Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/hashicorp/packer from 1.7.0 to 1.9.4 #61

Closed
wants to merge 1 commit into from
Closed

Bump github.com/hashicorp/packer from 1.7.0 to 1.9.4 #61

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Sep 12, 2023

Bumps github.com/hashicorp/packer from 1.7.0 to 1.9.4.

Release notes

Sourced from github.com/hashicorp/packer's releases.

v1.9.4

1.9.4 (August 18, 2023)

BUG FIXES:

  • core: When invoking Packer with the CHECKPOINT_DISABLE environment variable the telemetry reporter is left uninitialized in order to disable telemetry reporting. Any method calls on the nil reporter is expected to check if the reporter is active or in NOOP mode. The SetBundledUsage function, introduced in Packer 1.9.2, failed to perform a nil check before attempting to modify an attribute, causing Packer to fail when telemetry is disabled. This release fixes this issue by introducing such a check.

v1.9.3

1.9.3 (August 17, 2023)

NOTES:

  • New Docker Image: As part of the bundled plugin removal effort, a new Docker target called release-full has been added to the Packer release artifacts. The release-full image includes Packer and all the official plugins pre-installed in its environment. This image is being offered as an alternative option for those users who may still be relying on the plugin versions bundled into the Packer binary. GH-12532

IMPROVEMENTS:

  • core/docs: Clarify the expected usage of the packer init command for HCL2 template builds.GH-12535
  • core/hcp: Add support for project-level service principals. A user connecting with a project level service principals must provide a valid HCP_PROJECT_ID in order to connect. GH-12520 GH-12576
  • core: A new Docker image packer:release-full has been added for all supported architectures. The release-full image includes Packer and all the official plugins pre-installed in its environment. GH-12532
  • core: Add enhanced support to Packer telemetry for bundle plugins usage. GH-12536

BUG FIXES:

  • core: Bump golang.org/x/net to v0.13.0 to address CVE GO-2023-1988. Packer itself is not vulnerable to the CVE as we don't render web pages, but security checks do point it as an issue that needs to be addressed. GH-12561
  • core: Fix custom plugin loading in current working directory regression. GH-12544

v1.9.2

1.9.2 (July 19, 2023)

... (truncated)

Changelog

Sourced from github.com/hashicorp/packer's changelog.

1.9.4 (August 18, 2023)

BUG FIXES:

  • core: When invoking Packer with the CHECKPOINT_DISABLE environment variable the telemetry reporter is left uninitialized in order to disable telemetry reporting. Any method calls on the nil reporter is expected to check if the reporter is active or in NOOP mode. The SetBundledUsage function, introduced in Packer 1.9.2, failed to perform a nil check before attempting to modify an attribute, causing Packer to fail when telemetry is disabled. This release fixes this issue by introducing such a check.

1.9.3 (August 17, 2023)

NOTES:

  • New Docker Image: As part of the bundled plugin removal effort, a new Docker target called release-full has been added to the Packer release artifacts. The release-full image includes Packer and all the official plugins pre-installed in its environment. This image is being offered as an alternative option for those users who may still be relying on the plugin versions bundled into the Packer binary. GH-12532

IMPROVEMENTS:

  • core/docs: Clarify the expected usage of the packer init command for HCL2 template builds.GH-12535
  • core/hcp: Add support for project-level service principals. A user connecting with a project level service principals must provide a valid HCP_PROJECT_ID in order to connect. GH-12520 GH-12576
  • core: A new Docker image packer:release-full has been added for all supported architectures. The release-full image includes Packer and all the official plugins pre-installed in its environment. GH-12532
  • core: Add enhanced support to Packer telemetry for bundle plugins usage. GH-12536

BUG FIXES:

  • core: Bump golang.org/x/net to v0.13.0 to address CVE GO-2023-1988. Packer itself is not vulnerable to the CVE as we don't render web pages, but security checks do point it as an issue that needs to be addressed. GH-12561
  • core: Fix custom plugin loading in current working directory regression. GH-12544

1.9.2 (July 19, 2023)

NOTES:

... (truncated)

Commits
  • ae9daec Merge pull request #12600 from hashicorp/backport/bump_go/uniformly-classic-yeti
  • 0187065 backport of commit cce22198337d73ef014a7d084b9267d769186e5e
  • 990adc3 Cut release 1.9.4
  • 67122ed Merge pull request #12597 from hashicorp/backport/update_changelog_1.9.4/publ...
  • 9f3e9cc backport of commit 680d8157cd0f546c807c4806b1f32aa96e092c15
  • e92e9ac Merge pull request #12594 from hashicorp/backport/nywilken/catch-nil-checkpoi...
  • b746ad2 backport of commit f871e0e1628013118e47a27c56ff878800486d39
  • bff91f4 packer: remove implicit required plugins
  • 6da4fab Bumped product version to 1.9.4.
  • 3ea3c8c Merge pull request #12590 from hashicorp/backport/perpare_1.9.4_changelog/ful...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/hashicorp/packer from 1.7.0 to 1.9.4
ad9cfa3 
Bumps [github.com/hashicorp/packer](https://github.com/hashicorp/packer) from 1.7.0 to 1.9.4.
- [Release notes](https://github.com/hashicorp/packer/releases)
- [Changelog](https://github.com/hashicorp/packer/blob/main/CHANGELOG.md)
- [Commits](hashicorp/packer@v1.7.0...v1.9.4)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/packer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 12, 2023
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Sep 12, 2023

Dependabot tried to add @NorseGaud and @asafg6 as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/chef/packer-builder-veertu-anka/pulls/61/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the chef/packer-builder-veertu-anka repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

@dependabot dependabot bot mentioned this pull request Sep 12, 2023
Closed
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Dec 5, 2023

Superseded by #66.

@dependabot dependabot bot closed this Dec 5, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/github.com/hashicorp/packer-1.9.4 branch December 5, 2023 09:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants