Backport all changes for v1.15.1#13590
Merged
anurag5sh merged 26 commits intorelease/1.15.xfrom Mar 26, 2026
Merged
Conversation
version: prepare dev v1.15.1
…-03-11 Update LICENSE
Brings in latest upstream improvements and bug fixes from circl. Helps maintain compatibility and security with indirect dependencies.
Updates circl dependency to v1.6.3
Upgrade go-git to v5.17.0 and grpc to 1.79.3
Bumps [github.com/hashicorp/hcp-sdk-go](https://github.com/hashicorp/hcp-sdk-go) from 0.136.0 to 0.167.0. - [Release notes](https://github.com/hashicorp/hcp-sdk-go/releases) - [Changelog](https://github.com/hashicorp/hcp-sdk-go/blob/main/CHANGELOG.md) - [Commits](hashicorp/hcp-sdk-go@v0.136.0...v0.167.0) --- updated-dependencies: - dependency-name: github.com/hashicorp/hcp-sdk-go dependency-version: 0.167.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
….com/hashicorp/hcp-sdk-go-0.167.0 build(deps): bump github.com/hashicorp/hcp-sdk-go from 0.136.0 to 0.167.0
Bumps [github.com/hashicorp/packer-plugin-sdk](https://github.com/hashicorp/packer-plugin-sdk) from 0.6.4 to 0.6.6. - [Release notes](https://github.com/hashicorp/packer-plugin-sdk/releases) - [Changelog](https://github.com/hashicorp/packer-plugin-sdk/blob/main/CHANGELOG.md) - [Commits](hashicorp/packer-plugin-sdk@v0.6.4...v0.6.6) --- updated-dependencies: - dependency-name: github.com/hashicorp/packer-plugin-sdk dependency-version: 0.6.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Ensures compatibility with the latest OpenTelemetry libraries, potentially addressing security and stability improvements. Prepares codebase for new features and bug fixes from upstream.
Updates OpenTelemetry dependencies to v1.41.0
….com/hashicorp/packer-plugin-sdk-0.6.6 build(deps): bump github.com/hashicorp/packer-plugin-sdk from 0.6.4 to 0.6.6
Configures automated dependency updates for GitHub Actions workflows, groups all actions in a single pull request, schedules updates monthly, and ignores major version bumps to reduce noise and streamline updates.
* add configuration fields to SBOMInternalProvisioner * add os detection * move implementation to hcp-sbom * upload scanner binary and execute * use latest syft version always * reduce duplicate code * rename config fields appropriately * default to cyclonedx * add syft dependency * add support for elevated user for windows * add retry for download * add syft dependency Updates go version * optimization for windows * improve docs * update config usage rules * add unit tests * update golang version, fix linter issues * refactor and improvements * simplify few lines * refactor retry for scanner download * resolved conflicts * resolve conflicts from main * stick to syft v1 for compatibility * fix lint issues * stricter version check for syft * fix version eg * update go version to 1.25.7 * go mod changes
* don't update markdown files anymore This needs to be done in web-unified-docs repo * add contriubting guide for docs
…13578) The syft library has a transitive dependency on containerd, which includes platform-specific code that doesn't compile on NetBSD, OpenBSD, and Solaris. This change adds build constraints to exclude the syft import on these platforms. The hcp-sbom provisioner functionality is unaffected since it downloads and executes pre-built syft binaries at runtime rather than using the Go library directly. The import exists solely for dependency tracking in license and security scanning tools.
* bump syft to v1.42.3 fix GO-2026-4809 * bump sdk to v0.6.7 * update go version
BUG: Scrub multiline sensitive values from build output
taru-garg-hashicorp
approved these changes
Mar 26, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
Backport all changes for v1.15.1