aherman
/
packer
mirror of https://github.com/hashicorp/packer
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update allowed dependencies to track (#12355)

Browse Source 
* Packer plugins rely on the Packer SDK for the majority of its HCL
dependency. To prevent issues with the version of go-cty or hcl/v2 pkg
getting out of sync this changes sets the allowed dependency to
packer-plugin-sdk only.

* HashiCorp is standardizing on pinning versions of allowed GitHub actions to prevent
the introduction of potential security issues. This change removes GitHub actions
from dependabot.
pull/12356/head
Wilken Rivera 3 years ago committed by GitHub
parent 290fb9d908
commit 06653b98c0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File

6
.github/dependabot.yml vendored
Unescape View File

@ -6,10 +6,4 @@ updates:
interval: daily
allow:
- dependency-name: "github.com/hashicorp/packer-plugin-sdk"
- dependency-name: "github.com/hashicorp/hcl/v2"
- dependency-name: "github.com/zclconf/go-cty"
- dependency-name: "github.com/hashicorp/hcp-sdk-go"
- package-ecosystem: github-actions
directory: /
schedule:
interval: daily

Write Preview
Loading…
Cancel
Save