Closed dependabot[bot] closed 6 months ago
VIOLATION DESCRIPTION | NUMBER OF VIOLATIONS |
---|---|
HIGH/CRITICAL SECURITY VULNERABILITIES | 0 |
MAJOR UPDATES AVAILABLE | 0 |
LICENSE REQUIRES REVIEW | 0 |
LICENSE RISK HIGH | 7 |
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY | 0 |
Superseded by #207.
Bumps the go_modules group group with 5 updates:
3.0.1
3.0.3
2.0.16
2.0.21
1.31.0
1.33.0
2.6.1
2.6.3
3.12.3
3.14.3
Updates
github.com/go-jose/go-jose/v3
from 3.0.1 to 3.0.3Release notes
Sourced from github.com/go-jose/go-jose/v3's releases.
Changelog
Sourced from github.com/go-jose/go-jose/v3's changelog.
Commits
add6a28
v3: backport decompression limit fix (#107)11bb4e7
doc: in v3 branch's README, point to v4 as latest (#101)863f73b
v3.0.2: Update changelog (#95)bdbc794
Update golang.org/x/crypto to v0.19 (backport) (#94)25bce79
Updated go-jose v3.0.0 to v3.0.1 in jose-util (#70)aa386df
jwe/CompactSerialize: improve performance. (#67)053c9bf
DecryptMulti: handle decompression error (#19)ca9011b
Bump go version to 1.21.4 to satisfy govulncheck (#68)c8399df
Revert pull request #10 (multiple audiences) (#24)ec819e9
Add a security.md doc for contacting us about potential security vulnerabilit...Updates
github.com/lestrrat-go/jwx/v2
from 2.0.16 to 2.0.21Release notes
Sourced from github.com/lestrrat-go/jwx/v2's releases.
... (truncated)
Changelog
Sourced from github.com/lestrrat-go/jwx/v2's changelog.
... (truncated)
Commits
611d914
Merge pull request #1091 from lestrrat-go/develop/v2551073b
fix keyset suboption documentation (#1090)cdfaccf
silence linter17e2da9
Update Changesd43f2ce
Merge pull request from GHSA-hj3v-m684-v259778ed27
Bump golang.org/x/crypto from 0.19.0 to 0.21.0 (#1086)38d258e
Bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#1084)ffcb990
Update httprc to v1.0.5 (#1088)c3b3a17
Merge branch 'develop/v2' into v2ace7a77
Update ChangesUpdates
google.golang.org/protobuf
from 1.31.0 to 1.33.0Updates
gopkg.in/go-jose/go-jose.v2
from 2.6.1 to 2.6.3Updates
helm.sh/helm/v3
from 3.12.3 to 3.14.3Release notes
Sourced from helm.sh/helm/v3's releases.
... (truncated)
Commits
f03cc04
Add a note about --dry-run displaying secrets1a7330f
add error messagesd6acc00
Fix: Ignore alias validation error for index loadb2738fb
chore(deps): bump github.com/containerd/containerd from 1.7.11 to 1.7.125b0847e
chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.5.0 to 1.5.27e18c39
Update architecture detection methodc309b6f
Some fixese8858f8
validation fix3fc9f4b
Improve release action69dcc92
bump version toDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show