Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

upgrade sops to v3.9.3 from v3.5.0 #1087

Merged
merged 1 commit into from
Jan 8, 2025
Merged

upgrade sops to v3.9.3 from v3.5.0 #1087

merged 1 commit into from
Jan 8, 2025

Conversation

jmhodges
Copy link
Contributor

@jmhodges jmhodges commented Dec 20, 2024
edited
Loading

This upgrades sops from v3.5.0 to v3.9.3.

A variety of corrections and improvements have happened since the sops
version we've been shipping on. The most obvious change is the new Go
modules package path.

A number of deprecated, archived, and unused transitive dependencies
were also removed by this upgrade. Seeing autograph stuck on those
unmaintained dependencies (like the v1 aws libraries) through the sops
dependency was the inspiration for this. New transitive deps were added,
per usual.

This patch was created by replacing the go.mozilla.org/sops/v3 imports
with the new github.com/getsops/sops/v3 imports in main.go, and then
running:

$ go mod tidy
$ go mod vendor

@jmhodges jmhodges force-pushed the upgrade-sops-v3-gnight branch 2 times, most recently from 01b4955 to 0866f19 Compare January 6, 2025 18:17
@jmhodges jmhodges changed the title upgrade sops to v3.9.2 from v3.5.0 upgrade sops to v3.9.3 from v3.5.0 Jan 6, 2025
@jmhodges
upgrade sops to v3.9.3 from v3.5.0
eec1b99 
This upgrades sops from v3.5.0 to v3.9.3.

A variety of corrections and improvements have happened since the sops
version we've been shipping on. The most obvious change is the new Go
modules package path.

A number of deprecated, archived, and unused transitive dependencies
were also removed by this upgrade. Seeing autograph stuck on those
unmaintained dependencies (like the v1 aws libraries) through the sops
dependency was the inspiration for this. New transitive deps were added,
per usual.

This patch was created by replacing the `go.mozilla.org/sops/v3` imports
with the new `github.com/getsops/sops/v3` imports in main.go, and then
running:

```
$ go mod tidy
$ go mod vendor
```
@jmhodges jmhodges force-pushed the upgrade-sops-v3-gnight branch from 0866f19 to eec1b99 Compare January 6, 2025 18:25
@jmhodges jmhodges marked this pull request as ready for review January 7, 2025 23:56
@jmhodges jmhodges requested review from a team as code owners January 7, 2025 23:56
@jmhodges jmhodges requested review from bhearsum and removed request for a team January 7, 2025 23:56
@alexcottner
Copy link
Contributor

💫 Woah.

@jmhodges
Copy link
Contributor Author

jmhodges commented Jan 8, 2025

We could go with just doing the upgrade to 3.7.3 (which is the last of the go.mozilla.org/sops/v3 line) first if this is too large.

@jmhodges jmhodges merged commit be80e97 into main Jan 8, 2025
14 checks passed
@jmhodges jmhodges deleted the upgrade-sops-v3-gnight branch January 8, 2025 18:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexcottner alexcottner alexcottner approved these changes

@bhearsum bhearsum Awaiting requested review from bhearsum bhearsum is a code owner automatically assigned from mozilla-services/autograph-devs

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jmhodges @alexcottner