Mirrors/coredns
1
0
Fork 0
mirror of https://github.com/coredns/coredns.git synced 2025-10-27 08:14:18 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,132 Commits 7 Branches 76 Tags
4b597f8308d8d7cecb538e9831d77117da68c04e
Commit Graph

3132 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yong Tang
4b597f8308 Bump version to 1.9.1, and add release notes (#5247) 
This PR bumps coredns to 1.9.1 and add release notes.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
v1.9.1 		2022-03-11 09:30:37 -08:00
Yong Tang
83f7e0db30 Update James's github handle (#5242) 
Since James's github handle has been updated from @fastest963 to
@jameshartig, this PR updates the CODEOWNERS file.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 11:12:50 -08:00
Yong Tang
c7b55230e0 [plugin/reload]: Change hash from md5 to sha512 (#5226) 
This PR changes the reload plugin's hash from md5 to sha512,
for the purpose of avoid using md5. MD5 is a weak hash algorithm
and for security reasons we will avoid using it.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 09:55:10 -08:00
Chris O'Haver
3fe9d41a21 plugin/k8s_external: fix external nsAddrs when CoreDNS Service has no External IPs (#4891) 
fix external nsAddrs; add tests;

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-07 12:18:23 -05:00
Chris O'Haver
7263808fe1 plugin/k8s_external: implement zone transfers (#4977) 
Implement transfer for k8s_external. Notifies not supported.

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-07 12:16:24 -05:00
dependabot[bot]
267ce8a820 build(deps): bump actions/checkout from 2.4.0 to 3 (#5238) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](ec3a7ce113...a12a3943b4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 07:05:33 -08:00
Yong Tang
e391a39322 [plugin/log] Expand {combined} and {common} in log format (#5230) 
This PR tries to address the issue raised in 5223 where `{combined}`
or `{common}` in log format will not expand when `{combined}` or `{common}`
is not the only token in the format.

This PR fixes 5223.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 06:49:56 -08:00
Yong Tang
4b864a97d1 Removed decoupled version comments in github actions (#5240) 
The dependenabot is correctly updating the version of
the github actions with commit hash. However,
the version comments that was placed initially
is not updated. As such the version has been decoupled.
For example, the checkout action
ec3a7ce113134d7a93b817d10a8272cb61118579
is actually on v3.0 yet the comment is still on v2.4.0.

This PR removes the decoupled version comments to avoid
confusion.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-07 06:49:39 -08:00
dependabot[bot]
ca4073da67 build(deps): bump actions/stale from 4.1.0 to 5 (#5236) 
Bumps [actions/stale](https://github.com/actions/stale) from 4.1.0 to 5.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](7fb802b307...3cc1237663)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:38:46 -08:00
dependabot[bot]
8730862bf3 build(deps): bump actions/upload-artifact from 2.3.1 to 3 (#5237) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 2.3.1 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](82c141cc51...6673cd052c)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:38:14 -08:00
dependabot[bot]
eaf5570dc7 build(deps): bump actions/setup-go from 2.2.0 to 3 (#5239) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2.2.0 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](bfdd3570ce...f6164bd8c8)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:37:59 -08:00
dependabot[bot]
acc5ffcf36 build(deps): bump ossf/scorecard-action from 1.0.2 to 1.0.4 (#5235) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.0.2 to 1.0.4.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Commits](c8416b0b2b...c1aec4ac82)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:37:26 -08:00
dependabot[bot]
5d9d3a79ff build(deps): bump github.com/Azure/azure-sdk-for-go (#5234) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 62.0.0+incompatible to 62.1.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v62.0.0...v62.1.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:28:04 -08:00
dependabot[bot]
86bde5595b build(deps): bump github.com/aws/aws-sdk-go from 1.43.7 to 1.43.12 (#5233) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.7 to 1.43.12.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.43.7...v1.43.12)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:27:48 -08:00
dependabot[bot]
cff5b9e2b7 build(deps): bump gopkg.in/DataDog/dd-trace-go.v1 from 1.36.0 to 1.36.2 (#5232) 
Bumps [gopkg.in/DataDog/dd-trace-go.v1](https://github.com/DataDog/dd-trace-go) from 1.36.0 to 1.36.2.
- [Release notes](https://github.com/DataDog/dd-trace-go/releases)
- [Commits](https://github.com/DataDog/dd-trace-go/compare/v1.36.0...v1.36.2)

---
updated-dependencies:
- dependency-name: gopkg.in/DataDog/dd-trace-go.v1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-07 05:27:32 -08:00
Yong Tang
ad41112a92 Add limit to ioutil.ReadAll for request body (#5224) 
This PR adds limit to ioutil.ReadAll for DoH request body
so that it will not be subject to large requests.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-04 12:18:05 -08:00
Chris O'Haver
967814161a use tickers instead of time.After to avoid memory leak (#5220) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-03-03 23:36:02 -08:00
Yong Tang
d40d224271 Add additional permissions (#5217) 
* Add additional permissions

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Fix yamllint warning

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-02 07:01:45 -08:00
nathannaveen
f5acb9d12a Updated workflow permissions. (#5216) 2022-03-02 04:47:08 -08:00
Yong Tang
a1429e1445 [plugin/rewrite] Refactor to satisfy security scan (#5214) 
this PR re-arrange the logic to avoid a false positive DAST scan.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-01 14:33:52 -05:00
Yong Tang
6c26446bb7 Fix pinning of github actions (#5213) 
It is recommended to pin github actions with hash so that an action
is not posing an unknown security risk (as the actions itself is not
written by us).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-03-01 11:32:00 -08:00
Yong Tang
402c08fea0 Add OSSF Security Scoreboard Scan (#5208) 
* Add OSSF Security Scoreboard Scan

This PR adds OSSF's Security Scoreboard Scan, to help tighten CoreDNS's security practice.

OSSF Scoreboard is recommended by GitHub. The result will show up in project's "Code Scanning Alerts" (together with existing CodeQL scan we already have).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-28 12:02:03 -05:00
dependabot[bot]
ef654ba6de build(deps): bump github.com/Azure/azure-sdk-for-go (#5212) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.6.0+incompatible to 62.0.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.6.0...v62.0.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:41:38 -08:00
dependabot[bot]
6712764d9b build(deps): bump github.com/aws/aws-sdk-go from 1.43.2 to 1.43.7 (#5211) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.2 to 1.43.7.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.43.2...v1.43.7)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:41:25 -08:00
dependabot[bot]
be38f2caff build(deps): bump google.golang.org/api from 0.69.0 to 0.70.0 (#5210) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.69.0 to 0.70.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.69.0...v0.70.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:40:40 -08:00
dependabot[bot]
978c9246d1 build(deps): bump k8s.io/client-go from 0.23.3 to 0.23.4 (#5209) 
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go) from 0.23.3 to 0.23.4.
- [Release notes](https://github.com/kubernetes/client-go/releases)
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kubernetes/client-go/compare/v0.23.3...v0.23.4)

---
updated-dependencies:
- dependency-name: k8s.io/client-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-28 07:40:27 -08:00
Chris O'Haver
5166d9ddb5 briefly doc env vars and import substitution (#5207) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-25 15:24:33 -05:00
Chris O'Haver
66dc74caeb plugin/etcd+kubernetes: Persist truncated state to client if CNAME lookup response is truncated (#4715) 
Persist the TC bit to client response for truncated CNAME lookups.
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-22 09:38:57 -05:00
Yong Tang
d3a118e1c1 Avoid expose arch-specific docker image tags (#5201) 
This PR tries to address the issue in 5199
where there were confusion on which image tag to use.
Because the image-specific `coredns/coredns-{arch}:version` is not usable
for all arch other than arm64, confusion happens.

This PR, for all arch-specific docker images:
1. Use `coredns/coredns:{arch}-version` (not `coredns/coredns-{arch}:version`)
   so that all images remain within the same docker repo (not multiple repos).
2. Push the arch-specific image `coredns/coredns:{arch}-version` to dockerhub.
3. Create manifest-specific `coredns/coredns:version` and `coredns/coredns:latest` from arch-specific images.
4. Push `coredns/coredns:version` and `coredns/coredns:latest` to dockerhub
5. Delete arch-specific image tags `coredns/coredns:{arch}-version` from dockerhub.

This will make arch-specific image tags invisible, but the  `coredns/coredns:version` and `coredns/coredns:latest`
will work as expected.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-22 09:35:16 -05:00
Chris O'Haver
74d4e9bb1b kubernetes: log server start delay and api connection failures (#5044) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-22 09:21:45 -05:00
Yong Tang
b1d5d7c572 Replace deprecated NewDeltaFIFO with NewDeltaFIFOWithOptions (#5200) 
Replace deprecated  `cache.NewDeltaFIFO`

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-22 09:20:29 -05:00
coredns[bot]
a226205299 auto remove trailing whitespaces 
Signed-off-by: coredns[bot] <bot@bot.coredns.io>
 2022-02-22 10:28:07 +00:00
dependabot[bot]
8502892b03 build(deps): bump github.com/aws/aws-sdk-go from 1.42.52 to 1.43.2 (#5198) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.52 to 1.43.2.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.52...v1.43.2)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 07:08:14 -08:00
dependabot[bot]
49f88ba202 build(deps): bump github.com/Azure/azure-sdk-for-go (#5195) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.5.0+incompatible to 61.6.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.5.0...v61.6.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 07:07:59 -08:00
dependabot[bot]
9a5cb3f59e build(deps): bump k8s.io/api from 0.23.3 to 0.23.4 (#5194) 
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.23.3 to 0.23.4.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.23.3...v0.23.4)

---
updated-dependencies:
- dependency-name: k8s.io/api
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 06:46:52 -08:00
dependabot[bot]
d0449826b7 build(deps): bump google.golang.org/api from 0.68.0 to 0.69.0 (#5197) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.68.0 to 0.69.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.68.0...v0.69.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-21 06:46:22 -08:00
dependabot[bot]
703ca84693 build(deps): bump k8s.io/apimachinery from 0.23.3 to 0.23.4 (#5196) 2022-02-21 05:18:15 -08:00
Yong Tang
2f020dcb30 Update to use the latest protobuf package to build pb (#5193) 
* Update to use the latest protobuf package to build pb

The pb package was generated some time ago with old version
of https://github.com/golang/protobuf which was deprecated
and in favor of google.golang.org/protobuf (see
deprecation notice in https://pkg.go.dev/github.com/golang/protobuf)

This PR updates the generation of pb package with
v1.27.1 of google.golang.org/protobuf.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Exclude pb from import test

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 23:11:45 -08:00
Yong Tang
c0c72e5894 Harden tls on all places (#5184) 
PR 2938 hardens tls though there are other places that uses TLS
as well and setTLSDefaults are not invoked in other paths.

This PR hardens tls on all places.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 12:26:08 -08:00
Chris O'Haver
f8a02aaf58 dont panic when from-zone cannot be normalized (#5170) 
Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-17 15:13:18 -05:00
Yong Tang
5bb8947309 Add Reviewdog to suggestion gofmt and whitespace changes in pull request (#5155) 
use reviewdog to automatically suggest whitespace corrections in PRs
so that code will be clean before committing into master branch.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 15:12:03 -05:00
Yong Tang
35e2070009 Add retry logic before download asset from github (#5181) 
The docker release fails when released binaries are not available for download immediately after the release is created.
This PR adds retry logic (up to 10 min).

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-17 14:59:40 -05:00
xuweiwei
86a5902209 plugin/file: add TXT RR test case (#5079) 
Signed-off-by: xuweiwei <xuweiwei_yewu@cmss.chinamobile.com>
 2022-02-17 13:58:18 -05:00
Rudolf Schönecker
c121aaab34 Add metric counting DNS-over-HTTPS responses (#5130) 
Signed-off-by: Rudolf Schonecker <rudolf.schonecker@jamf.com>
 2022-02-17 08:37:40 -05:00
Chris O'Haver
e5626a77bb plugin/secondary: Fix startup transfer failure wrong zone logged (#5085) 
* avoid race

Signed-off-by: Chris O'Haver <cohaver@infoblox.com>
 2022-02-14 12:12:08 -05:00
Elijah Andrews
80195c399f add zones label to cache metrics (#5124) 
* add zones to cache metrics

Signed-off-by: Elijah Andrews <elijahcandrews@gmail.com>
 2022-02-14 12:10:30 -05:00
dependabot[bot]
d97dbbef61 build(deps): bump google.golang.org/api from 0.67.0 to 0.68.0 (#5186) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.67.0 to 0.68.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.67.0...v0.68.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-14 08:37:55 -08:00
dependabot[bot]
749a38e151 build(deps): bump github.com/Azure/azure-sdk-for-go (#5187) 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 61.4.0+incompatible to 61.5.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v61.4.0...v61.5.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-14 08:37:44 -08:00
dependabot[bot]
717d1424b5 build(deps): bump github.com/aws/aws-sdk-go from 1.42.47 to 1.42.52 (#5188) 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.42.47 to 1.42.52.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.42.47...v1.42.52)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-14 08:37:33 -08:00
Yong Tang
c6709d930f Fix security scans by cleaning up file path (#5185) 
While performing security scans there were several
issue raised as G304 (CWE-22): Potential file inclusion via variable.
As some files path are taken from user input, it is possible the
filepath passed by user may have unintended effect if not properly formed.
This fix add Clean to remove the security warning and address some
potential issue.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
 2022-02-14 11:24:21 -05:00