search

yunginnanet / prox5

🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋
https://git.tcp.direct/kayos/prox5
MIT License
72 stars 6 forks source link

Chore(deps): Bump github.com/refraction-networking/utls from 1.6.0 to 1.6.3 #125

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 6 months ago

Bumps github.com/refraction-networking/utls from 1.6.0 to 1.6.3.

Release notes

Sourced from github.com/refraction-networking/utls's releases.

v1.6.3 Cryptographically Secured Shuffle

Don't panic! This does not cause any significant security concern, since modern platforms are doing fine with limited randomness from math/rand. This patch is for some much restrictive platforms such as WebAssembly.

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.2...v1.6.3

v1.6.2 Dependency and Upstream Update

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.1...v1.6.2

v1.6.1 Hotfix: kyberslash2

Security Warning

This is a security update fixing kyberslash2, a timing side-channel attack against CIRCL library used by uTLS.

What's Changed

Full Changelog: https://github.com/refraction-networking/utls/compare/v1.6.0...v1.6.1

Commits
  • 3d4788c security: crypto/rand ShuffleChromeTLSExtensions (#286)
  • d2768e4 ⬆️ sync: merge changes from golang/go@1.22 release branch (#280)
  • 5796f97 🚑 fix: code broken after merging
  • 8680818 ➖ update: remove unused boring files
  • 36f1f79 ⚠️ deprecate: weak ciphers
  • bd8fe35 🔀 update: Merge 'upstream:release-branch.go1.22'
  • c209e4b deps: bump all deps to latest (#279)
  • 8b9a63f build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 (#277)
  • 42e79cb feat: parse GREASE ECH from raw (#276)
  • f8beb04 build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#273)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 6 months ago

GPT summary of 12b40359f2d5bdaa0b4285cff103cf484fb86bc1:

Error: couldn't generate summary

PR summary so far:

Error: couldn't generate summary

codecov[bot] commented 6 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 57.23%. Comparing base (6d26789) to head (1bf1385).

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #125 +/- ## ========================================== + Coverage 54.76% 57.23% +2.47% ========================================== Files 18 18 Lines 1333 1333 ========================================== + Hits 730 763 +33 + Misses 548 518 -30 + Partials 55 52 -3 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

dependabot[bot] commented 5 months ago

Superseded by #134.