Skip to content

chore: bump the x group with 8 updates#72

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/x-fc943f5e22
Open

chore: bump the x group with 8 updates#72
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/x-fc943f5e22

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 25, 2026
edited
Loading

Bumps the x group with 8 updates:

Package From To
golang.org/x/crypto 0.37.0 0.48.0
golang.org/x/mod 0.24.0 0.32.0
golang.org/x/net 0.39.0 0.49.0
golang.org/x/oauth2 0.29.0 0.35.0
golang.org/x/sync 0.13.0 0.19.0
golang.org/x/sys 0.32.0 0.41.0
golang.org/x/term 0.31.0 0.40.0
golang.org/x/tools 0.32.0 0.41.0

Updates golang.org/x/crypto from 0.37.0 to 0.48.0

Commits
  • e08b067 go.mod: update golang.org/x dependencies
  • 7d0074c scrypt: fix panic on parameters <= 0
  • 506e022 go.mod: update golang.org/x dependencies
  • 7dacc38 chacha20poly1305: error out in fips140=only mode
  • 19acf81 go.mod: update golang.org/x dependencies
  • 3a1c6b4 x509roots/fallback: update bundle
  • f4602e4 ssh/agent: fix flaky test by ensuring a writeable home directory
  • 4e0068c go.mod: update golang.org/x dependencies
  • e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
  • f91f7a7 ssh/agent: prevent panic on malformed constraint
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.24.0 to 0.32.0

Commits
  • 4c04067 go.mod: update golang.org/x dependencies
  • d271cf3 go.mod: update golang.org/x dependencies
  • 269c237 sumdb/note: delete chop
  • 3f03020 x/mod: apply go fix and go vet
  • 7416265 go.mod: update golang.org/x dependencies
  • 5517a71 all: fix some comments
  • b6cdd1a modfile: use reflect.TypeFor instead of reflect.TypeOf
  • bba3e06 go.mod: update golang.org/x dependencies
  • 1759e96 go.mod: update golang.org/x dependencies
  • f060e16 all: upgrade go directive to at least 1.24.0 [generated]
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.39.0 to 0.49.0

Commits
  • d977772 go.mod: update golang.org/x dependencies
  • eea413e internal/http3: use go1.25 synctest.Test instead of go1.24 synctest.Run
  • 9ace223 websocket: add missing call to resp.Body.Close
  • 7d3dbb0 http2: buffer the most recently received PRIORITY_UPDATE frame
  • 35e1306 go.mod: update golang.org/x dependencies
  • 7c36036 http2, webdav, websocket: fix %q verb uses with wrong type
  • ec11ecc trace: fix data race in RenderEvents
  • bff14c5 http2: don't PING a responsive server when resetting a stream
  • 88a6421 dns/dnsmessage: avoid use of "strings" and "math" in dns/dnsmessage
  • 123d099 http2: support net/http.Transport.NewClientConn
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.29.0 to 0.35.0

Commits
  • 89ff2e1 google: add safer credentials JSON loading options.
  • acc3815 endpoints: fix %q verb use with wrong type
  • f28b0b5 all: fix some comments
  • fd15e0f x/oauth2: populate RetrieveError from DeviceAuth
  • 792c877 oauth2: use strings.Builder instead of bytes.Buffer
  • 014cf77 all: upgrade go directive to at least 1.24.0 [generated]
  • 3c76ce5 endpoints: correct Naver OAuth2 endpoint URLs
  • cf14319 oauth2: fix expiration time window check
  • 32d34ef internal: include clientID in auth style cache key
  • 2d34e30 oauth2: replace a magic number with AuthStyleUnknown
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.13.0 to 0.19.0

Commits
  • 2a180e2 errgroup: use consistent read for SetLimit panic
  • 1966f53 errgroup: fix some typos in comment
  • 04914c2 all: upgrade go directive to at least 1.24.0 [generated]
  • 7fad2c9 errgroup: revert propagation of panics
  • 8a14946 errgroup: remove duplicated comment
  • 1869c69 all: replace deprecated ioutil
  • d1ac909 sync/errgroup: PanicError.Error print stack trace
  • 506c70f errgroup: propagate panic and Goexit through Wait
  • See full diff in compare view

Updates golang.org/x/sys from 0.32.0 to 0.41.0

Commits
  • fc646e4 cpu: use IsProcessorFeaturePresent to calculate ARM64 on windows
  • f11c7bb windows: add IsProcessorFeaturePresent and processor feature consts
  • d25a7aa unix: add IoctlSetString on all platforms
  • 6fb913b unix: return early on error in Recvmsg
  • 2f44229 sys/cpu: add symbolic constants for remaining cpuid bits
  • e5770d2 sys/cpu: use symbolic names for masks
  • 714a44c sys/cpu: modify x86 port to match what internal/cpu does
  • 08e5482 unix: fix out of bounds memory access in tests
  • 4f4f1c6 Revert "cpu: add HPDS, LOR, PAN detection for arm64"
  • ca63116 unix: add IOCTL_MEI_* constants
  • Additional commits viewable in compare view

Updates golang.org/x/term from 0.31.0 to 0.40.0

Commits
  • 3aff304 go.mod: update golang.org/x dependencies
  • a7e5b04 go.mod: update golang.org/x dependencies
  • 943f25d x/term: handle transpose
  • 9b991dd x/term: handle delete key
  • 3863673 go.mod: update golang.org/x dependencies
  • 1231d54 go.mod: update golang.org/x dependencies
  • 3475bc8 term: fix some comments
  • 3a0828a go.mod: update golang.org/x dependencies
  • 1a11b45 go.mod: update golang.org/x dependencies
  • d862cd5 all: upgrade go directive to at least 1.24.0 [generated]
  • Additional commits viewable in compare view

Updates golang.org/x/tools from 0.32.0 to 0.41.0

Commits
  • 2ad2b30 go.mod: update golang.org/x dependencies
  • 5832cce internal/diff/lcs: introduce line diffs
  • 67c4257 gopls/internal/golang: Definition: fix Windows bug wrt //go:embed
  • 12c1f04 gopls/completion: check Selection invariant
  • 6d87185 internal/server: add vulncheck scanning after vulncheck prompt
  • 0c3a1fe go/ast/inspector: FindByPos returns the first innermost node
  • ca281cf go/analysis/passes/ctrlflow: add noreturn funcs from popular pkgs
  • 09c21a9 gopls/internal/analysis/unusedfunc: remove warnings for unused enum consts
  • 03cb455 internal/modindex: suppress missing modcacheindex message
  • 15d13e8 gopls/internal/util/typesutil: refine EnclosingSignature bug.Report
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the x group with 8 updates
06bfeca 
Bumps the x group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.37.0` | `0.48.0` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.24.0` | `0.32.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.39.0` | `0.49.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.29.0` | `0.35.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.13.0` | `0.19.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.32.0` | `0.41.0` |
| [golang.org/x/term](https://github.com/golang/term) | `0.31.0` | `0.40.0` |
| [golang.org/x/tools](https://github.com/golang/tools) | `0.32.0` | `0.41.0` |


Updates `golang.org/x/crypto` from 0.37.0 to 0.48.0
- [Commits](golang/crypto@v0.37.0...v0.48.0)

Updates `golang.org/x/mod` from 0.24.0 to 0.32.0
- [Commits](golang/mod@v0.24.0...v0.32.0)

Updates `golang.org/x/net` from 0.39.0 to 0.49.0
- [Commits](golang/net@v0.39.0...v0.49.0)

Updates `golang.org/x/oauth2` from 0.29.0 to 0.35.0
- [Commits](golang/oauth2@v0.29.0...v0.35.0)

Updates `golang.org/x/sync` from 0.13.0 to 0.19.0
- [Commits](golang/sync@v0.13.0...v0.19.0)

Updates `golang.org/x/sys` from 0.32.0 to 0.41.0
- [Commits](golang/sys@v0.32.0...v0.41.0)

Updates `golang.org/x/term` from 0.31.0 to 0.40.0
- [Commits](golang/term@v0.31.0...v0.40.0)

Updates `golang.org/x/tools` from 0.32.0 to 0.41.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.32.0...v0.41.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/mod
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/net
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/sync
  dependency-version: 0.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/sys
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/term
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
- dependency-name: golang.org/x/tools
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: x
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Feb 25, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants