oauth2 from 0.28.0 to 0.29.0 #1968

New issue

Closed

opened 2026-03-03 12:37:02 +03:00 by kerem · 0 comments

kerem commented

2026-03-03 12:37:02 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/fsouza/fake-gcs-server/pull/1949
Author: @dependabot[bot]
Created: 4/7/2025
Status: ✅ Merged
Merged: 4/17/2025
Merged by: @fsouza

Base: main ← Head: dependabot/go_modules/golang.org/x/oauth2-0.29.0

📝 Commits (1)

f63a8d0 build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0

📊 Changes

2 files changed (+3 additions, -3 deletions)

View changed files

📝 go.mod (+1 -1)
📝 go.sum (+2 -2)

📄 Description

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps golang.org/x/oauth2 from 0.28.0 to 0.29.0.

Commits

65c15a3 oauth2: remove extra period
ce56909 jws: improve fix for CVE-2025-22868
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fsouza/fake-gcs-server/pull/1949 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 4/7/2025 **Status:** ✅ Merged **Merged:** 4/17/2025 **Merged by:** [@fsouza](https://github.com/fsouza) **Base:** `main` ← **Head:** `dependabot/go_modules/golang.org/x/oauth2-0.29.0` --- ### 📝 Commits (1) - [`f63a8d0`](https://github.com/fsouza/fake-gcs-server/commit/f63a8d0847c29753c91f1b69ad12df0b3e8821a6) build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.29.0 ### 📊 Changes **2 files changed** (+3 additions, -3 deletions) <details> <summary>View changed files</summary> 📝 `go.mod` (+1 -1) 📝 `go.sum` (+2 -2) </details> ### 📄 Description [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.28.0 to 0.29.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/oauth2/commit/65c15a35147ccc5127e9f8cdf2e07837596e56b4"><code>65c15a3</code></a> oauth2: remove extra period</li> <li><a href="https://github.com/golang/oauth2/commit/ce56909505b351a755ad0bc294c5ee01ed0ea050"><code>ce56909</code></a> jws: improve fix for CVE-2025-22868</li> <li>See full diff in <a href="https://github.com/golang/oauth2/compare/v0.28.0...v0.29.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/oauth2&package-manager=go_modules&previous-version=0.28.0&new-version=0.29.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>