search

DopplerHQ / terraform-provider-doppler

Apache License 2.0
23 stars 9 forks source link

Update Go version to v1.22 #89

Closed nmanoogian closed 5 months ago

nmanoogian commented 5 months ago

This addresses a finding surfaced by govulncheck:

Vulnerability #1: GO-2024-2887
    Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in
    net/netip
  More info: https://pkg.go.dev/vuln/GO-2024-288[7](https://github.com/DopplerHQ/terraform-provider-doppler/actions/runs/9376877060/job/25817541670#step:5:8)
  Standard library
    Found in: net/netip@go1.21.10
    Fixed in: net/netip@go1.21.11
    Example traces found:
Error:       #1: main.go:[11](https://github.com/DopplerHQ/terraform-provider-doppler/actions/runs/9376877060/job/25817541670#step:5:12):14: terraform.main calls plugin.Serve, which eventually calls netip.Addr.IsLoopback
Error:       #2: main.go:11:[14](https://github.com/DopplerHQ/terraform-provider-doppler/actions/runs/9376877060/job/25817541670#step:5:15): terraform.main calls plugin.Serve, which eventually calls netip.Addr.IsMulticast