,7 +376,9 @@ type DelegationRequest struct { // The state of this delegation request. // - // See the Understanding the Request Lifecycle for an explanation of how these states are transitioned. + // See the [Understanding the Request Lifecycle] for an explanation of how these states are transitioned. + // + // [Understanding the Request Lifecycle]: https://docs.aws.amazon.com/IAM/latest/UserGuide/temporary-delegation-building-integration.html#temporary-delegation-request-lifecycle State StateType // Last updated timestamp of the request. @@ -1773,17 +1779,18 @@ type ServiceSpecificCredential struct { UserName *string // The date and time when the service specific credential expires. This field is - // only present for Bedrock API keys that were created with an expiration period. + // only present for Bedrock API keys and CloudWatch Logs API keys that were created + // with an expiration period. ExpirationDate *time.Time - // For Bedrock API keys, this is the public portion of the credential that - // includes the IAM user name and a suffix containing version and creation - // information. + // For Bedrock API keys and CloudWatch Logs API keys, this is the public portion + // of the credential that includes the IAM user name and a suffix containing + // version and creation information. ServiceCredentialAlias *string - // For Bedrock API keys, this is the secret portion of the credential that should - // be used to authenticate API calls. This value is returned only when the - // credential is created. + // For Bedrock API keys and CloudWatch Logs API keys, this is the secret portion + // of the credential that should be used to authenticate API calls. This value is + // returned only when the credential is created. ServiceCredentialSecret *string // The generated password for the service-specific credential. @@ -1830,12 +1837,13 @@ type ServiceSpecificCredentialMetadata struct { UserName *string // The date and time when the service specific credential expires. This field is - // only present for Bedrock API keys that were created with an expiration period. + // only present for Bedrock API keys and CloudWatch Logs API keys that were created + // with an expiration period. ExpirationDate *time.Time - // For Bedrock API keys, this is the public portion of the credential that - // includes the IAM user name and a suffix containing version and creation - // information. + // For Bedrock API keys and CloudWatch Logs API keys, this is the public portion + // of the credential that includes the IAM user name and a suffix containing + // version and creation information. ServiceCredentialAlias *string // The generated user name for the service-specific credential. diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md index b594dddaa..497d37230 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.13.7 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. + # v1.13.6 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go index 0ece341c6..5679a2b2b 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding/go_module_metadata.go @@ -3,4 +3,4 @@ package acceptencoding // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.13.6" +const goModuleVersion = "1.13.7" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md index 768c3716b..7148221e4 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/CHANGELOG.md @@ -1,3 +1,8 @@ +# v1.9.12 (2026-03-13) + +* **Bug Fix**: Replace usages of the old ioutil/ package throughout the SDK. +* **Dependency Update**: Updated to the latest SDK module versions + # v1.9.11 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go index 0f45aeabc..bdce1ef6a 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/checksum/go_module_metadata.go @@ -3,4 +3,4 @@ package checksum // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.9.11" +const goModuleVersion = "1.9.12" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md index 6be7fa536..0a52b84b6 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.13.20 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.13.19 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go index 983aaa4b6..f65e864d0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url/go_module_metadata.go @@ -3,4 +3,4 @@ package presignedurl // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.13.19" +const goModuleVersion = "1.13.20" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md index da0728750..1e5b70f75 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.19.20 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.19.19 (2026-03-03) * **Bug Fix**: Modernize non codegen files with go fix diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go index 87ec0db1c..47ba8ecd7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/internal/s3shared/go_module_metadata.go @@ -3,4 +3,4 @@ package s3shared // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.19.19" +const goModuleVersion = "1.19.20" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/CHANGELOG.md index e4e01adad..3c716086d 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.40.14 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.40.13 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/go_module_metadata.go index 28e91d2a1..b7b96a9f7 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/pricing/go_module_metadata.go @@ -3,4 +3,4 @@ package pricing // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.40.13" +const goModuleVersion = "1.40.14" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/signin/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/signin/CHANGELOG.md index c0201eb36..6625fa25e 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/signin/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/signin/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.0.8 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.0.7 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/signin/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/signin/go_module_metadata.go index d1b4908f6..fe22d5a36 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/signin/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/signin/go_module_metadata.go @@ -3,4 +3,4 @@ package signin // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.0.7" +const goModuleVersion = "1.0.8" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md index 08fefc644..6c9be3880 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.30.13 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.30.12 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go index ec1582e08..fde08b7d0 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sso/go_module_metadata.go @@ -3,4 +3,4 @@ package sso // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.30.12" +const goModuleVersion = "1.30.13" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md index 35d0b7c8f..40da3df26 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.35.17 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.35.16 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go index 6d843cd7a..a8373e5b5 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/ssooidc/go_module_metadata.go @@ -3,4 +3,4 @@ package ssooidc // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.35.16" +const goModuleVersion = "1.35.17" diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md index 6d21791e1..32f04b84c 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/CHANGELOG.md @@ -1,3 +1,7 @@ +# v1.41.9 (2026-03-13) + +* **Dependency Update**: Updated to the latest SDK module versions + # v1.41.8 (2026-03-03) * **Dependency Update**: Bump minimum Go version to 1.24 diff --git a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go index 0779e5025..88f4eb9f1 100644 --- a/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go +++ b/vendor/github.com/aws/aws-sdk-go-v2/service/sts/go_module_metadata.go @@ -3,4 +3,4 @@ package sts // goModuleVersion is the tagged release for this module -const goModuleVersion = "1.41.8" +const goModuleVersion = "1.41.9" diff --git a/vendor/github.com/charmbracelet/colorprofile/writer.go b/vendor/github.com/charmbracelet/colorprofile/writer.go index 1a88e2b7b..c96e61a95 100644 --- a/vendor/github.com/charmbracelet/colorprofile/writer.go +++ b/vendor/github.com/charmbracelet/colorprofile/writer.go @@ -40,9 +40,11 @@ func (w *Writer) Write(p []byte) (int, error) { case w.Profile == TrueColor: return w.Forward.Write(p) //nolint:wrapcheck case w.Profile <= NoTTY: - return io.WriteString(w.Forward, ansi.Strip(string(p))) //nolint:wrapcheck + _, err := io.WriteString(w.Forward, ansi.Strip(string(p))) + return len(p), err case w.Profile == ASCII, w.Profile == ANSI, w.Profile == ANSI256: - return w.downsample(p) + _, err := w.downsample(p) + return len(p), err default: return 0, fmt.Errorf("invalid profile: %v", w.Profile) } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/container.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/container.go index 9d9d3f693..002a1caad 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/container.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/container.go @@ -52,41 +52,59 @@ import ( // // ## Import // +// !/bin/bash +// +// ```sh +// $ pulumi import docker:index/container:Container foo id +// ``` +// // ### Example // // # Assuming you created a `container` as follows // +// ```sh // #!/bin/bash -// // docker run --name foo -p8080:80 -d nginx -// -// prints the container ID -// +// # prints the container ID // 9a550c0f0163d39d77222d3efd58701b625d47676c25c686c95b5b92d1cba6fd +// ``` // // you provide the definition for the resource as follows // -// terraform -// -// resource "docker_container" "foo" { -// -// name = "foo" -// -// image = "nginx" +// ```go +// package main // -// ports { +// import ( // -// internal = "80" +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // -// external = "8080" +// ) // +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewContainer(ctx, "foo", &docker.ContainerArgs{ +// Name: pulumi.String("foo"), +// Image: pulumi.String("nginx"), +// Ports: docker.ContainerPortArray{ +// &docker.ContainerPortArgs{ +// Internal: pulumi.Int(80), +// External: pulumi.Int(8080), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) // } // -// } +// ``` // // then the import command is as follows // -// #!/bin/bash +// !/bin/bash // // ```sh // $ pulumi import docker:index/container:Container foo 9a550c0f0163d39d77222d3efd58701b625d47676c25c686c95b5b92d1cba6fd @@ -171,8 +189,9 @@ type Container struct { // The total memory limit (memory + swap) for the container in MBs. This setting may compute to `-1` after `pulumi up` if the target host doesn't support memory swap, when that is the case docker will use a soft limitation. MemorySwap pulumi.IntPtrOutput `pulumi:"memorySwap"` // Specification for mounts to be added to containers created as part of the service. - Mounts ContainerMountArrayOutput `pulumi:"mounts"` - MustRun pulumi.BoolPtrOutput `pulumi:"mustRun"` + Mounts ContainerMountArrayOutput `pulumi:"mounts"` + // If `true`, then the Docker container will be kept running. If `false`, then as long as the container exists, Terraform assumes it is successful. Defaults to `true`. + MustRun pulumi.BoolPtrOutput `pulumi:"mustRun"` // The name of the container. Name pulumi.StringOutput `pulumi:"name"` // The data of the networks the container is connected to. @@ -347,8 +366,9 @@ type containerState struct { // The total memory limit (memory + swap) for the container in MBs. This setting may compute to `-1` after `pulumi up` if the target host doesn't support memory swap, when that is the case docker will use a soft limitation. MemorySwap *int `pulumi:"memorySwap"` // Specification for mounts to be added to containers created as part of the service. - Mounts []ContainerMount `pulumi:"mounts"` - MustRun *bool `pulumi:"mustRun"` + Mounts []ContainerMount `pulumi:"mounts"` + // If `true`, then the Docker container will be kept running. If `false`, then as long as the container exists, Terraform assumes it is successful. Defaults to `true`. + MustRun *bool `pulumi:"mustRun"` // The name of the container. Name *string `pulumi:"name"` // The data of the networks the container is connected to. @@ -491,7 +511,8 @@ type ContainerState struct { // The total memory limit (memory + swap) for the container in MBs. This setting may compute to `-1` after `pulumi up` if the target host doesn't support memory swap, when that is the case docker will use a soft limitation. MemorySwap pulumi.IntPtrInput // Specification for mounts to be added to containers created as part of the service. - Mounts ContainerMountArrayInput + Mounts ContainerMountArrayInput + // If `true`, then the Docker container will be kept running. If `false`, then as long as the container exists, Terraform assumes it is successful. Defaults to `true`. MustRun pulumi.BoolPtrInput // The name of the container. Name pulumi.StringPtrInput @@ -633,8 +654,9 @@ type containerArgs struct { // The total memory limit (memory + swap) for the container in MBs. This setting may compute to `-1` after `pulumi up` if the target host doesn't support memory swap, when that is the case docker will use a soft limitation. MemorySwap *int `pulumi:"memorySwap"` // Specification for mounts to be added to containers created as part of the service. - Mounts []ContainerMount `pulumi:"mounts"` - MustRun *bool `pulumi:"mustRun"` + Mounts []ContainerMount `pulumi:"mounts"` + // If `true`, then the Docker container will be kept running. If `false`, then as long as the container exists, Terraform assumes it is successful. Defaults to `true`. + MustRun *bool `pulumi:"mustRun"` // The name of the container. Name *string `pulumi:"name"` // Network mode of the container. Defaults to `bridge`. If your host OS is any other OS, you need to set this value explicitly, e.g. `nat` when your container will be running on an Windows host. See https://docs.docker.com/engine/network/ for more information. @@ -770,7 +792,8 @@ type ContainerArgs struct { // The total memory limit (memory + swap) for the container in MBs. This setting may compute to `-1` after `pulumi up` if the target host doesn't support memory swap, when that is the case docker will use a soft limitation. MemorySwap pulumi.IntPtrInput // Specification for mounts to be added to containers created as part of the service. - Mounts ContainerMountArrayInput + Mounts ContainerMountArrayInput + // If `true`, then the Docker container will be kept running. If `false`, then as long as the container exists, Terraform assumes it is successful. Defaults to `true`. MustRun pulumi.BoolPtrInput // The name of the container. Name pulumi.StringPtrInput @@ -1116,6 +1139,7 @@ func (o ContainerOutput) Mounts() ContainerMountArrayOutput { return o.ApplyT(func(v *Container) ContainerMountArrayOutput { return v.Mounts }).(ContainerMountArrayOutput) } +// If `true`, then the Docker container will be kept running. If `false`, then as long as the container exists, Terraform assumes it is successful. Defaults to `true`. func (o ContainerOutput) MustRun() pulumi.BoolPtrOutput { return o.ApplyT(func(v *Container) pulumi.BoolPtrOutput { return v.MustRun }).(pulumi.BoolPtrOutput) } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/getRemoteImage.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/getRemoteImage.go index 8e3bfb348..7e0e69af2 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/getRemoteImage.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/getRemoteImage.go @@ -11,7 +11,7 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) -// `RemoteImage` provides details about a specific Docker Image which needs to be present on the Docker Host +// `RemoteImage` provides details about a specific Docker Image which need to be present on the Docker Host // // ## Example Usage // diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/image.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/image.go index a1b247b66..6c4a7cb22 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/image.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/image.go @@ -64,7 +64,7 @@ import ( // }, // ImageName: pulumi.String("username/image:tag1"), // SkipPush: pulumi.Bool(true), -// }) +// }, pulumi.Version("v4.4.0")) // if err != nil { // return err // } @@ -93,7 +93,7 @@ import ( // Dockerfile: pulumi.String("Dockerfile"), // }, // ImageName: pulumi.String("docker.io/username/push-image:tag1"), -// }) +// }, pulumi.Version("v4.4.0")) // if err != nil { // return err // } @@ -156,7 +156,7 @@ import ( // return &authToken.UserName, nil // }).(pulumi.StringPtrOutput), // }, -// }) +// }, pulumi.Version("v4.1.2")) // if err != nil { // return err // } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/internal/pulumiUtilities.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/internal/pulumiUtilities.go index 447e4f4ba..e2e42d317 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/internal/pulumiUtilities.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/internal/pulumiUtilities.go @@ -165,7 +165,7 @@ func callPlainInner( func PkgResourceDefaultOpts(opts []pulumi.ResourceOption) []pulumi.ResourceOption { defaults := []pulumi.ResourceOption{} - version := semver.MustParse("4.11.0") + version := semver.MustParse("4.11.1") if !version.Equals(semver.Version{}) { defaults = append(defaults, pulumi.Version(version.String())) } @@ -176,7 +176,7 @@ func PkgResourceDefaultOpts(opts []pulumi.ResourceOption) []pulumi.ResourceOptio func PkgInvokeDefaultOpts(opts []pulumi.InvokeOption) []pulumi.InvokeOption { defaults := []pulumi.InvokeOption{} - version := semver.MustParse("4.11.0") + version := semver.MustParse("4.11.1") if !version.Equals(semver.Version{}) { defaults = append(defaults, pulumi.Version(version.String())) } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/network.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/network.go index 8977c7f1b..2eb4a58c0 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/network.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/network.go @@ -42,31 +42,52 @@ import ( // // ## Import // +// !/bin/bash +// +// ```sh +// $ pulumi import docker:index/network:Network foo id +// ``` +// // ### Example // // # Assuming you created a `network` as follows // +// ```sh // #!/bin/bash -// // docker network create foo -// -// prints the long ID -// +// # prints the long ID // 87b57a9b91ecab2db2a6dbf38df74c67d7c7108cbe479d6576574ec2cd8c2d73 +// ``` // // you provide the definition for the resource as follows // -// terraform +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // -// resource "docker_network" "foo" { +// ) // -// name = "foo" +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewNetwork(ctx, "foo", &docker.NetworkArgs{ +// Name: pulumi.String("foo"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } // -// } +// ``` // // then the import command is as follows // -// #!/bin/bash +// !/bin/bash // // ```sh // $ pulumi import docker:index/network:Network foo 87b57a9b91ecab2db2a6dbf38df74c67d7c7108cbe479d6576574ec2cd8c2d73 diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/plugin.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/plugin.go index 2a916acfb..af4954c45 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/plugin.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/plugin.go @@ -16,10 +16,9 @@ import ( // // ## Import // -// #!/bin/bash -// // ```sh -// $ pulumi import docker:index/plugin:Plugin sample-volume-plugin "$(docker plugin inspect -f {{.ID}} tiborvass/sample-volume-plugin:latest)" +// #!/bin/bash +// terraform import docker_plugin.sample-volume-plugin "$(docker plugin inspect -f {{.ID}} tiborvass/sample-volume-plugin:latest)" // ``` type Plugin struct { pulumi.CustomResourceState diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumi-plugin.json b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumi-plugin.json index 0129791c0..0b3caa47d 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumi-plugin.json +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumi-plugin.json @@ -1,5 +1,5 @@ { "resource": true, "name": "docker", - "version": "4.11.0" + "version": "4.11.1" } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumiTypes.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumiTypes.go index f37e31400..049723668 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumiTypes.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/pulumiTypes.go @@ -4151,8 +4151,9 @@ func (o PluginGrantPermissionArrayOutput) Index(i pulumi.IntInput) PluginGrantPe type ProviderRegistryAuth struct { // Address of the registry - Address string `pulumi:"address"` - AuthDisabled *bool `pulumi:"authDisabled"` + Address string `pulumi:"address"` + // Setting this to `true` will tell the provider that this registry does not need authentication. Due to the docker internals, the provider will use dummy credentials (see https://github.com/kreuzwerker/terraform-provider-docker/issues/470 for more information). Defaults to `false`. + AuthDisabled *bool `pulumi:"authDisabled"` // Path to docker json file for registry auth. Defaults to `~/.docker/config.json`. If `DOCKER_CONFIG` is set, the value of `DOCKER_CONFIG` is used as the path. `configFile` has predencen over all other options. ConfigFile *string `pulumi:"configFile"` // Plain content of the docker json file for registry auth. `configFileContent` has precedence over username/password. @@ -4176,7 +4177,8 @@ type ProviderRegistryAuthInput interface { type ProviderRegistryAuthArgs struct { // Address of the registry - Address pulumi.StringInput `pulumi:"address"` + Address pulumi.StringInput `pulumi:"address"` + // Setting this to `true` will tell the provider that this registry does not need authentication. Due to the docker internals, the provider will use dummy credentials (see https://github.com/kreuzwerker/terraform-provider-docker/issues/470 for more information). Defaults to `false`. AuthDisabled pulumi.BoolPtrInput `pulumi:"authDisabled"` // Path to docker json file for registry auth. Defaults to `~/.docker/config.json`. If `DOCKER_CONFIG` is set, the value of `DOCKER_CONFIG` is used as the path. `configFile` has predencen over all other options. ConfigFile pulumi.StringPtrInput `pulumi:"configFile"` @@ -4244,6 +4246,7 @@ func (o ProviderRegistryAuthOutput) Address() pulumi.StringOutput { return o.ApplyT(func(v ProviderRegistryAuth) string { return v.Address }).(pulumi.StringOutput) } +// Setting this to `true` will tell the provider that this registry does not need authentication. Due to the docker internals, the provider will use dummy credentials (see https://github.com/kreuzwerker/terraform-provider-docker/issues/470 for more information). Defaults to `false`. func (o ProviderRegistryAuthOutput) AuthDisabled() pulumi.BoolPtrOutput { return o.ApplyT(func(v ProviderRegistryAuth) *bool { return v.AuthDisabled }).(pulumi.BoolPtrOutput) } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/registryImage.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/registryImage.go index 05be8086d..96ab77176 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/registryImage.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/registryImage.go @@ -23,7 +23,6 @@ import ( // // import ( // -// "fmt" // "os" // // "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" @@ -64,7 +63,8 @@ type RegistryImage struct { // Authentication configuration for the Docker registry. It is only used for this resource. AuthConfig RegistryImageAuthConfigPtrOutput `pulumi:"authConfig"` - Build RegistryImageBuildPtrOutput `pulumi:"build"` + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. + Build RegistryImageBuildPtrOutput `pulumi:"build"` // If `true`, the verification of TLS certificates of the server/registry is disabled. Defaults to `false` InsecureSkipVerify pulumi.BoolPtrOutput `pulumi:"insecureSkipVerify"` // If true, then the Docker image won't be deleted on destroy operation. If this is false, it will delete the image from the docker registry on destroy operation. Defaults to `false` @@ -109,7 +109,8 @@ func GetRegistryImage(ctx *pulumi.Context, type registryImageState struct { // Authentication configuration for the Docker registry. It is only used for this resource. AuthConfig *RegistryImageAuthConfig `pulumi:"authConfig"` - Build *RegistryImageBuild `pulumi:"build"` + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. + Build *RegistryImageBuild `pulumi:"build"` // If `true`, the verification of TLS certificates of the server/registry is disabled. Defaults to `false` InsecureSkipVerify *bool `pulumi:"insecureSkipVerify"` // If true, then the Docker image won't be deleted on destroy operation. If this is false, it will delete the image from the docker registry on destroy operation. Defaults to `false` @@ -125,7 +126,8 @@ type registryImageState struct { type RegistryImageState struct { // Authentication configuration for the Docker registry. It is only used for this resource. AuthConfig RegistryImageAuthConfigPtrInput - Build RegistryImageBuildPtrInput + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. + Build RegistryImageBuildPtrInput // If `true`, the verification of TLS certificates of the server/registry is disabled. Defaults to `false` InsecureSkipVerify pulumi.BoolPtrInput // If true, then the Docker image won't be deleted on destroy operation. If this is false, it will delete the image from the docker registry on destroy operation. Defaults to `false` @@ -145,7 +147,8 @@ func (RegistryImageState) ElementType() reflect.Type { type registryImageArgs struct { // Authentication configuration for the Docker registry. It is only used for this resource. AuthConfig *RegistryImageAuthConfig `pulumi:"authConfig"` - Build *RegistryImageBuild `pulumi:"build"` + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. + Build *RegistryImageBuild `pulumi:"build"` // If `true`, the verification of TLS certificates of the server/registry is disabled. Defaults to `false` InsecureSkipVerify *bool `pulumi:"insecureSkipVerify"` // If true, then the Docker image won't be deleted on destroy operation. If this is false, it will delete the image from the docker registry on destroy operation. Defaults to `false` @@ -160,7 +163,8 @@ type registryImageArgs struct { type RegistryImageArgs struct { // Authentication configuration for the Docker registry. It is only used for this resource. AuthConfig RegistryImageAuthConfigPtrInput - Build RegistryImageBuildPtrInput + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. + Build RegistryImageBuildPtrInput // If `true`, the verification of TLS certificates of the server/registry is disabled. Defaults to `false` InsecureSkipVerify pulumi.BoolPtrInput // If true, then the Docker image won't be deleted on destroy operation. If this is false, it will delete the image from the docker registry on destroy operation. Defaults to `false` @@ -263,6 +267,7 @@ func (o RegistryImageOutput) AuthConfig() RegistryImageAuthConfigPtrOutput { return o.ApplyT(func(v *RegistryImage) RegistryImageAuthConfigPtrOutput { return v.AuthConfig }).(RegistryImageAuthConfigPtrOutput) } +// Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. func (o RegistryImageOutput) Build() RegistryImageBuildPtrOutput { return o.ApplyT(func(v *RegistryImage) RegistryImageBuildPtrOutput { return v.Build }).(RegistryImageBuildPtrOutput) } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/remoteImage.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/remoteImage.go index 1a70e6aab..5863c951e 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/remoteImage.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/remoteImage.go @@ -12,9 +12,131 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// +// Manages the lifecycle of a docker image in your docker host. It can be used to build a new docker image or to pull an existing one from a registry. +// +// This resource will *not* pull new layers of the image automatically unless used in conjunction with RegistryImage data source to update the `pullTriggers` field. +// +// ## Example Usage +// +// ### Basic +// +// Finds and downloads the latest `ubuntu:precise` image but does not check +// for further updates of the image +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewRemoteImage(ctx, "ubuntu", &docker.RemoteImageArgs{ +// Name: pulumi.String("ubuntu:precise"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ### Dynamic updates +// +// To be able to update an image dynamically when the `sha256` sum changes, +// you need to use it in combination with `RegistryImage` as follows: +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// ubuntu, err := docker.LookupRegistryImage(ctx, &docker.LookupRegistryImageArgs{ +// Name: "ubuntu:precise", +// }, nil) +// if err != nil { +// return err +// } +// _, err = docker.NewRemoteImage(ctx, "ubuntu", &docker.RemoteImageArgs{ +// Name: pulumi.String(ubuntu.Name), +// PullTriggers: pulumi.StringArray{ +// pulumi.String(ubuntu.Sha256Digest), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// ### Build +// +// You can also use the resource to build an image. If you want to use a buildx builder with all of its features, please read the section below. +// +// > **Note**: The default timeout for the building is 20 minutes. If you need to increase this, you can use operation timeouts. +// +// In this case the image "zoo" and "zoo:develop" are built. +// The `context` and `dockerfile` arguments are relative to the local Terraform process (`path.cwd`). +// There is no need to copy the files to remote hosts before creating the resource. +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewRemoteImage(ctx, "zoo", &docker.RemoteImageArgs{ +// Name: pulumi.String("zoo"), +// Build: &docker.RemoteImageBuildArgs{ +// Context: pulumi.String("."), +// Tags: pulumi.StringArray{ +// pulumi.String("zoo:develop"), +// }, +// BuildArgs: pulumi.StringMap{ +// "foo": pulumi.String("zoo"), +// }, +// Label: pulumi.StringMap{ +// "author": pulumi.String("zoo"), +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// You can use the `triggers` argument to specify when the image should be rebuild. This is for example helpful when you want to rebuild the docker image whenever the source code changes. type RemoteImage struct { pulumi.CustomResourceState + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. Build RemoteImageBuildPtrOutput `pulumi:"build"` // If true, then the image is removed forcibly when the resource is destroyed. ForceRemove pulumi.BoolPtrOutput `pulumi:"forceRemove"` @@ -67,6 +189,7 @@ func GetRemoteImage(ctx *pulumi.Context, // Input properties used for looking up and filtering RemoteImage resources. type remoteImageState struct { + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. Build *RemoteImageBuild `pulumi:"build"` // If true, then the image is removed forcibly when the resource is destroyed. ForceRemove *bool `pulumi:"forceRemove"` @@ -87,6 +210,7 @@ type remoteImageState struct { } type RemoteImageState struct { + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. Build RemoteImageBuildPtrInput // If true, then the image is removed forcibly when the resource is destroyed. ForceRemove pulumi.BoolPtrInput @@ -111,6 +235,7 @@ func (RemoteImageState) ElementType() reflect.Type { } type remoteImageArgs struct { + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. Build *RemoteImageBuild `pulumi:"build"` // If true, then the image is removed forcibly when the resource is destroyed. ForceRemove *bool `pulumi:"forceRemove"` @@ -128,6 +253,7 @@ type remoteImageArgs struct { // The set of arguments for constructing a RemoteImage resource. type RemoteImageArgs struct { + // Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. Build RemoteImageBuildPtrInput // If true, then the image is removed forcibly when the resource is destroyed. ForceRemove pulumi.BoolPtrInput @@ -230,6 +356,7 @@ func (o RemoteImageOutput) ToRemoteImageOutputWithContext(ctx context.Context) R return o } +// Configuration to build an image. Requires the `Use containerd for pulling and storing images` option to be disabled in the Docker Host(https://github.com/kreuzwerker/terraform-provider-docker/issues/534). Please see [docker build command reference](https://docs.docker.com/engine/reference/commandline/build/#options) too. func (o RemoteImageOutput) Build() RemoteImageBuildPtrOutput { return o.ApplyT(func(v *RemoteImage) RemoteImageBuildPtrOutput { return v.Build }).(RemoteImageBuildPtrOutput) } diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/secret.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/secret.go index c34353475..85848956f 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/secret.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/secret.go @@ -12,11 +12,52 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) +// +// Manages the secrets of a Docker service in a swarm. +// +// ## Example Usage +// +// ### Basic +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi-std/sdk/go/std" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// invokeBase64encode, err := std.Base64encode(ctx, map[string]interface{}{ +// "input": "{\"foo\": \"s3cr3t\"}", +// }, nil) +// if err != nil { +// return err +// } +// _, err = docker.NewSecret(ctx, "foo", &docker.SecretArgs{ +// Name: pulumi.String("foo"), +// Data: invokeBase64encode.Result, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// // ## Import // +// ```sh // #!/bin/bash // -// Docker secret cannot be imported as the secret data, once set, is never exposed again. +// # Docker secret cannot be imported as the secret data, once set, is never exposed again. +// ``` type Secret struct { pulumi.CustomResourceState diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/service.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/service.go index bdcaaaecf..e70ae469a 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/service.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/service.go @@ -12,55 +12,425 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) -// ## Import +// +// This resource manages the lifecycle of a Docker service. By default, the creation, update and delete of services are detached. // -// ### Example +// With the Converge Config the behavior of the `docker cli` is imitated to guarantee tha for example, all tasks of a service are running or successfully updated or to inform `terraform` that a service could no be updated and was successfully rolled back. // -// # Assuming you created a `service` as follows +// ## Example Usage // -// #!/bin/bash +// ### Basic // -// docker service create --name foo -p 8080:80 nginx +// # The following configuration starts a Docker Service with // -// prints th ID +// - the given image, +// - 1 replica +// - exposes the port `8080` in `vip` mode to the host machine +// - moreover, uses the `container` runtime // -// 4pcphbxkfn2rffhbhe6czytgi +// ```go +// package main // -// you provide the definition for the resource as follows +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewService(ctx, "foo", &docker.ServiceArgs{ +// Name: pulumi.String("foo-service"), +// TaskSpec: &docker.ServiceTaskSpecArgs{ +// ContainerSpec: &docker.ServiceTaskSpecContainerSpecArgs{ +// Image: pulumi.String("repo.mycompany.com:8080/foo-service:v1"), +// }, +// }, +// EndpointSpec: &docker.ServiceEndpointSpecArgs{ +// Ports: docker.ServiceEndpointSpecPortArray{ +// &docker.ServiceEndpointSpecPortArgs{ +// TargetPort: pulumi.Int(8080), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } // -// terraform +// ``` +// +// The following command is the equivalent: // -// resource "docker_service" "foo" { +// ### Basic with Datasource // -// name = "foo" +// Alternatively, if the image is already present on the Docker Host and not managed +// by `terraform`, you can also use the `RemoteImage` datasource: // -// task_spec { +// ```go +// package main // -// container_spec { +// import ( // -// image = "nginx" +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // -// } +// ) // +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// foo, err := docker.LookupRemoteImage(ctx, &docker.LookupRemoteImageArgs{ +// Name: "repo.mycompany.com:8080/foo-service:v1", +// }, nil) +// if err != nil { +// return err +// } +// _, err = docker.NewService(ctx, "foo", &docker.ServiceArgs{ +// Name: pulumi.String("foo-service"), +// TaskSpec: &docker.ServiceTaskSpecArgs{ +// ContainerSpec: &docker.ServiceTaskSpecContainerSpecArgs{ +// Image: pulumi.String(foo.RepoDigest), +// }, +// }, +// EndpointSpec: &docker.ServiceEndpointSpecArgs{ +// Ports: docker.ServiceEndpointSpecPortArray{ +// &docker.ServiceEndpointSpecPortArgs{ +// TargetPort: pulumi.Int(8080), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) // } // -// endpoint_spec { +// ``` +// +// ### Advanced +// +// The following configuration shows the full capabilities of a Docker Service, +// with a `volume`, `config`, `secret` and `network` // -// ports { +// ```go +// package main // -// target_port = "80" +// import ( // -// published_port = "8080" +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // -// } +// ) // +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// testVolume, err := docker.NewVolume(ctx, "test_volume", &docker.VolumeArgs{ +// Name: pulumi.String("tftest-volume"), +// }) +// if err != nil { +// return err +// } +// testVolume2, err := docker.NewVolume(ctx, "test_volume_2", &docker.VolumeArgs{ +// Name: pulumi.String("tftest-volume2"), +// }) +// if err != nil { +// return err +// } +// serviceConfig, err := docker.NewServiceConfig(ctx, "service_config", &docker.ServiceConfigArgs{ +// Name: pulumi.String("tftest-full-myconfig"), +// Data: pulumi.String("ewogICJwcmVmaXgiOiAiMTIzIgp9"), +// }) +// if err != nil { +// return err +// } +// serviceSecret, err := docker.NewSecret(ctx, "service_secret", &docker.SecretArgs{ +// Name: pulumi.String("tftest-mysecret"), +// Data: pulumi.String("ewogICJrZXkiOiAiUVdFUlRZIgp9"), +// }) +// if err != nil { +// return err +// } +// testNetwork, err := docker.NewNetwork(ctx, "test_network", &docker.NetworkArgs{ +// Name: pulumi.String("tftest-network"), +// Driver: pulumi.String("overlay"), +// }) +// if err != nil { +// return err +// } +// _, err = docker.NewService(ctx, "foo", &docker.ServiceArgs{ +// Name: pulumi.String("tftest-service-basic"), +// TaskSpec: &docker.ServiceTaskSpecArgs{ +// ContainerSpec: &docker.ServiceTaskSpecContainerSpecArgs{ +// Configs: docker.ServiceTaskSpecContainerSpecConfigArray{ +// &docker.ServiceTaskSpecContainerSpecConfigArgs{ +// ConfigId: serviceConfig.ID(), +// ConfigName: serviceConfig.Name, +// FileName: pulumi.String("/configs.json"), +// }, +// &docker.ServiceTaskSpecContainerSpecConfigArgs{}, +// }, +// Secrets: docker.ServiceTaskSpecContainerSpecSecretArray{ +// &docker.ServiceTaskSpecContainerSpecSecretArgs{ +// SecretId: serviceSecret.ID(), +// SecretName: serviceSecret.Name, +// FileName: pulumi.String("/secrets.json"), +// FileUid: pulumi.String("0"), +// FileGid: pulumi.String("0"), +// FileMode: pulumi.Int(777), +// }, +// &docker.ServiceTaskSpecContainerSpecSecretArgs{}, +// }, +// Image: pulumi.String("repo.mycompany.com:8080/foo-service:v1"), +// Labels: docker.ServiceTaskSpecContainerSpecLabelArray{ +// &docker.ServiceTaskSpecContainerSpecLabelArgs{ +// Label: pulumi.String("foo.bar"), +// Value: pulumi.String("baz"), +// }, +// }, +// Commands: pulumi.StringArray{ +// pulumi.String("ls"), +// }, +// Args: pulumi.StringArray{ +// pulumi.String("-las"), +// }, +// Hostname: pulumi.String("my-fancy-service"), +// Env: pulumi.StringMap{ +// "MYFOO": pulumi.String("BAR"), +// }, +// Dir: pulumi.String("/root"), +// User: pulumi.String("root"), +// Groups: pulumi.StringArray{ +// pulumi.String("docker"), +// pulumi.String("foogroup"), +// }, +// Privileges: &docker.ServiceTaskSpecContainerSpecPrivilegesArgs{ +// SeLinuxContext: &docker.ServiceTaskSpecContainerSpecPrivilegesSeLinuxContextArgs{ +// Disable: pulumi.Bool(true), +// User: pulumi.String("user-label"), +// Role: pulumi.String("role-label"), +// Type: pulumi.String("type-label"), +// Level: pulumi.String("level-label"), +// }, +// }, +// ReadOnly: pulumi.Bool(true), +// Mounts: docker.ServiceTaskSpecContainerSpecMountArray{ +// &docker.ServiceTaskSpecContainerSpecMountArgs{ +// Target: pulumi.String("/mount/test"), +// Source: testVolume.Name, +// Type: pulumi.String("bind"), +// ReadOnly: pulumi.Bool(true), +// BindOptions: &docker.ServiceTaskSpecContainerSpecMountBindOptionsArgs{ +// Propagation: pulumi.String("rprivate"), +// }, +// }, +// &docker.ServiceTaskSpecContainerSpecMountArgs{ +// Target: pulumi.String("/mount/test2"), +// Source: testVolume2.Name, +// Type: pulumi.String("volume"), +// ReadOnly: pulumi.Bool(true), +// VolumeOptions: &docker.ServiceTaskSpecContainerSpecMountVolumeOptionsArgs{ +// NoCopy: pulumi.Bool(true), +// Labels: docker.ServiceTaskSpecContainerSpecMountVolumeOptionsLabelArray{ +// &docker.ServiceTaskSpecContainerSpecMountVolumeOptionsLabelArgs{ +// Label: pulumi.String("foo"), +// Value: pulumi.String("bar"), +// }, +// }, +// DriverName: pulumi.String("random-driver"), +// DriverOptions: pulumi.StringMap{ +// "op1": pulumi.String("val1"), +// }, +// }, +// }, +// }, +// StopSignal: pulumi.String("SIGTERM"), +// StopGracePeriod: pulumi.String("10s"), +// Healthcheck: &docker.ServiceTaskSpecContainerSpecHealthcheckArgs{ +// Tests: pulumi.StringArray{ +// pulumi.String("CMD"), +// pulumi.String("curl"), +// pulumi.String("-f"), +// pulumi.String("http://localhost:8080/health"), +// }, +// Interval: pulumi.String("5s"), +// Timeout: pulumi.String("2s"), +// Retries: pulumi.Int(4), +// }, +// Hosts: docker.ServiceTaskSpecContainerSpecHostArray{ +// &docker.ServiceTaskSpecContainerSpecHostArgs{ +// Host: pulumi.String("testhost"), +// Ip: pulumi.String("10.0.1.0"), +// }, +// }, +// DnsConfig: &docker.ServiceTaskSpecContainerSpecDnsConfigArgs{ +// Nameservers: pulumi.StringArray{ +// pulumi.String("8.8.8.8"), +// }, +// Searches: pulumi.StringArray{ +// pulumi.String("example.org"), +// }, +// Options: pulumi.StringArray{ +// pulumi.String("timeout:3"), +// }, +// }, +// }, +// Resources: &docker.ServiceTaskSpecResourcesArgs{ +// Limits: &docker.ServiceTaskSpecResourcesLimitsArgs{ +// NanoCpus: pulumi.Int(1000000), +// MemoryBytes: pulumi.Int(536870912), +// }, +// Reservation: &docker.ServiceTaskSpecResourcesReservationArgs{ +// NanoCpus: pulumi.Int(1000000), +// MemoryBytes: pulumi.Int(536870912), +// GenericResources: &docker.ServiceTaskSpecResourcesReservationGenericResourcesArgs{ +// NamedResourcesSpecs: pulumi.StringArray{ +// pulumi.String("GPU=UUID1"), +// }, +// DiscreteResourcesSpecs: pulumi.StringArray{ +// pulumi.String("SSD=3"), +// }, +// }, +// }, +// }, +// RestartPolicy: map[string]interface{}{ +// "condition": "on-failure", +// "delay": "3s", +// "maxAttempts": 4, +// "window": "10s", +// }[0], +// Placement: &docker.ServiceTaskSpecPlacementArgs{ +// Constraints: pulumi.StringArray{ +// pulumi.String("node.role==manager"), +// }, +// Prefs: pulumi.StringArray{ +// pulumi.String("spread=node.role.manager"), +// }, +// MaxReplicas: pulumi.Int(1), +// }, +// ForceUpdate: pulumi.Int(0), +// Runtime: pulumi.String("container"), +// Networks: pulumi.StringArray{ +// testNetwork.ID(), +// }, +// LogDriver: &docker.ServiceTaskSpecLogDriverArgs{ +// Name: pulumi.String("json-file"), +// Options: pulumi.StringMap{ +// "max-size": pulumi.String("10m"), +// "max-file": pulumi.String("3"), +// }, +// }, +// }, +// Mode: &docker.ServiceModeArgs{ +// Replicated: &docker.ServiceModeReplicatedArgs{ +// Replicas: pulumi.Int(2), +// }, +// }, +// UpdateConfig: &docker.ServiceUpdateConfigArgs{ +// Parallelism: pulumi.Int(2), +// Delay: pulumi.String("10s"), +// FailureAction: pulumi.String("pause"), +// Monitor: pulumi.String("5s"), +// MaxFailureRatio: pulumi.String("0.1"), +// Order: pulumi.String("start-first"), +// }, +// RollbackConfig: &docker.ServiceRollbackConfigArgs{ +// Parallelism: pulumi.Int(2), +// Delay: pulumi.String("5ms"), +// FailureAction: pulumi.String("pause"), +// Monitor: pulumi.String("10h"), +// MaxFailureRatio: pulumi.String("0.9"), +// Order: pulumi.String("stop-first"), +// }, +// EndpointSpec: &docker.ServiceEndpointSpecArgs{ +// Ports: docker.ServiceEndpointSpecPortArray{ +// &docker.ServiceEndpointSpecPortArgs{ +// Name: pulumi.String("random"), +// Protocol: pulumi.String("tcp"), +// TargetPort: pulumi.Int(8080), +// PublishedPort: pulumi.Int(8080), +// PublishMode: pulumi.String("ingress"), +// }, +// &docker.ServiceEndpointSpecPortArgs{}, +// }, +// Mode: pulumi.String("vip"), +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) // } // -// } +// ``` // -// then the import command is as follows +// ## Import +// +// !/bin/bash +// +// ```sh +// $ pulumi import docker:index/service:Service foo id +// ``` +// +// ### Example // +// # Assuming you created a `service` as follows +// +// ```sh // #!/bin/bash +// docker service create --name foo -p 8080:80 nginx +// # prints th ID +// 4pcphbxkfn2rffhbhe6czytgi +// ``` +// +// you provide the definition for the resource as follows +// +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +// +// ) +// +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewService(ctx, "foo", &docker.ServiceArgs{ +// Name: pulumi.String("foo"), +// TaskSpec: &docker.ServiceTaskSpecArgs{ +// ContainerSpec: &docker.ServiceTaskSpecContainerSpecArgs{ +// Image: pulumi.String("nginx"), +// }, +// }, +// EndpointSpec: &docker.ServiceEndpointSpecArgs{ +// Ports: docker.ServiceEndpointSpecPortArray{ +// &docker.ServiceEndpointSpecPortArgs{ +// TargetPort: pulumi.Int(80), +// PublishedPort: pulumi.Int(8080), +// }, +// }, +// }, +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } +// +// ``` +// +// then the import command is as follows +// +// !/bin/bash // // ```sh // $ pulumi import docker:index/service:Service foo 4pcphbxkfn2rffhbhe6czytgi diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/serviceConfig.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/serviceConfig.go index 5d33274a9..91059d26b 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/serviceConfig.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/serviceConfig.go @@ -12,35 +12,57 @@ import ( "github.com/pulumi/pulumi/sdk/v3/go/pulumi" ) -// ## Import +// +// Manages the configs of a Docker service in a swarm. // -// ### Example +// ## Example Usage // -// # Assuming you created a `config` as follows +// ### Basic // -// #!/bin/bash +// ### Advanced +// ### Dynamically set config with a template +// In this example you can use the `${var.foo_port}` variable to dynamically +// set the `${port}` variable in the `foo.configs.json.tpl` template and create +// the data of the `fooConfig` with the help of the `base64encode` interpolation +// function. // -// printf '{"a":"b"}' | docker config create foo - +// The file `foo.config.json.tpl` has the following content: // -// prints the id +// and the resource uses it as follows: // -// 08c26c477474478d971139f750984775a7f019dbe8a2e7f09d66a187c009e66d +// ### Update config with no downtime +// To update a `config`, Terraform will destroy the existing resource and create a replacement. +// To effectively use a `ServiceConfig` resource with a `Service` resource, it's recommended // -// you provide the definition for the resource as follows +// to specify `createBeforeDestroy` in a `lifecycle` block. Provide a unique `name` attribute, +// +// for example with one of the interpolation functions `uuid` or `timestamp` as shown +// in the example below. The reason is this [issue](https://github.com/moby/moby/issues/35803). +// +// ## Import +// +// !/bin/bash // -// terraform +// ```sh +// $ pulumi import docker:index/serviceConfig:ServiceConfig foo id +// ``` // -// resource "docker_config" "foo" { +// ### Example // -// name = "foo" +// # Assuming you created a `config` as follows // -// data = base64encode("{\"a\": \"b\"}") +// ```sh +// #!/bin/bash +// printf '{"a":"b"}' | docker config create foo - +// # prints the id +// 08c26c477474478d971139f750984775a7f019dbe8a2e7f09d66a187c009e66d +// ``` // -// } +// you provide the definition for the resource as follows // // then the import command is as follows // -// #!/bin/bash +// !/bin/bash // // ```sh // $ pulumi import docker:index/serviceConfig:ServiceConfig foo 08c26c477474478d971139f750984775a7f019dbe8a2e7f09d66a187c009e66d diff --git a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/volume.go b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/volume.go index f4a51e59f..4ebb39dc1 100644 --- a/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/volume.go +++ b/vendor/github.com/pulumi/pulumi-docker/sdk/v4/go/docker/volume.go @@ -42,31 +42,52 @@ import ( // // ## Import // +// !/bin/bash +// +// ```sh +// $ pulumi import docker:index/volume:Volume foo id +// ``` +// // ### Example // // # Assuming you created a `volume` as follows // +// ```sh // #!/bin/bash -// // docker volume create -// -// prints the long ID -// +// # prints the long ID // 524b0457aa2a87dd2b75c74c3e4e53f406974249e63ab3ed9bf21e5644f9dc7d +// ``` // // you provide the definition for the resource as follows // -// terraform +// ```go +// package main +// +// import ( +// +// "github.com/pulumi/pulumi-docker/sdk/v4/go/docker" +// "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // -// resource "docker_volume" "foo" { +// ) // -// name = "524b0457aa2a87dd2b75c74c3e4e53f406974249e63ab3ed9bf21e5644f9dc7d" +// func main() { +// pulumi.Run(func(ctx *pulumi.Context) error { +// _, err := docker.NewVolume(ctx, "foo", &docker.VolumeArgs{ +// Name: pulumi.String("524b0457aa2a87dd2b75c74c3e4e53f406974249e63ab3ed9bf21e5644f9dc7d"), +// }) +// if err != nil { +// return err +// } +// return nil +// }) +// } // -// } +// ``` // // then the import command is as follows // -// #!/bin/bash +// !/bin/bash // // ```sh // $ pulumi import docker:index/volume:Volume foo 524b0457aa2a87dd2b75c74c3e4e53f406974249e63ab3ed9bf21e5644f9dc7d diff --git a/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go b/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go index e8dc79129..7ad6fb44c 100644 --- a/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go +++ b/vendor/google.golang.org/grpc/internal/envconfig/envconfig.go @@ -88,6 +88,22 @@ var ( // feature can be disabled by setting the environment variable // GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING to "false". PickFirstWeightedShuffling = boolFromEnv("GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING", true) + + // DisableStrictPathChecking indicates whether strict path checking is + // disabled. This feature can be disabled by setting the environment + // variable GRPC_GO_EXPERIMENTAL_DISABLE_STRICT_PATH_CHECKING to "true". + // + // When strict path checking is enabled, gRPC will reject requests with + // paths that do not conform to the gRPC over HTTP/2 specification found at + // https://github.com/grpc/grpc/blob/master/doc/PROTOCOL-HTTP2.md. + // + // When disabled, gRPC will allow paths that do not contain a leading slash. + // Enabling strict path checking is recommended for security reasons, as it + // prevents potential path traversal vulnerabilities. + // + // A future release will remove this environment variable, enabling strict + // path checking behavior unconditionally. + DisableStrictPathChecking = boolFromEnv("GRPC_GO_EXPERIMENTAL_DISABLE_STRICT_PATH_CHECKING", false) ) func boolFromEnv(envVar string, def bool) bool { diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go index 1b5cefe81..8efb29a7b 100644 --- a/vendor/google.golang.org/grpc/server.go +++ b/vendor/google.golang.org/grpc/server.go @@ -42,6 +42,7 @@ import ( "google.golang.org/grpc/internal" "google.golang.org/grpc/internal/binarylog" "google.golang.org/grpc/internal/channelz" + "google.golang.org/grpc/internal/envconfig" "google.golang.org/grpc/internal/grpcsync" "google.golang.org/grpc/internal/grpcutil" istats "google.golang.org/grpc/internal/stats" @@ -149,6 +150,8 @@ type Server struct { serverWorkerChannel chan func() serverWorkerChannelClose func() + + strictPathCheckingLogEmitted atomic.Bool } type serverOptions struct { @@ -1762,6 +1765,24 @@ func (s *Server) processStreamingRPC(ctx context.Context, stream *transport.Serv return ss.s.WriteStatus(statusOK) } +func (s *Server) handleMalformedMethodName(stream *transport.ServerStream, ti *traceInfo) { + if ti != nil { + ti.tr.LazyLog(&fmtStringer{"Malformed method name %q", []any{stream.Method()}}, true) + ti.tr.SetError() + } + errDesc := fmt.Sprintf("malformed method name: %q", stream.Method()) + if err := stream.WriteStatus(status.New(codes.Unimplemented, errDesc)); err != nil { + if ti != nil { + ti.tr.LazyLog(&fmtStringer{"%v", []any{err}}, true) + ti.tr.SetError() + } + channelz.Warningf(logger, s.channelz, "grpc: Server.handleStream failed to write status: %v", err) + } + if ti != nil { + ti.tr.Finish() + } +} + func (s *Server) handleStream(t transport.ServerTransport, stream *transport.ServerStream) { ctx := stream.Context() ctx = contextWithServer(ctx, s) @@ -1782,26 +1803,30 @@ func (s *Server) handleStream(t transport.ServerTransport, stream *transport.Ser } sm := stream.Method() - if sm != "" && sm[0] == '/' { + if sm == "" { + s.handleMalformedMethodName(stream, ti) + return + } + if sm[0] != '/' { + // TODO(easwars): Add a link to the CVE in the below log messages once + // published. + if envconfig.DisableStrictPathChecking { + if old := s.strictPathCheckingLogEmitted.Swap(true); !old { + channelz.Warningf(logger, s.channelz, "grpc: Server.handleStream received malformed method name %q. Allowing it because the environment variable GRPC_GO_EXPERIMENTAL_DISABLE_STRICT_PATH_CHECKING is set to true, but this option will be removed in a future release.", sm) + } + } else { + if old := s.strictPathCheckingLogEmitted.Swap(true); !old { + channelz.Warningf(logger, s.channelz, "grpc: Server.handleStream rejected malformed method name %q. To temporarily allow such requests, set the environment variable GRPC_GO_EXPERIMENTAL_DISABLE_STRICT_PATH_CHECKING to true. Note that this is not recommended as it may allow requests to bypass security policies.", sm) + } + s.handleMalformedMethodName(stream, ti) + return + } + } else { sm = sm[1:] } pos := strings.LastIndex(sm, "/") if pos == -1 { - if ti != nil { - ti.tr.LazyLog(&fmtStringer{"Malformed method name %q", []any{sm}}, true) - ti.tr.SetError() - } - errDesc := fmt.Sprintf("malformed method name: %q", stream.Method()) - if err := stream.WriteStatus(status.New(codes.Unimplemented, errDesc)); err != nil { - if ti != nil { - ti.tr.LazyLog(&fmtStringer{"%v", []any{err}}, true) - ti.tr.SetError() - } - channelz.Warningf(logger, s.channelz, "grpc: Server.handleStream failed to write status: %v", err) - } - if ti != nil { - ti.tr.Finish() - } + s.handleMalformedMethodName(stream, ti) return } service := sm[:pos] diff --git a/vendor/google.golang.org/grpc/version.go b/vendor/google.golang.org/grpc/version.go index f9da6c6ca..76c2eed77 100644 --- a/vendor/google.golang.org/grpc/version.go +++ b/vendor/google.golang.org/grpc/version.go @@ -19,4 +19,4 @@ package grpc // Version is the current grpc version. -const Version = "1.79.2" +const Version = "1.79.3" diff --git a/vendor/modules.txt b/vendor/modules.txt index b3555eb07..bc3af9354 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -86,7 +86,7 @@ github.com/Microsoft/go-winio/internal/fs github.com/Microsoft/go-winio/internal/socket github.com/Microsoft/go-winio/internal/stringbuffer github.com/Microsoft/go-winio/pkg/guid -# github.com/ProtonMail/go-crypto v1.4.0 +# github.com/ProtonMail/go-crypto v1.4.1 ## explicit; go 1.23.0 github.com/ProtonMail/go-crypto/bitcurves github.com/ProtonMail/go-crypto/brainpool @@ -128,7 +128,7 @@ github.com/aws/amazon-ec2-instance-selector/v3/pkg/instancetypes github.com/aws/amazon-ec2-instance-selector/v3/pkg/selector github.com/aws/amazon-ec2-instance-selector/v3/pkg/selector/outputs github.com/aws/amazon-ec2-instance-selector/v3/pkg/sorter -# github.com/aws/aws-sdk-go-v2 v1.41.3 +# github.com/aws/aws-sdk-go-v2 v1.41.4 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/aws github.com/aws/aws-sdk-go-v2/aws/arn @@ -156,14 +156,14 @@ github.com/aws/aws-sdk-go-v2/internal/shareddefaults github.com/aws/aws-sdk-go-v2/internal/strings github.com/aws/aws-sdk-go-v2/internal/sync/singleflight github.com/aws/aws-sdk-go-v2/internal/timeconv -# github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.6 +# github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.7 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream/eventstreamapi -# github.com/aws/aws-sdk-go-v2/config v1.32.11 +# github.com/aws/aws-sdk-go-v2/config v1.32.12 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/config -# github.com/aws/aws-sdk-go-v2/credentials v1.19.11 +# github.com/aws/aws-sdk-go-v2/credentials v1.19.12 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/credentials github.com/aws/aws-sdk-go-v2/credentials/ec2rolecreds @@ -173,25 +173,25 @@ github.com/aws/aws-sdk-go-v2/credentials/logincreds github.com/aws/aws-sdk-go-v2/credentials/processcreds github.com/aws/aws-sdk-go-v2/credentials/ssocreds github.com/aws/aws-sdk-go-v2/credentials/stscreds -# github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.19 +# github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.20 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/feature/ec2/imds github.com/aws/aws-sdk-go-v2/feature/ec2/imds/internal/config -# github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.19 +# github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.20 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/internal/configsources -# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.19 +# github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.20 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 -# github.com/aws/aws-sdk-go-v2/internal/ini v1.8.5 +# github.com/aws/aws-sdk-go-v2/internal/ini v1.8.6 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/internal/ini -# github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.20 +# github.com/aws/aws-sdk-go-v2/internal/v4a v1.4.21 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/internal/v4a github.com/aws/aws-sdk-go-v2/internal/v4a/internal/crypto github.com/aws/aws-sdk-go-v2/internal/v4a/internal/v4 -# github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.0 +# github.com/aws/aws-sdk-go-v2/service/ec2 v1.294.1 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/ec2 github.com/aws/aws-sdk-go-v2/service/ec2/internal/endpoints @@ -203,26 +203,26 @@ github.com/aws/aws-sdk-go-v2/service/ecs/document github.com/aws/aws-sdk-go-v2/service/ecs/internal/document github.com/aws/aws-sdk-go-v2/service/ecs/internal/endpoints github.com/aws/aws-sdk-go-v2/service/ecs/types -# github.com/aws/aws-sdk-go-v2/service/iam v1.53.4 +# github.com/aws/aws-sdk-go-v2/service/iam v1.53.6 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/iam github.com/aws/aws-sdk-go-v2/service/iam/internal/endpoints github.com/aws/aws-sdk-go-v2/service/iam/types -# github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.6 +# github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.7 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding -# github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.11 +# github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.9.12 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/internal/checksum -# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.19 +# github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.20 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/internal/presigned-url -# github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.19 +# github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.20 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/internal/s3shared github.com/aws/aws-sdk-go-v2/service/internal/s3shared/arn github.com/aws/aws-sdk-go-v2/service/internal/s3shared/config -# github.com/aws/aws-sdk-go-v2/service/pricing v1.40.13 +# github.com/aws/aws-sdk-go-v2/service/pricing v1.40.14 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/pricing github.com/aws/aws-sdk-go-v2/service/pricing/internal/endpoints @@ -234,22 +234,22 @@ github.com/aws/aws-sdk-go-v2/service/s3/internal/arn github.com/aws/aws-sdk-go-v2/service/s3/internal/customizations github.com/aws/aws-sdk-go-v2/service/s3/internal/endpoints github.com/aws/aws-sdk-go-v2/service/s3/types -# github.com/aws/aws-sdk-go-v2/service/signin v1.0.7 +# github.com/aws/aws-sdk-go-v2/service/signin v1.0.8 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/signin github.com/aws/aws-sdk-go-v2/service/signin/internal/endpoints github.com/aws/aws-sdk-go-v2/service/signin/types -# github.com/aws/aws-sdk-go-v2/service/sso v1.30.12 +# github.com/aws/aws-sdk-go-v2/service/sso v1.30.13 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/sso github.com/aws/aws-sdk-go-v2/service/sso/internal/endpoints github.com/aws/aws-sdk-go-v2/service/sso/types -# github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.16 +# github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.17 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/ssooidc github.com/aws/aws-sdk-go-v2/service/ssooidc/internal/endpoints github.com/aws/aws-sdk-go-v2/service/ssooidc/types -# github.com/aws/aws-sdk-go-v2/service/sts v1.41.8 +# github.com/aws/aws-sdk-go-v2/service/sts v1.41.9 ## explicit; go 1.24 github.com/aws/aws-sdk-go-v2/service/sts github.com/aws/aws-sdk-go-v2/service/sts/internal/endpoints @@ -314,8 +314,8 @@ github.com/charmbracelet/bubbles/viewport # github.com/charmbracelet/bubbletea v1.3.10 ## explicit; go 1.24.0 github.com/charmbracelet/bubbletea -# github.com/charmbracelet/colorprofile v0.4.2 -## explicit; go 1.24.2 +# github.com/charmbracelet/colorprofile v0.4.3 +## explicit; go 1.25.0 github.com/charmbracelet/colorprofile # github.com/charmbracelet/lipgloss v1.1.0 ## explicit; go 1.18 @@ -720,8 +720,8 @@ github.com/pulumi/pulumi-command/sdk/go/command/remote ## explicit; go 1.24.1 github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild/internal -# github.com/pulumi/pulumi-docker/sdk/v4 v4.11.0 -## explicit; go 1.24.0 +# github.com/pulumi/pulumi-docker/sdk/v4 v4.11.1 +## explicit; go 1.25.6 github.com/pulumi/pulumi-docker/sdk/v4/go/docker github.com/pulumi/pulumi-docker/sdk/v4/go/docker/internal # github.com/pulumi/pulumi-gitlab/sdk/v8 v8.11.0 @@ -1153,7 +1153,7 @@ google.golang.org/genproto/googleapis/api/httpbody ## explicit; go 1.25.0 google.golang.org/genproto/googleapis/rpc/errdetails google.golang.org/genproto/googleapis/rpc/status -# google.golang.org/grpc v1.79.2 +# google.golang.org/grpc v1.79.3 ## explicit; go 1.24.0 google.golang.org/grpc google.golang.org/grpc/attributes