Skip to content

Release v1.8.0 #385

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ezilber-akamai merged 7 commits into from
Dec 9, 2025
Merged

Release v1.8.0 #385

ezilber-akamai merged 7 commits into from
Dec 9, 2025

Conversation

@ezilber-akamai
Copy link
Contributor

@ezilber-akamai ezilber-akamai commented Dec 9, 2025

No description provided.

@dependabot
build(deps): bump golang.org/x/crypto from 0.43.0 to 0.44.0 (#377)
b2cd353 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.44.0.
- [Commits](golang/crypto@v0.43.0...v0.44.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@ezilber-akamai ezilber-akamai requested a review from a team as a code owner December 9, 2025 14:08
@ezilber-akamai ezilber-akamai added the ignore-for-release PRs you do not want to render in the changelog label Dec 9, 2025
@ezilber-akamai ezilber-akamai requested review from jriddle-linode and lgarber-akamai and removed request for a team December 9, 2025 14:08
@github-actions
Copy link

github-actions bot commented Dec 9, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ❌ 1 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ✅ 0 package(s) with unknown licenses.
See the Details below.

Vulnerabilities

go.mod

NameVersionVulnerabilitySeverity
golang.org/x/crypto0.44.0golang.org/x/crypto/ssh allows an attacker to cause unbounded memory consumptionmoderate
golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds readmoderate

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/checkout 6.*.* 🟢 6.5
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 56 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Vulnerabilities🟢 91 existing vulnerabilities detected
SAST🟢 8SAST tool detected but not run on all commits
actions/actions/checkout 6.*.* 🟢 6.5
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 56 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Vulnerabilities🟢 91 existing vulnerabilities detected
SAST🟢 8SAST tool detected but not run on all commits
actions/actions/checkout 6.*.* 🟢 6.5
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 56 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Vulnerabilities🟢 91 existing vulnerabilities detected
SAST🟢 8SAST tool detected but not run on all commits
gomod/golang.org/x/crypto 0.44.0 UnknownUnknown
gomod/golang.org/x/mod 0.29.0 UnknownUnknown
gomod/golang.org/x/sync 0.18.0 UnknownUnknown
gomod/golang.org/x/sys 0.38.0 UnknownUnknown
gomod/golang.org/x/term 0.37.0 UnknownUnknown
gomod/golang.org/x/text 0.31.0 UnknownUnknown
gomod/golang.org/x/tools 0.38.0 UnknownUnknown

Scanned Files

  • .github/workflows/go-validate.yml
  • .github/workflows/release.yml
  • .github/workflows/test-plugin-example.yml
  • go.mod

dependabot bot added 5 commits December 9, 2025 09:09
@dependabot
build(deps): bump actions/checkout from 5 to 6 (#382)
3fce4aa 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump actions/upload-artifact from 4 to 5 (#372)
5cdd17c 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump actions/download-artifact from 5 to 6 (#371)
0721250 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v5...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump golang.org/x/crypto from 0.44.0 to 0.46.0 (#384)
4bc83ee 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.44.0 to 0.46.0.
- [Commits](golang/crypto@v0.44.0...v0.46.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump golang.org/x/oauth2 from 0.33.0 to 0.34.0 (#383)
5df4c2c 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.33.0 to 0.34.0.
- [Commits](golang/oauth2@v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@zliang-akamai
Add support for Linode Interfaces (#344)
7917e31 
* Add support for Linode Interfaces (#337)

* Add support for Linode Interfaces

* Add Linode Interface example

* Address comments

* go mod tidy

* Bump linodego

* Fix

* gen doc

* Fix

* Fix test
@ezilber-akamai ezilber-akamai changed the title Release v1.7.2 Release v1.8.0 Dec 9, 2025
@ezilber-akamai ezilber-akamai merged commit 3c7bf8d into main Dec 9, 2025
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zliang-akamai zliang-akamai zliang-akamai approved these changes

@yec-akamai yec-akamai yec-akamai approved these changes

@jriddle-linode jriddle-linode Awaiting requested review from jriddle-linode jriddle-linode is a code owner automatically assigned from linode/dx

@lgarber-akamai lgarber-akamai Awaiting requested review from lgarber-akamai lgarber-akamai is a code owner automatically assigned from linode/dx

Assignees

No one assigned

Labels

ignore-for-release PRs you do not want to render in the changelog

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ezilber-akamai @zliang-akamai @yec-akamai