Bump github.com/aws/aws-sdk-go-v2/config from 1.31.0 to 1.32.7#22
Merged
intel352 merged 2 commits intoFeb 17, 2026
Merged
Conversation
dependabot
Bot
added
dependencies
dependabot
Bot
force-pushed
the
dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.32.7
branch
from
3a0ad30 to
00307e5
Compare
Contributor
|
@dependabot recreate |
dependabot
Bot
force-pushed
the
dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.32.7
branch
3 times, most recently
from
28b3bf8 to
396c8c7
Compare
Contributor
|
@dependabot rebase |
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.31.0 to 1.32.7. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@v1.31.0...v1.32.7) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2/config dependency-version: 1.32.7 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.32.7
branch
from
396c8c7 to
4107889
Compare
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
intel352
deleted the
dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.32.7
branch
intel352
added a commit
that referenced
this pull request
Feb 17, 2026
- Validate plugin name against directory traversal in CompositeRegistry.Install() - Add isSafePathComponent() to validate plugin name/version in HTTP handler - Validate planID in FileStateStore.GetPlan() to prevent path traversal Fixes code scanning alerts #20, #21, #22. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
intel352
added a commit
that referenced
this pull request
May 15, 2026
…r module factories) (#682) * docs: design — extend ServeIaCPlugin to also serve module + step factories Closes the architectural gap surfaced mid-execution of the locked B/C/D plan: plugins served via sdk.ServeIaCPlugin currently can't register ModuleFactories/StepFactories (the iacPluginServiceBridge implements only GetContractRegistry + GetManifest; everything else returns Unimplemented). This blocks B/C/D's standalone-modules extraction (Tasks 8/9/23 + downstream Tasks 14-18, 27-29). Approach: extend IaCServeOptions with Modules + Steps factory maps; iacPluginServiceBridge delegates the Module/Step lifecycle RPCs to the existing grpc_server.go PluginService implementation (extracted into a shared helper so legacy sdk.Serve and the new bridge use one source of truth for handle state). Backwards compatible; one entrypoint preserved; no proto change. Absorbs the locked B/C/D plan's blocked tasks so the plan needs no unlock. ADR 0038 records the decision (Approaches A/B/C, why A wins, the load- bearing assumption about grpc_server.go extractability). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs: apply cycle-1 adversarial-review fixes Critical: corrected iacserver.go citation (line 196 → struct at 206-218, forward-extension comment at 200-205). Important: switched IaCServeOptions.Modules/.Steps to sdk.ModuleProvider / sdk.StepProvider (eliminates the factory-map-to-PluginProvider adapter shim — same interface grpc_server.go already consumes). Added explicit non-goals for MessageAwareModule (no broker plumbed through iacGRPCPlugin) and TypedModuleProvider (STRICT_PROTO contracts) for v1 scope. Rephrased the misleading "no structpb" claim to clarify no NEW structpb surface is introduced (Config remains structpb on the legacy path). Minor: PR-count estimate now a range (5+/15-20); plugin.json ↔ runtime parity test pinned with the locked-plan precedent; user-direction citation added to §Problem. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs: cycle-2 adversarial-review fixes (PASS-with-acceptance) Important findings addressed by precision: explicitly named the thin mapBackedProvider adapter (not "no shim" — the adapter IS the shim, just small ~30 LOC) so plan-writing isn't surprised by the constructor mismatch with newGRPCServer(PluginProvider). Added explicit nil-broker test note (SDK extension task includes a regression-guard test that SetMessagePublisher/SetMessageSubscriber are never called via the bridge path). Added explicit minEngineVersion floor note in Migration (mirrors the locked B/C/D plan's universal rule). Cycle 2 reviewer verdict: "design is substantially correct and implementable" — no architecture changes needed; documentation precision fixes only. PASS-with-acceptance per the recorded findings + recommended fixes incorporated. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs: plugin-modules-on-iac implementation plan (5 PRs / 19 tasks) Implements the SDK extension from decisions/0038 + absorbs the locked B/C/D plan's blocked scope (aws/gcp standalone modules, Phase B + Phase C workflow-core deletions). Builds on the design's mapBackedProvider adapter approach + the locked plan's already-shipped IaCStateBackend contract + Configure RPC. Plan structure: PR 1 (workflow SDK extension) → PR 2/3 (aws/gcp plugin modules + releases, parallel after workflow v0.53.0 tag) → PR 4 (Phase B core deletion, deps PR 2 + locked-plan PR 5) → PR 5 (Phase C core deletion, deps PR 3 + locked-plan PR 9). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs: apply cycle-1 adversarial-review fixes to plan Critical: Manifest() method added to mapBackedProvider (was missing, deterministic compile error); PR 3 pre-step added to coordinate the in-progress locked-plan Task #22 owner (otherwise commit-collision risk). Important: explicit subprocess runtime-launch validation steps in Tasks 7+11 (in-process bufconn was insufficient for the change class); explicit 'gh release view' pre-merge gate for PR 4 (#118 release tag); ContractRegistry() removed from mapBackedProvider (dead code path). Minor: credref.Reset() test-only helper + t.Cleanup pattern documented; Task 2 wording committed to bufconn-is-canonical with rationale. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * docs: cycle-2 adversarial-review fix (PASS-with-acceptance) Important: clarify CredInput.Source population path-routing — both the standalone-module and IaC-provider paths read config['credentials']['type'] from the raw YAML config (CloudCredentials.Extra never crosses the plugin boundary). Task 13's marker is consumed only by in-core paths PR 4 deletes. Two cycle-2 Minor findings (test-skeleton file reference + git add -A convention vs feedback memory) accepted as documentation-precision-only; the implementer/reviewer pipeline will catch the test-skeleton wording at implementation time, and the git status verify-step in the plan's commit blocks mitigates the scope-bleed risk the workspace memory addresses. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * chore: lock scope for plugin-modules-on-iac (alignment passed) * docs: address Copilot precision findings on #682 (status line + ADR shim wording) --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This was referenced May 17, 2026
Layer 3b: apply plugin-version discipline to remaining 56 plugin repos (workflow#758 follow-up)
#760
Closed
This was referenced May 31, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps github.com/aws/aws-sdk-go-v2/config from 1.31.0 to 1.32.7.
Commits
5a96470Release 2024-12-19653aa80Regenerated Clientsd02b239Update endpoints model698d709Update API model885de40Fix improper use of Printf-style functions (#2934)858298aRelease 2024-12-18f58264aRegenerated Clientsdf31082Update endpoints model346690eUpdate API model4515454Release 2024-12-17Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)