Skip to content

chore: bump the go_modules group across 1 directory with 9 updates #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: bump the go_modules group across 1 directory with 9 updates #2

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 6, 2025

Bumps the go_modules group with 8 updates in the / directory:

Package From To
github.com/go-jose/go-jose/v3 3.0.0 3.0.4
github.com/golang-jwt/jwt/v4 4.5.0 4.5.2
github.com/moby/moby 24.0.1+incompatible 26.1.0+incompatible
golang.org/x/net 0.18.0 0.38.0
google.golang.org/protobuf 1.31.0 1.33.0
github.com/cloudflare/circl 1.3.3 1.3.7
github.com/docker/docker 24.0.7+incompatible 25.0.6+incompatible
github.com/google/nftables 0.1.1-0.20230115205135-9aa6fdf5a28c 0.2.0

Updates github.com/go-jose/go-jose/v3 from 3.0.0 to 3.0.4

Release notes

Sourced from github.com/go-jose/go-jose/v3's releases.

v3.0.4

What's Changed

Backport fix for GHSA-c6gw-w398-hv78 CVE-2025-27144 go-jose/go-jose#174

Full Changelog: go-jose/go-jose@v3.0.3...v3.0.4

Version 3.0.3

Fixed

  • Limit decompression output size to prevent a DoS. Backport from v4.0.1.

Version 3.0.2

Fixed

  • DecryptMulti: handle decompression error (#19)

Changed

  • jwe/CompactSerialize: improve performance (#67)
  • Increase the default number of PBKDF2 iterations to 600k (#48)
  • Return the proper algorithm for ECDSA keys (#45)
  • Update golang.org/x/crypto to v0.19 (#94)

Added

  • Add Thumbprint support for opaque signers (#38)

Version 3.0.1

Fixed

Security issue: an attacker specifying a large "p2c" value can cause JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large amounts of CPU, causing a DoS. Thanks to Matt Schwager (@​mschwager) for the disclosure and to Tom Tervoort for originally publishing the category of attack. https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf

The release is tagged off the release-v3.0.1 branch to avoid mixing in some as-yet unreleased changes on the v3 branch.

Changelog

Sourced from github.com/go-jose/go-jose/v3's changelog.

Changed

  • Defined a custom error, ErrUnexpectedSignatureAlgorithm, returned when a JWS header contains an unsupported signature algorithm.

v4.0.4

Fixed

  • Reverted "Allow unmarshalling JSONWebKeySets with unsupported key types" as a breaking change. See #136 / #137.

v4.0.3

Changed

  • Allow unmarshalling JSONWebKeySets with unsupported key types (#130)
  • Document that OpaqueKeyEncrypter can't be implemented (for now) (#129)
  • Dependency updates

v4.0.2

Changed

  • Improved documentation of Verify() to note that JSONWebKeySet is a supported argument type (#104)
  • Defined exported error values for missing x5c header and unsupported elliptic curves error cases (#117)

v4.0.1

Fixed

  • An attacker could send a JWE containing compressed data that used large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti. Those functions now return an error if the decompressed data would exceed 250kB or 10x the compressed size (whichever is larger). Thanks to Enze Wang@Alioth and Jianjun Chen@Zhongguancun Lab (@​zer0yu and @​chenjj) for reporting.

v4.0.0

This release makes some breaking changes in order to more thoroughly address the vulnerabilities discussed in [Three New Attacks Against JSON Web Tokens][1], "Sign/encrypt confusion", "Billion hash attack", and "Polyglot token".

Changed

  • Limit JWT encryption types (exclude password or public key types) (#78)

... (truncated)

Commits
  • 5253038 Backport fix 167 to v3 (#174)
  • 047dc99 CI: Update github actions and go version (#173)
  • 0f017e9 Revert #26 (ignore unsupported JWKs in Sets) (#131)
  • 3e2bbef Unmarshal jwk keys with unsupported key type or algorithm into empty … (#26)
  • add6a28 v3: backport decompression limit fix (#107)
  • 11bb4e7 doc: in v3 branch's README, point to v4 as latest (#101)
  • 863f73b v3.0.2: Update changelog (#95)
  • bdbc794 Update golang.org/x/crypto to v0.19 (backport) (#94)
  • 25bce79 Updated go-jose v3.0.0 to v3.0.1 in jose-util (#70)
  • aa386df jwe/CompactSerialize: improve performance. (#67)
  • Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.2

Release notes

Sourced from github.com/golang-jwt/jwt/v4's releases.

v4.5.2

See GHSA-mh63-6h87-95cp

Full Changelog: golang-jwt/jwt@v4.5.1...v4.5.2

v4.5.1

Security

Unclear documentation of the error behavior in ParseWithClaims in <= 4.5.0 could lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by ParseWithClaims return both error codes. If users only check for the jwt.ErrTokenExpired using error.Is, they will ignore the embedded jwt.ErrTokenSignatureInvalid and thus potentially accept invalid tokens.

This issue was documented in GHSA-29wx-vh33-7x7r and fixed in this release.

Note: v5 was not affected by this issue. So upgrading to this release version is also recommended.

What's Changed

  • Back-ported error-handling logic in ParseWithClaims from v5 branch. This fixes GHSA-29wx-vh33-7x7r.

Full Changelog: golang-jwt/jwt@v4.5.0...v4.5.1

Commits

Updates github.com/moby/moby from 24.0.1+incompatible to 26.1.0+incompatible

Release notes

Sourced from github.com/moby/moby's releases.

v26.1.0

26.1.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

New

Bug fixes and enhancements

  • Native Windows containers are configured with an internal DNS server for container name resolution, and external DNS servers for other lookups. Not all resolvers, including nslookup, fall back to the external resolvers when they get a SERVFAIL answer from the internal server. So, the internal DNS server can now be configured to forward requests to the external resolvers, by setting "features": {"windows-dns-proxy": true } in the daemon.json file. moby/moby#47584

[!NOTE] This will be the new default behavior in Docker Engine 27.0.

[!WARNING] The windows-dns-proxy feature flag will be removed in a future release.

  • Swarm: Fix Subpath not being passed to the container config. moby/moby#47711
  • Classic builder: Fix cache miss on WORKDIR <directory>/ build step (directory with a trailing slash). moby/moby#47723
  • containerd image store: Fix docker images failing when any image in the store has unexpected target. moby/moby#47738

v26.0.2

26.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains a security fix for CVE-2024-32473, an unexpected configuration of IPv6 on IPv4-only interfaces.

Bug fixes and enhancements

v26.0.1

... (truncated)

Commits
  • c8af8eb Merge pull request #47738 from vvoland/c8d-walk-image-badimagetarget
  • 7d95fe8 c8d/list: Ignore unexpected image target
  • 801fd16 Merge pull request #47735 from cpuguy83/better_walk_error
  • 6667e96 Include more details in errnotManifestOrIndex
  • ee8b788 Merge pull request #47734 from krissetto/image-history-timestamp-dereference
  • 96c9353 Merge pull request #47723 from vvoland/builder-fix-workdir-slash
  • ab570ab nil dereference fix on image history Created value
  • 7532420 container/SetupWorkingDirectory: Don't mutate config
  • a4d5b6b builder/normalizeWorkdir: Always return cleaned path
  • e829cca Merge pull request #47584 from robmry/upstream_dns_windows
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.15.0 to 0.19.0

Commits
  • 405cb3b go.mod: update golang.org/x dependencies
  • 913d3ae x509roots/fallback: update bundle
  • dbb6ec1 ssh/test: skip tests on darwin that fail on the darwin-amd64-longtest LUCI bu...
  • 403f699 ssh/test: avoid leaking a net.UnixConn in server.TryDialWithAddr
  • 055043d go.mod: update golang.org/x dependencies
  • 08396bb internal/poly1305: drop Go 1.12 compatibility
  • 9d2ee97 ssh: implement strict KEX protocol changes
  • 4e5a261 ssh: close net.Conn on all NewServerConn errors
  • 152cdb1 x509roots/fallback: update bundle
  • fdfe1f8 ssh: defer channel window adjustment
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.18.0 to 0.38.0

Commits
  • e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...
  • ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest
  • 1f1fa29 publicsuffix: regenerate table
  • 1215081 http2: improve error when server sends HTTP/1
  • 312450e html: ensure <search> tag closes <p> and update tests
  • 09731f9 http2: improve handling of lost PING in Server
  • 55989e2 http2/h2c: use ResponseController for hijacking connections
  • 2914f46 websocket: re-recommend gorilla/websocket
  • 99b3ae0 go.mod: update golang.org/x dependencies
  • 85d1d54 go.mod: update golang.org/x dependencies
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.31.0 to 1.33.0

Updates github.com/cloudflare/circl from 1.3.3 to 1.3.7

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.7

What's Changed

New Contributors

Full Changelog: cloudflare/circl@v1.3.6...v1.3.7

CIRCL v1.3.6

What's Changed

New Contributors

Full Changelog: cloudflare/circl@v1.3.3...v1.3.6

Commits
  • c48866b Releasing CIRCL v1.3.7
  • 75ef91e kyber: remove division by q in ciphertext compression
  • 899732a build(deps): bump golang.org/x/crypto
  • 99f0f71 Releasing CIRCL v1.3.6
  • e728d0d Apply thibmeu code review suggestions
  • ceb2d90 Updating blindrsa to be compliant with RFC9474.
  • 44133f7 spelling: tripped
  • c2076d6 spelling: transposes
  • dad2166 spelling: title
  • 171c418 spelling: threshold
  • Additional commits viewable in compare view

Updates github.com/docker/docker from 24.0.7+incompatible to 25.0.6+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v25.0.6

25.0.6

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains a fix for CVE-2024-41110 / GHSA-v23v-6jw2-98fq that impacted setups using authorization plugins (AuthZ) for access control.

Bug fixes and enhancements

  • [25.0] remove erroneous platform from image config OCI descriptor in docker save output. moby/moby#47695
  • [25.0 backport] Fix a nil dereference when getting image history for images having layers without the Created value set. moby/moby#47759
  • [25.0 backport] apparmor: Allow confined runc to kill containers. moby/moby#47830
  • [25.0 backport] Fix an issue where rapidly promoting a Swarm node after another node was demoted could cause the promoted node to fail its promotion. moby/moby#47869
  • [25.0 backport] don't depend on containerd platform.Parse to return a typed error. moby/moby#47890
  • [25.0 backport] builder/mobyexporter: Add missing nil check moby/moby#47987

Packaging updates

Full Changelog: moby/moby@v25.0.5...v25.0.6

v25.0.5

25.0.5

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

Bug fixes and enhancements

  • CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589

  • plugin: fix mounting /etc/hosts when running in UserNS. moby/moby#47588

  • rootless: fix open /etc/docker/plugins: permission denied. moby/moby#47587

  • Fix multiple parallel docker build runs leaking disk space. moby/moby#47527

... (truncated)

Commits
  • b08a51f Merge pull request #48231 from austinvazquez/backport-vendor-otel-v0.46.1-to-...
  • d151b0f vendor: OTEL v0.46.1 / v1.21.0
  • c6ba9a5 Merge pull request #48225 from austinvazquez/backport-workflow-artifact-reten...
  • 4673a3c Merge pull request #48227 from austinvazquez/backport-backport-branch-check-t...
  • 30f8908 github/ci: Check if backport is opened against the expected branch
  • 7454d6a ci: update workflow artifacts retention
  • 65cc597 Merge commit from fork
  • b722836 Merge pull request #48199 from austinvazquez/update-containerd-binary-to-1.7.20
  • e8ecb9c update containerd binary to v1.7.20
  • e6cae1f update containerd binary to v1.7.19
  • Additional commits viewable in compare view

Updates github.com/google/nftables from 0.1.1-0.20230115205135-9aa6fdf5a28c to 0.2.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore: bump the go_modules group across 1 directory with 9 updates
dee2b48 
Bumps the go_modules group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) | `3.0.0` | `3.0.4` |
| [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) | `4.5.0` | `4.5.2` |
| [github.com/moby/moby](https://github.com/moby/moby) | `24.0.1+incompatible` | `26.1.0+incompatible` |
| [golang.org/x/net](https://github.com/golang/net) | `0.18.0` | `0.38.0` |
| google.golang.org/protobuf | `1.31.0` | `1.33.0` |
| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.3` | `1.3.7` |
| [github.com/docker/docker](https://github.com/docker/docker) | `24.0.7+incompatible` | `25.0.6+incompatible` |
| [github.com/google/nftables](https://github.com/google/nftables) | `0.1.1-0.20230115205135-9aa6fdf5a28c` | `0.2.0` |



Updates `github.com/go-jose/go-jose/v3` from 3.0.0 to 3.0.4
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](go-jose/go-jose@v3.0.0...v3.0.4)

Updates `github.com/golang-jwt/jwt/v4` from 4.5.0 to 4.5.2
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](golang-jwt/jwt@v4.5.0...v4.5.2)

Updates `github.com/moby/moby` from 24.0.1+incompatible to 26.1.0+incompatible
- [Release notes](https://github.com/moby/moby/releases)
- [Commits](moby/moby@v24.0.1...v26.1.0)

Updates `golang.org/x/crypto` from 0.15.0 to 0.19.0
- [Commits](golang/crypto@v0.15.0...v0.19.0)

Updates `golang.org/x/net` from 0.18.0 to 0.38.0
- [Commits](golang/net@v0.18.0...v0.38.0)

Updates `google.golang.org/protobuf` from 1.31.0 to 1.33.0

Updates `github.com/cloudflare/circl` from 1.3.3 to 1.3.7
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](cloudflare/circl@v1.3.3...v1.3.7)

Updates `github.com/docker/docker` from 24.0.7+incompatible to 25.0.6+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v24.0.7...v25.0.6)

Updates `github.com/google/nftables` from 0.1.1-0.20230115205135-9aa6fdf5a28c to 0.2.0
- [Commits](https://github.com/google/nftables/commits/v0.2.0)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-version: 3.0.4
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-version: 4.5.2
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/moby/moby
  dependency-version: 26.1.0+incompatible
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.19.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.38.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.33.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/cloudflare/circl
  dependency-version: 1.3.7
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/docker/docker
  dependency-version: 25.0.6+incompatible
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/google/nftables
  dependency-version: 0.2.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 6, 2025
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented May 6, 2025

⚠️ No Changeset found

Latest commit: dee2b48

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@coderabbitai coderabbitai
Copy link

coderabbitai bot commented May 6, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Join our Discord community for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@socket-security Socket Security
Copy link

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedgithub.com/​moby/​moby@​v24.0.1+incompatible ⏵ v26.1.0+incompatible72 +599 +2210010080
Updatedgolang.org/​x/​tools@​v0.15.0 ⏵ v0.21.1-0.20240508182429-e35e4ccd0d2d72 +2100100100100
Updatedgolang.org/​x/​crypto@​v0.15.0 ⏵ v0.36.073 +1100 +75100100100
Updatedgolang.org/​x/​net@​v0.18.0 ⏵ v0.38.075 +1100 +4100100100
Updatedgoogle.golang.org/​protobuf@​v1.31.0 ⏵ v1.33.075 +1100 +2100100100
Updatedgolang.org/​x/​text@​v0.14.0 ⏵ v0.23.078100100100100
Updatedgolang.org/​x/​sys@​v0.14.0 ⏵ v0.31.082 -3100100100100
Updatedgolang.org/​x/​mod@​v0.14.0 ⏵ v0.17.095 +1100100100100
Updatedgithub.com/​go-jose/​go-jose/​v3@​v3.0.0 ⏵ v3.0.498 +1100 +4100100100
Updatedgithub.com/​golang-jwt/​jwt/​v4@​v4.5.0 ⏵ v4.5.298 +1100 +17100100100
Updatedgolang.org/​x/​sync@​v0.5.0 ⏵ v0.12.099 +1100100100100
Updatedgolang.org/​x/​term@​v0.14.0 ⏵ v0.30.0100 +1100100100100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file go Pull requests that update go code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants