crypto from 0.11.0 to 0.13.0 #754

New issue

Closed

opened 2026-02-25 23:35:21 +03:00 by kerem · 0 comments

kerem commented

2026-02-25 23:35:21 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/go-shiori/shiori/pull/724
Author: @dependabot[bot]
Created: 9/11/2023
Status: ❌ Closed

Base: master ← Head: dependabot/go_modules/golang.org/x/crypto-0.13.0

📝 Commits (1)

417bd9f chore(deps): bump golang.org/x/crypto from 0.11.0 to 0.13.0

📊 Changes

2 files changed (+12 additions, -12 deletions)

View changed files

📝 go.mod (+4 -4)
📝 go.sum (+8 -8)

📄 Description

Bumps golang.org/x/crypto from 0.11.0 to 0.13.0.

Commits

0d375be go.mod: update golang.org/x dependencies
b4ddeed go.mod: update golang.org/x dependencies
edc325d ssh: fix call to Fatalf from a non-test goroutine
eab9315 ssh: add diffie-hellman-group16-sha512 kex
ddfa821 ssh: ignore invalid MACs and KEXs just like we do for ciphers
d08e19b x509roots/fallback: update bundle
12e1fcd internal/wycheproof: skip all tests in short test mode
3f8f064 ssh: prefer sha256 based RSA key algorithms
5df3b59 ssh: disable client agent tests on Windows
2e82bdd fix TestValidTerminalMode: missing output from echo SHELL $SHELL
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/go-shiori/shiori/pull/724 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 9/11/2023 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/go_modules/golang.org/x/crypto-0.13.0` --- ### 📝 Commits (1) - [`417bd9f`](https://github.com/go-shiori/shiori/commit/417bd9fae7a5c55dc0b447397ae6e8c41ea079c7) chore(deps): bump golang.org/x/crypto from 0.11.0 to 0.13.0 ### 📊 Changes **2 files changed** (+12 additions, -12 deletions) <details> <summary>View changed files</summary> 📝 `go.mod` (+4 -4) 📝 `go.sum` (+8 -8) </details> ### 📄 Description Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.11.0 to 0.13.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/0d375be9b61cb69eb94173d0375a05e90875bbf6"><code>0d375be</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/b4ddeeda5bc71549846db71ba23e83ecb26f36ed"><code>b4ddeed</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/edc325d13aa98b5b79708f7122a33bf392cdc1a7"><code>edc325d</code></a> ssh: fix call to Fatalf from a non-test goroutine</li> <li><a href="https://github.com/golang/crypto/commit/eab931596093977eaac68313fb6020a29ed7653e"><code>eab9315</code></a> ssh: add diffie-hellman-group16-sha512 kex</li> <li><a href="https://github.com/golang/crypto/commit/ddfa82138ec59f54c839f62c0e7661f865785a39"><code>ddfa821</code></a> ssh: ignore invalid MACs and KEXs just like we do for ciphers</li> <li><a href="https://github.com/golang/crypto/commit/d08e19beaccde615f2f1458b1b0df8fe75e20c8a"><code>d08e19b</code></a> x509roots/fallback: update bundle</li> <li><a href="https://github.com/golang/crypto/commit/12e1fcd8c0e66f2ad293bd33dc6cb973fb4ca7f4"><code>12e1fcd</code></a> internal/wycheproof: skip all tests in short test mode</li> <li><a href="https://github.com/golang/crypto/commit/3f8f0645c28700f4cb71c4f2e5678a0bb995a16d"><code>3f8f064</code></a> ssh: prefer sha256 based RSA key algorithms</li> <li><a href="https://github.com/golang/crypto/commit/5df3b5994134fe208c569a96dde7fc5f4d367ff6"><code>5df3b59</code></a> ssh: disable client agent tests on Windows</li> <li><a href="https://github.com/golang/crypto/commit/2e82bdd1719d8f50d18bbb60acc52accc71330b1"><code>2e82bdd</code></a> fix TestValidTerminalMode: missing output from echo SHELL $SHELL</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.11.0...v0.13.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/crypto&package-manager=go_modules&previous-version=0.11.0&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>