Skip to content

fix(deps): update all dependencies#90

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all
Open

fix(deps): update all dependencies#90
renovate[bot] wants to merge 1 commit intomainfrom
renovate/all

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Jan 31, 2025
edited
Loading

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
antonbabenko/pre-commit-terraform repository minor v1.97.0v1.105.0 age adoption passing confidence
github.com/gruntwork-io/terratest require minor v0.48.1v0.56.0 age adoption passing confidence
github.com/hashicorp/go-getter indirect patch v1.7.6v1.7.9 age adoption passing confidence
github.com/ulikunitz/xz indirect patch v0.5.11v0.5.15 age adoption passing confidence
golang.org/x/crypto indirect minor v0.31.0v0.45.0 age adoption passing confidence
golang.org/x/net indirect minor v0.33.0v0.45.0 age adoption passing confidence
golang.org/x/oauth2 indirect minor v0.24.0v0.27.0 age adoption passing confidence
peter-evans/slash-command-dispatch action major v4v5 age adoption passing confidence
pre-commit/pre-commit-hooks repository major v5.0.0v6.0.0 age adoption passing confidence
renovatebot/pre-commit-hooks repository major 39.136.043.15.3 age adoption passing confidence
sirosen/texthooks repository minor 0.6.80.7.1 age adoption passing confidence
tofuutils/pre-commit-opentofu repository minor v2.1.0v2.2.2 age adoption passing confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

GitHub Vulnerability Alerts

CVE-2025-8959

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.

HashiCorp go-getter Vulnerable to Symlink Attacks

CVE-2025-8959 / GHSA-wjrx-6529-hcj3 / GO-2025-3892

More information

Details

HashiCorp's go-getter library subdirectory download feature is vulnerable to symlink attacks leading to unauthorized read access beyond the designated directory boundaries. This vulnerability, identified as CVE-2025-8959, is fixed in go-getter 1.7.9.

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

HashiCorp go-getter Vulnerable to Symlink Attacks in github.com/hashicorp/go-getter

CVE-2025-8959 / GHSA-wjrx-6529-hcj3 / GO-2025-3892

More information

Details

HashiCorp go-getter Vulnerable to Symlink Attacks in github.com/hashicorp/go-getter

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

CVE-2025-58058

Summary

It is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn't include a magic number or has a checksum to detect such an issue according to the specification.

Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done.

Mitigations

The release v0.5.15 includes following mitigations:

  • The ReaderConfig DictCap field is now interpreted as a limit for the dictionary size.
  • The default is 2 Gigabytes - 1 byte (2^31-1 bytes).
  • Users can check with the [Reader.Header] method what the actual values are in their LZMA files and set a smaller limit using ReaderConfig.
  • The dictionary size will not exceed the larger of the file size and the minimum dictionary size. This is another measure to prevent huge memory allocations for the dictionary.
  • The code supports stream sizes only up to a pebibyte (1024^5).

Note that the original v0.5.14 version had a compiler error for 32 bit platforms, which has been fixed by v0.5.15.

Methods affected

Only software that uses lzma.NewReader or lzma.ReaderConfig.NewReader is affected. There is no issue for software using the xz functionality.

I thank @​GregoryBuligin for his report, which is provided below.

Summary

When unpacking a large number of LZMA archives, even in a single goroutine, if the first byte of the archive file is 0 (a zero byte added to the beginning), an error writeMatch: distance out of range occurs. Memory consumption spikes sharply, and the GC clearly cannot handle this situation.

Details

Judging by the error writeMatch: distance out of range, the problems occur in the code around this function.
https://github.com/ulikunitz/xz/blob/c8314b8f21e9c5e25b52da07544cac14db277e89/lzma/decoderdict.go#L81

PoC

Run a function similar to this one in 1 or several goroutines on a multitude of LZMA archives that have a 0 (a zero byte) added to the beginning.

const ProjectLocalPath = "some/path"
const TmpDir = "tmp"

func UnpackLZMA(lzmaFile string) error {
	file, err := os.Open(lzmaFile)
	if err != nil {
		return err
	}
	defer file.Close()

	reader, err := lzma.NewReader(bufio.NewReader(file))
	if err != nil {
		return err
	}

	tmpFile, err := os.CreateTemp(TmpDir, TmpLZMAPrefix)
	if err != nil {
		return err
	}
	defer func() {
		tmpFile.Close()
		_ = os.Remove(tmpFile.Name())
	}()

	sha256Hasher := sha256.New()
	multiWriter := io.MultiWriter(tmpFile, sha256Hasher)

	if _, err = io.Copy(multiWriter, reader); err != nil {
		return err
	}

	unpackHash := hex.EncodeToString(sha256Hasher.Sum(nil))
	unpackDir := filepath.Join(
		ProjectLocalPath, unpackHash[:2],
	)
	_ = os.MkdirAll(unpackDir, DirPerm)

	unpackPath := filepath.Join(unpackDir, unpackHash)

	return os.Rename(tmpFile.Name(), unpackPath)
}

Impact

Servers with a small amount of RAM that download and unpack a large number of unverified LZMA archives

github.com/ulikunitz/xz leaks memory when decoding a corrupted multiple LZMA archives

CVE-2025-58058 / GHSA-jc7w-c686-c4v9 / GO-2025-3922

More information

Details

Summary

It is possible to put data in front of an LZMA-encoded byte stream without detecting the situation while reading the header. This can lead to increased memory consumption because the current implementation allocates the full decoding buffer directly after reading the header. The LZMA header doesn't include a magic number or has a checksum to detect such an issue according to the specification.

Note that the code recognizes the issue later while reading the stream, but at this time the memory allocation has already been done.

Mitigations

The release v0.5.15 includes following mitigations:

  • The ReaderConfig DictCap field is now interpreted as a limit for the dictionary size.
  • The default is 2 Gigabytes - 1 byte (2^31-1 bytes).
  • Users can check with the [Reader.Header] method what the actual values are in their LZMA files and set a smaller limit using ReaderConfig.
  • The dictionary size will not exceed the larger of the file size and the minimum dictionary size. This is another measure to prevent huge memory allocations for the dictionary.
  • The code supports stream sizes only up to a pebibyte (1024^5).

Note that the original v0.5.14 version had a compiler error for 32 bit platforms, which has been fixed by v0.5.15.

Methods affected

Only software that uses lzma.NewReader or lzma.ReaderConfig.NewReader is affected. There is no issue for software using the xz functionality.

I thank @​GregoryBuligin for his report, which is provided below.

Summary

When unpacking a large number of LZMA archives, even in a single goroutine, if the first byte of the archive file is 0 (a zero byte added to the beginning), an error writeMatch: distance out of range occurs. Memory consumption spikes sharply, and the GC clearly cannot handle this situation.

Details

Judging by the error writeMatch: distance out of range, the problems occur in the code around this function.
https://github.com/ulikunitz/xz/blob/c8314b8f21e9c5e25b52da07544cac14db277e89/lzma/decoderdict.go#L81

PoC

Run a function similar to this one in 1 or several goroutines on a multitude of LZMA archives that have a 0 (a zero byte) added to the beginning.

const ProjectLocalPath = "some/path"
const TmpDir = "tmp"

func UnpackLZMA(lzmaFile string) error {
	file, err := os.Open(lzmaFile)
	if err != nil {
		return err
	}
	defer file.Close()

	reader, err := lzma.NewReader(bufio.NewReader(file))
	if err != nil {
		return err
	}

	tmpFile, err := os.CreateTemp(TmpDir, TmpLZMAPrefix)
	if err != nil {
		return err
	}
	defer func() {
		tmpFile.Close()
		_ = os.Remove(tmpFile.Name())
	}()

	sha256Hasher := sha256.New()
	multiWriter := io.MultiWriter(tmpFile, sha256Hasher)

	if _, err = io.Copy(multiWriter, reader); err != nil {
		return err
	}

	unpackHash := hex.EncodeToString(sha256Hasher.Sum(nil))
	unpackDir := filepath.Join(
		ProjectLocalPath, unpackHash[:2],
	)
	_ = os.MkdirAll(unpackDir, DirPerm)

	unpackPath := filepath.Join(unpackDir, unpackHash)

	return os.Rename(tmpFile.Name(), unpackPath)
}
Impact

Servers with a small amount of RAM that download and unpack a large number of unverified LZMA archives

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Memory leaks when decoding a corrupted multiple LZMA archives in github.com/ulikunitz/xz

CVE-2025-58058 / GHSA-jc7w-c686-c4v9 / GO-2025-3922

More information

Details

Memory leaks when decoding a corrupted multiple LZMA archives in github.com/ulikunitz/xz

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

CVE-2025-22869

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.

golang.org/x/crypto Vulnerable to Denial of Service (DoS) via Slow or Incomplete Key Exchange

CVE-2025-22869 / GHSA-hcg3-q754-cr77 / GO-2025-3487

More information

Details

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Potential denial of service in golang.org/x/crypto

CVE-2025-22869 / GHSA-hcg3-q754-cr77 / GO-2025-3487

More information

Details

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Potential denial of service in golang.org/x/crypto/ssh/agent

CVE-2025-47913 / GO-2025-4116

More information

Details

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

golang.org/x/crypto/ssh allows an attacker to cause unbounded memory consumption

CVE-2025-58181 / GHSA-j5w8-q4qc-rx2x / GO-2025-4134

More information

Details

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read

CVE-2025-47914 / GHSA-f6x5-jh6r-wrfv / GO-2025-4135

More information

Details

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent

CVE-2025-47914 / GHSA-f6x5-jh6r-wrfv / GO-2025-4135

More information

Details

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Unbounded memory consumption in golang.org/x/crypto/ssh

CVE-2025-58181 / GHSA-j5w8-q4qc-rx2x / GO-2025-4134

More information

Details

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

CVE-2025-22870

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

CVE-2025-22872

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).

HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

CVE-2025-22870 / GHSA-qxp5-gwg8-xv66 / GO-2025-3503

More information

Details

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

CVE-2025-22870 / GHSA-qxp5-gwg8-xv66 / GO-2025-3503

More information

Details

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

CVE-2025-22872 / GHSA-vvgc-356p-c3xw / GO-2025-3595

More information

Details

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

golang.org/x/net vulnerable to Cross-site Scripting

CVE-2025-22872 / GHSA-vvgc-356p-c3xw / GO-2025-3595

More information

Details

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Quadratic parsing complexity in golang.org/x/net/html

CVE-2025-47911 / GHSA-w4gw-w5jq-g9jh / GO-2026-4440

More information

Details

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Infinite parsing loop in golang.org/x/net

CVE-2025-58190 / GO-2026-4441

More information

Details

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

CVE-2025-22868

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

golang.org/x/oauth2 Improper Validation of Syntactic Correctness of Input vulnerability

CVE-2025-22868 / GHSA-6v2p-p543-phr9 / GO-2025-3488

More information

Details

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Severity

  • CVSS Score: Unknown
  • Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

References

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

Unexpected memory consumption during token parsing in golang.org/x/oauth2

CVE-2025-22868 / GHSA-6v2p-p543-phr9 / GO-2025-3488

More information

Details

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Release Notes

antonbabenko/pre-commit-terraform (antonbabenko/pre-commit-terraform)

v1.105.0

Compare Source

Features
  • terraform_providers_lock: Fix logical issue in hook modes: Add check-lockfile-is-cross-platform and regenerate-lockfile-if-some-platform-missed modes. Last one is same as only-check-is-current-lockfile-cross-platform, which now is deprecated. Check README for more details (#​950) (95a52e3)

v1.104.1

Compare Source

Features
  • terraform_providers_lock: Fix logical issue in hook modes: Add check-lockfile-is-cross-platform and regenerate-lockfile-if-some-platform-missed modes. Last one is same as only-check-is-current-lockfile-cross-platform, which now is deprecated. Check README for more details (#​950) (95a52e3)

1.104.1 (2026-01-04)

Bug Fixes
  • terraform_wrapper_module_for_each: Generate right usage example for S3 (#​952) (3117fe2)

v1.104.0

Compare Source

Features
  • docker: Allow authenticated calls to GitHub API during docker build (#​947) (6deaf20)

v1.103.0

Compare Source

Features

v1.102.0

Compare Source

Features
  • terrascan: Add support for __GIT_WORKING_DIR__ in hooks arguments (#​943) (c4ef91e)

v1.101.1

Compare Source

Features
  • terrascan: Add support for __GIT_WORKING_DIR__ in hooks arguments (#​943) (c4ef91e)

1.101.1 (2025-10-09)

Bug Fixes
  • terragrunt_providers_lock, terragrunt_validate: Properly handle arguments passed from terragrunt to TF (#​939) (bae0525)

v1.101.0

Compare Source

Features
  • terrascan: Add support for __GIT_WORKING_DIR__ in hooks arguments (#​943) (c4ef91e)

1.101.1 (2025-10-09)

Bug Fixes
  • terragrunt_providers_lock, terragrunt_validate: Properly handle arguments passed from terragrunt to TF (#​939) (bae0525)

v1.100.1

Compare Source

Features

1.100.1 (2025-09-27)

Bug Fixes
  • terragrunt_providers_lock, terragrunt_validate: Properly handle arguments passed from terragrunt to TF (#​933) (ea46354)

v1.100.0

Compare Source

Features

1.100.1 (2025-09-27)

Bug Fixes
  • terragrunt_providers_lock, terragrunt_validate: Properly handle arguments passed from terragrunt to TF (#​933) (ea46354)

v1.99.5

Compare Source

Features

1.99.5 (2025-07-08)

Bug Fixes

1.99.4 (2025-06-12)

Bug Fixes
  • docker: Drop Mac arm64 build-time hack, needed for checkov<3.2.395 (#​907) (3c9ef3d)

1.99.3 (2025-06-06)

Bug Fixes
  • terraform_docs, terraform_wrapper_module_for_each: Improve .tofu files support (#​904) (4f85212)

1.99.2 (2025-06-05)

Bug Fixes
  • make infracost_breakdown.sh compatible with bash 3.2 (macOS) (#​903) (dcb4c36)

1.99.1 (2025-05-29)

Bug Fixes
  • terragrunt_* hooks: Use new subcommands for terragrunt v0.78.0+ instead of deprecated ones (#​901) (54468bb)

v1.99.4

Compare Source

Features

1.99.5 (2025-07-08)

Bug Fixes

1.99.4 (2025-06-12)

Bug Fixes
  • docker: Drop Mac arm64 build-time hack, needed for checkov<3.2.395 (#​907) (3c9ef3d)

1.99.3 (2025-06-06)

Bug Fixes
  • terraform_docs, terraform_wrapper_module_for_each: Improve .tofu files support (#​904) (4f85212)

1.99.2 (2025-06-05)

Bug Fixes
  • make infracost_breakdown.sh compatible with bash 3.2 (macOS) (#​903) (dcb4c36)

1.99.1 (2025-05-29)

Bug Fixes
  • terragrunt_* hooks: Use new subcommands for terragrunt v0.78.0+ instead of deprecated ones (#​901) (54468bb)

v1.99.3

Compare Source

Features

1.99.5 (2025-07-08)

Bug Fixes

[1.99.4](https:

Configuration

📅 Schedule: Branch creation - "after 12am and before 12pm on Monday and Friday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner January 31, 2025 06:48
@renovate renovate bot enabled auto-merge January 31, 2025 06:48
@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from d6a51fc to 7808dc4 Compare February 4, 2025 23:03
@renovate renovate bot changed the title chore(deps): update all dependencies fix(deps): update all dependencies Feb 4, 2025
@renovate
Copy link
Contributor Author

renovate bot commented Feb 4, 2025
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 5 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.22.2 -> 1.24.1
github.com/stretchr/testify v1.9.0 -> v1.10.0
golang.org/x/sync v0.10.0 -> v0.11.0
golang.org/x/sys v0.28.0 -> v0.30.0
golang.org/x/term v0.27.0 -> v0.29.0
golang.org/x/text v0.21.0 -> v0.22.0

@renovate renovate bot force-pushed the renovate/all branch 14 times, most recently from 06cdf3b to 3ae3e1f Compare February 12, 2025 08:50
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from a2a509f to c49f8d0 Compare February 12, 2025 17:40
@renovate renovate bot force-pushed the renovate/all branch 16 times, most recently from 31443eb to 3b074c7 Compare February 12, 2026 03:15
@renovate renovate bot force-pushed the renovate/all branch 12 times, most recently from b0f5d92 to 6896275 Compare February 16, 2026 06:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

renovate terraform

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants