Release v1.18.0#846
Open
github-actions[bot] wants to merge 8 commits intomainfrom
Open
Conversation
<!-- CURSOR_AGENT_PR_BODY_BEGIN --> ## Summary - Batch ELBv2 `DescribeTags` calls into 20-resource chunks and fetch chunks concurrently. - Add equivalent parallel batching for classic ELB load balancer tags. - Add unit tests with mocks that reject over-limit tag requests and verify all 25 resources receive tags. ## Validation - `go test -run 'TestElbv2GetTagsMapBatching|TestElbGetTagsMapBatching|TestELBv2LoadBalancerOutputMapper|TestActionToRequests' ./aws-source/adapters` - `go test -race -run 'TestElbv2GetTagsMapBatching|TestElbGetTagsMapBatching|TestELBv2LoadBalancerOutputMapper|TestActionToRequests' ./aws-source/adapters` - `golangci-lint run ./aws-source/adapters` Note: `go test ./aws-source/adapters` was attempted but failed in existing AWS E2E-style adapter tests because this cloud environment has no AWS credentials/IMDS role for STS `GetCallerIdentity`; the targeted unit/race tests above do not require AWS credentials and passed. <!-- CURSOR_AGENT_PR_BODY_END --> Linear Issue: [ENG-3993](https://linear.app/overmind/issue/ENG-3993/fix-elb-describetags-parallel-batching) <div><a href="https://cursor.com/agents/bc-f2682b59-b51c-4946-8533-6b1331502eda"><picture><source media="(prefers-color-scheme: dark)" srcset="https://cursor.com/assets/images/open-in-web-dark.png"><source media="(prefers-color-scheme: light)" srcset="https://cursor.com/assets/images/open-in-web-light.png"><img alt="Open in Web" width="114" height="28" src="https://cursor.com/assets/images/open-in-web-dark.png"></picture></a> <a href="https://cursor.com/background-agent?bcId=bc-f2682b59-b51c-4946-8533-6b1331502eda"><picture><source media="(prefers-color-scheme: dark)" srcset="https://cursor.com/assets/images/open-in-cursor-dark.png"><source media="(prefers-color-scheme: light)" srcset="https://cursor.com/assets/images/open-in-cursor-light.png"><img alt="Open in Cursor" width="131" height="28" src="https://cursor.com/assets/images/open-in-cursor-dark.png"></picture></a> </div> Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: David Schmitt <DavidS-ovm@users.noreply.github.com> GitOrigin-RevId: e178c68f5e76231a55665c9fc8b7825b3e1b6644
…-radius allocations (#4866) ## Summary - **Hotfix the OOMKill** that triggered ENG-4069: each `ChangeAnalysisCalculationWorker.Work()` now ends with `debug.FreeOSMemory()`, so a worker that just finished a heavy walk hands idle heap back to the OS before the next job runs in the same pod. Memory tracing in `go/tracing/memory.go` is extended with `HeapInuse` / `HeapIdle` / `HeapReleased` / `HeapSys` so we can distinguish OS-returned memory from process RSS in spans. - **Cut the recursion's allocation churn** in `recursivelyQueryBlastRadius`: pre-size `newCandidateItems`, collapse the parallel `allImpactResults` / `chunkKnowledgeList` slices into a single struct slice, replace the string-keyed `*sync.Map` dedup with a pre-sized `concurrentCandidateSet` keyed by a struct, and add `newBlastRadiusDedup(maxItems)`. - **Stop deep-copying the link path on every surviving impactResult**: introduce `*linkChain`, an append-only structurally-shared linked list. `Append` is a single ~48-byte node alloc regardless of path depth; siblings share the parent chain. Materialised once via `ToSlice()` at the SQL writeback / reducer boundary in `queryLLMForBlastRadiusDecision`. New `link_chain_test.go` covers the structural-sharing invariant. ## Linear Ticket Fixes: [ENG-4069](https://linear.app/overmind/issue/ENG-4069/change-analysis-work-never-returns-after-orphanedduplicate-start) — Change-analysis Work() never returns after orphaned/duplicate start-analysis → 1h River stuck-job rescue causes 30+ min Atlantis delays - **Purpose**: ThousandEyes Atlantis applies were delayed ~30 min because a heavy change-analysis job OOMKilled the worker, leaving the River job in `running` state until the 1h stuck-job rescuer fired. This PR addresses the memory-pressure side of that incident; the orphan/duplicate-start-analysis side is tracked separately on the parent ticket. - **Blocks**: not currently blocking other tickets, but customer-facing — ThousandEyes is hitting it on real applies. ## Changes Touches the change-analysis package and the shared memory-tracing helper: - `go/tracing/memory.go` — added heap-detail fields and the corresponding span attributes / delta calculations. - `services/api-server/service/changeanalysis/change_analysis.go` — `Work()` defers `debug.FreeOSMemory()` (with before/after span attrs for diagnostics); `recursivelyQueryBlastRadius` now carries `*linkChain` instead of `[]link`, builds children via `previousLinks.Append(...)`, and uses the new pre-sized impactResult/dedup types. - `services/api-server/service/changeanalysis/llm_blast_radius.go` — `queryLLMForBlastRadiusDecision` takes `*linkChain`, materialises once at the LLM boundary; new `linkChain` type lives next to `type link`. - `services/api-server/service/changeanalysis/llm_blast_radius_test.go`, `dedup_impact_analysis_test.go` — adapt to the new dedup set type and the chain-typed args. - `services/api-server/service/changeanalysis/link_chain_test.go` — new, six focused tests for `linkChain` (nil semantics, sibling Append non-mutation, root↔leaf order, early break, empty-from-slice). Reviewers should focus on: 1. Thread-safety of `linkChain` siblings sharing a parent (Append never mutates existing nodes — the chain is functionally immutable). 2. The `concurrentCandidateSet` mutex usage replacing the previous `*sync.Map`. 3. Whether `defer debug.FreeOSMemory()` at the end of `Work()` is the right scope — it runs even on panic / context cancel, and only runs once per job (not per recursion). No schema changes, no API changes, no behaviour changes for downstream consumers — same blast-radius output, less allocation churn. ## Approved Plan - **Plan approver**: Elliot Waddington - **Approval ticket**: https://linear.app/overmind/issue/ENG-4073/approve-change-analysis-work-never-returns-after-orphanedduplicate > Deviation analysis and reviewer assignment are handled automatically by the > pre-approved PR review automation (see docs/PREAPPROVED_CHANGES.md). Made with [Cursor](https://cursor.com) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Touches a production hot path (change-analysis River worker) with new memory-reclamation behavior (`FreeOSMemory()` STW GC) and concurrency/dedup refactors, which could affect throughput/latency or dedup correctness under load. > > **Overview** > Mitigates change-analysis OOMs by snapshotting memory at job start/end, **forcing `debug.FreeOSMemory()` in `Work()`**, and emitting before/after/delta memory stats into the top-level span. > > Improves blast-radius recursion efficiency by replacing string-keyed `sync.Map` candidate dedup with a pre-sized mutex-backed set keyed by `(item GUN, type signature)`, pre-sizing hot-loop slices, and avoiding repeated deep copies of link paths via a new structurally-shared `*linkChain` (materialized to `[]link` only at the LLM boundary). Tests are updated and `link_chain_test.go` is added to cover the new chain semantics. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit b9a25171036ef24d17eaa04c533f6fa70f6fd2df. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> GitOrigin-RevId: db712391ae487e13d8e09dbd2f67a62df01db145
## Summary - Bump `github.com/aws/aws-sdk-go-v2` from `v1.41.6` to `v1.41.7` (latest available patch) and `github.com/aws/smithy-go` from `v1.25.0` to `v1.25.1` (pulled transitively). - Routine hygiene update in response to Snyk findings on ENG-4083; no behavioural changes and no functional code edits. - The Snyk advisory itself ([GHSA-xmrv-pmrh-hhx2](GHSA-xmrv-pmrh-hhx2)) targets `aws-sdk-go-v2/aws/protocol/eventstream`, which we already pin at `v1.7.9` (above the patched `v1.7.8`); the 5 Snyk findings are mismapped to the core module and to Bedrock service modules we don't import. Triage write-up and dismissal rationale are on the Linear ticket. ## Linear Ticket Fixes: [ENG-4083](https://linear.app/overmind/issue/ENG-4083/aws-high-vulns-in-snyk) — AWS high vulns in snyk - **Purpose**: Address 5 high-severity Snyk findings flagged against `github.com/aws/aws-sdk-go-v2@v1.41.6`. Investigation showed the actual vulnerable code (`aws/protocol/eventstream`) is already on a patched version in our build, so this PR is a hygiene bump rather than a fix. ## Changes - `go.mod`: `github.com/aws/aws-sdk-go-v2` `v1.41.6` → `v1.41.7`. - `go.mod`: `github.com/aws/smithy-go` `v1.25.0` → `v1.25.1` (transitive bump from the SDK update). - `go.sum`: regenerated by `go mod tidy` to match. - No source changes. `go build ./...` passes. <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Dependency-only patch bumps with no functional code edits; risk is limited to potential upstream SDK behavior changes. > > **Overview** > Updates Go dependencies to address Snyk hygiene findings by bumping `github.com/aws/aws-sdk-go-v2` from `v1.41.6` to `v1.41.7`, along with the transitive `github.com/aws/smithy-go` bump from `v1.25.0` to `v1.25.1`. > > Regenerates `go.sum` entries accordingly; **no application/source code changes** are included. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 1617a1b79cb9365da5cdce803e42aef9a6738fb1. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> GitOrigin-RevId: b30a361a98da66e9f84a459f7e9f7acd57106a10
<!-- CURSOR_AGENT_PR_BODY_BEGIN --> # Overview Implements ENG-4063 - adds support for multiple knowledge directories in the Overmind CLI. This unblocks ThousandEyes on their workflow for overlaying global org-wide knowledge with per-stack local knowledge, as committed to Ricard Bejarano on the Apr 29 weekly call. ## Changes ### Core Functionality - **New `ResolveKnowledgeDirs` function**: Handles resolution of knowledge directories from explicit `--knowledge-dir` flags or auto-discovery fallback - **Updated `Discover` function**: Now accepts variadic directories with cross-directory name collision handling (later directories override earlier ones) - **Added `SourceDir` field**: `KnowledgeFile` struct now tracks which directory each file came from ### CLI Flags - **`--knowledge-dir`**: New StringSlice flag on `terraform plan`, `submit-plan`, `start-analysis`, and `knowledge list` commands - Supports repeated flags: `--knowledge-dir global --knowledge-dir local` - Supports comma-separated: `--knowledge-dir global,local` - Falls back to auto-discovery when not specified (backward compatible) ### Behavior - **Missing directories tolerated**: Non-existent paths in explicit list are skipped with warning logs - **Cross-directory precedence**: Later directories override earlier ones when same knowledge file `name` appears - **Within-directory duplicates**: Still emit warnings and skip (existing behavior preserved) - **Backward compatibility**: Empty explicit list triggers today's walk-up auto-discovery ### Knowledge List Updates - Shows single directory path when one directory resolved - Shows numbered list of directories when multiple resolved - Adds "Source Dir" column to table when multiple directories present - Displays override warnings in invalid/skipped section ## Testing ### Unit Tests - All existing tests pass unchanged - Added comprehensive tests for multi-directory scenarios: - Cross-directory override behavior - Mixed existing/missing directories - Deterministic ordering - Within-directory duplicate handling preserved - Empty list handling - **New**: Viper StringSlice round-trip test confirms flag parsing works correctly for repeated, comma-separated, and mixed formats ### Manual Smoke Testing Performed comprehensive local dogfood testing with multi-directory setup: - ✅ Multi-directory discovery works correctly - ✅ Cross-directory override shows warning but succeeds - ✅ Backward-compatible auto-discovery still works - ✅ Help text displays correctly - ✅ All knowledge files discovered with correct precedence ## Documentation ### User-Facing Documentation Updated all relevant documentation as identified by doc-maintainer review: 1. **`docs.overmind.tech/docs/cli/configuration.md`** - Added comprehensive multi-directory section with examples - Documented directory precedence rules - Explained missing directory tolerance - Updated example project structure 2. **`docs.overmind.tech/docs/knowledge/knowledge.md`** - Added multi-directory section with layering explanation - Updated previewing section with multi-directory examples - Cross-referenced CLI configuration guide 3. **`docs.overmind.tech/docs/cli/overview.md`** - Updated configuration files section to mention multi-directory support - Added example showing multiple directories ### Internal Documentation 4. **`cli/README.md`** - Expanded knowledge list command documentation - Added multi-directory usage examples - Cross-referenced knowledge documentation ## Customer Impact Enables ThousandEyes to: 1. Maintain global org-wide knowledge in a central directory 2. Override with per-stack local knowledge via directory precedence 3. Inject per-PR dynamic knowledge directories from Atlantis post-workflow hooks Supports the use case: `--knowledge-dir .overmind/knowledge --knowledge-dir ./stacks/prod/.overmind/knowledge` ## Plan Compliance This PR now fully implements all aspects of the original plan (ENG-4063): - ✅ Core multi-directory implementation - ✅ Comprehensive unit tests - ✅ Viper StringSlice round-trip test - ✅ Documentation updates (user-facing and internal) - ✅ Local dogfood smoke testing All plan deviations have been addressed. <!-- CURSOR_AGENT_PR_BODY_END --> Linear Issue: [ENG-4063](https://linear.app/overmind/issue/ENG-4063/cli-support-multiple-knowledge-file-directories) <div><a href="https://cursor.com/agents/bc-a7b9223a-f397-4cd5-bc79-426cf685994b"><picture><source media="(prefers-color-scheme: dark)" srcset="https://cursor.com/assets/images/open-in-web-dark.png"><source media="(prefers-color-scheme: light)" srcset="https://cursor.com/assets/images/open-in-web-light.png"><img alt="Open in Web" width="114" height="28" src="https://cursor.com/assets/images/open-in-web-dark.png"></picture></a> <a href="https://cursor.com/background-agent?bcId=bc-a7b9223a-f397-4cd5-bc79-426cf685994b"><picture><source media="(prefers-color-scheme: dark)" srcset="https://cursor.com/assets/images/open-in-cursor-dark.png"><source media="(prefers-color-scheme: light)" srcset="https://cursor.com/assets/images/open-in-cursor-light.png"><img alt="Open in Cursor" width="131" height="28" src="https://cursor.com/assets/images/open-in-cursor-dark.png"></picture></a> </div> --------- Co-authored-by: Cursor Agent <cursoragent@cursor.com> Co-authored-by: Dylan <dylanratcliffe@users.noreply.github.com> GitOrigin-RevId: 93c54e4e43ec37b40b7182573d062a1890afe6fd
![https://cursor.com/assets/images/open-in-web-dark.png"><source](https://cursor.com/assets/images/open-in-web-dark.png"><source){kind=link}
![https://cursor.com/assets/images/open-in-web-light.png"><img](https://cursor.com/assets/images/open-in-web-light.png"><img){kind=link}
![https://cursor.com/assets/images/open-in-web-dark.png"></picture></a> <a](https://cursor.com/assets/images/open-in-web-dark.png"></picture></a> <a){kind=link}
![https://cursor.com/assets/images/open-in-cursor-dark.png"><source](https://cursor.com/assets/images/open-in-cursor-dark.png"><source){kind=link}
![https://cursor.com/assets/images/open-in-cursor-light.png"><img](https://cursor.com/assets/images/open-in-cursor-light.png"><img){kind=link}
![https://cursor.com/assets/images/open-in-cursor-dark.png"></picture></a> </div](https://cursor.com/assets/images/open-in-cursor-dark.png"></picture></a> </div){kind=link}
… checks (#4831) <!-- CURSOR_SUMMARY --> > [!NOTE] > **Medium Risk** > Touches CI secrets wiring and Azure integration test infrastructure logic, which can affect test reliability and cloud resource provisioning/cleanup. Changes are scoped to tests/workflows, but failures could increase CI cost or leave resources behind if cleanup paths regress. > > **Overview** > **Azure weekly integration CI** now injects SQL Server admin credentials from 1Password (adds `AZURE_SQL_SERVER_ADMIN_LOGIN`/`AZURE_SQL_SERVER_ADMIN_PASSWORD`) and increases the weekly `go test` timeout from 180m to 240m. > > **Integration test hardening**: the VM Run Command test provisions a Standard public IP and attaches it to the NIC for outbound connectivity, adds short timeouts for run-command create/delete polling, recreates stale failed run commands, and downgrades known VM-agent communication failures from hard-fail to *skip/log* to prevent CI flakiness. SQL Server and SQL Database tests add a `setupCompleted` gate so the `Run` phase is skipped when setup fails, and the SQL failover group test switches the secondary region from `eastus` to `centralus`. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 00af8451f4557423328ae8cebd5dbb7fa6177f36. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> FINALLY PASSING : <img width="1725" height="1029" alt="image" src="https://github.com/user-attachments/assets/e0b9ac34-efb5-45b1-b1ed-9ca756df4fa8" /> GitOrigin-RevId: bd41af4626f290197c9b27bab5ed007525c8ee2a
…LI releases (#4883) ## Summary - Add SLSA Level 3 build-provenance attestations (via `actions/attest-build-provenance@v3` / Sigstore) and per-archive SPDX SBOMs (via GoReleaser + Syft) to the CLI release pipeline, giving security-mature customers (Imperva/Thales) a verifiable supply chain story. - Replace the third-party `overmindtech/release-downloader@workarounds` fork in `actions/install-cli` with `gh release download` + `gh attestation verify`, adding automatic tamper detection and removing a supply chain dependency. - Create a dedicated "Verifying CLI Releases" reference page at `docs.overmind.tech/docs/cli/verifying-releases.md` documenting `gh`, `cosign`, SBOM, checksums, and package manager verification paths. ## Linear Ticket Fixes: [ENG-4088](https://linear.app/overmind/issue/ENG-4088/cli-artifact-attestations-producer-github-action-consumer) — CLI artifact attestations (producer + GitHub Action consumer) - **Purpose**: Harden CLI supply chain for security-mature procurement (Imperva pilot); provide cryptographic build provenance for every GitHub Release archive. - **Blocks**: [ENG-4087](https://linear.app/overmind/issue/ENG-4087) — env0-plugin attestation verification (depends on attested releases existing) ## Changes **Producer side (`cli/`)**: - `.goreleaser.yaml`: Added `sboms:` block producing `{{ .ArtifactName }}.spdx.json` per archive via Syft - `.github/workflows/release.yml`: Added `id-token: write` + `attestations: write` permissions, Syft install step, and `actions/attest-build-provenance@v3` step attesting archives + checksums.txt **Consumer side (`actions/`)**: - `install-cli/action.yml`: Replaced `release-downloader@workarounds` with composite shell using `gh release download` + `gh attestation verify --repo overmindtech/cli`; supports GHES via `GH_HOST` derivation from `github-api-url` - `README.md`: Updated install-cli description to document attestation verification **Documentation**: - `docs.overmind.tech/docs/cli/verifying-releases.md`: New 8-section reference page covering all verification mechanisms - `docs/ARCHITECTURE.md`: Added CLI supply-chain paragraph to CI Build section **Release sequencing**: The CLI release (producer) must ship first so attestations exist before the `actions/install-cli` consumer change ships. See the plan for the two-phase Copybara flow. ## Approved Plan - **Plan approver**: TP Honey - **Approval ticket**: https://linear.app/overmind/issue/ENG-4089/approve-plan-cli-artifact-attestations-producer-github-action-consumer > Deviation analysis and reviewer assignment are handled automatically by the > pre-approved PR review automation (see docs/PREAPPROVED_CHANGES.md). Made with [Cursor](https://cursor.com) <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Medium risk because it changes the CLI release workflow and the `install-cli` action’s download path to require `gh` and (when available) attestation verification, which could break installs/releases if runner or permissions differ from expectations. > > **Overview** > Adds supply-chain artifacts to CLI releases: GoReleaser now generates per-archive SPDX SBOMs (via Syft) and the release workflow publishes Sigstore-signed SLSA build-provenance attestations for release archives and `checksums.txt`. > > Updates the `actions/install-cli` composite action to download via `gh release download` and verify provenance with `gh attestation verify` (with a 404-only fallback for pre-attestation releases), including GHES support via derived `GH_HOST`; CI also installs Syft for GoReleaser dry runs and docs are updated with a new CLI release verification guide and link-check exclusions. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 89850d653374d29cef180b72fe9e8333a96f7c74. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Co-authored-by: Cursor <cursoragent@cursor.com> Co-authored-by: David Schmitt <david.schmitt@overmind.tech> GitOrigin-RevId: ee7ebceaf70cd39399905aeef4f9724365ea2b66
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/aws/aws-sdk-go-v2/config](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.32.16` → `v1.32.17` |  |  | | [github.com/aws/aws-sdk-go-v2/credentials](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.19.15` → `v1.19.16` |  |  | | [github.com/aws/aws-sdk-go-v2/feature/ec2/imds](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.18.22` → `v1.18.23` |  |  | | [github.com/aws/aws-sdk-go-v2/service/apigateway](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.39.2` → `v1.39.3` |  |  | | [github.com/aws/aws-sdk-go-v2/service/autoscaling](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.66.1` → `v1.66.2` |  |  | | [github.com/aws/aws-sdk-go-v2/service/cloudfront](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.61.1` → `v1.62.0` |  |  | | [github.com/aws/aws-sdk-go-v2/service/cloudwatch](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.56.2` → `v1.57.0` |  |  | | [github.com/aws/aws-sdk-go-v2/service/directconnect](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.38.16` → `v1.38.17` |  |  | | [github.com/aws/aws-sdk-go-v2/service/dynamodb](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.57.2` → `v1.57.3` |  |  | | [github.com/aws/aws-sdk-go-v2/service/ec2](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.299.0` → `v1.299.1` |  |  | | [github.com/aws/aws-sdk-go-v2/service/ecs](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.79.0` → `v1.79.1` |  |  | | [github.com/aws/aws-sdk-go-v2/service/efs](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.41.15` → `v1.41.16` |  |  | | [github.com/aws/aws-sdk-go-v2/service/eks](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.82.1` → `v1.83.0` |  |  | | [github.com/aws/aws-sdk-go-v2/service/elasticloadbalancing](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.33.24` → `v1.33.25` |  |  | | [github.com/aws/aws-sdk-go-v2/service/elasticloadbalancingv2](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.54.11` → `v1.54.12` |  |  | | [github.com/aws/aws-sdk-go-v2/service/iam](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.53.8` → `v1.53.10` |  |  | | [github.com/aws/aws-sdk-go-v2/service/kms](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.50.5` → `v1.51.1` |  |  | | [github.com/aws/aws-sdk-go-v2/service/lambda](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.90.0` → `v1.90.1` |  |  | | [github.com/aws/aws-sdk-go-v2/service/networkfirewall](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.60.0` → `v1.60.1` |  |  | | [github.com/aws/aws-sdk-go-v2/service/networkmanager](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.41.9` → `v1.41.10` |  |  | | [github.com/aws/aws-sdk-go-v2/service/rds](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.118.1` → `v1.118.2` |  |  | | [github.com/aws/aws-sdk-go-v2/service/route53](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.62.6` → `v1.62.7` |  |  | | [github.com/aws/aws-sdk-go-v2/service/s3](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.100.0` → `v1.100.1` |  |  | | [github.com/aws/aws-sdk-go-v2/service/sesv2](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.60.3` → `v1.60.4` |  |  | | [github.com/aws/aws-sdk-go-v2/service/sns](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.39.16` → `v1.39.17` |  |  | | [github.com/aws/aws-sdk-go-v2/service/sqs](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.42.26` → `v1.42.27` |  |  | | [github.com/aws/aws-sdk-go-v2/service/ssm](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.68.5` → `v1.68.6` |  |  | | [github.com/aws/aws-sdk-go-v2/service/sts](https://redirect.github.com/aws/aws-sdk-go-v2) | `v1.42.0` → `v1.42.1` |  |  | --- > [!WARNING] > Some dependencies could not be looked up. Check the [Dependency Dashboard](../issues/370) for more information. --- ### Release Notes <details> <summary>aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2/feature/ec2/imds)</summary> ### [`v1.18.23`](https://redirect.github.com/aws/aws-sdk-go-v2/blob/HEAD/CHANGELOG.md#Release-2022-10-04) #### Module Highlights - `github.com/aws/aws-sdk-go-v2/service/connect`: [v1.31.0](service/connect/CHANGELOG.md#v1310-2022-10-04) - **Feature**: Updated the CreateIntegrationAssociation API to support the CASES\_DOMAIN IntegrationType. - `github.com/aws/aws-sdk-go-v2/service/connectcases`: [v1.0.0](service/connectcases/CHANGELOG.md#v100-2022-10-04) - **Release**: New AWS service client module - **Feature**: This release adds APIs for Amazon Connect Cases. Cases allows your agents to quickly track and manage customer issues that require multiple interactions, follow-up tasks, and teams in your contact center. For more information, see <https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html> - `github.com/aws/aws-sdk-go-v2/service/ec2`: [v1.63.0](service/ec2/CHANGELOG.md#v1630-2022-10-04) - **Feature**: Added EnableNetworkAddressUsageMetrics flag for ModifyVpcAttribute, DescribeVpcAttribute APIs. - `github.com/aws/aws-sdk-go-v2/service/ecs`: [v1.18.23](service/ecs/CHANGELOG.md#v11823-2022-10-04) - **Documentation**: Documentation updates to address various Amazon ECS tickets. - `github.com/aws/aws-sdk-go-v2/service/s3control`: [v1.24.0](service/s3control/CHANGELOG.md#v1240-2022-10-04) - **Feature**: S3 Object Lambda adds support to allow customers to intercept HeadObject and ListObjects requests and introduce their own compute. These requests were previously proxied to S3. - `github.com/aws/aws-sdk-go-v2/service/workmail`: [v1.17.0](service/workmail/CHANGELOG.md#v1170-2022-10-04) - **Feature**: This release adds support for impersonation roles in Amazon WorkMail. </details> --- ### Configuration 📅 **Schedule**: (in timezone Europe/London) - Branch creation - "after 6pm on thursday,before 10am on friday" - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/overmindtech/workspace). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNTkuMiIsInVwZGF0ZWRJblZlciI6IjQzLjE1OS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJnb2xhbmciXX0=--> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Low risk dependency-only change, but it can still cause runtime behavior changes in AWS API clients used by the workspace (e.g., credential/config loading and service-specific requests). > > **Overview** > Updates pinned versions for multiple `github.com/aws/aws-sdk-go-v2` modules (including `config`, `credentials`, and many `service/*` clients) and refreshes the corresponding indirect AWS internals. > > Regenerates `go.sum` to match the new AWS SDK module versions; no application code changes are included. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 0e2c4acb251093c91478b74e2f0f64cd760a829c. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> GitOrigin-RevId: 5d9493408e53a01785c6823d383576ec4cd97e71
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Copybara Sync - Release v1.18.0
This PR was automatically created by Copybara, syncing changes from the overmindtech/workspace monorepo.
Original author: David Schmitt (david.schmitt@overmind.tech)
What happens when this PR is merged?
tag-on-mergeworkflow will automatically create thev1.18.0tag on mainReview Checklist