-
Notifications
You must be signed in to change notification settings - Fork 242
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Buffer() is deprecated due to security and usability issues (v2.0.0) #197
Comments
This was raised in hashicorp/js-releases#42 and we have a potential fix for this in hashicorp/js-releases#43. This will be in the js-releases 1.6 release, and I'll update this action when that is released. |
Thanks for circling this out @jpogran and @marcofranssen for logging the issue (something I forgot to do). PR hashicorp/js-releases#43 has now been merged - pending next release. |
hashicorp/js-releases 1.6.0 has been released. This repo can now be updated to use that version to have this message removed. |
Is there an estimate when this might be merged and released? 😄 |
hey all, thanks for raising this and identifying root cause. Also just seconding that I would love to see a merge/release here as well. Doing some version updates and this error is hanging up our workflow. Thanks so much! |
This warning is causing inconsistent failures in our workflows. Please merge and release ASAP. |
All, apologies for the delay. I'll be reviewing the current state next week and getting a point release out |
@jpogran Any update on getting a point release out? Thanks 🙇🏼 |
My changes in @hashicorp/js-releases to fix this issue dropped in the just released https://github.com/hashicorp/setup-terraform/releases/tag/v2.0.1. Thus this issue should now be resolved. 👍 |
Apologies on the delay, again. HashiConf kinda pushed things around in my schedule and I didn't get to this in the time I expected to. I made a mistake in 2.0.1 in the release metadata, which I fixed in 2.0.2. I'll be updated the v2 tag later on today to finish out the release. |
Thx @jpogran 👍 I'll reconfirm with some workflows tomorrow on the v2 tag. Update: still no update to the |
@jpogran Can you please update the |
This can be closed out as fixed (just confirmed via a No longer seeing this Thanks @jpogran for helping getting this one through / providing reviews to PRs. 👍 |
Closing per above. 😄 |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
In my workflows I'm using Node 16 (LTS)
When running this action it shows following logs.
Can this piece of code be updated to resolve this deprecation warning?
The text was updated successfully, but these errors were encountered: