[PR #772] [CLOSED] chore(deps): bump the all group with 4 updates #782

New issue

Closed

opened 2026-02-25 23:35:27 +03:00 by kerem · 0 comments

kerem commented

2026-02-25 23:35:27 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/go-shiori/shiori/pull/772
Author: @dependabot[bot]
Created: 11/1/2023
Status: ❌ Closed

Base: master ← Head: dependabot/go_modules/all-332a23f8b8

📝 Commits (1)

cf4de54 chore(deps): bump the all group with 4 updates

📊 Changes

2 files changed (+24 additions, -24 deletions)

View changed files

📝 go.mod (+8 -8)
📝 go.sum (+16 -16)

📄 Description

Bumps the all group with 4 updates: golang.org/x/crypto, golang.org/x/image, golang.org/x/net and modernc.org/sqlite.

Updates golang.org/x/crypto from 0.13.0 to 0.14.0

Commits

e3cc52e go.mod: update golang.org/x dependencies
833695f ssh: add server side support for ping@openssh.com protocol extension
ec07f4e chacha20: drop Go 1.10 compatibility for arm64
b665ba6 all: use crypto/ed25519 instead of golang.org/x/crypto/ed25519
a1aeb9b ssh: add test cases for compatibility with old (buggy) clients
28c53ff ssh: add MultiAlgorithmSigner
3f0842a sha3: have ShakeHash extend hash.Hash
e90f1e1 cryptobyte: add uint48 methods
d359caa ssh: support for marshaling keys using the OpenSSH format
c5370d2 ssh: check the declared public key algo against decoded one
See full diff in compare view

Updates golang.org/x/image from 0.12.0 to 0.13.0

Commits

c20bbc3 draw: simplify some calls to fmt.Fprintf
491771c draw: merge draw_go117.go into draw.go
4aa0222 go.mod: update go directive to 1.18
3aac9c6 draw: add fast paths for RGBA64Image
See full diff in compare view

Updates golang.org/x/net from 0.15.0 to 0.17.0

Commits

b225e7c http2: limit maximum handler goroutines to MaxConcurrentStreams
88194ad go.mod: update golang.org/x dependencies
2b60a61 quic: fix several bugs in flow control accounting
73d82ef quic: handle DATA_BLOCKED frames
5d5a036 quic: handle streams moving from the data queue to the meta queue
350aad2 quic: correctly extend peer's flow control window after MAX_DATA
21814e7 quic: validate connection id transport parameters
a600b35 quic: avoid redundant MAX_DATA updates
ea63359 http2: check stream body is present on read timeout
ddd8598 quic: version negotiation
Additional commits viewable in compare view

Updates modernc.org/sqlite from 1.26.0 to 1.27.0

Commits

a8c3eea update dependencies
46bf234 Merge branch 'master' into 'master'
e1849f3 Add capi_linux_ppc64le.go to fix ppc64le build
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/go-shiori/shiori/pull/772 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 11/1/2023 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/go_modules/all-332a23f8b8` --- ### 📝 Commits (1) - [`cf4de54`](https://github.com/go-shiori/shiori/commit/cf4de542aea1aa308691376c1c523dc8e744636a) chore(deps): bump the all group with 4 updates ### 📊 Changes **2 files changed** (+24 additions, -24 deletions) <details> <summary>View changed files</summary> 📝 `go.mod` (+8 -8) 📝 `go.sum` (+16 -16) </details> ### 📄 Description Bumps the all group with 4 updates: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/image](https://github.com/golang/image), [golang.org/x/net](https://github.com/golang/net) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `golang.org/x/crypto` from 0.13.0 to 0.14.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/e3cc52e598e302f8c613a645bb7231264d8ec995"><code>e3cc52e</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/833695f0a57b3037385dc9c0073bc88773cae6f3"><code>833695f</code></a> ssh: add server side support for <a href="mailto:ping@openssh.com">ping@openssh.com</a> protocol extension</li> <li><a href="https://github.com/golang/crypto/commit/ec07f4e35b9ef2fcfd790dd9437ef46bd64b3a4b"><code>ec07f4e</code></a> chacha20: drop Go 1.10 compatibility for arm64</li> <li><a href="https://github.com/golang/crypto/commit/b665ba6f6f9abc2ab124f8ec2cb44de0e44ce077"><code>b665ba6</code></a> all: use crypto/ed25519 instead of golang.org/x/crypto/ed25519</li> <li><a href="https://github.com/golang/crypto/commit/a1aeb9b34eb6b8f469bbd66b9cd1c9d905cb3714"><code>a1aeb9b</code></a> ssh: add test cases for compatibility with old (buggy) clients</li> <li><a href="https://github.com/golang/crypto/commit/28c53ff63c09fc7df7793600caa30989bc69e194"><code>28c53ff</code></a> ssh: add MultiAlgorithmSigner</li> <li><a href="https://github.com/golang/crypto/commit/3f0842a46434ea6f56bf6e684c2b83d90e9cff07"><code>3f0842a</code></a> sha3: have ShakeHash extend hash.Hash</li> <li><a href="https://github.com/golang/crypto/commit/e90f1e17ee2ffe351a8295e8ae8b66afda2969c6"><code>e90f1e1</code></a> cryptobyte: add uint48 methods</li> <li><a href="https://github.com/golang/crypto/commit/d359caa4a39d59a440003b37a6cc7ace3871fd4a"><code>d359caa</code></a> ssh: support for marshaling keys using the OpenSSH format</li> <li><a href="https://github.com/golang/crypto/commit/c5370d2cc696bb18a6ddc151cee09673f06e8497"><code>c5370d2</code></a> ssh: check the declared public key algo against decoded one</li> <li>See full diff in <a href="https://github.com/golang/crypto/compare/v0.13.0...v0.14.0">compare view</a></li> </ul> </details> Updates `golang.org/x/image` from 0.12.0 to 0.13.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/image/commit/c20bbc37136f3a0b463478dd8e699c51139af48c"><code>c20bbc3</code></a> draw: simplify some calls to fmt.Fprintf</li> <li><a href="https://github.com/golang/image/commit/491771c681427e82b9843267b24b32cf56743e83"><code>491771c</code></a> draw: merge draw_go117.go into draw.go</li> <li><a href="https://github.com/golang/image/commit/4aa0222fac539f4a04a4378b75b70ad6e1820ecb"><code>4aa0222</code></a> go.mod: update go directive to 1.18</li> <li><a href="https://github.com/golang/image/commit/3aac9c63df6c65cda99e4890d824b12c2c440b89"><code>3aac9c6</code></a> draw: add fast paths for RGBA64Image</li> <li>See full diff in <a href="https://github.com/golang/image/compare/v0.12.0...v0.13.0">compare view</a></li> </ul> </details> Updates `golang.org/x/net` from 0.15.0 to 0.17.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/b225e7ca6dde1ef5a5ae5ce922861bda011cfabd"><code>b225e7c</code></a> http2: limit maximum handler goroutines to MaxConcurrentStreams</li> <li><a href="https://github.com/golang/net/commit/88194ad8ab44a02ea952c169883c3f57db6cf9f4"><code>88194ad</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/2b60a61f1e4cf3a5ecded0bd7e77ea168289e6de"><code>2b60a61</code></a> quic: fix several bugs in flow control accounting</li> <li><a href="https://github.com/golang/net/commit/73d82efb96cacc0c378bc150b56675fc191894b9"><code>73d82ef</code></a> quic: handle DATA_BLOCKED frames</li> <li><a href="https://github.com/golang/net/commit/5d5a036a503f8accd748f7453c0162115187be13"><code>5d5a036</code></a> quic: handle streams moving from the data queue to the meta queue</li> <li><a href="https://github.com/golang/net/commit/350aad2603e57013fafb1a9e2089a382fe67dc80"><code>350aad2</code></a> quic: correctly extend peer's flow control window after MAX_DATA</li> <li><a href="https://github.com/golang/net/commit/21814e71db756f39b69fb1a3e06350fa555a79b1"><code>21814e7</code></a> quic: validate connection id transport parameters</li> <li><a href="https://github.com/golang/net/commit/a600b3518eed7a9a4e24380b4b249cb986d9b64d"><code>a600b35</code></a> quic: avoid redundant MAX_DATA updates</li> <li><a href="https://github.com/golang/net/commit/ea633599b58dc6a50d33c7f5438edfaa8bc313df"><code>ea63359</code></a> http2: check stream body is present on read timeout</li> <li><a href="https://github.com/golang/net/commit/ddd8598e5694aa5e966e44573a53e895f6fa5eb2"><code>ddd8598</code></a> quic: version negotiation</li> <li>Additional commits viewable in <a href="https://github.com/golang/net/compare/v0.15.0...v0.17.0">compare view</a></li> </ul> </details> Updates `modernc.org/sqlite` from 1.26.0 to 1.27.0 <details> <summary>Commits</summary> <ul> <li><a href="https://gitlab.com/cznic/sqlite/commit/a8c3eea199bc8fdc39391d5d261eaa3577566050"><code>a8c3eea</code></a> update dependencies</li> <li><a href="https://gitlab.com/cznic/sqlite/commit/46bf234809b0dde5a49108495c1ba96f4d8ea6f1"><code>46bf234</code></a> Merge branch 'master' into 'master'</li> <li><a href="https://gitlab.com/cznic/sqlite/commit/e1849f31006c080981a98781424ad91c0f2d26fc"><code>e1849f3</code></a> Add capi_linux_ppc64le.go to fix ppc64le build</li> <li>See full diff in <a href="https://gitlab.com/cznic/sqlite/compare/v1.26.0...v1.27.0">compare view</a></li> </ul> </details> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> --- 🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.