fix(deps): update all non-major dependencies
This MR contains the following updates:
| Package | Change | Age | Confidence | Type | Update |
|---|---|---|---|---|---|
| github.com/hashicorp/hcl/v2 |
v2.23.0 -> v2.24.0
|
 |
|
require | minor |
| github.com/terraform-linters/tflint-plugin-sdk |
v0.22.0 -> v0.23.0
|
|
|
require | minor |
| github.com/terraform-linters/tflint-ruleset-terraform |
v0.12.0 -> v0.13.0
|
|
|
require | minor |
| github.com/zclconf/go-cty |
v1.16.2 -> v1.17.0
|
|
|
require | minor |
| golang |
1.24.2-bookworm -> 1.25.1-bookworm
|
|
|
image | minor |
| uis/devops/continuous-delivery/ci-templates |
v7.6.0 -> v7.17.4
|
|
|
repository | minor |
Release Notes
hashicorp/hcl (github.com/hashicorp/hcl/v2)
v2.24.0
Enhancements
- Add support for decoding block and attribute source ranges when using
gohcl. (#703) - hclsyntax: Detect and reject invalid nested splat result. (#724)
Bugs Fixed
- Correct handling of unknown objects in Index function. (#763)
terraform-linters/tflint-plugin-sdk (github.com/terraform-linters/tflint-plugin-sdk)
v0.23.0
What's Changed
Plugins built with this SDK version require Go 1.24+ and TFLint 0.46+.
Breaking Changes
Enhancements
- Fix Update ParseExpression to parse any json passed to it. by @rorychatterton in #418
Chores
- Fix broken GitHub Actions badge link by @wata727 in #379
- Enable Dependabot auto-merge by @wata727 in #380
- Bump github.com/zclconf/go-cty from 1.16.0 to 1.16.2 by @dependabot[bot] in #372
- Bump github.com/hashicorp/go-plugin from 1.6.2 to 1.6.3 by @dependabot[bot] in #373
- Bump google.golang.org/protobuf from 1.36.2 to 1.36.5 by @dependabot[bot] in #374
- Bump github.com/google/go-cmp from 0.6.0 to 0.7.0 by @dependabot[bot] in #376
- Bump google.golang.org/grpc from 1.69.2 to 1.71.0 by @dependabot[bot] in #378
- Bump golang.org/x/tools from 0.29.0 to 0.31.0 by @dependabot[bot] in #377
- Stop updating CHANGELOG.md by @wata727 in #381
- Pin GitHub Action versions by @wata727 in #382
- Bump actions/setup-go from 5.3.0 to 5.4.0 by @dependabot[bot] in #383
- Bump github/codeql-action from 3.28.11 to 3.28.13 by @dependabot[bot] in #385
- Bump google.golang.org/protobuf from 1.36.5 to 1.36.6 by @dependabot[bot] in #386
- Bump google.golang.org/grpc from 1.71.0 to 1.71.1 by @dependabot[bot] in #387
- Bump github/codeql-action from 3.28.13 to 3.28.14 by @dependabot[bot] in #388
- Bump github/codeql-action from 3.28.14 to 3.28.15 by @dependabot[bot] in #389
- Bump golang.org/x/tools from 0.31.0 to 0.32.0 by @dependabot[bot] in #390
- Bump google.golang.org/grpc from 1.71.1 to 1.72.0 by @dependabot[bot] in #392
- Remove advanced code scanning settings by @wata727 in #393
- Set workflow permissions explicitly by @wata727 in #394
- Bump golang.org/x/tools from 0.32.0 to 0.33.0 by @dependabot[bot] in #395
- Bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot[bot] in #396
- Bump github.com/zclconf/go-cty from 1.16.2 to 1.16.3 by @dependabot[bot] in #397
- Bump google.golang.org/grpc from 1.72.0 to 1.72.1 by @dependabot[bot] in #398
- Bump google.golang.org/grpc from 1.72.1 to 1.72.2 by @dependabot[bot] in #399
- Bump golang.org/x/tools from 0.33.0 to 0.34.0 by @dependabot[bot] in #400
- Bump golang.org/x/tools from 0.34.0 to 0.35.0 by @dependabot[bot] in #402
- Bump github.com/hashicorp/hcl/v2 from 2.23.0 to 2.24.0 by @dependabot[bot] in #403
- Bump google.golang.org/grpc from 1.72.2 to 1.74.2 by @dependabot[bot] in #404
- Bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @dependabot[bot] in #406
- Bump golang.org/x/tools from 0.35.0 to 0.36.0 by @dependabot[bot] in #407
- Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #408
- Bump github.com/zclconf/go-cty from 1.16.3 to 1.16.4 by @dependabot[bot] in #409
- Bump google.golang.org/grpc from 1.74.2 to 1.75.0 by @dependabot[bot] in #410
- dependabot: allow actions writes by @wata727 in #412
- Bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in #413
- Bump github.com/zclconf/go-cty from 1.16.4 to 1.17.0 by @dependabot[bot] in #414
- Bump google.golang.org/protobuf from 1.36.7 to 1.36.8 by @dependabot[bot] in #411
- Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @dependabot[bot] in #416
- Bump google.golang.org/protobuf from 1.36.8 to 1.36.9 by @dependabot[bot] in #417
- Bump golang.org/x/tools from 0.36.0 to 0.37.0 by @dependabot[bot] in #415
- Bump github.com/hashicorp/go-plugin from 1.6.3 to 1.7.0 by @dependabot[bot] in #405
New Contributors
- @rorychatterton made their first contribution in #418
Full Changelog: https://github.com/terraform-linters/tflint-plugin-sdk/compare/v0.22.0...v0.23.0
terraform-linters/tflint-ruleset-terraform (github.com/terraform-linters/tflint-ruleset-terraform)
v0.13.0
What's Changed
Enhancements
- Add terraform_module_shallow_clone rule by @chernetskyi in #267
Chores
- Bump goreleaser/goreleaser-action from 6.2.1 to 6.3.0 by @dependabot[bot] in #254
- Bump github.com/hashicorp/terraform-registry-address from 0.2.4 to 0.2.5 by @dependabot[bot] in #255
- Potential fix for code scanning alert no. 2: Incomplete regular expression for hostnames by @wata727 in #257
- Set explicit workflow permissions by @wata727 in #258
- Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 by @dependabot[bot] in #259
- Bump actions/attest-build-provenance from 2.2.3 to 2.3.0 by @dependabot[bot] in #260
- Bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot[bot] in #261
- Bump github.com/zclconf/go-cty from 1.16.2 to 1.16.3 by @dependabot[bot] in #262
- Bump actions/attest-build-provenance from 2.3.0 to 2.4.0 by @dependabot[bot] in #264
- Bump github.com/hashicorp/terraform-registry-address from 0.2.5 to 0.3.0 by @dependabot[bot] in #265
- Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 by @dependabot[bot] in #266
- Bump sigstore/cosign-installer from 3.9.0 to 3.9.1 by @dependabot[bot] in #268
- Bump github.com/Masterminds/semver/v3 from 3.3.1 to 3.4.0 by @dependabot[bot] in #269
- Bump github.com/hashicorp/hcl/v2 from 2.23.0 to 2.24.0 by @dependabot[bot] in #270
- Bump golang.org/x/oauth2 from 0.23.0 to 0.27.0 by @dependabot[bot] in #271
- Bump sigstore/cosign-installer from 3.9.1 to 3.9.2 by @dependabot[bot] in #272
- Remove unneeded repository info from goreleaser.yml by @wata727 in #273
New Contributors
- @chernetskyi made their first contribution in #267
Full Changelog: https://github.com/terraform-linters/tflint-ruleset-terraform/compare/v0.12.0...v0.13.0
zclconf/go-cty (github.com/zclconf/go-cty)
v1.17.0
cty now requires Go 1.23 or later.
-
cty.Value.Elementsoffers a moderniter.Seq2-based equivalent ofcty.Value.ElementIterator. -
cty.DeepValuesoffers a moderniter.Seq2-based equivalent ofcty.Walk. -
cty.Value.WrangleMarksDeepallows inspecting and modifying individual marks throughout a possibly-nested data structure.Having now got some experience using marks more extensively in some callers, it's become clear that it's often necessary for different subsystems to be able to collaborate using independent marks without upsetting each other's assumptions. Today that tends to be achieved using hand-written transforms either with
cty.Transformorcty.Value.UnmarkDeepWithPaths/cty.Value.MarkWithPaths, both of which can be pretty expensive even in the common case where there are no marks present at all.This new function allows inspecting and transforming marks with far less overhead, by creating new values only for parts of a structure that actually need to change and by reusing (rather than recreating) the "payloads" of the values being modified when we know that only the marks have changed.
-
cty.ValueMarksOfTypeandcty.ValueMarksOfTypeDeepmake it easier to use type-based rather than value-based mark schemes, where different values of a common type are used to track a specific kind of relationship with multiple external values. -
cty.Value.HasMarkDeepprovides a "deep" version of the existingcty.Value.HasMark, searching throughout a possibly-nested structure for any values that have the given mark. -
cty.Value.UnmarkDeepandcty.Value.UnmarkDeepWithPathsare now implemented in terms ofcty.Value.WrangleMarksDeep, so they benefit from its reduced overhead. In particular they avoid reconstructing a data structure that contains no marked values at all. -
cty.Value.MarkWithPathsnow has a fast path when it's given a zero-lengthPathValueMarks, in which case it just returns the value it was given with no modifications.
v1.16.4
v1.16.3
uis/devops/continuous-delivery/ci-templates (uis/devops/continuous-delivery/ci-templates)
v7.17.4: 7.17.4
7.17.4 (2025-09-29)
Bug Fixes
v7.17.3: 7.17.3
7.17.3 (2025-09-29)
v7.17.2: 7.17.2
7.17.2 (2025-09-25)
Bug Fixes
- mandatory-jobs: reduce cpu and memory requests for SAST jobs (9d3526a)
v7.17.1: 7.17.1
7.17.1 (2025-09-25)
Bug Fixes
- pre-commit: certdir variable must be an empty string (d608c55)
v7.17.0: 7.17.0
7.17.0 (2025-09-24)
Features
- mandatory-jobs: increase runner resources for failing SAST jobs (cfb7fd5)
v7.16.0: 7.16.0
7.16.0 (2025-09-19)
Features
-
🎸 Move standard job to Generic GKE Runner (59d2a0e)
v7.15.2: 7.15.2
7.15.2 (2025-09-17)
v7.15.1: 7.15.1
7.15.1 (2025-09-11)
Bug Fixes
- maven.gitlab-ci.yml: moved PUBLISH_NEW_VERSION within .maven:publish script (e02809e)
- maven.gitlab-ci.yml: updated semantic commit message pattern matching and logic (b9ad541)
- maven.gitlab-ci.yml: updated semantic commit message pattern matching and logic (e8071e1)
- maven.gitlab-ci.yml: updated semantic commit message pattern matching and logic (2574c8c)
v7.15.0: 7.15.0
7.15.0 (2025-09-08)
Features
- add custom configuration for secrets (ef86a30)
v7.14.1: 7.14.1
7.14.1 (2025-09-04)
Bug Fixes
- maven.gitlab-ci.yml: move services section under maven job (a2c5dca)
v7.14.0: 7.14.0
7.14.0 (2025-09-02)
Features
v7.13.1: 7.13.1
7.13.1 (2025-09-01)
Bug Fixes
- rename detect-non-utf8-files job and make it work with spaces in filenames (4d7ec69)
v7.13.0: 7.13.0
7.13.0 (2025-08-27)
Features
- add detect-non-utf-files job (f629243)
v7.12.0: 7.12.0
7.12.0 (2025-08-27)
Features
- terraform-pipeline: remove duplicate kics job (354c3cc)
v7.11.1: 7.11.1
7.11.1 (2025-08-21)
v7.11.0: 7.11.0
7.11.0 (2025-08-21)
Features
- trivy job now to use logan-terrafrom image and run terraform init in before_script (b03b3e4)
v7.10.4: 7.10.4
7.10.4 (2025-08-14)
v7.10.3: 7.10.3
7.10.3 (2025-08-14)
v7.10.2: 7.10.2
7.10.2 (2025-08-14)
v7.10.1: 7.10.1
7.10.1 (2025-08-14)
v7.10.0: 7.10.0
7.10.0 (2025-08-14)
Features
- auto-devops: remove mandatory jobs from auto-devops template (5f7de9c)
v7.9.1: 7.9.1
7.9.1 (2025-08-13)
v7.9.0: 7.9.0
7.9.0 (2025-08-13)
Features
- mandatory-jobs: provide AST-related CI/CD variable defaults (3421a2e)
v7.8.0: 7.8.0
7.8.0 (2025-08-13)
Features
- add mandatory jobs template (975f4aa)
v7.7.0: 7.7.0
7.7.0 (2025-08-07)
Features
- add dind support to terraform-test (a17505d)
v7.6.4: 7.6.4
7.6.4 (2025-08-07)
Reverts
- Revert "fix(common-pipeline): pin secret detector image version" (b62bc91)
v7.6.3: 7.6.3
7.6.3 (2025-08-06)
Bug Fixes
- common-pipeline: pin secret detector image version (8109734)
v7.6.2: 7.6.2
7.6.2 (2025-07-22)
Bug Fixes
- handling having set CI_APPLICATION_REPOSITORY with multi target docker builds (1dc6987)
v7.6.1: 7.6.1
7.6.1 (2025-07-16)
Bug Fixes
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.