security(deps): update 🛡️ github.com/hashicorp/go-getter to v1.7.0 [s…

…ecurity] (#61)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/hashicorp/go-getter](https://togithub.com/hashicorp/go-getter)
| `v1.6.2` -> `v1.7.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fhashicorp%2fgo-getter/v1.7.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fhashicorp%2fgo-getter/v1.7.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fhashicorp%2fgo-getter/v1.6.2/v1.7.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fhashicorp%2fgo-getter/v1.6.2/v1.7.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

### GitHub Vulnerability Alerts

#### [CVE-2023-0475](https://nvd.nist.gov/vuln/detail/CVE-2023-0475)

HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression
bombs. Fixed in 1.7.0 and 2.2.0.

---

### Release Notes

<details>
<summary>hashicorp/go-getter (github.com/hashicorp/go-getter)</summary>

###
[`v1.7.0`](https://togithub.com/hashicorp/go-getter/releases/tag/v1.7.0)

[Compare
Source](https://togithub.com/hashicorp/go-getter/compare/v1.6.2...v1.7.0)

#### What's Changed

- docs: provide logging recommendations by
[@&#8203;mickael-hc](https://togithub.com/mickael-hc) in
[https://github.com/hashicorp/go-getter/pull/371](https://togithub.com/hashicorp/go-getter/pull/371)
- Update aws sdk version by [@&#8203;Jukie](https://togithub.com/Jukie)
in
[https://github.com/hashicorp/go-getter/pull/384](https://togithub.com/hashicorp/go-getter/pull/384)
- Update S3 URL in README by
[@&#8203;twelvelabs](https://togithub.com/twelvelabs) in
[https://github.com/hashicorp/go-getter/pull/378](https://togithub.com/hashicorp/go-getter/pull/378)
- Migrate to GHA by
[@&#8203;claire-labry](https://togithub.com/claire-labry) in
[https://github.com/hashicorp/go-getter/pull/379](https://togithub.com/hashicorp/go-getter/pull/379)
- \[COMPLIANCE] Update MPL 2.0 LICENSE by
[@&#8203;hashicorp-copywrite](https://togithub.com/hashicorp-copywrite)
in
[https://github.com/hashicorp/go-getter/pull/386](https://togithub.com/hashicorp/go-getter/pull/386)
- remove codesign entirely from go-getter by
[@&#8203;claire-labry](https://togithub.com/claire-labry) in
[https://github.com/hashicorp/go-getter/pull/408](https://togithub.com/hashicorp/go-getter/pull/408)
- Add decompression bomb mitigation options for v1 by
[@&#8203;picatz](https://togithub.com/picatz) in
[https://github.com/hashicorp/go-getter/pull/412](https://togithub.com/hashicorp/go-getter/pull/412)
- v1: decompressors: add LimitedDecompressors helper by
[@&#8203;shoenig](https://togithub.com/shoenig) in
[https://github.com/hashicorp/go-getter/pull/413](https://togithub.com/hashicorp/go-getter/pull/413)

#### New Contributors

- [@&#8203;mickael-hc](https://togithub.com/mickael-hc) made their first
contribution in
[https://github.com/hashicorp/go-getter/pull/371](https://togithub.com/hashicorp/go-getter/pull/371)
- [@&#8203;Jukie](https://togithub.com/Jukie) made their first
contribution in
[https://github.com/hashicorp/go-getter/pull/384](https://togithub.com/hashicorp/go-getter/pull/384)
- [@&#8203;twelvelabs](https://togithub.com/twelvelabs) made their first
contribution in
[https://github.com/hashicorp/go-getter/pull/378](https://togithub.com/hashicorp/go-getter/pull/378)
-
[@&#8203;hashicorp-copywrite](https://togithub.com/hashicorp-copywrite)
made their first contribution in
[https://github.com/hashicorp/go-getter/pull/386](https://togithub.com/hashicorp/go-getter/pull/386)

**Full Changelog**:
hashicorp/go-getter@v1.6.2...v1.7.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/DelineaXPM/terraform-provider-dsv).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

go.mod

@@ -51,7 +51,7 @@ require (
 	github.com/gookit/color v1.5.4 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-getter v1.6.2 // indirect
+	github.com/hashicorp/go-getter v1.7.0 // indirect
 	github.com/hashicorp/go-hclog v1.3.1 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-plugin v1.4.5 // indirect