Skip to content

[deps] Update golang.org/x/vuln from v1.5.0 to v1.6.0 #44702

Description

@github-actions

Dependency Update: golang.org/x/vuln

Field Value
Package golang.org/x/vuln
Current v1.5.0
Proposed v1.6.0
Update Type Minor version bump

Why a Separate Issue

This is a minor version update (v1.5.0 → v1.6.0) to a security-critical package (govulncheck). Minor updates may include behavior changes in vulnerability detection logic, new vulnerability checks, or changes to output format that could affect CI integrations.

Safety Assessment

⚠️ Minor version update to a security scanning tool. Requires review to ensure:

  • No changes to vulnerability report format that could break parsing
  • No new false positives introduced in CI checks
  • govulncheck output is still compatible with downstream consumers

Links

Update Command

go get golang.org/x/vuln@v1.6.0
go mod tidy

Test Notes

Run make test and verify that govulncheck invocations in the codebase still work as expected.

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • awmgmcpg

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "awmgmcpg"

See Network Configuration for more information.

Generated by 🔧 Dependabot Dependency Checker · 82.7 AIC · ⌖ 7.24 AIC · ⊞ 4.9K ·

  • expires on Jul 12, 2026, 2:38 AM UTC-08:00

Metadata

Metadata

Labels

cookieIssue Monster Loves Cookies!dependenciesPull requests that update a dependency filego

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions