Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[dependabot][prod][gomod] - (deps): Bump the prod-others group with 2 updates #27

Merged
merged 1 commit into from
Mar 29, 2024
Merged

[dependabot][prod][gomod] - (deps): Bump the prod-others group with 2 updates #27

merged 1 commit into from
Mar 29, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 27, 2024
edited
Loading

Bumps the prod-others group with 2 updates: github.com/hashicorp/hcl/v2 and github.com/zclconf/go-cty.

Updates github.com/hashicorp/hcl/v2 from 2.16.2 to 2.20.1

Release notes

Sourced from github.com/hashicorp/hcl/v2's releases.

v2.20.1

Bugs Fixed

  • Return ExprSyntaxError when an invalid namespaced function is encountered during parsing (#668)

Internal

  • Standardize on only two value dumping/diffing libraries (#669)

v2.20.0

What's Changed

New Contributors

Full Changelog: hashicorp/hcl@v2.19.1...v2.20.0

v2.19.1

What's Changed

Full Changelog: hashicorp/hcl@v2.19.0...v2.19.1

v2.18.1

Bugs Fixed

  • hclsyntax: Conditional expressions will no longer panic when one or both of their results are "marked", as is the case for situations like how HashiCorp Terraform tracks its concept of "sensitive values". (#630)

v2.18.0

Enhancements

  • HCL now uses the tables from Unicode 15 when performing string normalization and character segmentation. HCL was previously using the Unicode 13 tables.

    For calling applications where consistent Unicode support is important, consider also upgrading to Go 1.21 at the same time as adopting HCL v2.18.0 so that the standard library unicode tables (used for case folding, etc) will also be from Unicode 15.

v2.17.1

Enhancements

... (truncated)

Changelog

Sourced from github.com/hashicorp/hcl/v2's changelog.

v2.20.1 (March 26, 2024)

Bugs Fixed

  • Return ExprSyntaxError when an invalid namespaced function is encountered during parsing (#668)

Internal

  • Standardize on only two value dumping/diffing libraries (#669)

v2.20.0 (February 29, 2024)

Enhancements

  • Support for namespaced functions (#639)

Bugs Fixed

  • ext/dynblock: if iterator is invalid return this error instead of consequential errors (#656)

v2.19.0 (October 16, 2023)

Enhancements

  • ext/dynblock: dynblock.Expand now supports an optional hook for calling applications to check and potentially veto (by returning error diagnostics) particular for_each values. The behavior is unchanged for callers that don't set the new option. (#634)

Bugs Fixed

  • hclsyntax: Further fixes for treatment of "marked" values in the conditional expression, and better tracking of refined values into the conditional expression results, building on the fixes from v2.18.1. (#633)

v2.18.1 (October 5, 2023)

Bugs Fixed

  • hclsyntax: Conditional expressions will no longer panic when one or both of their results are "marked", as is the case for situations like how HashiCorp Terraform tracks its concept of "sensitive values". (#630)

v2.18.0 (August 30, 2023)

Enhancements

  • HCL now uses the tables from Unicode 15 when performing string normalization and character segmentation. HCL was previously using the Unicode 13 tables.

    For calling applications where consistent Unicode support is important, consider also upgrading to Go 1.21 at the same time as adopting HCL v2.18.0 so that the standard library unicode tables (used for case folding, etc) will also be from Unicode 15.

v2.17.1 (August 30, 2023)

Enhancements

  • hclsyntax: When evaluating string templates that have a long known constant prefix, HCL will truncate the known prefix to avoid creating excessively-large refinements. String prefix refinements are intended primarily for relatively-short fixed prefixes, such as https:// at the start of a URL known to use that scheme. (#617)
  • ext/tryfunc: The "try" and "can" functions now handle unknown values slightly more precisely, and so can return known values in more situations when given expressions referring to unknown symbols. (#622)

... (truncated)

Commits
  • 303be61 Update CHANGELOG for 2.20.1
  • 2a0a3f0 Standardize on only two value dumping/diffing libraries
  • 5160967 Merge pull request #668 from hashicorp/add-expr-syntax-error
  • cc3af98 fix test error message if wrong type
  • 54e4175 add SrcRange to ExprSyntaxError
  • 53ee54e chore: add test from #665
  • 1cbb0d4 feat: return ExprSyntaxError instead of nil when expression parsing fails for...
  • 57f8bbf update CHANGELOG.md for v2.20
  • 21a05d5 Merge pull request #663 from hashicorp/ci-workflow-updates
  • 1f6a0f7 Use make targets in CI
  • Additional commits viewable in compare view

Updates github.com/zclconf/go-cty from 1.13.1 to 1.14.4

Release notes

Sourced from github.com/zclconf/go-cty's releases.

v1.13.2

  • cty: IndexStep.Apply will no longer panic if given a marked collection to traverse through. (#160).
Changelog

Sourced from github.com/zclconf/go-cty's changelog.

1.14.4 (March 20, 2024)

  • msgpack: Now uses string encoding instead of float encoding for a whole number that is too large to fit in any of MessagePack's integer types.
  • function/stdlib: Type conversion functions (constructed with MakeToFunc) can now convert null values of unknown type into null values of the target type, rather than returning an unknown value in that case.
  • json: Will now correctly reject attempts to encode cty.DynamicVal, whereas before it would just produce an invalid JSON document without any error. (This is invalid because JSON encoding cannot support unknown values at all; cty.DynamicVal is a special case of unknown value where even the type isn't known.)

1.14.3 (February 29, 2024)

  • msgpack: Fixed edge-case bug that could cause loss of floating point precision when round-tripping due to incorrectly using a MessagePack integer to represent a large non-integral number. #176
  • cty: Fixed some false-negative numeric equality test results by comparing numbers as integers when possible. #176

1.14.2 (January 23, 2024)

  • convert: Converting from an unknown map value to an object type now correctly handles the situation where the map element type disagrees with an optional attribute of the target type, since when a map value is unknown we don't yet know which keys it has and thus cannot predict what subset of the elements will get converted as attributes in the resulting object. (#175)

1.14.1 (October 5, 2023)

  • cty: It's now valid to use the Refine method on cty.DynamicVal, although all refinements will be silently discarded. This replaces the original behavior of panicking when trying to refine cty.DynamicVal.

  • cty: Value.Range will now return a clearer panic message if called on a marked value. The "value range" concept is only applicable to unmarked values because not all of the ValueRange functions are able to propagate marks into their return values, due to returning Go primitive types instead of new cty.Value results.

    Callers that use marks must, as usual, take care to unmark them before exporting values into "normal" Go types, and then explicitly re-apply the marks to their result as appropriate. Applications that make no use of value marks, and library callers that exclude marked values from what they support, can safely ignore this requirement.

1.14.0 (August 30, 2023)

This release updates the supported version of Unicode from Unicode 13 to Unicode 15. This is a backwards-compatible change that means that cty supports normalization and segmentation of strings containing new Unicode characters. The algorithms for normalization and segmentation themselves are unchanged.

If you use cty in an application that cares about consistent Unicode support, you should upgrade to Go 1.21 at the same time as updating to cty v1.14, because that will then also update the Unicode tables embedded in the Go standard library (used for case folding, etc).

  • cty: The cty.String type will now normalize incoming string values using the Unicode 15 normalization rules.
  • function/stdlib: The various string functions which split strings into individual characters as part of their work will now use the Unicode 15 version of the text segmentation algorithm to do so.

1.13.3 (August 24, 2023)

  • msgpack: As a compromise to avoid unbounded memory usage for a situation that some callers won't take advantage of anyway, the MessagePack decoder has a maximum length limit on encoded unknown value refinements. For consistency, the encoder will now truncate string prefix refinements if necessary to avoid making the encoded refinements too long. (#167)

    This is consistent with the documented conventions for serializing refinements -- that we can potentially lose detail through serialization -- but in this case we are still able to preserve shorter string prefixes, whereas other serializations tend to just discard refinement information altogether.

1.13.2 (May 22, 2023)

  • cty: IndexStep.Apply will no longer panic if given a marked collection to traverse through. (#160).
Commits
  • 74286a8 v1.14.4 release
  • 4a34c33 json: Refuse to encode cty.DynamicVal
  • 4b76b75 stdlib: Conversion functions can accept unknown-typed nulls
  • f41ae52 msgpack: Never marshal integers as MessagePack float
  • 0e3c880 functions: lookup third argument is not optional
  • a0c3e7b Prepare for possible future 1.14.4 release
  • 304e4a8 v1.14.3 release
  • 50ce6d3 Update CHANGELOG.md
  • 1e9442d don't use compact floats in msgpack
  • a0315a5 Use integer comparison for equality
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot requested a review from yoanm as a code owner March 27, 2024 14:49
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 27, 2024
@dependabot dependabot bot mentioned this pull request Mar 27, 2024
Closed
@codecov Codecov
Copy link

codecov bot commented Mar 27, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.53%. Comparing base (2435a66) to head (76e55a0).

Additional details and impacted files 
@@           Coverage Diff           @@
##           master      #27   +/-   ##
=======================================
  Coverage   95.53%   95.53%           
=======================================
  Files          14       14           
  Lines         426      426           
=======================================
  Hits          407      407           
  Misses         13       13           
  Partials        6        6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@yoanm
Copy link
Owner

yoanm commented Mar 27, 2024

@dependabot recreate

@dependabot
[dependabot][prod][gomod] - (deps): Bump the prod-others group with 2…
5d36dfd 
… updates

Bumps the prod-others group with 2 updates: [github.com/hashicorp/hcl/v2](https://github.com/hashicorp/hcl) and [github.com/zclconf/go-cty](https://github.com/zclconf/go-cty).


Updates `github.com/hashicorp/hcl/v2` from 2.16.2 to 2.20.1
- [Release notes](https://github.com/hashicorp/hcl/releases)
- [Changelog](https://github.com/hashicorp/hcl/blob/main/CHANGELOG.md)
- [Commits](hashicorp/hcl@v2.16.2...v2.20.1)

Updates `github.com/zclconf/go-cty` from 1.13.1 to 1.14.4
- [Release notes](https://github.com/zclconf/go-cty/releases)
- [Changelog](https://github.com/zclconf/go-cty/blob/main/CHANGELOG.md)
- [Commits](zclconf/go-cty@v1.13.1...v1.14.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/hcl/v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-others
- dependency-name: github.com/zclconf/go-cty
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-others
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/prod-others-6683d9c636 branch from 76e55a0 to 5d36dfd Compare March 27, 2024 18:25
@codecov-commenter
Copy link

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 95.53%. Comparing base (aa28662) to head (76e55a0).

❗ Current head 76e55a0 differs from pull request most recent head 5d36dfd. Consider uploading reports for the commit 5d36dfd to get more accurate results

Additional details and impacted files 
@@            Coverage Diff             @@
##           master      #27      +/-   ##
==========================================
- Coverage   95.97%   95.53%   -0.44%     
==========================================
  Files          14       14              
  Lines         348      426      +78     
==========================================
+ Hits          334      407      +73     
- Misses          8       13       +5     
  Partials        6        6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@yoanm yoanm merged commit 3ac0116 into master Mar 29, 2024
14 checks passed
@yoanm yoanm deleted the dependabot/go_modules/prod-others-6683d9c636 branch March 29, 2024 09:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yoanm yoanm yoanm approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update Go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yoanm @codecov-commenter