Skip to content

build(deps): bump the gomod group with 5 updates #2922

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

build(deps): bump the gomod group with 5 updates #2922

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 19, 2025

Bumps the gomod group with 5 updates:

Package From To
github.com/golangci/golangci-lint/v2 2.6.0 2.6.2
github.com/hashicorp/go-cty 1.4.1-0.20200414143053-d3edf31b6320 1.5.0
github.com/hashicorp/terraform-plugin-sdk/v2 2.34.0 2.38.1
golang.org/x/crypto 0.43.0 0.45.0
golang.org/x/oauth2 0.30.0 0.33.0

Updates github.com/golangci/golangci-lint/v2 from 2.6.0 to 2.6.2

Release notes

Sourced from github.com/golangci/golangci-lint/v2's releases.

v2.6.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • a237b8294c2776c7da0eddcc72eb3632223488c1 build(deps): bump github.com/maratori/testableexamples from 1.0.0 to 1.0.1 (#6182)
  • 7255b2cff8787ddd0b062d543a08c5afa7989c78 build(deps): bump github.com/maratori/testpackage from 1.1.1 to 1.1.2 (#6183)
  • f07ab6ad97df981f3e2ffb11bf1d54d39088cefd build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in /scripts/gen_github_action_config in the scripts group (#6185)
  • 79163b62ba480ed49e1f3bb4ef346ea1f912331b build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 (#6181)
  • 7bcb236705fdd83923d5dfe2487d9244cc6585c2 build(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 in the github-actions group (#6186)
  • a8a12dba5f526b14e31be424b0f1e6cc1e922269 fix: fmt command with symlinks (#6187)
  • c128d127c8593eaef27d541221c24e972b6df150 fix: use file depending on build configuration to invalidate cache (#6179)

v2.6.1

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 1865317e033ab1b0496ce038cf2a0474beea8901 build(deps): bump github.com/go-critic/go-critic from 0.14.0 to 0.14.2 (#6164)
  • a9084fe6c1f905ef43b72c7318a5f933709bf5e3 build(deps): bump github.com/karamaru-alpha/copyloopvar from 1.2.1 to 1.2.2 (#6161)
  • 9b1070930c357b8d436b27a34fbab8ba3e76bfb2 build(deps): bump github.com/shirou/gopsutil/v4 from 4.25.9 to 4.25.10 (#6168)
  • 8b074736158869779fe25fe2691a0e397fa6964c build(deps): bump the linter-testdata group across 2 directories with 3 updates (#6167)
Changelog

Sourced from github.com/golangci/golangci-lint/v2's changelog.

v2.6.2

Released on 2025-11-14

  1. Bug fixes
    • fmt command with symlinks
    • use file depending on build configuration to invalidate cache
  2. Linters bug fixes
    • testableexamples: from 1.0.0 to 1.0.1
    • testpackage: from 1.1.1 to 1.1.2

v2.6.1

Released on 2025-11-04

  1. Linters bug fixes
    • copyloopvar: from 1.2.1 to 1.2.2
    • go-critic: from 0.14.0 to 0.14.2
Commits
  • dc16cf4 chore: prepare release
  • a8a12db fix: fmt command with symlinks (#6187)
  • 7bcb236 build(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 in the gi...
  • f07ab6a build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in /scripts/gen_g...
  • 7255b2c build(deps): bump github.com/maratori/testpackage from 1.1.1 to 1.1.2 (#6183)
  • a237b82 build(deps): bump github.com/maratori/testableexamples from 1.0.0 to 1.0.1 (#...
  • 79163b6 build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 (#6181)
  • c128d12 fix: use file depending on build configuration to invalidate cache (#6179)
  • b92f577 docs: improve fix flag description (#6175)
  • fb3e4b2 docs: fix changelog
  • Additional commits viewable in compare view

Updates github.com/hashicorp/go-cty from 1.4.1-0.20200414143053-d3edf31b6320 to 1.5.0

Changelog

Sourced from github.com/hashicorp/go-cty's changelog.

1.5.0 (March 17, 2025)

  • cty: New Value.HasWhollyKnownType method, for testing whether a value's type could potentially change if any unknown values it was constructed from were to become known. (#55)
  • convert: Fix incorrect panic when converting a tuple with a dynamic-typed null member into a list or set, due to overly-liberal type unification. (#56)

1.4.2

  • function/stdlib: The jsonencode function will now correctly accept a null as its argument, and produce the JSON representation "null" rather than returning an error. (#54)
  • convert: Don't panic when asked to convert a tuple of objects to a list type constraint containing a nested cty.DynamicPseudoType. (#53)

1.4.1 (March 5, 2025)

  • function/stdlib: Fix various panics related to sets with unknown element types in the set-manipulation functions. (#52)
  • json: Remove json.UnmarshalDynamicWithImpliedType function that was only available in hashicorp/go-cty 1.4.1 pseudo-versions. (#6)

1.4.0 (April 7, 2020)

  • function/stdlib: The string functions that partition strings into individual characters (grapheme clusters) now use the appropriate segmentation rules from Unicode 12.0.0, while previous versions used Unicode 9.0.0.
  • function/stdlib: New functions Replace and RegexReplace for matching and replacing sequences of characters in a given string with another given string. (#45)
  • function/stdlib: The function Substr will now produce a zero-length string when given a length of zero. Previously it was incorrectly returning the remainder of the string after the given offset. (#48)
  • function/stdlib: The Floor and Ceil functions will now return an infinity if given an infinity, rather than returning the maximum/minimum integer value. (#51)
  • cty: Convenience methods for constructing path index steps from normal Go int and string values. (#50)

1.3.1 (March 3, 2020)

  • convert: Fix incorrect conversion rules for maps of maps that were leading to panics. This will now succeed in some more cases that ought to have been valid, and produce a proper error if there is no valid outcome. (#47)
  • function/stdlib: Fix an implementation error in the Contains function that was introduced in 1.3.0, so it will now produce a correct result rather than failing with a confusing error message. (#46)

1.3.0 (February 19, 2020)

  • convert: There are now conversions from map types to object types, as long as the given map type's element type is convertible to all of the object type's attribute types. (#42)
  • function/stdlib: HashiCorp has contributed a number of additional functions to the standard library that were originally implemented directly inside their Terraform codebase: (#37)
    • Element: take an element from a list or tuple by index, using modulo wrap-around.
    • CoalesceList: return the first non-empty list argument.
    • Compact: take a list of strings and return a new list of strings with all empty strings removed.
    • Contains: returns true if a given value appears as an element in a list, tuple, or set.
    • Distinct: filters duplicate elements from a list while retaining the order of remaining items.
    • ChunkList: turn a list into a list-of-lists where each top-level list is a "chunk" of a particular size of elements from the input.
    • Flatten: given a sequence that might contain other sequences, eliminate any intermediate sequences to produce a flat sequence.
    • Keys: return a list of keys from a map or object value in lexical order.
    • Values: return a list of values from a map in the same order as Keys.
    • Lookup: conditional lookup of an element from a map if it's present, or a fallback value if not. (This one differs from its Terraform equivalent in that the default value argument is required.)
    • Merge: given one or more maps or objects, merge them together into a single collection.
    • ReverseList: given a list, return a new list with the same items in the opposite order.
    • SetProduct: compute the cartesian product of one or more sets.
    • Slice: extract a consecutive sub-list from a list.
    • Zipmap: given a pair of lists of the same length, interpret the first as keys and the second as corresponding values to produce a map.
    • A factory MakeToFunc to build functions that each convert to a particular type constraint.
    • TimeAdd: add a duration to a timestamp to produce a new timestamp.
    • Ceil and Floor: round a fractional value to the nearest integer, away from or towards zero respectively.

... (truncated)

Commits

Updates github.com/hashicorp/terraform-plugin-sdk/v2 from 2.34.0 to 2.38.1

Release notes

Sourced from github.com/hashicorp/terraform-plugin-sdk/v2's releases.

v2.38.1

BUG FIXES:

  • all: Prevent identity change validation from raising an error when prior identity is empty (all attributes are null) (#1527)

v2.38.0

NOTES:

  • all: This Go module has been updated to Go 1.24 per the Go support policy. It is recommended to review the Go 1.24 release notes before upgrading. Any consumers building on earlier Go versions may experience errors. (#1518)
  • helper/schema: Update the provider server to handle the ListResource RPCs by returning an error since they are not supported by SDKv2. (#1521)
  • helper/schema: Update the provider server to handle Action RPCs by returning an error since they are not supported by SDKv2. (#1522)

ENHANCEMENTS:

  • helper/schema: Added new helper methods for converting Resource and Identity schemas to protocol representations. (#1504)
  • helper/schema: Added an additional validation check to ensure the resource identity object is not null. (#1513)
  • helper/schema: Added the TfTypeIdentityState() and TfTypeResourceState() methods to ResourceData which return the identity and state values as a tftypes.Value. (#1508)

v2.37.0

NOTES:

  • all: This Go module has been updated to Go 1.23 per the Go support policy. It is recommended to review the Go 1.23 release notes before upgrading. Any consumers building on earlier Go versions may experience errors. (#1445)
  • all: This release contains new fields and structs for implmenting managed resource identity. Resource identity is data that is defined by a separate schema and is stored alongside resource state. Identity data is used by Terrform to uniquely identify a remote object and is meant to be immutable during the remote object's lifecycle. Resources that support identity can now be imported using the identity attribute in Terraform configuration import blocks, available in Terraform v1.12+. The resource.Identity field on the schema.Resource struct can be used to support identity by defining an identity schema. Once the identity schema is defined, you can read and store identity data in the state file with the new IdentityData struct that is available via the Identity() method on schema.ResourceData and schema.ResourceDiff structs. (#1444)

FEATURES:

  • helper/schema: Added new TestResourceDataWithIdentityRaw function for creating a ResourceData struct with identity data for unit testing. (#1475)
  • helper/schema: Added new Identity field to Resource that supports defining an identity schema for managed resources only. (#1444)
  • Added new ImportStatePassthroughWithIdentity helper that can support both identity and ID importing via a single field. (#1474)

ENHANCEMENTS:

  • helper/schema: Added RequiredForImport and OptionalForImport fields to the Schema struct, which are only valid for identity schemas. (#1444)
  • helper/schema: Updated ResourceData to support passing of identity data in CRUD and import functions for managed resources. (#1444)

BUG FIXES:

  • helper/schema: Fixed bug that blocked write-only attributes from being used with resources without update functions. (#1472)

v2.37.0-beta.1

NOTES:

  • This beta pre-release continues the implementation of managed resource identity, which should now be used with Terraform v1.12.0-beta2. Managed resources now can support import by identity during plan and apply workflows. Managed resources that already support import via the schema.Resource.Importer field still need to set an ID during import when an identity is provided. The RequiredForImport and OptionalForImport fields on the identity schema can be used to control the validation that Terraform core will apply to the import config block. (#1463)

v2.37.0-alpha.1

NOTES:

  • all: This Go module has been updated to Go 1.23 per the Go support policy. It is recommended to review the Go 1.23 release notes before upgrading. Any consumers building on earlier Go versions may experience errors. (#1445)
  • This alpha pre-release contains an initial implementation for managed resource identity, which can used with Terraform v1.12.0-alpha20250319, to store and read identity data during plan and apply workflows. A managed resource identity can be used by defining an identity schema in the resource.Identity field. Once the identity schema is defined, you can read and store identity data in the new IdentityData struct that is available via the new Identity() method on ResourceData and ResourceDiff structs. (#1444)

... (truncated)

Changelog

Sourced from github.com/hashicorp/terraform-plugin-sdk/v2's changelog.

2.38.1 (September 22, 2025)

BUG FIXES:

  • all: Prevent identity change validation from raising an error when prior identity is empty (all attributes are null) (#1527)

2.38.0 (September 17, 2025)

NOTES:

  • all: This Go module has been updated to Go 1.24 per the Go support policy. It is recommended to review the Go 1.24 release notes before upgrading. Any consumers building on earlier Go versions may experience errors. (#1518)
  • helper/schema: Update the provider server to handle the ListResource RPCs by returning an error since they are not supported by SDKv2. (#1521)
  • helper/schema: Update the provider server to handle Action RPCs by returning an error since they are not supported by SDKv2. (#1522)

ENHANCEMENTS:

  • helper/schema: Added new helper methods for converting Resource and Identity schemas to protocol representations. (#1504)
  • helper/schema: Added an additional validation check to ensure the resource identity object is not null. (#1513)
  • helper/schema: Added the TfTypeIdentityState() and TfTypeResourceState() methods to ResourceData which return the identity and state values as a tftypes.Value. (#1508)

2.37.0 (May 16, 2025)

NOTES:

  • all: This Go module has been updated to Go 1.23 per the Go support policy. It is recommended to review the Go 1.23 release notes before upgrading. Any consumers building on earlier Go versions may experience errors. (#1445)
  • all: This release contains new fields and structs for implmenting managed resource identity. Resource identity is data that is defined by a separate schema and is stored alongside resource state. Identity data is used by Terrform to uniquely identify a remote object and is meant to be immutable during the remote object's lifecycle. Resources that support identity can now be imported using the identity attribute in Terraform configuration import blocks, available in Terraform v1.12+. The resource.Identity field on the schema.Resource struct can be used to support identity by defining an identity schema. Once the identity schema is defined, you can read and store identity data in the state file with the new IdentityData struct that is available via the Identity() method on schema.ResourceData and schema.ResourceDiff structs. (#1444)

FEATURES:

  • helper/schema: Added new TestResourceDataWithIdentityRaw function for creating a ResourceData struct with identity data for unit testing. (#1475)
  • helper/schema: Added new Identity field to Resource that supports defining an identity schema for managed resources only. (#1444)
  • Added new ImportStatePassthroughWithIdentity helper that can support both identity and ID importing via a single field. (#1474)

ENHANCEMENTS:

  • helper/schema: Added RequiredForImport and OptionalForImport fields to the Schema struct, which are only valid for identity schemas. (#1444)
  • helper/schema: Updated ResourceData to support passing of identity data in CRUD and import functions for managed resources. (#1444)

BUG FIXES:

  • helper/schema: Fixed bug that blocked write-only attributes from being used with resources without update functions. (#1472)

2.37.0-beta.1 (April 18, 2025)

NOTES:

  • This beta pre-release continues the implementation of managed resource identity, which should now be used with Terraform v1.12.0-beta2. Managed resources now can support import by identity during plan and apply workflows. Managed resources that already support import via the schema.Resource.Importer field still need to set an ID during import when an identity is provided. The RequiredForImport and OptionalForImport fields on the identity schema can be used to control the validation that Terraform core will apply to the import config block. (#1463)

2.37.0-alpha.1 (March 20, 2025)

... (truncated)

Commits
  • cada9f3 Update changelog
  • 66bbff0 Update meta package SDKVersion
  • f5ba712 identity: Update change validation to ensure empty identities (all null attri...
  • ef9dd9f Update changelog
  • 9163250 Update meta package SDKVersion
  • 7a87b04 build(deps): bump github.com/hashicorp/terraform-plugin-go (#1526)
  • fdc4a14 build(deps): bump github.com/hashicorp/terraform-json (#1523)
  • d8ee719 action: Implement error returning for action RPCs (#1522)
  • 183e62b list: implement list RPCs (#1521)
  • 24a3c3e build(deps): bump golang.org/x/crypto from 0.41.0 to 0.42.0 (#1519)
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.43.0 to 0.45.0

Commits
  • 4e0068c go.mod: update golang.org/x dependencies
  • e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
  • f91f7a7 ssh/agent: prevent panic on malformed constraint
  • 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
  • bcf6a84 acme: pass context to request
  • b4f2b62 ssh: fix error message on unsupported cipher
  • 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
  • 122a78f go.mod: update golang.org/x dependencies
  • c0531f9 all: eliminate vet diagnostics
  • 0997000 all: fix some comments
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.30.0 to 0.33.0

Commits
  • f28b0b5 all: fix some comments
  • fd15e0f x/oauth2: populate RetrieveError from DeviceAuth
  • 792c877 oauth2: use strings.Builder instead of bytes.Buffer
  • 014cf77 all: upgrade go directive to at least 1.24.0 [generated]
  • 3c76ce5 endpoints: correct Naver OAuth2 endpoint URLs
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the gomod group with 5 updates
c3d9d27 
Bumps the gomod group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/golangci/golangci-lint/v2](https://github.com/golangci/golangci-lint) | `2.6.0` | `2.6.2` |
| [github.com/hashicorp/go-cty](https://github.com/hashicorp/go-cty) | `1.4.1-0.20200414143053-d3edf31b6320` | `1.5.0` |
| [github.com/hashicorp/terraform-plugin-sdk/v2](https://github.com/hashicorp/terraform-plugin-sdk) | `2.34.0` | `2.38.1` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.43.0` | `0.45.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.30.0` | `0.33.0` |


Updates `github.com/golangci/golangci-lint/v2` from 2.6.0 to 2.6.2
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/main/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v2.6.0...v2.6.2)

Updates `github.com/hashicorp/go-cty` from 1.4.1-0.20200414143053-d3edf31b6320 to 1.5.0
- [Changelog](https://github.com/hashicorp/go-cty/blob/master/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-cty/commits/v1.5.0)

Updates `github.com/hashicorp/terraform-plugin-sdk/v2` from 2.34.0 to 2.38.1
- [Release notes](https://github.com/hashicorp/terraform-plugin-sdk/releases)
- [Changelog](https://github.com/hashicorp/terraform-plugin-sdk/blob/main/CHANGELOG.md)
- [Commits](hashicorp/terraform-plugin-sdk@v2.34.0...v2.38.1)

Updates `golang.org/x/crypto` from 0.43.0 to 0.45.0
- [Commits](golang/crypto@v0.43.0...v0.45.0)

Updates `golang.org/x/oauth2` from 0.30.0 to 0.33.0
- [Commits](golang/oauth2@v0.30.0...v0.33.0)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint/v2
  dependency-version: 2.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/hashicorp/go-cty
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/hashicorp/terraform-plugin-sdk/v2
  dependency-version: 2.38.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 19, 2025
@stevehipwell stevehipwell added this to the v7.0.0 Release milestone Nov 19, 2025
@stevehipwell stevehipwell mentioned this pull request Nov 19, 2025
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

v7.0.0 Release

Development

Successfully merging this pull request may close these issues.

2 participants

@stevehipwell