Update module github.com/spf13/viper to v1.12.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
github.com/spf13/viper	require	minor	v1.7.1 -> v1.12.0

---

Release Notes

spf13/viper

v1.12.0

Compare Source

This release makes YAML v3 and TOML v2 the default versions used for encoding.

You can switch back to the old versions by adding viper_yaml2 and viper_toml1 to the build tags.

Please note that YAML v2 and TOML v1 are considered deprecated from this release and may be removed in a future release.

Please provide feedback in discussions and report bugs on the issue tracker. Thanks!

What's Changed

Exciting New Features 🎉

• Add etcd3 support to remote by @​sagikazarmark in https://github.com/spf13/viper/pull/1356
• Make YAML 3 the default by @​sagikazarmark in https://github.com/spf13/viper/pull/1357
• Make TOML 2 the default by @​sagikazarmark in https://github.com/spf13/viper/pull/1358

Enhancements 🚀

• chore: fix Error log calls in mergeMaps by @​wwade in https://github.com/spf13/viper/pull/1341
• Add MustBindEnv by @​meowfaceman in https://github.com/spf13/viper/pull/1301

Dependency Updates ⬆️

• build(deps): bump github/codeql-action from 1 to 2 by @​dependabot in https://github.com/spf13/viper/pull/1336
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0-beta.8 to 2.0.0 by @​dependabot in https://github.com/spf13/viper/pull/1339
• build(deps): bump github.com/mitchellh/mapstructure from 1.4.3 to 1.5.0 by @​dependabot in https://github.com/spf13/viper/pull/1332
• build(deps): bump github.com/pelletier/go-toml from 1.9.4 to 1.9.5 by @​dependabot in https://github.com/spf13/viper/pull/1335
• build(deps): bump github.com/fsnotify/fsnotify from 1.5.1 to 1.5.4 by @​dependabot in https://github.com/spf13/viper/pull/1338
• build(deps): bump github.com/spf13/cast from 1.4.1 to 1.5.0 by @​dependabot in https://github.com/spf13/viper/pull/1344
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0 to 2.0.1 by @​dependabot in https://github.com/spf13/viper/pull/1343
• build(deps): bump github.com/subosito/gotenv from 1.2.0 to 1.3.0 by @​dependabot in https://github.com/spf13/viper/pull/1349

New Contributors

• @​meowfaceman made their first contribution in https://github.com/spf13/viper/pull/1301
• @​wwade made their first contribution in https://github.com/spf13/viper/pull/1341

Full Changelog: spf13/viper@v1.11.0...v1.12.0

v1.11.0

Compare Source

What's Changed

Exciting New Features 🎉

• Experimental yaml v3 library support by @​sagikazarmark in https://github.com/spf13/viper/pull/1273
• Experimental toml v2 support by @​sagikazarmark in https://github.com/spf13/viper/pull/1274
• Experimental logger by @​sagikazarmark in https://github.com/spf13/viper/pull/1275

Enhancements 🚀

• Remove unnecessary operand by @​steviebps in https://github.com/spf13/viper/pull/1213
• Improve encoding layer by @​sagikazarmark in https://github.com/spf13/viper/pull/1167
• Allow merging configs with different types of leaf values by @​illarion in https://github.com/spf13/viper/pull/1181

Bug Fixes 🐛

• Disable race detector on windows by @​sagikazarmark in https://github.com/spf13/viper/pull/1269

Breaking Changes 🛠

• Drop Go 1.14 support by @​sagikazarmark in https://github.com/spf13/viper/pull/1327

Dependency Updates ⬆️

• build(deps): bump github.com/spf13/afero from 1.6.0 to 1.7.0 by @​dependabot in https://github.com/spf13/viper/pull/1265
• build(deps): bump github.com/spf13/afero from 1.7.0 to 1.7.1 by @​dependabot in https://github.com/spf13/viper/pull/1271
• build(deps): bump github.com/spf13/afero from 1.7.1 to 1.8.0 by @​dependabot in https://github.com/spf13/viper/pull/1281
• build(deps): bump gopkg.in/ini.v1 from 1.66.2 to 1.66.3 by @​dependabot in https://github.com/spf13/viper/pull/1287
• build(deps): bump github.com/spf13/afero from 1.8.0 to 1.8.1 by @​dependabot in https://github.com/spf13/viper/pull/1291
• build(deps): bump actions/github-script from 5 to 6 by @​dependabot in https://github.com/spf13/viper/pull/1295
• build(deps): bump actions/checkout from 2 to 3 by @​dependabot in https://github.com/spf13/viper/pull/1304
• build(deps): bump github.com/magiconair/properties from 1.8.5 to 1.8.6 by @​dependabot in https://github.com/spf13/viper/pull/1299
• build(deps): bump gopkg.in/ini.v1 from 1.66.3 to 1.66.4 by @​dependabot in https://github.com/spf13/viper/pull/1293
• build(deps): bump github.com/spf13/afero from 1.8.1 to 1.8.2 by @​dependabot in https://github.com/spf13/viper/pull/1311
• build(deps): bump actions/setup-go from 2 to 3 by @​dependabot in https://github.com/spf13/viper/pull/1319
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0-beta.6 to 2.0.0-beta.7 by @​dependabot in https://github.com/spf13/viper/pull/1320
• build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.0-beta.7 to 2.0.0-beta.8 by @​dependabot in https://github.com/spf13/viper/pull/1322
• Update crypt by @​sagikazarmark in https://github.com/spf13/viper/pull/1325

New Contributors

• @​steviebps made their first contribution in https://github.com/spf13/viper/pull/1213
• @​illarion made their first contribution in https://github.com/spf13/viper/pull/1181

Full Changelog: spf13/viper@v1.10.1...v1.11.0

v1.10.1

Compare Source

This is a maintenance release upgrading the Consul dependency fixing CVEs.

v1.10.0

Compare Source

This is a maintenance release primarily containing minor fixes and improvements.

Changes

Added

• Experimental finder based on io/fs
• Tests are executed on Windows
• Tests are executed on Go 1.17
• Logger interface to decouple Viper from JWW

---

In addition to the above changes, this release comes with minor improvements, documentation changes an dependency updates.

Many thanks to everyone who contributed to this release!

v1.9.0

Compare Source

This is a maintenance release primarily containing minor fixes and improvements.

Changes

Added

• Experimental new encoding layer
• Add support for tfvars files

Fixed

• Writing hidden files with no extension
• InConfig processing paths

---

In addition to the above changes, this release comes with tons of minor improvements, documentation changes an dependency updates.

Many thanks to everyone who contributed to this release!

v1.8.1

Compare Source

This patch releases fixes two minor issues:

• Replace %s with %w when wrapping errors
• Fix pflag.StringArray processing

v1.8.0

Compare Source

This is a maintenance release primarily containing fixes and improvements. The most prominent change is the etcd update to 3.5.0. Thanks to proper Go modules support, the dependency graph became much smaller.

Changes

Added

• Allow BindEnv to register multiple environment variables
• Support for accessing slices
• Experimental WASM support: Viper compiles on WASM
• INI load options

Changed

• Ensure BindPFlag detects a nil flag parameter

Fixed

• Merging a key into a nil target
• Panics during saving INI files

Security

• Updated etcd to 3.5 which should make a lot of false positive vulnerability reports disappear

---

In addition to the above changes, this release comes with tons of minor improvements, documentation changes an dependency updates. Find more details in the 1.8.0 milestone.

Many thanks to everyone who contributed to this release!

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, click this checkbox.

---

This PR has been generated by Mend Renovate. View repository job log here.

[h3poteto]

[Secret Scan] It may be dangerous to commit the AWS secret access key. (view)

AWS secret access key is an important credential that allows you to use AWS programmatically.
Once this leaks, an attacker can access and operate your AWS resources.

See also:

• https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html

Rule	Severity
sider.secrets.aws.secret_access_key	warning

You can close this issue if no need to fix it. Learn more.

I closed this issue. Reason:

• When this is not an AWS secret access key.

[h3poteto]

[Secret Scan] It may be dangerous to commit the AWS secret access key. (view)

AWS secret access key is an important credential that allows you to use AWS programmatically.
Once this leaks, an attacker can access and operate your AWS resources.

See also:

• https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html

Rule	Severity
sider.secrets.aws.secret_access_key	warning

You can close this issue if no need to fix it. Learn more.

I closed this issue. Reason:

• When this is not an AWS secret access key.

[h3poteto]

[Secret Scan] It may be dangerous to commit the AWS secret access key. (view)

AWS secret access key is an important credential that allows you to use AWS programmatically.
Once this leaks, an attacker can access and operate your AWS resources.

See also:

• https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html

Rule	Severity
sider.secrets.aws.secret_access_key	warning

You can close this issue if no need to fix it. Learn more.

I closed this issue. Reason:

• When this is not an AWS secret access key.

[h3poteto]

[Secret Scan] It may be dangerous to commit the AWS secret access key. (view)

AWS secret access key is an important credential that allows you to use AWS programmatically.
Once this leaks, an attacker can access and operate your AWS resources.

See also:

• https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html

Rule	Severity
sider.secrets.aws.secret_access_key	warning

You can close this issue if no need to fix it. Learn more.

I closed this issue. Reason:

• When this is not an AWS secret access key.