Replace the logging of failed encryption and decryption attempts from
error to info level.
This to address a regression in which an encryption or decryption
attempt with a series of keys would result in a list of failed attempts
logged to stderr even when the operation itself eventually succeeded.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This option actually gives a false impression, as disabling the agent is
no longer possible since GnuPG 2.x.
```
--use-agent --no-use-agent This is dummy option. gpg always requires the agent.
```
xref: https://www.gnupg.org/documentation/manuals/gnupg24/gpg.1.html
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This ensures the file name is unique per release, and can be linked by
file name to the specific SOPS version it is targeted at.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This enables CodeQL scanning to automatically catch certain common
security and quality issues in the GitHub UI.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- cloud.google.com/go/storage to v1.33.0
- github.com/Azure/azure-sdk-for-go/sdk/azcore to v1.7.2
- github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys to v1.0.1
- github.com/ProtonMail/go-crypto to v0.0.0-20230828082145-3c4c8a2d2371
- github.com/aws/aws-sdk-go-v2/config to v1.18.39
- github.com/aws/aws-sdk-go-v2/credentials to v1.13.37
- github.com/aws/aws-sdk-go-v2/feature/s3/manager to v1.11.83
- github.com/hashicorp/vault/api to v1.10.0
- golang.org/x/net to v0.15.0
- golang.org/x/sys to v0.12.0
- golang.org/x/term to v0.12.0
- google.golang.org/api to v0.139.0
- google.golang.org/genproto/googleapis/rpc to v0.0.0-20230911183012-2d3300fd4832
- google.golang.org/grpc to v1.58.0
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
More 2023 alike :-)
This change is fully backwards compatible, as the checksum is only used
to make a comparison before and after the file has been opened by the
editor.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This changes the logic of the edit target to close the temporary file
before it is opened by the user their editor. This works around an
issue on Windows where editors are unable to open the file because the
Go standard library opens file handles with only shared read and write
access (excluding deletion access, which is required by some).
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Replace with simple manual construction of upper boolean
representation, as the (construction of the) `golang.org/x/text/cases`
replacement is way too complex for this use case.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
This changes the logic of parsing the `version.go` file from a certain
branch to instead make use of the GitHub latest release redirect or
API[1] endpoints for checking if `sops` is on the latest version.
Detaching any future release of SOPS from specific file structures
and/or branches, and (theoretically) freeing it from the requirement of
having to bump the version in-code during release (as this is also done
using `-ldflags` during build). Were it not for the fact that we have
to maintain it for backwards compatibility.
[1]: https://docs.github.com/en/free-pro-team@latest/rest/releases/releases?apiVersion=2022-11-28#get-the-latest-release
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
- cloud.google.com/go/storage to v1.32.0
- github.com/Azure/azure-sdk-for-go/sdk/azcore to v1.7.1
- github.com/Azure/azure-sdk-for-go/sdk/azidentity to v1.3.1
- github.com/ProtonMail/go-crypto to v0.0.0-20230717121422-5aa5874ade95
- github.com/aws/aws-sdk-go-v2 to v1.21.0
- github.com/aws/aws-sdk-go-v2/config to v1.18.36
- github.com/aws/aws-sdk-go-v2/credentials to v1.13.35
- github.com/aws/aws-sdk-go-v2/feature/s3/manager to v1.11.80
- github.com/aws/aws-sdk-go-v2/service/kms to v1.24.5
- github.com/aws/aws-sdk-go-v2/service/s3 to v1.38.5
- github.com/aws/aws-sdk-go-v2/service/sts to v1.21.5
- google.golang.org/api to v0.138.0
- google.golang.org/genproto to v0.0.0-20230822172742-b8732ec3820d
- google.golang.org/genproto/googleapis/rpc to v0.0.0-20230822172742-b8732ec3820d
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
My assumption is that this used to be in place because of `go` not
ignoring the `vendor` directory.
However, in 2023 this appears to no longer be an issue, and only
adds complexity. While running `go test ./...` works just fine.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Deprecation of `io/ioutil`, removal of unused functions, possible nil
pointer dereference, and other tiny nits.
There are (many) more, but these would require their own (commit)
context.
Signed-off-by: Hidde Beydals <hidde@hhh.computer>
Hidde Beydals
Hidde Beydals
dependabot[bot]
Felix Fontein