chore(deps): update module github.com/hashicorp/copywrite to v0.25.3

[github-actions]

This PR contains the following updates:

Package	Type	Update	Change
github.com/hashicorp/copywrite	require	minor	v0.22.0 → v0.25.3

---

Release Notes

hashicorp/copywrite (github.com/hashicorp/copywrite)

v0.25.3

Compare Source

v0.25.3

Bug Fixes

• LICENSE no longer updated on every run (#​224)
  anyFileUpdated was unconditionally set to true in non-plan mode due
  to a buggy condition, causing the LICENSE file's copyright year to
  be bumped on every successful run — even when all source file headers were
  already correct. This triggered spurious pre-commit hook failures with
  "files were modified by this hook" when nothing should have changed.
  addlicense.Run now correctly reports whether it actually wrote any files,
  and the LICENSE update is gated on that signal.

• Ignored directories are now skipped in a single step (#​225)
  Patterns in header_ignore (e.g. .venv/**, vendor/**) were previously
  only checked against files — the walk still descended into every directory
  unconditionally, visiting each file before discarding it. For directories
  with thousands of files this caused significant slowdowns. The walk now
  checks each directory against ignore patterns and returns filepath.SkipDir
  immediately, pruning the entire subtree regardless of how many files are
  inside.

Full Changelog

v0.25.2

Compare Source

What's Changed

New Features

• ignore_year1 config option (#​213): Added a new project.ignore_year1 boolean flag in .copywrite.hcl. When set to true, the tool skips updating the start year in existing copyright headers, preserving historically accurate start years (e.g. 2015) even when they differ from copyright_year in config. End-year logic is unaffected — files modified after their copyright end year still get the end year bumped to current year. New files with no copyright header are also unaffected and always receive the config year as the start year.

  project {
    copyright_year = 2024
  
    # Preserve original start years in existing headers
    ignore_year1 = true
  }

Bug Fixes

• Removed unused ignore_year2 references from config, CLI, init template, and README.

Documentation

• README updated with ignore_year1 behaviour for both source file headers and LICENSE files.
• Init template updated to include ignore_year1 as a commented-out option.

v0.25.1

Compare Source

Fixed

• Fixed copyright year updates not being applied due to invalid git log format in the year update cache (#​191 regression)
• Fixed symlink resolution issue on macOS causing cache misses for file copyright year lookups
• Improved git information caching reliability and accuracy

Details

This release fixes two critical bugs introduced in v0.25.0 (#​191):

1. The buildRepositoryCache now correctly formats git output with __CW_YEAR__= prefix, allowing the parser to properly identify years vs filenames
2. Symlink paths are now resolved before computing relative paths, preventing cache misses on systems where /tmp is a symlink (macOS)

Users running v0.25.0 who noticed copyright year updates weren't working should upgrade to this version.

v0.25.0

Compare Source

Improvements

• Major Performance Optimizations (#​191): Significantly improved performance by caching git repository information and reducing redundant lookups during header processing
• Auto-Migration from HashiCorp to IBM (#​189): Added automatic detection and migration of HashiCorp copyright holders to IBM format, supporting all comment styles and preserving year information

v0.24.2

Compare Source

v0.24.2

Bug Fixes

Fix .hbs file copyright parsing to prevent code corruption

Fixed a critical bug where the copyright detection logic was incorrectly modifying JavaScript code inside .hbs (Handlebars) template files. Previously, any indented line containing "copyright" (such as copyright: 'Copyright Acme Inc.' in JavaScript objects) was being treated as a copyright header and modified.

What changed:

• Implemented comment block tracking for .hbs files to distinguish between actual copyright headers inside {{! ... }} comment blocks and regular code
• Removed the generic two-space prefix from global comment detection to prevent false positives
• Indented copyright lines are now only detected when inside handlebars {{! ... }} comment blocks

Impact:

• ✅ .hbs files with multi-line copyright headers in {{! ... }} blocks work correctly
• ✅ JavaScript code with "copyright" keywords (e.g., in config objects) is no longer modified
• ✅ All other file types (.js, .go, .py, etc.) are unaffected

This fix was tested against the hashicorp/boundary-ui repository and confirmed to resolve the issue without introducing regressions.

v0.24.1

Compare Source

What's Changed

• Fix .hbs file copyright parsing by supporting indented content by @​CreatorHead in #​188

v0.24.0

Compare Source

What's Changed

• Rollback: Diff comparision for copyright headers. by @​mohanmanikanta2299 in #​185
• Update README.md by @​mohanmanikanta2299 in #​187

Full Changelog: hashicorp/copywrite@v0.23.0...v0.24.0

v0.23.0

Compare Source

What's Changed

• pin reused github action by @​abhijeetviswa in #​128
• Add changelog file for standardisation. by @​mohanmanikanta2299 in #​129
• IND-3799 parameter addition to dependabot by @​KaushikiAnand in #​130
• Update Heimdall ownership to match CODEOWNERS by @​mukeshjc in #​143
• fix(pre-commit): Hooks should use the copywrite binary by @​bhundven in #​120
• fix(.pre-commit-config.yaml): fix hook id to match actual name by @​Paillat-dev in #​123
• Updated Copyright to IBM Headers by @​mohanmanikanta2299 in #​170
• Update copyright format for IBM Corp with year ranges by @​CreatorHead in #​179
• Ibm copyright format by @​CreatorHead in #​180
• Copyright symbol removal to get inline with policy. by @​mohanmanikanta2299 in #​183
• Update feature added for headers command. by @​mohanmanikanta2299 in #​181

New Contributors

• @​abhijeetviswa made their first contribution in #​128
• @​compliance-pr-automation-bot[bot] made their first contribution in #​149
• @​bhundven made their first contribution in #​120
• @​Paillat-dev made their first contribution in #​123
• @​ssagarverma made their first contribution in #​172
• @​CreatorHead made their first contribution in #​179

Full Changelog: hashicorp/copywrite@v0.22.0...v0.23.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[github-actions]

ℹ️ Artifact update notice

File name: tools/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 8 additional dependencies were updated

Details:

Package	Change
github.com/bmatcuk/doublestar/v4	v4.9.1 -> v4.10.0
github.com/bradleyfalzon/ghinstallation/v2	v2.17.0 -> v2.18.0
github.com/google/go-querystring	v1.1.0 -> v1.2.0
github.com/jedib0t/go-pretty/v6	v6.7.7 -> v6.7.9
github.com/mattn/go-isatty	v0.0.20 -> v0.0.21
github.com/samber/lo	v1.52.0 -> v1.53.0
golang.org/x/oauth2	v0.34.0 -> v0.36.0
golang.org/x/sync	v0.19.0 -> v0.20.0