fix(deps): update module golang.org/x/image to v0.18.0 [security]

tidbyt / pixlet

Build apps for pixel-based displays ✨

https://tidbyt.com

Apache License 2.0

756 stars 107 forks source link

fix(deps): update module golang.org/x/image to v0.18.0 [security] #1079

Closed renovate[bot] closed 2 months ago

renovate[bot] commented 2 months ago

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
golang.org/x/image	`v0.15.0` -> `v0.18.0`

GitHub Vulnerability Alerts

CVE-2024-24792

Parsing a corrupt or malicious image with invalid color indices can cause a panic.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

renovate[bot] commented 2 months ago

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

6 additional dependencies were updated

Details:

Package	Change
`golang.org/x/text`	`v0.14.0` -> `v0.16.0`
`golang.org/x/crypto`	`v0.21.0` -> `v0.23.0`
`golang.org/x/mod`	`v0.16.0` -> `v0.17.0`
`golang.org/x/net`	`v0.22.0` -> `v0.25.0`
`golang.org/x/sys`	`v0.18.0` -> `v0.20.0`
`golang.org/x/tools`	`v0.19.0` -> `v0.21.1-0.20240508182429-e35e4ccd0d2d`