Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump github.com/hashicorp/packer from 1.7.0 to 1.9.5 #66

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump github.com/hashicorp/packer from 1.7.0 to 1.9.5 #66

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Dec 5, 2023

Bumps github.com/hashicorp/packer from 1.7.0 to 1.9.5.

Release notes

Sourced from github.com/hashicorp/packer's releases.

v1.9.5

1.9.5 (December 4, 2023)

SECURITY

  • Bump github.com/go-jose/go-jose/v3 to address GO-2023-2334. GH-12723

BUG FIXES:

  • Add VirtualBox as known plugin prefix to prevent endless bundled plugin warning. GH-12719

v1.9.4

1.9.4 (August 18, 2023)

BUG FIXES:

  • core: When invoking Packer with the CHECKPOINT_DISABLE environment variable the telemetry reporter is left uninitialized in order to disable telemetry reporting. Any method calls on the nil reporter is expected to check if the reporter is active or in NOOP mode. The SetBundledUsage function, introduced in Packer 1.9.2, failed to perform a nil check before attempting to modify an attribute, causing Packer to fail when telemetry is disabled. This release fixes this issue by introducing such a check.

v1.9.3

1.9.3 (August 17, 2023)

NOTES:

  • New Docker Image: As part of the bundled plugin removal effort, a new Docker target called release-full has been added to the Packer release artifacts. The release-full image includes Packer and all the official plugins pre-installed in its environment. This image is being offered as an alternative option for those users who may still be relying on the plugin versions bundled into the Packer binary. GH-12532

IMPROVEMENTS:

  • core/docs: Clarify the expected usage of the packer init command for HCL2 template builds.GH-12535
  • core/hcp: Add support for project-level service principals. A user connecting with a project level service principals must provide a valid HCP_PROJECT_ID in order to connect. GH-12520 GH-12576
  • core: A new Docker image packer:release-full has been added for all supported architectures. The release-full image includes Packer and all the official plugins pre-installed in its environment. GH-12532
  • core: Add enhanced support to Packer telemetry for bundle plugins usage.

... (truncated)

Changelog

Sourced from github.com/hashicorp/packer's changelog.

1.9.5 (December 4, 2023)

SECURITY

  • Bump github.com/go-jose/go-jose/v3 to address GO-2023-2334. GH-12723

BUG FIXES:

  • Add VirtualBox as known plugin prefix to prevent endless bundled plugin warning. GH-12719

1.9.4 (August 18, 2023)

BUG FIXES:

  • core: When invoking Packer with the CHECKPOINT_DISABLE environment variable the telemetry reporter is left uninitialized in order to disable telemetry reporting. Any method calls on the nil reporter is expected to check if the reporter is active or in NOOP mode. The SetBundledUsage function, introduced in Packer 1.9.2, failed to perform a nil check before attempting to modify an attribute, causing Packer to fail when telemetry is disabled. This release fixes this issue by introducing such a check.

1.9.3 (August 17, 2023)

NOTES:

  • New Docker Image: As part of the bundled plugin removal effort, a new Docker target called release-full has been added to the Packer release artifacts. The release-full image includes Packer and all the official plugins pre-installed in its environment. This image is being offered as an alternative option for those users who may still be relying on the plugin versions bundled into the Packer binary. GH-12532

IMPROVEMENTS:

  • core/docs: Clarify the expected usage of the packer init command for HCL2 template builds.GH-12535
  • core/hcp: Add support for project-level service principals. A user connecting with a project level service principals must provide a valid HCP_PROJECT_ID in order to connect. GH-12520 GH-12576
  • core: A new Docker image packer:release-full has been added for all supported architectures. The release-full image includes Packer and all the official plugins pre-installed in its environment. GH-12532
  • core: Add enhanced support to Packer telemetry for bundle plugins usage. GH-12536

BUG FIXES:

... (truncated)

Commits
  • 6d28df4 version: cut v1.9.5
  • 05b64fc CHANGELOG: update 1.9.5
  • 7f2c5a8 acctest: fix datasource's image name
  • ac07636 Add VirtualBox as known plugin prefix
  • beea56f scripts/prepare_changelog:Update to output entries not in CHANGELOG.md
  • 09cd4c3 Merge pull request #12692 from hashicorp/backport/fix/CVE-2023-45283/mildly-a...
  • 43d2f92 Merge pull request #12691 from hashicorp/backport/update/prepare-changelog-fo...
  • e587324 backport of commit 3201a9751b24c36f13f2f555604220a8a057ec79
  • 072b045 backport of commit 9ac3000a590a388947c07525fa730421b6284f4c
  • 4579a5a Merge pull request #12680 from hashicorp/backport/patch-1/horribly-moral-corgi
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/hashicorp/packer from 1.7.0 to 1.9.5
9612fa3 
Bumps [github.com/hashicorp/packer](https://github.com/hashicorp/packer) from 1.7.0 to 1.9.5.
- [Release notes](https://github.com/hashicorp/packer/releases)
- [Changelog](https://github.com/hashicorp/packer/blob/main/CHANGELOG.md)
- [Commits](hashicorp/packer@v1.7.0...v1.9.5)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/packer
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 5, 2023
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Dec 5, 2023

Dependabot tried to add @NorseGaud and @asafg6 as reviewers to this PR, but received the following error from GitHub:

POST https://api.github.com/repos/chef/packer-builder-veertu-anka/pulls/66/requested_reviewers: 422 - Reviews may only be requested from collaborators. One or more of the users or teams you specified is not a collaborator of the chef/packer-builder-veertu-anka repository. // See: https://docs.github.com/rest/pulls/review-requests#request-reviewers-for-a-pull-request

@dependabot dependabot bot mentioned this pull request Dec 5, 2023
Closed
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Dec 5, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants