Commit Graph

33 Commits

Author SHA1 Message Date
Michael Zalimeni 8eb074e7c1
[NET-5944] security: Update Go version to 1.20.10 and `x/net` to 0.17.0 (#19225)
* Bump golang.org/x/net to 0.17.0

This resolves [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325)
/ [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487).

* Update Go version to 1.20.10

This resolves [CVE-2023-39325](https://nvd.nist.gov/vuln/detail/CVE-2023-39325)
/ [CVE-2023-44487](https://nvd.nist.gov/vuln/detail/CVE-2023-44487)
(`net/http`).
2023-10-16 17:49:04 -04:00
Michael Zalimeni 5e7afdf9a1
[NET-5574] Update Go version to 1.20.8 (#18742)
Update Go version to 1.20.8

This resolves several CVEs (see changelog entry).
2023-09-12 11:40:51 -04:00
hashicorp-copywrite[bot] 5fb9df1640
[COMPLIANCE] License changes (#18443)
* Adding explicit MPL license for sub-package

This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.

* Adding explicit MPL license for sub-package

This directory and its subdirectories (packages) contain files licensed with the MPLv2 `LICENSE` file in this directory and are intentionally licensed separately from the BSL `LICENSE` file at the root of this repository.

* Updating the license from MPL to Business Source License

Going forward, this project will be licensed under the Business Source License v1.1. Please see our blog post for more details at <Blog URL>, FAQ at www.hashicorp.com/licensing-faq, and details of the license at www.hashicorp.com/bsl.

* add missing license headers

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

* Update copyright file headers to BUSL-1.1

---------

Co-authored-by: hashicorp-copywrite[bot] <110428419+hashicorp-copywrite[bot]@users.noreply.github.com>
2023-08-11 09:12:13 -04:00
Michael Zalimeni 905e371607
[NET-5146] security: Update Go version to 1.20.7 and `x/net` to 0.13.0 (#18358)
* Update Go version to 1.20.7

This resolves [CVE-2023-29409]
(https://nvd.nist.gov/vuln/detail/CVE-2023-29409)(`crypto/tls`).

* Bump golang.org/x/net to 0.13.0

Addresses [CVE-2023-3978](https://nvd.nist.gov/vuln/detail/CVE-2023-3978)
for security scans (non-impacting).
2023-08-02 13:10:29 -04:00
Michael Zalimeni e8dd04d662
[NET-4865] security: Update Go version to 1.20.6 (#18190)
Update Go version to 1.20.6

This resolves [CVE-2023-29406]
(https://nvd.nist.gov/vuln/detail/CVE-2023-29406) for uses of the
`net/http` standard library.

Note that until the follow-up to #18124 is done, the version of Go used
in those impacted tests will need to remain on 1.20.5.
2023-07-19 17:02:18 -04:00
John Murret 6fa104409e
security: update go version to 1.20.4 (#17240)
* update go version to 1.20.3

* add changelog

* rename changelog file to remove underscore

* update to use 1.20.4

* update change log entry to reflect 1.20.4
2023-05-08 11:57:11 -06:00
Ronald b64674623e
Copyright headers for missing files/folders (#16708)
* copyright headers for agent folder
2023-03-28 18:48:58 -04:00
Dan Stough f1436109ea
[OSS] security: update go to 1.20.1 (#16263)
* security: update go to 1.20.1
2023-02-17 15:04:12 -05:00
Chris S. Kim 41019adf56 Update go version to 1.19 2022-10-24 16:12:08 -04:00
Chris S. Kim f0a9b30174
Update repo to use go:embed (#10996)
Replace bindata packages with stdlib go:embed.
Modernize some uiserver code with newer interfaces introduced in go 1.16 (mainly working with fs.File instead of http.File.
Remove steps that are no longer used from our build files.
Add Github Action to detect differences in agent/uiserver/dist and verify that the files are correct (by compiling UI assets and comparing contents).
2022-05-31 15:33:56 -04:00
DanStough 95250e7915 Update go version to 1.18.1 2022-04-18 11:41:10 -04:00
R.B. Boyer 96748197fc
build: remove unused tools from being installed (#12671) 2022-04-05 16:01:02 -05:00
Chris S. Kim 8bdbe7c0fb
Update CI and release go versions to 1.17.5 (#11799) 2021-12-10 14:04:56 -05:00
Daniel Nephin 66798ca42d ci: test against go1.17 2021-10-21 16:18:32 -04:00
R.B. Boyer e0d1e2689c
ci: upgrade to use Go 1.16.7 (#10856) 2021-08-16 12:21:16 -05:00
R.B. Boyer 21e855d860
build: ensure make go-build-image target builds tools in isolation (#10534) 2021-06-30 11:36:02 -05:00
R.B. Boyer a2e1cbd061
ci: update to go 1.15.5 (#9187) 2020-11-13 15:35:33 -06:00
Mike Morris 7af643ac37
ci: update to Go 1.15.4 and alpine:3.12 (#9036)
* ci: stop building darwin/386 binaries

Go 1.15 drops support for 32-bit binaries on Darwin https://golang.org/doc/go1.15#darwin

* tls: ConnectionState::NegotiatedProtocolIsMutual is deprecated in Go 1.15, this value is always true

* correct error messages that changed slightly

* Completely regenerate some TLS test data

Co-authored-by: R.B. Boyer <rb@hashicorp.com>
2020-11-13 13:02:59 -05:00
Mike Morris c0ef425ae5 chore: update to Go 1.14.11 2020-11-09 15:48:18 -05:00
Mike Morris ebc9b27cfa
ci: bump Go to v1.14.7 (#8449) 2020-08-12 10:43:19 -04:00
Daniel Nephin c5b7c072fd ci: Upgrade Go to 1.14.1 2020-03-24 15:55:47 -04:00
Matt Keeler 646c9f5896
Don’t pass `-u` to get get inside Go build image dockerfile (#7455) 2020-03-16 15:26:07 -04:00
R.B. Boyer fdb6b80672
Switch to go 1.13.7 (#7262)
- You can no longer cross submodule boundaries with ./... in go
  subcommands like `go list` or `go test`. The makefile and CI scripts
  were updated accordingly.

- Also of note: `go mod vendor` now omits things build ignored.
2020-02-12 10:15:24 -06:00
Hans Hasselberg fe49ea404d
build: update to golang 1.12.16 (#7153) 2020-02-03 18:20:03 +01:00
Alvin Huang 894bad6162
upgrade go to 1.12.13 (#6759) 2019-11-08 13:59:32 -05:00
Matt Keeler a31e7a5d58
Remove `gox` usage (#6596) 2019-10-08 13:42:29 -04:00
Matt Keeler 6d995246a8
Update toolchain to Go 1.12.8 (#6319) 2019-08-14 09:40:57 -04:00
R.B. Boyer 27446a19e2
remove remaining references to govendor and vendorfmt (#5587) 2019-04-01 09:55:48 -05:00
Hans Hasselberg ac45b17482
fix remaining CI failures after Go 1.12.1 Upgrade (#5576) 2019-03-29 16:29:27 +01:00
Jeff Mitchell 47c390025b
Convert to Go Modules (#5517)
* First conversion

* Use serf 0.8.2 tag and associated updated deps

* * Move freeport and testutil into internal/

* Make internal/ its own module

* Update imports

* Add replace statements so API and normal Consul code are
self-referencing for ease of development

* Adapt to newer goe/values

* Bump to new cleanhttp

* Fix ban nonprintable chars test

* Update lock bad args test

The error message when the duration cannot be parsed changed in Go 1.12
(ae0c435877d3aacb9af5e706c40f9dddde5d3e67). This updates that test.

* Update another test as well

* Bump travis

* Bump circleci

* Bump go-discover and godo to get rid of launchpad dep

* Bump dockerfile go version

* fix tar command

* Bump go-cleanhttp
2019-03-26 17:04:58 -04:00
Matt Keeler ec712b7ecf
Update to Go 1.11.4 and UI build container (#5257)
* Update to Go 1.11.4

* Update to Go 1.11.4 for travis

* Update UI build to fix ember issues.
2019-01-23 12:56:39 -05:00
Paul Banks f0c06a912e
Bump Go version for CI and build to 1.11.1 (#4782) 2018-10-11 12:21:53 +01:00
Matt Keeler f5a22f8490 Initial progress on build system updates 2018-06-08 10:20:54 -04:00