build(deps): bump the aws-sdk-go-v2 group in /ecr-login with 4 updates #895

dependabot · 2024-11-07T16:44:24Z

Bumps the aws-sdk-go-v2 group in /ecr-login with 4 updates: github.com/aws/aws-sdk-go-v2/config, github.com/aws/aws-sdk-go-v2/credentials, github.com/aws/aws-sdk-go-v2/service/ecr and github.com/aws/aws-sdk-go-v2/service/ecrpublic.

Updates github.com/aws/aws-sdk-go-v2/config from 1.28.1 to 1.28.2

Commits

70eb57a Release 2024-11-06
cd2c6b1 Regenerated Clients
2b2a737 Update API model
8c9892f bump smithy-go codegen to latest (#2890)
82897be fix potential for user-agent lang value mismatch in tests (#2888)
061540b Cloudfront - add expire time in signed cookie. (#2862)
aa3bd1f fix makefile to not spam releases for feature/dynamodb/attributevalue (#2885)
eb96051 Release 2024-11-01
7f2d000 Regenerated Clients
8542f2f Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.17.42 to 1.17.43

Commits

70eb57a Release 2024-11-06
cd2c6b1 Regenerated Clients
2b2a737 Update API model
8c9892f bump smithy-go codegen to latest (#2890)
82897be fix potential for user-agent lang value mismatch in tests (#2888)
061540b Cloudfront - add expire time in signed cookie. (#2862)
aa3bd1f fix makefile to not spam releases for feature/dynamodb/attributevalue (#2885)
eb96051 Release 2024-11-01
7f2d000 Regenerated Clients
8542f2f Update endpoints model
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecr from 1.36.3 to 1.36.4

Commits

ae835ec Release 2023-05-04
ef7f367 Regenerated Clients
a62e494 Update endpoints model
833592f Update API model
829131f Add SQSCustomizations (#2108)
9d08e7d Release 2023-05-03
cec4d55 Regenerated Clients
f558c81 Update API model
8d2e554 Release 2023-05-02
312e442 Regenerated Clients
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/ecrpublic from 1.27.3 to 1.27.4

Commits

7095341 Release 2024-02-23
bcf04e6 Regenerated Clients
ca190b0 Update API model
6397a64 move common middleware stack ops to service client modules (#2516)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

github-actions · 2024-11-07T16:44:42Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package

Version

Score

Details

gomod/github.com/aws/aws-sdk-go-v2/config

1.28.2

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/credentials

1.17.43

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/feature/ec2/imds

1.16.19

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/internal/configsources

1.3.23

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/internal/endpoints/v2

2.6.23

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/service/ecr

1.36.4

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/service/ecrpublic

1.27.4

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/service/internal/presigned-url

1.12.4

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/service/sso

1.24.4

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/service/ssooidc

1.28.4

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

gomod/github.com/aws/aws-sdk-go-v2/service/sts

1.32.4

🟢 5.5

Details

Check	Score	Reason
Code-Review	⚠️ 2	Found 6/27 approved changesets -- score normalized to 2
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
Branch-Protection	⚠️ -1	internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging	⚠️ -1	packaging workflow not detected
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Token-Permissions	⚠️ 0	detected GitHub workflow tokens with excessive permissions
Security-Policy	🟢 10	security policy file detected
Fuzzing	⚠️ 0	project is not fuzzed
SAST	⚠️ 0	SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities	🟢 9	1 existing vulnerabilities detected
Binary-Artifacts	🟢 9	binaries present in source code
Pinned-Dependencies	⚠️ 0	dependency not pinned by hash detected -- score normalized to 0

Scanned Files

ecr-login/go.mod

austinvazquez · 2024-11-07T17:15:55Z

@dependabot rebase

Bumps the aws-sdk-go-v2 group in /ecr-login with 4 updates: [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2), [github.com/aws/aws-sdk-go-v2/credentials](https://github.com/aws/aws-sdk-go-v2), [github.com/aws/aws-sdk-go-v2/service/ecr](https://github.com/aws/aws-sdk-go-v2) and [github.com/aws/aws-sdk-go-v2/service/ecrpublic](https://github.com/aws/aws-sdk-go-v2). Updates `github.com/aws/aws-sdk-go-v2/config` from 1.28.1 to 1.28.2 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.28.1...config/v1.28.2) Updates `github.com/aws/aws-sdk-go-v2/credentials` from 1.17.42 to 1.17.43 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@credentials/v1.17.42...credentials/v1.17.43) Updates `github.com/aws/aws-sdk-go-v2/service/ecr` from 1.36.3 to 1.36.4 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@service/ssm/v1.36.3...service/ssm/v1.36.4) Updates `github.com/aws/aws-sdk-go-v2/service/ecrpublic` from 1.27.3 to 1.27.4 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@config/v1.27.3...config/v1.27.4) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-type: direct:production update-type: version-update:semver-patch dependency-group: aws-sdk-go-v2 - dependency-name: github.com/aws/aws-sdk-go-v2/credentials dependency-type: direct:production update-type: version-update:semver-patch dependency-group: aws-sdk-go-v2 - dependency-name: github.com/aws/aws-sdk-go-v2/service/ecr dependency-type: direct:production update-type: version-update:semver-patch dependency-group: aws-sdk-go-v2 - dependency-name: github.com/aws/aws-sdk-go-v2/service/ecrpublic dependency-type: direct:production update-type: version-update:semver-patch dependency-group: aws-sdk-go-v2 ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested review from a team as code owners November 7, 2024 16:44

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Nov 7, 2024

dependabot bot force-pushed the dependabot/go_modules/ecr-login/aws-sdk-go-v2-703c7dbf30 branch from c31d26e to 268fcff Compare November 7, 2024 17:16

austinvazquez approved these changes Nov 7, 2024

View reviewed changes

austinvazquez merged commit cd1917e into main Nov 7, 2024
12 checks passed

austinvazquez deleted the dependabot/go_modules/ecr-login/aws-sdk-go-v2-703c7dbf30 branch November 7, 2024 17:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump the aws-sdk-go-v2 group in /ecr-login with 4 updates #895

build(deps): bump the aws-sdk-go-v2 group in /ecr-login with 4 updates #895

dependabot bot commented on behalf of github Nov 7, 2024 •

edited

Loading

github-actions bot commented Nov 7, 2024 •

edited

Loading

austinvazquez commented Nov 7, 2024

build(deps): bump the aws-sdk-go-v2 group in /ecr-login with 4 updates #895

build(deps): bump the aws-sdk-go-v2 group in /ecr-login with 4 updates #895

Conversation

dependabot bot commented on behalf of github Nov 7, 2024 • edited Loading

github-actions bot commented Nov 7, 2024 • edited Loading

Dependency Review

OpenSSF Scorecard

Scanned Files

austinvazquez commented Nov 7, 2024

dependabot bot commented on behalf of github Nov 7, 2024 •

edited

Loading

github-actions bot commented Nov 7, 2024 •

edited

Loading