Commit Graph

8 Commits

Author SHA1 Message Date
Martin Atkins f6c6a88fe8 build: Use Go 1.12.8
This this includes some security fixes that don't impact Terraform along
with a number of general improvements and fixes in the Go toolchain that
don't appear to affect Terraform behavior.

- URL parsing (such as in the "source" argument in a "module" block) now
  validates more strictly the port portion, rejecting non-numeric ports.
  Previously this could potentially lead to parts of the URL being
  silently ignored.

- The temporary callback server for the forthcoming OAuth client
  implementation in "terraform login" would otherwise have been vulnerable
  to local (on the same host) denial of service attacks, which is not
  a common attack vector but good to fix anyway.
2019-08-16 16:29:43 -07:00
Radek Simko 67defb768e
go-version: Bump to 1.12.4 2019-05-13 15:34:21 +01:00
James Bardin b5b1e94f3a bump go version to 1.12.1 2019-03-14 17:28:16 -04:00
Martin Atkins 1a8ddc26a5 Switch to Go 1.11.5
An earlier commit incorrectly updated some versions in go.mod without also
updating the vendor tree, so this also rolls those back to where they used
to be so that we can roll them forward carefully and make sure the tests
actually pass. (If we just accept these new versions as specified the
tests do not pass, so some work is required to fix those regressions.)
2019-01-30 17:16:12 -08:00
Alex Pilon de769533e1
require go1.11.4 2019-01-15 14:26:21 -05:00
Martin Atkins 413959406a build: Use Go 1.11.3 in Travis-CI and in environments using "goenv" 2018-12-13 17:30:48 -08:00
Martin Atkins 88984aaca0 build: Specify in .go-version that we build with Go 1.11.1 2018-10-16 19:14:11 -07:00
Martin Atkins e6c958048c build: Document in a machine-readable way that we are now using Go 1.11 2018-10-16 19:14:11 -07:00