Bumped hashicorp/go-getter due Critical Vulnerability #2144
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
|
jdesouza
changed the title
|
Thanks! |
renovate bot
added a commit
to scottames/dots
that referenced
this pull request
May 9, 2024
[](https://renovatebot.com)
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [aquaproj/aqua-registry](https://togithub.com/aquaproj/aqua-registry)
| minor | `v4.166.0` -> `v4.174.0` |
| [aquasecurity/tfsec](https://togithub.com/aquasecurity/tfsec) | patch
| `v1.28.5` -> `v1.28.6` |
| [charmbracelet/gum](https://togithub.com/charmbracelet/gum) | minor |
`v0.13.0` -> `v0.14.0` |
| [cli/cli](https://togithub.com/cli/cli) | minor | `v2.48.0` ->
`v2.49.1` |
| [eza-community/eza](https://togithub.com/eza-community/eza) | patch |
`v0.18.13` -> `v0.18.15` |
| [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| minor | `v1.57.2` -> `v1.58.1` |
|
[gruntwork-io/terragrunt](https://togithub.com/gruntwork-io/terragrunt)
| minor | `v0.57.11` -> `v0.58.3` |
| [junegunn/fzf](https://togithub.com/junegunn/fzf) | minor | `0.50.0`
-> `0.52.0` |
| [nektos/act](https://togithub.com/nektos/act) | patch | `v0.2.61` ->
`v0.2.62` |
| [snyk/cli](https://togithub.com/snyk/cli) | minor | `v1.1290.0` ->
`v1.1291.0` |
| [stern/stern](https://togithub.com/stern/stern) | minor | `v1.28.0` ->
`v1.29.0` |
|
[terraform-linters/tflint](https://togithub.com/terraform-linters/tflint)
| minor | `v0.50.3` -> `v0.51.0` |
| [twpayne/chezmoi](https://togithub.com/twpayne/chezmoi) | minor |
`v2.47.4` -> `v2.48.0` |
| [zellij-org/zellij](https://togithub.com/zellij-org/zellij) | patch |
`v0.40.0` -> `v0.40.1` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
<details>
<summary>aquaproj/aqua-registry (aquaproj/aqua-registry)</summary>
###
[`v4.174.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.174.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.173.0...v4.174.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.174.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.174.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.173.0...v4.174.0
##### 🎉 New Packages
[#​22626](https://togithub.com/aquaproj/aqua-registry/issues/22626)
[containrrr/shoutrrr](https://togithub.com/containrrr/shoutrrr):
Notification library for gophers and their furry friends
[@​ponkio-o](https://togithub.com/ponkio-o)
[#​22597](https://togithub.com/aquaproj/aqua-registry/issues/22597)
[guumaster/hostctl](https://togithub.com/guumaster/hostctl): Your dev
tool to manage /etc/hosts like a pro
##### Fix
[#​22596](https://togithub.com/aquaproj/aqua-registry/issues/22596)
mashiike/stefunny: Follow up changes of stefunny v0.9.0
###
[`v4.173.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.173.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.172.0...v4.173.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.173.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.173.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.172.0...v4.173.0
##### 🎉 New Packages
[#​22579](https://togithub.com/aquaproj/aqua-registry/issues/22579)
[awslabs/dynein](https://togithub.com/awslabs/dynein): DynamoDB CLI
written in Rust [@​istone-you](https://togithub.com/istone-you)
[#​22578](https://togithub.com/aquaproj/aqua-registry/issues/22578)
[kaytu-io/kaytu](https://togithub.com/kaytu-io/kaytu): The Kaytu CLI
helps you save on cloud costs by finding the perfect server sizes. Kaytu
analyzes historical usage and provides tailored recommendations,
ensuring you only pay for the resources you need
[@​istone-you](https://togithub.com/istone-you)
[#​22584](https://togithub.com/aquaproj/aqua-registry/issues/22584)
[lasiar/canonicalheader](https://togithub.com/lasiar/canonicalheader):
Golang linter checking the canonicality of the http header
[@​ponkio-o](https://togithub.com/ponkio-o)
[#​22582](https://togithub.com/aquaproj/aqua-registry/issues/22582)
[#​22586](https://togithub.com/aquaproj/aqua-registry/issues/22586)
[playwright-community/playwright-go](https://togithub.com/playwright-community/playwright-go):
Playwright for Go a browser automation library to control Chromium,
Firefox and WebKit with a single API
###
[`v4.172.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.172.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.171.0...v4.172.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.172.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.172.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.171.0...v4.172.0
##### 🎉 New Packages
[#​22529](https://togithub.com/aquaproj/aqua-registry/issues/22529)
[bflad/tfproviderlint](https://togithub.com/bflad/tfproviderlint):
Terraform Provider Lint Tool
[@​ponkio-o](https://togithub.com/ponkio-o)
##### Fix
[#​22527](https://togithub.com/aquaproj/aqua-registry/issues/22527)
Mic-U/ecsher: Regenerate settings
###
[`v4.171.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.171.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.170.0...v4.171.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.171.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.171.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.170.0...v4.171.0
##### 🎉 New Packages
[#​22488](https://togithub.com/aquaproj/aqua-registry/issues/22488)
[crates.io/cargo-expand](https://togithub.com/dtolnay/cargo-expand):
Subcommand to show result of macro expansion
[@​ryoppippi](https://togithub.com/ryoppippi)
[#​22487](https://togithub.com/aquaproj/aqua-registry/issues/22487)
[crates.io/cargo-run-script](https://crates.io/crates/cargo-run-script):
Bringing `npm run-script` to Rust
[@​ryoppippi](https://togithub.com/ryoppippi)
[#​22489](https://togithub.com/aquaproj/aqua-registry/issues/22489)
[nishanths/license](https://togithub.com/nishanths/license): Command
line license text generator
[@​ryoppippi](https://togithub.com/ryoppippi)
##### Fix
[#​22508](https://togithub.com/aquaproj/aqua-registry/issues/22508)
GoogleContainerTools/container-structure-test: Follow up changes of
container-structure-test v1.18.0
###
[`v4.170.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.170.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.169.0...v4.170.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.170.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.170.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.169.0...v4.170.0
##### 🎉 New Packages
[#​22464](https://togithub.com/aquaproj/aqua-registry/issues/22464)
[8051Enthusiast/biodiff](https://togithub.com/8051Enthusiast/biodiff):
Hex diff viewer using alignment algorithms from biology
[@​mitsu-yuki](https://togithub.com/mitsu-yuki)
[#​22470](https://togithub.com/aquaproj/aqua-registry/issues/22470)
[vishnubob/wait-for-it](https://togithub.com/vishnubob/wait-for-it):
Pure bash script to test and wait on the availability of a TCP host and
port
###
[`v4.169.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.169.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.168.0...v4.169.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.169.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.169.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.168.0...v4.169.0
#### 🎉 New Packages
[#​22395](https://togithub.com/aquaproj/aqua-registry/issues/22395)
[restechnica/semverbot](https://togithub.com/restechnica/semverbot): A
CLI which automates semver versioning
[@​ponkio-o](https://togithub.com/ponkio-o)
#### Fixes
[#​22367](https://togithub.com/aquaproj/aqua-registry/issues/22367)
ddosify/ddosify: Rename the package to
[getanteon/anteon](https://togithub.com/getanteon/anteon)
[#​22396](https://togithub.com/aquaproj/aqua-registry/issues/22396)
helmwave/helmwave: Follow up changes of helmwave v0.36.0
[#​22407](https://togithub.com/aquaproj/aqua-registry/issues/22407)
charmbracelet/gum: Follow up changes of gum v0.14.0
###
[`v4.168.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.168.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.167.0...v4.168.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.168.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.168.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.167.0...v4.168.0
#### 🎉 New Packages
[#​22316](https://togithub.com/aquaproj/aqua-registry/issues/22316)
[toshimaru/nyan](https://togithub.com/toshimaru/nyan): Colored cat
command which supports syntax highlighting
[@​ishii1648](https://togithub.com/ishii1648)
#### Fixes
[#​22296](https://togithub.com/aquaproj/aqua-registry/issues/22296)
hotaruswarm/dagu: Rename the package to dagu-dev/dagu
#### 🎉 New Contributors
Thank you for your contribution!
[@​ishii1648](https://togithub.com/ishii1648)
[#​22316](https://togithub.com/aquaproj/aqua-registry/issues/22316)
###
[`v4.167.0`](https://togithub.com/aquaproj/aqua-registry/releases/tag/v4.167.0)
[Compare
Source](https://togithub.com/aquaproj/aqua-registry/compare/v4.166.0...v4.167.0)
[Issues](https://togithub.com/aquaproj/aqua-registry/issues?q=is%3Aissue+milestone%3Av4.167.0)
| [Pull
Requests](https://togithub.com/aquaproj/aqua-registry/pulls?q=is%3Apr+milestone%3Av4.167.0)
| https://github.com/aquaproj/aqua-registry/compare/v4.166.0...v4.167.0
#### 🎉 New Packages
[#​22271](https://togithub.com/aquaproj/aqua-registry/issues/22271)
[undistro/marvin](https://togithub.com/undistro/marvin): Marvin is a CLI
tool that scans a k8s cluster by performing CEL expressions to report
potential issues, misconfigurations and vulnerabilities
[#​22256](https://togithub.com/aquaproj/aqua-registry/issues/22256)
[cert-manager/cmctl](https://togithub.com/cert-manager/cmctl): command
line utility that makes cert-manager'ing easier
The code of cmctl was moved from
https://github.com/cert-manager/cert-manager to
https://github.com/cert-manager/cmctl
#### Fixes
[#​22288](https://togithub.com/aquaproj/aqua-registry/issues/22288)
cilium/cilium-cli: Follow up changes of cilium-cli v0.16.5
[#​22287](https://togithub.com/aquaproj/aqua-registry/issues/22287)
zigtools/zls: Follow up changes of zls 0.12.0
</details>
<details>
<summary>aquasecurity/tfsec (aquasecurity/tfsec)</summary>
###
[`v1.28.6`](https://togithub.com/aquasecurity/tfsec/releases/tag/v1.28.6)
[Compare
Source](https://togithub.com/aquasecurity/tfsec/compare/v1.28.5...v1.28.6)
#### What's Changed
- Bumped hashicorp/go-getter due Critical Vulnerability by
[@​jdesouza](https://togithub.com/jdesouza) in
[https://github.com/aquasecurity/tfsec/pull/2144](https://togithub.com/aquasecurity/tfsec/pull/2144)
#### New Contributors
- [@​jdesouza](https://togithub.com/jdesouza) made their first
contribution in
[https://github.com/aquasecurity/tfsec/pull/2144](https://togithub.com/aquasecurity/tfsec/pull/2144)
**Full Changelog**:
https://github.com/aquasecurity/tfsec/compare/v1.28.5...v1.28.6
</details>
<details>
<summary>charmbracelet/gum (charmbracelet/gum)</summary>
###
[`v0.14.0`](https://togithub.com/charmbracelet/gum/releases/tag/v0.14.0)
[Compare
Source](https://togithub.com/charmbracelet/gum/compare/v0.13.0...v0.14.0)
#### Gum + Huh?
Gum `v0.14.0` is a major internal refactor which uses `huh?` internally
for `choose`, `confirm`, `file`, `input`, `write` inputs!
All functionality remains the same, but you will notice some minor
visual changes / improvements.
If you haven't already, check it out:
<a href="https://togithub.com/charmbracelet/huh">
<img
src="https://github.com/charmbracelet/gum/assets/42545625/39cc8110-ef0f-41f6-817b-5947304400cc"
width="300">
</a>
<br>
<br>
- https://github.com/charmbracelet/huh
***
#### Changes
- Use Huh for Gum Choose by
[@​maaslalani](https://togithub.com/maaslalani) in
[https://github.com/charmbracelet/gum/pull/521](https://togithub.com/charmbracelet/gum/pull/521)
- Use Huh for Gum Confirm by
[@​maaslalani](https://togithub.com/maaslalani) in
[https://github.com/charmbracelet/gum/pull/522](https://togithub.com/charmbracelet/gum/pull/522)
- Use Huh for Gum File by
[@​maaslalani](https://togithub.com/maaslalani) in
[https://github.com/charmbracelet/gum/pull/523](https://togithub.com/charmbracelet/gum/pull/523)
- Use Huh for Gum Input by
[@​maaslalani](https://togithub.com/maaslalani) in
[https://github.com/charmbracelet/gum/pull/524](https://togithub.com/charmbracelet/gum/pull/524)
- Use Huh for Gum Write by
[@​maaslalani](https://togithub.com/maaslalani) in
[https://github.com/charmbracelet/gum/pull/525](https://togithub.com/charmbracelet/gum/pull/525)
- fix(spin): Output Pipes if Timeout Occurs by
[@​hopefulTex](https://togithub.com/hopefulTex) in
[https://github.com/charmbracelet/gum/pull/461](https://togithub.com/charmbracelet/gum/pull/461)
- Document `gum log --time` by
[@​ernstki](https://togithub.com/ernstki) in
[https://github.com/charmbracelet/gum/pull/472](https://togithub.com/charmbracelet/gum/pull/472)
- feat(spin): Add support for `--show-error` for the spinner. (rebase
[#​440](https://togithub.com/charmbracelet/gum/issues/440)) by
[@​pingiun](https://togithub.com/pingiun) in
[https://github.com/charmbracelet/gum/pull/518](https://togithub.com/charmbracelet/gum/pull/518)
#### New Contributors
- [@​ernstki](https://togithub.com/ernstki) made their first
contribution in
[https://github.com/charmbracelet/gum/pull/472](https://togithub.com/charmbracelet/gum/pull/472)
- [@​pingiun](https://togithub.com/pingiun) made their first
contribution in
[https://github.com/charmbracelet/gum/pull/518](https://togithub.com/charmbracelet/gum/pull/518)
- [@​dungle-scrubs](https://togithub.com/dungle-scrubs) made their
first contribution in
[https://github.com/charmbracelet/gum/pull/513](https://togithub.com/charmbracelet/gum/pull/513)
**Full Changelog**:
https://github.com/charmbracelet/gum/compare/v0.13.0...v0.14.0
***
<a href="https://charm.sh/"><img alt="The Charm logo"
src="https://stuff.charm.sh/charm-badge.jpg" width="400"></a>
Thoughts? Questions? We love hearing from you. Feel free to reach out on
[Twitter](https://twitter.com/charmcli), [The
Fediverse](https://mastodon.technology/@​charm), or
[Slack](https://charm.sh/slack).
</details>
<details>
<summary>cli/cli (cli/cli)</summary>
### [`v2.49.1`](https://togithub.com/cli/cli/releases/tag/v2.49.1):
GitHub CLI 2.49.1
[Compare Source](https://togithub.com/cli/cli/compare/v2.49.0...v2.49.1)
##### What's Changed
- Do not mutate headers when initialising tableprinter by
[@​williammartin](https://togithub.com/williammartin) in
[https://github.com/cli/cli/pull/9033](https://togithub.com/cli/cli/pull/9033)
- Document relationship between host and active account by
[@​williammartin](https://togithub.com/williammartin) in
[https://github.com/cli/cli/pull/9032](https://togithub.com/cli/cli/pull/9032)
- build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/cli/cli/pull/9034](https://togithub.com/cli/cli/pull/9034)
- Run `attestation` command set integration tests separately by
[@​malancas](https://togithub.com/malancas) in
[https://github.com/cli/cli/pull/9035](https://togithub.com/cli/cli/pull/9035)
- Added support for jobs with long filenames by
[@​shayn-orca](https://togithub.com/shayn-orca) in
[https://github.com/cli/cli/pull/8684](https://togithub.com/cli/cli/pull/8684)
- Fix unused params across project by
[@​williammartin](https://togithub.com/williammartin) in
[https://github.com/cli/cli/pull/9059](https://togithub.com/cli/cli/pull/9059)
- Fix `attestation verify` source repository check bug by
[@​malancas](https://togithub.com/malancas) in
[https://github.com/cli/cli/pull/9053](https://togithub.com/cli/cli/pull/9053)
##### New Contributors
- [@​shayn-orca](https://togithub.com/shayn-orca) made their first
contribution in
[https://github.com/cli/cli/pull/8684](https://togithub.com/cli/cli/pull/8684)
**Full Changelog**: https://github.com/cli/cli/compare/v2.49.0...v2.49.1
### [`v2.49.0`](https://togithub.com/cli/cli/releases/tag/v2.49.0):
GitHub CLI 2.49.0
[Compare Source](https://togithub.com/cli/cli/compare/v2.48.0...v2.49.0)
#### Support for GitHub Artifact Attestations
`v2.49.0` release introduces the `attestation` command set for
downloading and verifying attestations about artifacts built in GitHub
Actions! This is part of the larger Artifact Attestations initiative. An
artifact attestation is a piece of cryptographically signed metadata
that is generated as part of your artifact build process. These
attestations bind artifacts to the details of the workflow run that
produced them, and allow you to guarantee the integrity and provenance
of any artifact built in GitHub Actions.
```shell
### Verify a local artifact
gh attestation verify artifact.bin -o <your org>
### Verify a local artifact against a local artifact attestation
gh attestation verify artifact.bin -b ./artifact-v0.0.1-bundle.json -o <your org>
### Verify an OCI image
gh attestation verify oci://ghcr.io/foo/bar:latest -o <your org>
### Download artifact attestations
gh attestation download artifact.bin -o <your org>
```
To get started, check out gh help attestation. You can also use the `gh
at <command>` alias for short.
#### What's Changed
- Improve gh run rerun docs by
[@​sochotnicky](https://togithub.com/sochotnicky) in
[https://github.com/cli/cli/pull/8969](https://togithub.com/cli/cli/pull/8969)
- build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/cli/cli/pull/8981](https://togithub.com/cli/cli/pull/8981)
- Update `sigstore-go` dependency to v0.3.0 by
[@​malancas](https://togithub.com/malancas) in
[https://github.com/cli/cli/pull/8977](https://togithub.com/cli/cli/pull/8977)
- `gh attestation tuf-root-verify` offline test fix by
[@​malancas](https://togithub.com/malancas) in
[https://github.com/cli/cli/pull/8975](https://togithub.com/cli/cli/pull/8975)
- Update `gh attestation verify` output by
[@​malancas](https://togithub.com/malancas) in
[https://github.com/cli/cli/pull/8991](https://togithub.com/cli/cli/pull/8991)
- build(deps): bump google.golang.org/grpc from 1.62.1 to 1.62.2 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/cli/cli/pull/8989](https://togithub.com/cli/cli/pull/8989)
- Remove `Hidden` flag from `gh attestation` command by
[@​malancas](https://togithub.com/malancas) in
[https://github.com/cli/cli/pull/8998](https://togithub.com/cli/cli/pull/8998)
- Add colon for `gh secret set` by
[@​NeroBlackstone](https://togithub.com/NeroBlackstone) in
[https://github.com/cli/cli/pull/9004](https://togithub.com/cli/cli/pull/9004)
- Improve errors when loading bundle locally fails by
[@​williammartin](https://togithub.com/williammartin) in
[https://github.com/cli/cli/pull/8996](https://togithub.com/cli/cli/pull/8996)
- Support offline mode for `gh attestation verify` by
[@​steiza](https://togithub.com/steiza) in
[https://github.com/cli/cli/pull/8997](https://togithub.com/cli/cli/pull/8997)
- Add `projectsV2` to JSON fields of `gh repo` commands by
[@​babakks](https://togithub.com/babakks) in
[https://github.com/cli/cli/pull/9007](https://togithub.com/cli/cli/pull/9007)
- Support long URLs in `gh repo clone` by
[@​babakks](https://togithub.com/babakks) in
[https://github.com/cli/cli/pull/9008](https://togithub.com/cli/cli/pull/9008)
- Fix issue with closing pager stream by
[@​babakks](https://togithub.com/babakks) in
[https://github.com/cli/cli/pull/9020](https://togithub.com/cli/cli/pull/9020)
- proof of concept for flag-level disable auth check by
[@​andyfeller](https://togithub.com/andyfeller) in
[https://github.com/cli/cli/pull/9000](https://togithub.com/cli/cli/pull/9000)
- Be more general with attestation host checks by
[@​williammartin](https://togithub.com/williammartin) in
[https://github.com/cli/cli/pull/9019](https://togithub.com/cli/cli/pull/9019)
- Add beta designation on attestation command set by
[@​andyfeller](https://togithub.com/andyfeller) in
[https://github.com/cli/cli/pull/9022](https://togithub.com/cli/cli/pull/9022)
- Tweaked gh attestation help strings to generate nicer cli manual site.
by [@​phillmv](https://togithub.com/phillmv) in
[https://github.com/cli/cli/pull/9025](https://togithub.com/cli/cli/pull/9025)
- Update cli/go-gh to v2.9.0 by
[@​andyfeller](https://togithub.com/andyfeller) in
[https://github.com/cli/cli/pull/9023](https://togithub.com/cli/cli/pull/9023)
- Document repo clone protocol behaviour by
[@​williammartin](https://togithub.com/williammartin) in
[https://github.com/cli/cli/pull/9030](https://togithub.com/cli/cli/pull/9030)
#### New Contributors
- [@​sochotnicky](https://togithub.com/sochotnicky) made their
first contribution in
[https://github.com/cli/cli/pull/8969](https://togithub.com/cli/cli/pull/8969)
- [@​NeroBlackstone](https://togithub.com/NeroBlackstone) made
their first contribution in
[https://github.com/cli/cli/pull/9004](https://togithub.com/cli/cli/pull/9004)
- [@​phillmv](https://togithub.com/phillmv) made their first
contribution in
[https://github.com/cli/cli/pull/9025](https://togithub.com/cli/cli/pull/9025)
**Full Changelog**: https://github.com/cli/cli/compare/v2.48.0...v2.49.0
</details>
<details>
<summary>eza-community/eza (eza-community/eza)</summary>
###
[`v0.18.15`](https://togithub.com/eza-community/eza/releases/tag/v0.18.15):
eza v0.18.15
[Compare
Source](https://togithub.com/eza-community/eza/compare/v0.18.14...v0.18.15)
### Changelog
#### \[0.18.15] - 2024-05-09
##### Bug Fixes
- Correct command for latest tag in deb-package.sh
##### Documentation
- Add how to find man pages in terminal and online. Partly fixes
[#​967](https://togithub.com/eza-community/eza/issues/967)
- Correct heading levels in markdown
- Move heading out of collapsed section
- Add some keywords for benefit of ctrl-f
##### Features
- Return to original commit at the end of deb-package.sh
- Add optional tag argument to deb-package.sh
##### Miscellaneous Tasks
- Release eza v0.18.15
### Checksums
#### sha256sum
c71f43d1208edec028c381e3dca46890dc7eb6ba588deb7a5ea43dd6d2a85f9a
./target/bin-0.18.15/eza_aarch64-unknown-linux-gnu.tar.gz
973c810936308641e2033235021b0edf3c444f2e6aed2560d8e1a592457c3d3d
./target/bin-0.18.15/eza_aarch64-unknown-linux-gnu.zip
1d756c36a7f215072efe59b62d80066915dbf55f2f40148a36c73a8206bd2040
./target/bin-0.18.15/eza_arm-unknown-linux-gnueabihf.tar.gz
1209234810c5240fa2da6fbc1c817cb640ac4c4403da4c6b827532872b32868e
./target/bin-0.18.15/eza_arm-unknown-linux-gnueabihf.zip
e6d88fdb66658cf8ab09bca37cf881373063e9d2acbbb5083080e3df78d41ddf
./target/bin-0.18.15/eza.exe_x86_64-pc-windows-gnu.tar.gz
c89324316745420610128e62760114c23b4733042c0f6aab3f363b15bbf45bb3
./target/bin-0.18.15/eza.exe_x86_64-pc-windows-gnu.zip
10bd802ae4ae418ae2c17bb4f81bc355bd520b5eb4a3d506d9ce93a6d07c2a43
./target/bin-0.18.15/eza_x86_64-unknown-linux-gnu.tar.gz
e5ac046bad00d3bd42182d098a37ba05960eb3512e90831d18165627b6ebacda
./target/bin-0.18.15/eza_x86_64-unknown-linux-gnu.zip
5f50ce6c280de988fd05ab7e3768f37a678d9ccbe65f48a3a3482b08227c875c
./target/bin-0.18.15/eza_x86_64-unknown-linux-musl.tar.gz
25d6307b333d38742e20d4de87e66c595e4c0dc40e5f2c51d24e2a0cd5871c63
./target/bin-0.18.15/eza_x86_64-unknown-linux-musl.zip
#### md5sum
62f9765585dab56cceaffc4d50065bd5
./target/bin-0.18.15/eza_aarch64-unknown-linux-gnu.tar.gz
e23411f3b1e5172e9e34b15d31fd7d44
./target/bin-0.18.15/eza_aarch64-unknown-linux-gnu.zip
62a4b90d39c9f372b94c58a10b706f67
./target/bin-0.18.15/eza_arm-unknown-linux-gnueabihf.tar.gz
a3a8a2aebda7ee9faf6e5248f8ebe43c
./target/bin-0.18.15/eza_arm-unknown-linux-gnueabihf.zip
4f6e1987dffbc01e4741cd40e3f92e46
./target/bin-0.18.15/eza.exe_x86_64-pc-windows-gnu.tar.gz
ebc5b57e32ad3e4406fd025180d0a4ab
./target/bin-0.18.15/eza.exe_x86_64-pc-windows-gnu.zip
81b36a39f89f246e596dcd900354208a
./target/bin-0.18.15/eza_x86_64-unknown-linux-gnu.tar.gz
5cf0026cd597fb267a0ab82eb46c7096
./target/bin-0.18.15/eza_x86_64-unknown-linux-gnu.zip
2fab322de6d2c6ea6242f3a57263b316
./target/bin-0.18.15/eza_x86_64-unknown-linux-musl.tar.gz
8272d9f6eb42bf37dbbf9d0cf9d5b59c
./target/bin-0.18.15/eza_x86_64-unknown-linux-musl.zip
#### blake3sum
ec14f091707b235dff958226a9db6eadd22fd136988ac6a5845a4bb772b24fc4
./target/bin-0.18.15/eza_aarch64-unknown-linux-gnu.tar.gz
47f1ff4628d09fc391ead198bece166f61c116f3b67ace0b50faec3ac21f589e
./target/bin-0.18.15/eza_aarch64-unknown-linux-gnu.zip
59f0aeadb32529d1b0304c8a5cb27d039c7537ab37107733dd221b9a987b59ba
./target/bin-0.18.15/eza_arm-unknown-linux-gnueabihf.tar.gz
9c07e12a4ad469c399d8d98a7cc2f5ac62b00b58efc7f0618d8561f253d80d49
./target/bin-0.18.15/eza_arm-unknown-linux-gnueabihf.zip
21e3a7d7c3902b58af7229e641cbfa5ea679cf5eac677e5beee83ecc7c4a92b2
./target/bin-0.18.15/eza.exe_x86_64-pc-windows-gnu.tar.gz
f6f59195e5b5c823914482dac57f3663d9db4a8939815c21bfc61ca31f6608bb
./target/bin-0.18.15/eza.exe_x86_64-pc-windows-gnu.zip
950122fb2b381d33d8fdf95f2d2f5e5d321c58783775876db558a6868cf6558a
./target/bin-0.18.15/eza_x86_64-unknown-linux-gnu.tar.gz
a9b39001acbe32d6b60f3269762e12fa94ad9b85a325cba9d0aff34115f81bf2
./target/bin-0.18.15/eza_x86_64-unknown-linux-gnu.zip
4a7131ed1d80cdb6dab8e91c7bce918e8660048ac2cd155fc9099e181c8f6c8a
./target/bin-0.18.15/eza_x86_64-unknown-linux-musl.tar.gz
94601fa1eada02fbf4c2987cfba88dd83a76a69f9254796249954b5f3b00250e
./target/bin-0.18.15/eza_x86_64-unknown-linux-musl.zip
###
[`v0.18.14`](https://togithub.com/eza-community/eza/releases/tag/v0.18.14):
eza v0.18.14
[Compare
Source](https://togithub.com/eza-community/eza/compare/v0.18.13...v0.18.14)
### Changelog
#### \[0.18.14] - 2024-05-02
##### Features
- Add icon for "cron.minutely" directory
##### Miscellaneous Tasks
- Release eza v0.18.14
##### Build
- Bump uzers from 0.11.3 to 0.12.0
- Bump libc from 0.2.153 to 0.2.154
- Bump unicode-width from 0.1.11 to 0.1.12
- Bump palette from 0.7.5 to 0.7.6
### Checksums
#### sha256sum
349b897c71c2429b42d1168c8845c63a5d52b4bc27697f192ac4d267e5473100
./target/bin-0.18.14/eza_aarch64-unknown-linux-gnu.tar.gz
a73bf739f67e4190e1454b1b2f7196110fbf4b9a334da22c7dbc97d335a9b53f
./target/bin-0.18.14/eza_aarch64-unknown-linux-gnu.zip
96cc75d64a6d5eff93979729574dc4cd0bffacd8586bedbf0a8b657471ca35b4
./target/bin-0.18.14/eza_arm-unknown-linux-gnueabihf.tar.gz
552fed0ecb9624707aa5d41d3942ba93af3298b66bda239d3d00af27aa9ccc7e
./target/bin-0.18.14/eza_arm-unknown-linux-gnueabihf.zip
423d738f4e3933b09873d3f3fb1a47f3fbf1a5960f8aabd031b3482b46c9af85
./target/bin-0.18.14/eza.exe_x86_64-pc-windows-gnu.tar.gz
d107fc5f44fc27a56c9b708387a856f0a9a6d09fa8fa52e4b0a50559d0756046
./target/bin-0.18.14/eza.exe_x86_64-pc-windows-gnu.zip
40c020f8be937990ba32fee908a82c9074b22b2b38d031fcaf54504c07594aaf
./target/bin-0.18.14/eza_x86_64-unknown-linux-gnu.tar.gz
d35f1710bf03c1641cbc589d4eeeede907a22f17a03c051a580939b01b6728e1
./target/bin-0.18.14/eza_x86_64-unknown-linux-gnu.zip
0af95531a0ebda5209e75a0ac1debd4bb07c9af55c69a8c2fcc09162a9bb7edd
./target/bin-0.18.14/eza_x86_64-unknown-linux-musl.tar.gz
75f967e1887ab372b417d10a44e3411e181adf736a7895117a9ee99835669b02
./target/bin-0.18.14/eza_x86_64-unknown-linux-musl.zip
#### md5sum
828b945976b10a1be778733ef3e441f9
./target/bin-0.18.14/eza_aarch64-unknown-linux-gnu.tar.gz
11cc3d85ab1d810a6226e475ab6e41ec
./target/bin-0.18.14/eza_aarch64-unknown-linux-gnu.zip
7dee72880ebbbdb4c8e5feb917a06d92
./target/bin-0.18.14/eza_arm-unknown-linux-gnueabihf.tar.gz
8af99b8ec1efb99ffbedc8aec59354b5
./target/bin-0.18.14/eza_arm-unknown-linux-gnueabihf.zip
f001be4186eb64227b64cf3cf24629dd
./target/bin-0.18.14/eza.exe_x86_64-pc-windows-gnu.tar.gz
2c3bde5604c9a9b0a1828dc3f8b0d5fb
./target/bin-0.18.14/eza.exe_x86_64-pc-windows-gnu.zip
9c30e58283e5e83aedeb7bdf026df983
./target/bin-0.18.14/eza_x86_64-unknown-linux-gnu.tar.gz
4f46a80bd1fda752641683f18f420e25
./target/bin-0.18.14/eza_x86_64-unknown-linux-gnu.zip
8d8c386d7c53d5c1501d38cccf0460dd
./target/bin-0.18.14/eza_x86_64-unknown-linux-musl.tar.gz
3e06ea08c3afe3e8f1d93b3174c75ec8
./target/bin-0.18.14/eza_x86_64-unknown-linux-musl.zip
#### blake3sum
6c98fe1ddd0eb34facb39a6c64e0868a214b61f376be58b9103fab6e9ceeeddc
./target/bin-0.18.14/eza_aarch64-unknown-linux-gnu.tar.gz
d1e22854df7df70b9980a87678ba3d4a0a6f04d1ecb9210bb4d53575147dee01
./target/bin-0.18.14/eza_aarch64-unknown-linux-gnu.zip
d8dde78312608f3abb574b1a1e2a8d9bc02b4b3c9e84e1384d44479bf5c2e630
./target/bin-0.18.14/eza_arm-unknown-linux-gnueabihf.tar.gz
1e065b1a1d6a1f1722345591d18c05174663578dd0ee5dc5aa495635f9c4d139
./target/bin-0.18.14/eza_arm-unknown-linux-gnueabihf.zip
bdf6160372dda492545aaee4fb41619470f116149a7f20e7773ef1aa15d5903b
./target/bin-0.18.14/eza.exe_x86_64-pc-windows-gnu.tar.gz
5d032e050249a7d09525e5e89f1c897f811244a9a889fa9998241cc39d8eef9f
./target/bin-0.18.14/eza.exe_x86_64-pc-windows-gnu.zip
6c915b50b808de6d70f5f1a773c2169f05248c9fa508541cb6b39efbbcd32123
./target/bin-0.18.14/eza_x86_64-unknown-linux-gnu.tar.gz
89bfa1c22fa5d069b8077a2e6e47f7196677b2768e4e4f8a5b5b173e2d53e244
./target/bin-0.18.14/eza_x86_64-unknown-linux-gnu.zip
5c92227243bfe3d317ff6bc7788c1c5385189250d70836f8b41d7e6dccb12791
./target/bin-0.18.14/eza_x86_64-unknown-linux-musl.tar.gz
800aa6f474dcb8686696121342ade08102c9dcd26e856d369bc7dbd58ba4f230
./target/bin-0.18.14/eza_x86_64-unknown-linux-musl.zip
</details>
<details>
<summary>golangci/golangci-lint (golangci/golangci-lint)</summary>
###
[`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1)
[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1)
###
[`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)
[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)
</details>
<details>
<summary>gruntwork-io/terragrunt (gruntwork-io/terragrunt)</summary>
###
[`v0.58.3`](https://togithub.com/gruntwork-io/terragrunt/releases/tag/v0.58.3)
[Compare
Source](https://togithub.com/gruntwork-io/terragrunt/compare/v0.58.2...v0.58.3)
#### Description
- Added Terraform lock file generation with provider caching
#### Related links
-
[https://github.com/gruntwork-io/terragrunt/pull/3108](https://togithub.com/gruntwork-io/terragrunt/pull/3108)
###
[`v0.58.2`](https://togithub.com/gruntwork-io/terragrunt/releases/tag/v0.58.2)
[Compare
Source](https://togithub.com/gruntwork-io/terragrunt/compare/v0.58.1...v0.58.2)
#### Updated CLI args, config attributes and blocks
- `--terragrunt-json-log`
- `--terragrunt-tf-logs-to-json`
- `--terragrunt-include-module-prefix`
#### Description
- Fixed generation of plan JSON files when JSON log format is enabled.
#### Related links
-
[https://github.com/gruntwork-io/terragrunt/pull/3104](https://togithub.com/gruntwork-io/terragrunt/pull/3104)
###
[`v0.58.1`](https://togithub.com/gruntwork-io/terragrunt/releases/tag/v0.58.1)
[Compare
Source](https://togithub.com/gruntwork-io/terragrunt/compare/v0.58.0...v0.58.1)
#### Updated CLI args, config attributes and blocks
- `generate`
#### Description
- Added `if_disabled` attribute for `generate` block.
#### Related links
-
[https://github.com/gruntwork-io/terragrunt/pull/3110](https://togithub.com/gruntwork-io/terragrunt/pull/3110)
###
[`v0.58.0`](https://togithub.com/gruntwork-io/terragrunt/releases/tag/v0.58.0)
[Compare
Source](https://togithub.com/gruntwork-io/terragrunt/compare/v0.57.13...v0.58.0)
#### Description
**OpenTofu 1.7 support**: We are now testing Terragrunt against OpenTofu
1.7 and is confirmed to be working.
NOTE: Although this release is marked as backward incompatible, it is
functionally compatible as nothing has been changed in Terragrunt
internals. The minor version release is useful to mark the change in the
OpenTofu version that is being tested.
#### Related links
-
[https://github.com/gruntwork-io/terragrunt/pull/3111](https://togithub.com/gruntwork-io/terragrunt/pull/3111)
###
[`v0.57.13`](https://togithub.com/gruntwork-io/terragrunt/releases/tag/v0.57.13)
[Compare
Source](https://togithub.com/gruntwork-io/terragrunt/compare/v0.57.12...v0.57.13)
#### Description
- Fixed parsing Terragrunt Provider Cache response by
[@​ignatenkobrain](https://togithub.com/ignatenkobrain)
#### Related links
-
[https://github.com/gruntwork-io/terragrunt/pull/3105](https://togithub.com/gruntwork-io/terragrunt/pull/3105)
###
[`v0.57.12`](https://togithub.com/gruntwork-io/terragrunt/releases/tag/v0.57.12)
[Compare
Source](https://togithub.com/gruntwork-io/terragrunt/compare/v0.57.11...v0.57.12)
#### Updated CLI args, config attributes and blocks
- `terraform`
#### Description
- Updated Terragrunt to check by default for OpenTofu executable before
switching to Terraform.
#### Related links
-
[https://github.com/gruntwork-io/terragrunt/pull/3097](https://togithub.com/gruntwork-io/terragrunt/pull/3097)
</details>
<details>
<summary>junegunn/fzf (junegunn/fzf)</summary>
###
[`v0.52.0`](https://togithub.com/junegunn/fzf/blob/HEAD/CHANGELOG.md#0520)
[Compare
Source](https://togithub.com/junegunn/fzf/compare/0.51.0...0.52.0)
- Added `--highlight-line` to highlight the whole current line (à la
`set cursorline` of Vim)
- Added color names for selected lines: `selected-fg`, `selected-bg`,
and `selected-hl`
```sh
fzf --border --multi --info inline-right --layout reverse --marker ▏
--pointer ▌ --prompt '▌ ' \
--highlight-line --color
gutter:-1,selected-bg:238,selected-fg:146,current-fg:189
```
- Added `click-header` event that is triggered when the header section
is clicked. When the event is triggered, `$FZF_CLICK_HEADER_COLUMN` and
`$FZF_CLICK_HEADER_LINE` are set.
```sh
fd --type f |
fzf --header $'[Files] [Directories]' --header-first \
--bind 'click-header:transform:
(( FZF_CLICK_HEADER_COLUMN <= 7 )) && echo "reload(fd --type f)"
(( FZF_CLICK_HEADER_COLUMN >= 9 )) && echo "reload(fd --type d)"
'
```
- Add `$FZF_COMPLETION_{DIR,PATH}_OPTS` for separately customizing the
behavior of fuzzy completion
```sh
```
###
[`v0.51.0`](https://togithub.com/junegunn/fzf/blob/HEAD/CHANGELOG.md#0510)
[Compare
Source](https://togithub.com/junegunn/fzf/compare/0.50.0...0.51.0)
- Added a new environment variable `$FZF_POS` exported to the child
processes. It's the vertical position of the cursor in the list starting
from 1.
```sh
```
</details>
<details>
<summary>nektos/act (nektos/act)</summary>
### [`v0.2.62`](https://togithub.com/nektos/act/releases/tag/v0.2.62)
[Compare
Source](https://togithub.com/nektos/act/compare/v0.2.61...v0.2.62)
#### Changelog
##### Bug fixes
- [`5a9dd3d`](https://togithub.com/nektos/act/commit/5a9dd3d) fix:
skipped jobs have no result
([#​2276](https://togithub.com/nektos/act/issues/2276))
- [`89e3c14`](https://togithub.com/nektos/act/commit/89e3c14) fix: favor
command-line over files
([#​2274](https://togithub.com/nektos/act/issues/2274))
##### Other
- [`9885560`](https://togithub.com/nektos/act/commit/9885560) chore:
bump VERSION to 0.2.62
- [`390d94d`](https://togithub.com/nektos/act/commit/390d94d)
build(deps): bump megalinter/megalinter from 7.10.0 to 7.11.1
([#​2309](https://togithub.com/nektos/act/issues/2309))
- [`53a61fe`](https://togithub.com/nektos/act/commit/53a61fe)
build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0
([#​2310](https://togithub.com/nektos/act/issues/2310))
- [`47486a6`](https://togithub.com/nektos/act/commit/47486a6)
build(deps): bump github.com/docker/cli
([#​2307](https://togithub.com/nektos/act/issues/2307))
- [`ac42511`](https://togithub.com/nektos/act/commit/ac42511)
build(deps): bump github.com/docker/docker
([#​2306](https://togithub.com/nektos/act/issues/2306))
- [`992c9d9`](https://togithub.com/nektos/act/commit/992c9d9)
build(deps): bump github.com/moby/buildkit from 0.13.1 to 0.13.2
([#​2308](https://togithub.com/nektos/act/issues/2308))
- [`213756b`](https://togithub.com/nektos/act/commit/213756b)
build(deps): bump github.com/docker/cli
([#​2302](https://togithub.com/nektos/act/issues/2302))
- [`843cd94`](https://togithub.com/nektos/act/commit/843cd94) Add
codespell support (config, workflow to detect/not fix) and make it fix
few typos ([#​2296](https://togithub.com/nektos/act/issues/2296))
- [`c028aa8`](https://togithub.com/nektos/act/commit/c028aa8)
build(deps): bump github.com/docker/docker
([#​2299](https://togithub.com/nektos/act/issues/2299))
- [`1f2e92e`](https://togithub.com/nektos/act/commit/1f2e92e)
build(deps): bump github.com/docker/docker
([#​2295](https://togithub.com/nektos/act/issues/2295))
- [`d153616`](https://togithub.com/nektos/act/commit/d153616)
build(deps): bump megalinter/megalinter from 7.9.0 to 7.10.0
([#​2294](https://togithub.com/nektos/act/issues/2294))
- [`2d4a9ea`](https://togithub.com/nektos/act/commit/2d4a9ea)
build(deps): bump megalinter/megalinter from 7.8.0 to 7.9.0
([#​2216](https://togithub.com/nektos/act/issues/2216))
- [`82cc57f`](https://togithub.com/nektos/act/commit/82cc57f)
build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
([#​2215](https://togithub.com/nektos/act/issues/2215))
- [`7452180`](https://togithub.com/nektos/act/commit/7452180)
build(deps): bump golang.org/x/term from 0.18.0 to 0.19.0
([#​2278](https://togithub.com/nektos/act/issues/2278))
- [`c82a9ea`](https://togithub.com/nektos/act/commit/c82a9ea)
build(deps): bump github.com/docker/cli
([#​2291](https://togithub.com/nektos/act/issues/2291))
- [`8cdc3fc`](https://togithub.com/nektos/act/commit/8cdc3fc) Update
action.yml ([#​2293](https://togithub.com/nektos/act/issues/2293))
- [`2a2cd7d`](https://togithub.com/nektos/act/commit/2a2cd7d)
build(deps): bump github.com/moby/buildkit from 0.12.5 to 0.13.1
([#​2253](https://togithub.com/nektos/act/issues/2253))
- [`2df924c`](https://togithub.com/nektos/act/commit/2df924c) Bump
docker to v26
([#​2289](https://togithub.com/nektos/act/issues/2289))
- [`ac13a1b`](https://togithub.com/nektos/act/commit/ac13a1b) chore: fix
some comments
([#​2279](https://togithub.com/nektos/act/issues/2279))
- [`06a1d69`](https://togithub.com/nektos/act/commit/06a1d69)
build(deps): bump actions/cache from 3 to 4
([#​2163](https://togithub.com/nektos/act/issues/2163))
- [`cdc22da`](https://togithub.com/nektos/act/commit/cdc22da) Remove
local action cache if remote has changed
([#​2284](https://togithub.com/nektos/act/issues/2284))
- [`d2c3413`](https://togithub.com/nektos/act/commit/d2c3413) chore: fix
codecov ([#​2288](https://togithub.com/nektos/act/issues/2288))
- [`e3da912`](https://togithub.com/nektos/act/commit/e3da912)
build(deps): bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0
([#​2269](https://togithub.com/nektos/act/issues/2269))
</details>
<details>
<summary>snyk/cli (snyk/cli)</summary>
### [`v1.1291.0`](https://togithub.com/snyk/cli/releases/tag/v1.1291.0)
[Compare
Source](https://togithub.com/snyk/cli/compare/v1.1290.0...v1.1291.0)
The Snyk CLI is being deployed to different deployment channels, users
can select the stability level according to their needs. For details
please see [this
documentation](https://docs.snyk.io/snyk-cli/releases-and-channels-for-the-snyk-cli)
##### News
- This is the first **stable release** of the CLI
- It makes use of semantic versioning and is the successor of
[1.1290.0](https://togithub.com/snyk/cli/releases/tag/v1.1290.0)
##### Bug Fixes
- **test:** Fix support of cyclic dependencies in maven with dverbose
[#​5208](https://togithub.com/snyk/cli/pull/5208)
</details>
<details>
<summary>stern/stern (stern/stern)</summary>
###
[`v1.29.0`](https://togithub.com/stern/stern/blob/HEAD/CHANGELOG.md#v1290)
[Compare
Source](https://togithub.com/stern/stern/compare/v1.28.0...v1.29.0)
#### :zap: Notable Changes
##### A new `--stdin` flag for parsing logs from stdin
A new `--stdin` flag has been added, allowing parsing logs from stdin.
This flag is helpful when applying the same template to local logs.
stern --stdin --template \
'{{with $msg := .Message | tryParseJSON}}{{toTimestamp $msg.ts "01-02
15:04:05" "Asia/Tokyo"}} {{$msg.msg}}{{"\n"}}{{end}}' \
<etcd.log
Additionally, this feature helps test your template with arbitrary logs.
stern --stdin --template \
'{{with $msg := .Message | tryParseJSON}}{{levelColor $msg.level}}
{{$msg.msg}}{{"\n"}}{{end}}' <<EOF
{"level":"info","msg":"info message"}
{"level":"error","msg":"error message"}
EOF
##### Add support for UNIX time with nanoseconds to template functions
The following template functions now support UNIX time seconds with
nanoseconds (e.g., `1136171056.02`).
- `toRFC3339Nano`
- `toTUC`
- `toTimestamp`
#### Changes
- Add support for UNIX time with nanoseconds to template functions
([#​300](https://togithub.com/stern/stern/pull/300))
[`0d580ff`](https://togithub.com/stern/stern/commit/0d580ff) (Takashi
Kusumi)
- Clarify that '=' cannot be omitted in --timestamps
([#​296](https://togithub.com/stern/stern/pull/296))
[`ac36420`](https://togithub.com/stern/stern/commit/ac36420) (Takashi
Kusumi)
- Added example to README
([#​295](https://togithub.com/stern/stern/pull/295))
[`c1649ca`](https://togithub.com/stern/stern/commit/c1649ca) (Thomas
Güttler)
- Update dependencies for Kubernetes 1.30
([#​293](https://togithub.com/stern/stern/pull/293))
[`d82cc9f`](https://togithub.com/stern/stern/commit/d82cc9f) (Kazuki
Suda)
- Add `--stdin` for `stdin` log parsing
([#​292](https://togithub.com/stern/stern/pull/292))
[`53fc746`](https://togithub.com/stern/stern/commit/53fc746) (Jimmie
Högklint)
</details>
<details>
<summary>terraform-linters/tflint (terraform-linters/tflint)</summary>
###
[`v0.51.0`](https://togithub.com/terraform-linters/tflint/releases/tag/v0.51.0)
[Compare
Source](https://togithub.com/terraform-linters/tflint/compare/v0.50.3...v0.51.0)
#### What's Changed
This release includes many new features including parallelization of
recursion inspection and support for Terraform v1.8.
Also, please be aware that there are important changes regarding
licensing. TFLint has updated the embedded Terraform package to the
latest version for Terraform v1.6+ support. As a result, we will be
affected by [Terraform's license change to BUSL announced by Hashicorp
in August
2023](https://www.hashicorp.com/blog/hashicorp-adopts-business-source-license).
Most of the code in TFLint is still licensed under MPL 2.0, but some
files under the Terraform package are now licensed under BUSL 1.1. This
means that release binaries are bound by both licenses and may be
subject to Hashicorp's BUSL restrictions. If you have concerns about
this change, we recommend reviewing the licensing implications before
updating. Please note that we cannot provide legal advice.
Please refer to the discussion in
[https://github.com/terraform-linters/tflint/discussions/1826](https://togithub.com/terraform-linters/tflint/discussions/1826)
and
[https://github.com/terraform-linters/tflint/issues/1878](https://togithub.com/terraform-linters/tflint/issues/1878)
for details.
##### Enhancements
- config: Add TFLint `required_version` settings by
[@​wata727](https://togithub.com/wata727) in
[https://github.com/terraform-linters/tflint/pull/2027](https://togithub.com/terraform-linters/tflint/pull/2027)
- The `required_version` attribute can now be set in `.tflint.hcl`. This
is useful for enforcing the version of TFLint that is actually used.
- plugin: Add support for host-specific GitHub tokens by
[@​wata727](https://togithub.com/wata727) in
[https://github.com/terraform-linters/tflint/pull/2025](https://togithub.com/terraform-linters/tflint/pull/2025)
- Environment variables like `GITHUB_TOKEN_example_com` have been
introduced for GitHub Enterprise Server support.
- Recursive inspection in parallel by
[@​wata727](https://togithub.com/wata727) in
[https://github.com/terraform-linters/tflint/pull/2021](https://togithub.com/terraform-linters/tflint/pull/2021)
- The `--recursive` inspection now runs in parallel according to the
number of CPU cores by default. The number of parallels can be changed
with `--max-workers`.
- terraform: Add support for Terraform v1.6/v1.7/v1.8 by
[@​wata727](https://togithub.com/wata727) in
[https://github.com/terraform-linters/tflint/pull/2030](https://togithub.com/terraform-linters/tflint/pull/2030)
- New Terraform features are now supported, including [provider-defined
functions](https://www.hashicorp.com/blog/terraform-1-8-adds-provider-functions-for-aws-google-cloud-and-kubernetes).
Please note that support for provider-defined functions requires the
latest HCL parser, so you may need to update your plugin versions.
- Updated embedded Terraform packages to support Terraform v1.6+. As a
result, TFLint now includes code for Hashicorp's BUSL 1.1.
##### Changes
- Add warnings to --module/--no-module and `module` attribute by
[@​wata727](https://togithub.com/wata727) in
[https://github.com/terraform-linters/tflint/pull/1951](https://togithub.com/terraform-linters/tflint/pull/1951)
- If you see a warning, use `--call-module-type` instead. The `--module`
is equivalent to `--call-module-type=all` and the `--no-module` is
equivalent to `--call-module-type=none`. This also applies to
`.tflint.hcl`.
##### Chores
- build: use go1.22 by
[@​chenrui333](https://togithub.com/chenrui333) in
[https://github.com/terraform-linters/tflint/pull/1977](https://togithub.com/terraform-linters/tflint/pull/1977)
- workflows: remove `cache: true` for setup-go (default) by
[@​chenrui333](https://togithub.com/chenrui333) in
[https://github.com/terraform-linters/tflint/pull/1979](https://togithub.com/terraform-linters/tflint/pull/1979)
- install: enable `pipefail` catch `curl` errors by
[@​Ry4an](https://togithub.com/Ry4an) in
[https://github.com/terraform-linters/tflint/pull/1978](https://togithub.com/terraform-linters/tflint/pull/1978)
- build(deps): Bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/1981](https://togithub.com/terraform-linters/tflint/pull/1981)
- build(deps): Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/1980](https://togithub.com/terraform-linters/tflint/pull/1980)
- build(deps): Bump google.golang.org/grpc from 1.61.0 to 1.61.1 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/1987](https://togithub.com/terraform-linters/tflint/pull/1987)
- sarif: add schema to repo by
[@​bendrucker](https://togithub.com/bendrucker) in
[https://github.com/terraform-linters/tflint/pull/2000](https://togithub.com/terraform-linters/tflint/pull/2000)
- build(deps): Bump google.golang.org/grpc from 1.61.1 to 1.62.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/1992](https://togithub.com/terraform-linters/tflint/pull/1992)
- build(deps): Bump github.com/hashicorp/hcl/v2 from 2.19.1 to 2.20.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/1999](https://togithub.com/terraform-linters/tflint/pull/1999)
- build(deps): Bump github.com/zclconf/go-cty from 1.14.2 to 1.14.3 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/1998](https://togithub.com/terraform-linters/tflint/pull/1998)
- build(deps): Bump golang.org/x/crypto from 0.19.0 to 0.21.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2001](https://togithub.com/terraform-linters/tflint/pull/2001)
- build(deps): Bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2002](https://togithub.com/terraform-linters/tflint/pull/2002)
- build(deps): Bump google.golang.org/grpc from 1.62.0 to 1.62.1 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2003](https://togithub.com/terraform-linters/tflint/pull/2003)
- build(deps): Bump github.com/zclconf/go-cty from 1.14.3 to 1.14.4 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2009](https://togithub.com/terraform-linters/tflint/pull/2009)
- build(deps): Bump github.com/hashicorp/hcl/v2 from 2.20.0 to 2.20.1 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2012](https://togithub.com/terraform-linters/tflint/pull/2012)
- build(deps): Bump google.golang.org/grpc from 1.62.1 to 1.63.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2014](https://togithub.com/terraform-linters/tflint/pull/2014)
- build(deps): Bump golang.org/x/crypto from 0.21.0 to 0.22.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2016](https://togithub.com/terraform-linters/tflint/pull/2016)
- build(deps): Bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2015](https://togithub.com/terraform-linters/tflint/pull/2015)
- build(deps): Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2022](https://togithub.com/terraform-linters/tflint/pull/2022)
- build(deps): Bump google.golang.org/grpc from 1.63.0 to 1.63.2 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2023](https://togithub.com/terraform-linters/tflint/pull/2023)
- build(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2024](https://togithub.com/terraform-linters/tflint/pull/2024)
- build(deps): Bump github.com/hashicorp/go-getter from 1.7.2 to 1.7.4
by [@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2026](https://togithub.com/terraform-linters/tflint/pull/2026)
- build(deps): Bump golangci/golangci-lint-action from 4.0.0 to 5.1.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2029](https://togithub.com/terraform-linters/tflint/pull/2029)
- Pin Go patch version in go.mod by
[@​wata727](https://togithub.com/wata727) in
[https://github.com/terraform-linters/tflint/pull/2031](https://togithub.com/terraform-linters/tflint/pull/2031)
- build(deps): Bump github.com/terraform-linters/tflint-plugin-sdk from
0.18.0 to 0.20.0 by
[@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2032](https://togithub.com/terraform-linters/tflint/pull/2032)
- build(deps): Bump
github.com/terraform-linters/tflint-ruleset-terraform from 0.5.0 to
0.7.0 by [@​dependabot](https://togithub.com/dependabot) in
[https://github.com/terraform-linters/tflint/pull/2033](https://togithub.com/terraform-linters/tflint/pull/2033)
#### New Contributors
- [@​Ry4an](https://togithub.com/Ry4an) made their first
contribution in
[https://github.com/terraform-linters/tflint/pull/1978](https://togithub.com/terraform-linters/tflint/pull/1978)
**Full Changelog**:
https://github.com/terraform-linters/tflint/compare/v0.50.3...v0.51.0
</details>
<details>
<summary>twpayne/chezmoi (twpayne/chezmoi)</summary>
###
[`v2.48.0`](https://togithub.com/twpayne/chezmoi/releases/tag/v2.48.0)
[Compare
Source](https://togithub.com/twpayne/chezmoi/compare/v2.47.4...v2.48.0)
#### Changelog
##### Features
- [`2e04dcf`](https://togithub.com/twpayne/chezmoi/commit/2e04dcf85)
feat: Add --tree flag to unmanaged command
- [`91823e3`](https://togithub.com/twpayne/chezmoi/commit/91823e32e)
feat: Add --tree flag to managed command
- [`278e2be`](https://togithub.com/twpayne/chezmoi/commit/278e2be21)
feat: Add --tree flag to ignored command
- [`4a9d0e4`](https://togithub.com/twpayne/chezmoi/commit/4a9d0e4d5)
feat: Include name of target in error message
##### Fixes
- [`c758a1c`](https://togithub.com/twpayne/chezmoi/commit/c758a1c57)
fix: Apply .chezmoiignore to dirs in external archives
- [`7dfcfcf`](https://togithub.com/twpayne/chezmoi/commit/7dfcfcf3c)
fix: Remove unmanaged files from exact\_ directories containing external
files
- [`153ff43`](https://togithub.com/twpayne/chezmoi/commit/153ff43ac)
fix: Better detect username on Android/Termux systems
##### Documentation updates
- [`b1b40b2`](https://togithub.com/twpayne/chezmoi/commit/b1b40b226)
docs: Add link to article
- [`9c817ce`](https://togithub.com/twpayne/chezmoi/commit/9c817ce77)
docs: Document --tree flag
- [`89fab4b`](https://togithub.com/twpayne/chezmoi/commit/89fab4be4)
docs: Fix origin URL in quick start guide
</details>
<details>
<summary>zellij-org/zellij (zellij-org/zellij)</summary>
###
[`v0.40.1`](https://togithub.com/zellij-org/zellij/releases/tag/v0.40.1)
[Compare
Source](https://togithub.com/zellij-org/zellij/compare/v0.40.0...v0.40.1)
This is a patch release mainly aimed at fixing some issues mostly
introduced or exposed in the latest `0.40.0` release.
However, this version also introduces two exciting new features:
1. `Ctrl j` is now bindable thanks to a community contribution (thanks
[@​hiasr](https://togithub.com/hiasr) !) - you can [read
more](https://togithub.com/zellij-org/zellij/pull/3307) about the
technical details of the implementation.
2. A new `zellij action list-clients` command was added for tools
wishing to integrate with Zellij through the command line (this should
facilitate interaction with other nested multiplexers such as neovim).
#### All changes
- fix(sessions): issue where sessions would occasionally become
unresponsive
([https://github.com/zellij-org/zellij/pull/3281](https://togithub.com/zellij-org/zellij/pull/3281))
- fix(cli): respect all options (eg. `default-layout`) when creating a
session in the background from the CLI
([https://github.com/zellij-org/zellij/pull/3288](https://togithub.com/zellij-org/zellij/pull/3288))
- fix(cli): rename tab and pane from cli
([https://github.com/zellij-org/zellij/pull/3295](https://togithub.com/zellij-org/zellij/pull/3295))
- fix(plugins): respect $SHELL when opening a terminal from plugins (eg.
from the filepicker strider)
([https://github.com/zellij-org/zellij/pull/3296](https://togithub.com/zellij-org/zellij/pull/3296))
- fix(tabs): closing a tab no longer breaks tab movement
([https://github.com/zellij-org/zellij/pull/3299](https://togithub.com/zellij-org/zellij/pull/3299))
- feat(plugins): add API to open new tabs with a LayoutInfo
([https://github.com/zellij-org/zellij/pull/3305](https://togithub.com/zellij-org/zellij/pull/3305))
- feat(cli): add `zellij action list-clients` to allow listing the
connected clients as well as their pane_id and running command
([https://github.com/zellij-org/zellij/pull/3314](https://togithub.com/zellij-org/zellij/pull/3314))
- feat(cli): allow binding Ctrl J
([https://github.com/zellij-org/zellij/pull/3307](https://togithub.com/zellij-org/zellij/pull/3307))
#### Do you like Zellij :heart: ?
Me too! So much so that I spend 100% of my time developing and
maintaining it and have no other income.
Zellij will always be free and open-source. Zellij will never contain
ads or collect your data.
So if the tool gives you value and you are able, please consider a
recurring monthly donation of 5-10$ to help me pay my bills. There are
Zellij stickers in it for you! https://github.com/sponsors/imsnif
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "after 4pm on thursday" in timezone
America/Los_Angeles, Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/scottames/dots).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMzEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: scottames-github-bot[bot] <162828115+scottames-github-bot[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
github.com/hashicorp/go-getter v1.7.0 has a CRITICAL vunerability.
Just updating to github.com/hashicorp/go-getter v1.7.4 would fix it.
github.com/hashicorp/go-getter │ CVE-2024-3817 │ CRITICAL │ v1.7.0 │ 1.7.4 │ HashiCorp\u2019s go-getter library is vulnerable to argument
https://avd.aquasec.com/nvd/cve-2024-3817