This is a minor release of Go that does not include any changes that
affect Terraform's behavior.
This does include a fix for golang/go#31084 that could potentially affect
HCL arithmetic (via math/big) on aarch64, but we do not currently build
Terraform for aarch64 so it cannot have affected any previous releases.
This this includes some security fixes that don't impact Terraform along
with a number of general improvements and fixes in the Go toolchain that
don't appear to affect Terraform behavior.
- URL parsing (such as in the "source" argument in a "module" block) now
validates more strictly the port portion, rejecting non-numeric ports.
Previously this could potentially lead to parts of the URL being
silently ignored.
- The temporary callback server for the forthcoming OAuth client
implementation in "terraform login" would otherwise have been vulnerable
to local (on the same host) denial of service attacks, which is not
a common attack vector but good to fix anyway.
The Terraform Enterprise brand has now been split into two parts:
- Terraform Cloud is the application that helps teams use Terraform together,
with remote state storage, a shared run environment, etc.
- Terraform Enterprise is the on-premise distribution that lets enterprises run
a private instance of the Terraform Cloud application.
The former TFE docs have been split accordingly.
Any command using meta.defaultFlagSet *might* occasionally exit before
the flag package's output got written. This caused flag error messages
to get lost. This PR discards the flag package output in favor of
directly returning the error to the end user.
A provider may not have the data to fill in required block values in all
cases during the resource Read operation. This is more common in import,
because there is no initial configuration or state, and it's possible
some values are only provided in the configuration.
The original intent of MinItems and MaxItems in the schema was to
enforce configuration constraints, not to enforce what the resource
could save in the state. Since the configuration is already statically
validated, and the Schema is validated against the configuration in a
separate step, we can drop these extra validation constraints in
CoerceValue and relax it to only ensure the types conform to what is
expected.
- Make these descriptions more similar, since they do basically the same thing.
- Add some subheaders to break up the wall of text and make it more skimmable.
- Nudge people more firmly toward `for_each` if they need to actually
incorporate data from a variable into their instances.
- Add version note so you know whether you can use this yet.
Ben Drucker