Skip to content

chore(deps): update bump go dependencies #784

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 5, 2025
Merged

chore(deps): update bump go dependencies #784

merged 1 commit into from
May 5, 2025
+42 −42

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 17, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
github.com/gin-contrib/cors v1.7.3 -> v1.7.5 age adoption passing confidence
github.com/gin-contrib/gzip v1.2.2 -> v1.2.3 age adoption passing confidence
github.com/go-playground/validator/v10 v10.25.0 -> v10.26.0 age adoption passing confidence
golang.org/x/crypto v0.36.0 -> v0.38.0 age adoption passing confidence

Release Notes

gin-contrib/cors (github.com/gin-contrib/cors)

v1.7.5

Compare Source

Changelog
Enhancements
Build process updates

v1.7.4

Compare Source

Changelog

Features
Enhancements
Build process updates
gin-contrib/gzip (github.com/gin-contrib/gzip)

v1.2.3

Compare Source

Changelog

Enhancements
  • 3b246bb: chore: update dependencies to latest versions focused on security patches (@​appleboy)
Build process updates
go-playground/validator (github.com/go-playground/validator/v10)

v10.26.0

Compare Source

What's Changed

New Contributors

Full Changelog: go-playground/validator@v10.25.0...v10.26.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner March 17, 2025 10:53
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Mar 17, 2025
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Mar 17, 2025
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 10 additional dependencies were updated

Details:

Package Change
github.com/bytedance/sonic v1.12.7 -> v1.13.2
github.com/bytedance/sonic/loader v0.2.2 -> v0.2.4
github.com/cloudwego/base64x v0.1.4 -> v0.1.5
github.com/goccy/go-json v0.10.4 -> v0.10.5
github.com/klauspost/cpuid/v2 v2.2.9 -> v2.2.10
golang.org/x/arch v0.13.0 -> v0.15.0
golang.org/x/net v0.34.0 -> v0.38.0
golang.org/x/sys v0.31.0 -> v0.33.0
golang.org/x/text v0.23.0 -> v0.25.0
google.golang.org/protobuf v1.36.2 -> v1.36.6

@codecov Codecov
Copy link

codecov bot commented Mar 17, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.51%. Comparing base (f11755d) to head (072bbc4).
Report is 1 commits behind head on master.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #784   +/-   ##
=======================================
  Coverage   79.51%   79.51%           
=======================================
  Files          56       56           
  Lines        2641     2641           
=======================================
  Hits         2100     2100           
  Misses        450      450           
  Partials       91       91

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@eternal-flame-AD
Copy link
Member

tldr: allowedOrigins can now be slash-delimited regex

@renovate renovate bot changed the title chore(deps): update module github.com/gin-contrib/cors to v1.7.4 chore(deps): update bump go dependencies Mar 28, 2025
@renovate renovate bot force-pushed the renovate/bump-dependencies-go branch 4 times, most recently from e53a15b to b0a3e42 Compare April 4, 2025 15:22
@renovate renovate bot force-pushed the renovate/bump-dependencies-go branch from b0a3e42 to 4f3e833 Compare April 6, 2025 18:12
@renovate renovate bot force-pushed the renovate/bump-dependencies-go branch from 4f3e833 to 179ab7e Compare April 27, 2025 10:06
@renovate renovate bot force-pushed the renovate/bump-dependencies-go branch from 179ab7e to 072bbc4 Compare May 5, 2025 22:34
eternal-flame-AD
eternal-flame-AD approved these changes May 5, 2025
View reviewed changes
Copy link
Member

@eternal-flame-AD eternal-flame-AD left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is enough for a batch merge, there are some updates on golang.org/x/ that should resolve some security flags too.

@eternal-flame-AD eternal-flame-AD merged commit 307b2aa into master May 5, 2025
4 checks passed
@renovate renovate bot deleted the renovate/bump-dependencies-go branch May 5, 2025 23:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eternal-flame-AD eternal-flame-AD eternal-flame-AD approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@eternal-flame-AD