Skip to content

deps(go)(deps): bump the golang-x group across 1 directory with 3 updates#41

Merged
JediRhymeTrix merged 1 commit into
mainfrom
dependabot/go_modules/golang-x-aedb219c92
Jul 14, 2026
Merged

deps(go)(deps): bump the golang-x group across 1 directory with 3 updates#41
JediRhymeTrix merged 1 commit into
mainfrom
dependabot/go_modules/golang-x-aedb219c92

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps the golang-x group with 2 updates in the / directory: golang.org/x/crypto and golang.org/x/net.

Updates golang.org/x/crypto from 0.53.0 to 0.54.0

Commits
  • cdce021 go.mod: update golang.org/x dependencies
  • d9474cc openpgp: make the deprecation message more explicit
  • 7626c50 ssh: verify declared key type matches decoded key in authorized_keys
  • 0471e79 ssh/agent: enforce strict limits on DSA key parameters
  • 6435c37 ssh: sanitize client disconnect messages
  • 7d695da ssh/agent: drain channel stderr in agent forwarders
  • 5b7f841 acme/autocert: fix data race in Manager.createCert
  • 0b316e7 argon2: update RFC 9106 parameter recommendations
  • 55aec0a x509roots/fallback: update bundle
  • 5f2de1a internal: remove wycheproof tests
  • See full diff in compare view

Updates golang.org/x/net from 0.56.0 to 0.57.0

Commits
  • b8f09f6 go.mod: update golang.org/x dependencies
  • f05f21b idna: reject all-ASCII xn-- labels on all Go versions
  • 0f748cf internal/http3: clean up stream I/O methods usages in tests
  • 0bb961e internal/http3: add net/http.ResponseController support
  • 0ca694d webdav: document Dir's lack of defense against filesystem modification
  • bd5f1dc http2: initialize Transport on NewClientConn
  • 488ff63 bpf: add security considerations to package docs
  • 93d1f25 xsrftoken: avoid token collisions
  • 5a3baee internal/http3: prevent panic in QPACK decoder due to overflow
  • See full diff in compare view

Updates golang.org/x/sys from 0.46.0 to 0.47.0

Commits
  • 9e7e939 cpu: handle vendor suffixes in parseRelease
  • f6fb8a1 unix: use epoll_pwait rather than epoll_wait
  • f3eeabf windows: avoid length overflow in NewNTString
  • 3cb6647 unix: update glibc to 2.43
  • c507910 windows: document safe usage of TrusteeValue
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Dependency updates (go.mod, npm) semver-patch Release Drafter: bumps PATCH version (x.y.Z) labels Jul 13, 2026
@dependabot
dependabot Bot requested a review from JediRhymeTrix as a code owner July 13, 2026 06:12
@dependabot dependabot Bot added dependencies Dependency updates (go.mod, npm) semver-patch Release Drafter: bumps PATCH version (x.y.Z) labels Jul 13, 2026
@JediRhymeTrix

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot dependabot Bot changed the title deps(go)(deps): bump the golang-x group with 3 updates deps(go)(deps): bump the golang-x group across 1 directory with 3 updates Jul 14, 2026
@dependabot
dependabot Bot force-pushed the dependabot/go_modules/golang-x-aedb219c92 branch from 6cb1c84 to 45fbc74 Compare July 14, 2026 16:52
…ates

Bumps the golang-x group with 2 updates in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto) and [golang.org/x/net](https://github.com/golang/net).


Updates `golang.org/x/crypto` from 0.53.0 to 0.54.0
- [Commits](golang/crypto@v0.53.0...v0.54.0)

Updates `golang.org/x/net` from 0.56.0 to 0.57.0
- [Commits](golang/net@v0.56.0...v0.57.0)

Updates `golang.org/x/sys` from 0.46.0 to 0.47.0
- [Commits](golang/sys@v0.46.0...v0.47.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/net
  dependency-version: 0.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sys
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/go_modules/golang-x-aedb219c92 branch from 45fbc74 to 089f82b Compare July 14, 2026 17:53
@JediRhymeTrix
JediRhymeTrix merged commit 3f921bc into main Jul 14, 2026
11 checks passed
@JediRhymeTrix
JediRhymeTrix deleted the dependabot/go_modules/golang-x-aedb219c92 branch July 14, 2026 18:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates (go.mod, npm) semver-patch Release Drafter: bumps PATCH version (x.y.Z)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant