{"id":7927,"name":"github.com/gorilla/csrf","ecosystem":"go","repository_url":"https://github.com/gorilla/csrf","issues_count":77,"created_at":"2025-06-06T22:15:53.222Z","updated_at":"2025-06-06T22:15:53.222Z","purl":"pkg:golang/github.com/gorilla/csrf","metadata":{"id":3494159,"name":"github.com/gorilla/csrf","ecosystem":"go","description":"Package csrf (gorilla/csrf) provides Cross Site Request Forgery (CSRF)\nprevention middleware for Go web applications \u0026 services.\n\nIt includes:\n\n* The `csrf.Protect` middleware/handler provides CSRF protection on routes\nattached to a router or a sub-router.\n\n* A `csrf.Token` function that provides the token to pass into your response,\nwhether that be a HTML form or a JSON response body.\n\n* ... and a `csrf.TemplateField` helper that you can pass into your `html/template`\ntemplates to replace a `{{ .csrfField }}` template tag with a hidden input\nfield.\n\ngorilla/csrf is easy to use: add the middleware to individual handlers with\nthe below:\n\n... and then collect the token with `csrf.Token(r)` before passing it to the\ntemplate, JSON body or HTTP header (you pick!). gorilla/csrf inspects the form body\n(first) and HTTP headers (second) on subsequent POST/PUT/PATCH/DELETE/etc. requests\nfor the token.\n\nNote that the authentication key passed to `csrf.Protect([]byte(key))` should be\n32-bytes long and persist across application restarts. Generating a random key\nwon't allow you to authenticate existing cookies and will break your CSRF\nvalidation.\n\nHere's the common use-case: HTML forms you want to provide CSRF protection for,\nin order to protect malicious POST requests being made:\n\nNote that the CSRF middleware will (by necessity) consume the request body if the\ntoken is passed via POST form values. If you need to consume this in your\nhandler, insert your own middleware earlier in the chain to capture the request\nbody.\n\nYou can also send the CSRF token in the response header. This approach is useful\nif you're using a front-end JavaScript framework like Ember or Angular, or are\nproviding a JSON API:\n\nIf you're writing a client that's supposed to mimic browser behavior, make sure to\nsend back the CSRF cookie (the default name is _gorilla_csrf, but this can be changed\nwith the CookieName Option) along with either the X-CSRF-Token header or the gorilla.csrf.Token form field.\n\nIn addition: getting CSRF protection right is important, so here's some background:\n\n* This library generates unique-per-request (masked) tokens as a mitigation\nagainst the BREACH attack (http://breachattack.com/).\n\n* The 'base' (unmasked) token is stored in the session, which means that\nmultiple browser tabs won't cause a user problems as their per-request token\nis compared with the base token.\n\n* Operates on a \"whitelist only\" approach where safe (non-mutating) HTTP methods\n(GET, HEAD, OPTIONS, TRACE) are the *only* methods where token validation is not\nenforced.\n\n* The design is based on the battle-tested Django\n(https://docs.djangoproject.com/en/1.8/ref/csrf/) and Ruby on Rails\n(http://api.rubyonrails.org/classes/ActionController/RequestForgeryProtection.html)\napproaches.\n\n* Cookies are authenticated and based on the securecookie\n(https://github.com/gorilla/securecookie) library. They're also Secure (issued\nover HTTPS only) and are HttpOnly by default, because sane defaults are\nimportant.\n\n* Go's `crypto/rand` library is used to generate the 32 byte (256 bit) tokens\nand the one-time-pad used for masking them.\n\nThis library does not seek to be adventurous.","homepage":"https://github.com/gorilla/csrf","licenses":"BSD-3-Clause","normalized_licenses":["BSD-3-Clause"],"repository_url":"https://github.com/gorilla/csrf","keywords_array":[],"namespace":"github.com/gorilla","versions_count":10,"first_release_published_at":"2015-08-05T05:46:41.000Z","latest_release_published_at":"2025-01-23T20:14:50.000Z","latest_release_number":"v1.7.3","last_synced_at":"2025-06-06T17:31:04.167Z","created_at":"2022-04-10T19:22:35.350Z","updated_at":"2025-06-06T17:31:04.167Z","registry_url":"https://pkg.go.dev/github.com/gorilla/csrf","install_command":"go get github.com/gorilla/csrf","documentation_url":"https://pkg.go.dev/github.com/gorilla/csrf#section-documentation","metadata":{},"repo_metadata":{"uuid":"40097643","full_name":"gorilla/csrf","owner":"gorilla","description":"gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications \u0026 services 🔒","archived":true,"fork":false,"pushed_at":"2022-12-09T16:10:23.000Z","size":144,"stargazers_count":872,"open_issues_count":2,"forks_count":147,"subscribers_count":24,"default_branch":"master","last_synced_at":"2023-03-13T14:15:54.596Z","etag":null,"topics":["csrf","csrf-protection","csrf-tokens","golang","gorilla","middleware","security","xsrf"],"latest_commit_sha":null,"homepage":"https://github.com/gorilla/csrf","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"logo_url":null,"metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-08-03T00:35:16.000Z","updated_at":"2023-03-13T09:19:22.000Z","dependencies_parsed_at":"2023-01-16T06:57:38.495Z","dependency_job_id":null,"html_url":"https://github.com/gorilla/csrf","commit_stats":null,"repository_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorilla%2Fcsrf","tags_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorilla%2Fcsrf/tags","manifests_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorilla%2Fcsrf/manifests","owner_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gorilla","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":108921946,"host_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names"},"owner_record":{"login":"gorilla","name":"Gorilla Web Toolkit","uuid":"489566","kind":"organization","description":"Gorilla is a web toolkit for the Go programming language that provides useful, composable packages for writing HTTP-based applications.","email":"gorilla-maintainers@googlegroups.com","website":"https://www.gorillatoolkit.org","location":"The World","twitter":null,"company":null,"avatar_url":"https://avatars.githubusercontent.com/u/489566?v=4","repositories_count":17,"last_synced_at":"2023-02-17T11:05:12.247Z","metadata":{"has_sponsors_listing":false},"owner_url":"http://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gorilla"},"tags":[{"name":"v1.7.1","sha":"b69cbb30a1ca62a91c30fc52f16a3cb24a73a8f7","kind":"commit","published_at":"2021-07-29T15:50:12.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.7.1","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.7.1"},{"name":"v1.7.0","sha":"79c60d0e4fcf1fbc9653c1cb13d28e82248cf43c","kind":"commit","published_at":"2020-04-26T17:13:33.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.7.0","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.7.0"},{"name":"v1.6.2","sha":"4b50158aba1b9683db9b198ddc61436713e778f8","kind":"commit","published_at":"2019-10-08T02:23:26.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.6.2","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.6.2"},{"name":"v1.6.1","sha":"7b29b05df5ae7dc777b92fab3dadee1b15d15ed6","kind":"commit","published_at":"2019-08-26T00:41:49.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.6.1","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.6.1"},{"name":"v1.6.0","sha":"38c9e4619f0d5d8ff3fb574fc6260901f2495776","kind":"commit","published_at":"2019-06-26T01:18:22.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.6.0","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.6.0"},{"name":"v1.5.1","sha":"05b4a732b984ec326cac085631060968d4706b17","kind":"commit","published_at":"2018-05-22T06:16:36.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.5.1","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.5.1"},{"name":"v1.5","sha":"69581736821c33d85bbf378f42f6ad864dbd85de","kind":"commit","published_at":"2016-11-22T16:45:00.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.5","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.5"},{"name":"v1.4","sha":"50eb875b7d37289a5819742f0d60fa5c890fced9","kind":"commit","published_at":"2016-06-02T03:51:45.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.4","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.4"},{"name":"v1.3","sha":"fc3cfc6210838ea7c21d7c9d4f830730deda6fd0","kind":"tag","published_at":"2016-02-24T15:26:20.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.3","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.3"},{"name":"v1.2","sha":"5af6691526738a5d3e55fb49651ff9a2e03e8710","kind":"commit","published_at":"2015-11-30T01:45:03.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.2","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.2"},{"name":"v1.1","sha":"df1d6a272dddb65f6dfc805f029de2dae3311796","kind":"tag","published_at":"2015-10-19T22:37:49.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.1","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.1"},{"name":"v1.0.2","sha":"745311847bda93768d57a9dfdcfdcc3d7d01cba7","kind":"tag","published_at":"2015-08-26T04:59:30.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.0.2","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.0.2"},{"name":"v1.0.1","sha":"75d51aac176500faacff469dd2fa73c279a34b53","kind":"tag","published_at":"2015-08-05T05:47:04.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.0.1","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.0.1"},{"name":"v1.0","sha":"cbe8b01f8e76bab1292d173495185d3e137cf82c","kind":"tag","published_at":"2015-08-05T04:26:37.000Z","download_url":"https://codeload.github.com/gorilla/csrf/tar.gz/v1.0","html_url":"https://github.com/gorilla/csrf/releases/tag/v1.0"}]},"repo_metadata_updated_at":"2023-03-21T18:38:20.708Z","dependent_packages_count":384,"downloads":null,"downloads_period":null,"dependent_repos_count":2067,"rankings":{"downloads":null,"dependent_repos_count":0.1807226415799018,"dependent_packages_count":0.20791810204475267,"stargazers_count":2.088382245534825,"forks_count":2.2198199618842898,"docker_downloads_count":0.3375840847881748,"average":1.0068854071663889},"purl":"pkg:golang/github.com/gorilla/csrf","advisories":[{"uuid":"GSA_kwCzR0hTQS1ycTc3LXA0aDgtNGNyd84ABGvu","url":"https://github.com/advisories/GHSA-rq77-p4h8-4crw","title":"gorilla/csrf CSRF vulnerability due to broken Referer validation","description":"### Summary\n\ngorilla/csrf is vulnerable to CSRF via form submission from origins that share a top level domain with the target origin.\n\n### Details\n\ngorilla/csrf does not validate the Origin header against an allowlist. Its executes its validation of the Referer header for cross-origin requests only when it believes the request is being served over TLS. It determines this by inspecting the `r.URL.Scheme` value. However, this value is never populated for \"server\" requests [per the Go spec](https://pkg.go.dev/net/http#Request), and so this check does not run in practice. \n```\n\t// URL specifies either the URI being requested (for server\n\t// requests) or the URL to access (for client requests).\n\t//\n\t// For server requests, the URL is parsed from the URI\n\t// supplied on the Request-Line as stored in RequestURI.  For\n\t// most requests, fields other than Path and RawQuery will be\n\t// empty. (See [RFC 7230, Section 5.3](https://rfc-editor.org/rfc/rfc7230.html#section-5.3))\n\t//\n\t// For client requests, the URL's Host specifies the server to\n\t// connect to, while the Request's Host field optionally\n\t// specifies the Host header value to send in the HTTP\n\t// request.\n\tURL *[url](https://pkg.go.dev/net/url).[URL](https://pkg.go.dev/net/url#URL)\n```\n\n### PoC\n\n- create trusted origin `target.example.test` protected with gorilla/csrf and served over TLS hosting form on `/submit`\n- create attacker origin `attack.example.test` served over TLS\n- attacker exfiltrates token \u0026 cookie combination from `target.example.test` \n- attacker sets exfiltrated cookie with `domain=.example.test and path=/submit`\n  - as the cookie has a more specific path than `/` (the default for CSRF cookies) it will be sent first by the browser on submit to our target origin\n- submit form from `attack.example.test` with exfiltrated CSRF form token\n- observe valid form submission as `attack.example.test` Origin / Referer headers are not validated. \n\n### Impact\n\nThis vulnerability allows an attacker who has gained XSS on a subdomain or top level domain to perform authenticated form submissions against gorilla/csrf protected targets that share the same top level domain.\n\nThis bug has existed in gorilla/csrf since its initial release in 2015.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2025-04-14T15:26:07.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.4,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P","references":["https://github.com/gorilla/csrf/security/advisories/GHSA-rq77-p4h8-4crw","https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb","https://nvd.nist.gov/vuln/detail/CVE-2025-24358","https://pkg.go.dev/vuln/GO-2025-3607","https://lists.debian.org/debian-lts-announce/2025/05/msg00002.html","https://github.com/advisories/GHSA-rq77-p4h8-4crw"],"source_kind":"github","identifiers":["GHSA-rq77-p4h8-4crw","CVE-2025-24358"],"repository_url":"https://github.com/gorilla/csrf","blast_radius":17.902838573787356,"packages":[{"versions":[{"first_patched_version":"1.7.3","vulnerable_version_range":"\u003c 1.7.3"}],"ecosystem":"go","package_name":"github.com/gorilla/csrf"}],"created_at":"2025-04-14T16:08:46.999Z","updated_at":"2025-05-16T01:08:41.489Z","epss_percentage":0.0001,"epss_percentile":0.00728}],"docker_usage_url":"https://docker.ecosyste.ms/usage/go/github.com/gorilla/csrf","docker_dependents_count":127,"docker_downloads_count":73701561,"usage_url":"https://repos.ecosyste.ms/usage/go/github.com/gorilla/csrf","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/go/github.com/gorilla/csrf/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgorilla%2Fcsrf/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgorilla%2Fcsrf/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgorilla%2Fcsrf/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages/github.com%2Fgorilla%2Fcsrf/related_packages","maintainers":[],"registry":{"name":"proxy.golang.org","url":"https://proxy.golang.org","ecosystem":"go","default":true,"packages_count":1886302,"maintainers_count":0,"namespaces_count":723964,"keywords_count":98339,"github":"golang","metadata":{"funded_packages_count":39348},"icon_url":"https://github.com/golang.png","created_at":"2022-04-04T15:19:22.939Z","updated_at":"2025-06-07T05:37:05.003Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/proxy.golang.org/namespaces"}},"unique_repositories_count":49,"unique_repositories_count_past_30_days":0,"recent_issues":[{"uuid":"3772897389","node_id":"PR_kwDOQxs4XM67HFUP","number":9,"state":"open","title":"chore(deps): bump github.com/gorilla/csrf from 1.7.1 to 1.7.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-31T14:07:02.000Z","updated_at":"2025-12-31T16:00:49.952Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.1","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.1 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.1\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/10XScale-in/zitadel/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/10XScale-in%2Fzitadel/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"3732197642","node_id":"PR_kwDOFqmHs865BG49","number":886,"state":"closed","title":"chore(deps): bump the go-updates group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-01-16T23:03:23.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-15T21:30:26.000Z","updated_at":"2026-01-16T23:03:25.000Z","time_to_close":2770377,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"go-updates","update_count":19,"packages":[{"name":"github.com/awnumar/memguard","old_version":"0.22.5","new_version":"0.23.0","repository_url":"https://github.com/awnumar/memguard"},{"name":"github.com/aws/aws-sdk-go-v2","old_version":"1.21.2","new_version":"1.40.1","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/aws/aws-sdk-go-v2/config","old_version":"1.18.45","new_version":"1.32.3","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/aws/aws-sdk-go-v2/service/secretsmanager","old_version":"1.19.8","new_version":"1.40.3","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/aws/aws-sdk-go-v2/service/ses","old_version":"1.16.4","new_version":"1.34.15","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/btcsuite/btcd","old_version":"0.24.2","new_version":"0.25.0","repository_url":"https://github.com/btcsuite/btcd"},{"name":"github.com/btcsuite/btcd/btcec/v2","old_version":"2.3.5","new_version":"2.3.6","repository_url":"https://github.com/btcsuite/btcd"},{"name":"github.com/btcsuite/btcd/btcutil","old_version":"1.1.5","new_version":"1.1.6","repository_url":"https://github.com/btcsuite/btcd"},{"name":"github.com/decred/dcrd/dcrec/secp256k1/v4","old_version":"4.2.0","new_version":"4.4.0","repository_url":"https://github.com/decred/dcrd"},{"name":"github.com/ethereum/go-ethereum","old_version":"1.14.13","new_version":"1.16.7","repository_url":"https://github.com/ethereum/go-ethereum"},{"name":"github.com/go-playground/validator/v10","old_version":"10.26.0","new_version":"10.28.0","repository_url":"https://github.com/go-playground/validator"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/prometheus/client_golang","old_version":"1.22.0","new_version":"1.23.2","repository_url":"https://github.com/prometheus/client_golang"},{"name":"go.mongodb.org/mongo-driver","old_version":"1.17.4","new_version":"1.17.6","repository_url":"https://github.com/mongodb/mongo-go-driver"}],"path":null,"ecosystem":"go"},"body":"Bumps the go-updates group with 14 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/awnumar/memguard](https://github.com/awnumar/memguard) | `0.22.5` | `0.23.0` |\n| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.21.2` | `1.40.1` |\n| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.18.45` | `1.32.3` |\n| [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) | `1.19.8` | `1.40.3` |\n| [github.com/aws/aws-sdk-go-v2/service/ses](https://github.com/aws/aws-sdk-go-v2) | `1.16.4` | `1.34.15` |\n| [github.com/btcsuite/btcd](https://github.com/btcsuite/btcd) | `0.24.2` | `0.25.0` |\n| [github.com/btcsuite/btcd/btcec/v2](https://github.com/btcsuite/btcd) | `2.3.5` | `2.3.6` |\n| [github.com/btcsuite/btcd/btcutil](https://github.com/btcsuite/btcd) | `1.1.5` | `1.1.6` |\n| [github.com/decred/dcrd/dcrec/secp256k1/v4](https://github.com/decred/dcrd) | `4.2.0` | `4.4.0` |\n| [github.com/ethereum/go-ethereum](https://github.com/ethereum/go-ethereum) | `1.14.13` | `1.16.7` |\n| [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.26.0` | `10.28.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.22.0` | `1.23.2` |\n| [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) | `1.17.4` | `1.17.6` |\n\n\nUpdates `github.com/awnumar/memguard` from 0.22.5 to 0.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/awnumar/memguard/releases\"\u003egithub.com/awnumar/memguard's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove concurrent test; replace depreciated Slice conversion by \u003ca href=\"https://github.com/awnumar\"\u003e\u003ccode\u003e@​awnumar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/172\"\u003eawnumar/memguard#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumping minor version since last release upgraded Go version in \u003ccode\u003ego.mod\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/awnumar/memguard/compare/v0.22.6...v0.23.0\"\u003ehttps://github.com/awnumar/memguard/compare/v0.22.6...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.22.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Github Actions pipelines by \u003ca href=\"https://github.com/awnumar\"\u003e\u003ccode\u003e@​awnumar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/168\"\u003eawnumar/memguard#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprovements to concurrency issues, addition of test \u003ca href=\"https://github.com/hydrogen18\"\u003e\u003ccode\u003e@​hydrogen18\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/167\"\u003eawnumar/memguard#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ego: update dependencies by \u003ca href=\"https://github.com/yznima\"\u003e\u003ccode\u003e@​yznima\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/171\"\u003eawnumar/memguard#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/awnumar/memguard/compare/v0.22.5...v0.22.6\"\u003ehttps://github.com/awnumar/memguard/compare/v0.22.5...v0.22.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/b28f39516a01241560455fbd11ecb573706cd4a7\"\u003e\u003ccode\u003eb28f395\u003c/code\u003e\u003c/a\u003e Improve concurrent test; replace depreciated Slice conversion (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/b6e6daefecc9e6d35dba0de05cda9523d5376119\"\u003e\u003ccode\u003eb6e6dae\u003c/code\u003e\u003c/a\u003e Delete .cirrus.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/195f0b6e9cd09ac3881c4fb93174aecd85cd196b\"\u003e\u003ccode\u003e195f0b6\u003c/code\u003e\u003c/a\u003e go: update dependencies (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/3152cda6d138dca44a45a0d06aa445cb2630e487\"\u003e\u003ccode\u003e3152cda\u003c/code\u003e\u003c/a\u003e Fix concurrency issues leading to panic in Coffer (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/7d0d55fface1b80101b43301166efa821111aa63\"\u003e\u003ccode\u003e7d0d55f\u003c/code\u003e\u003c/a\u003e Update status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/5a37a300739b80d4bb4e23aa1241f081e6a82a59\"\u003e\u003ccode\u003e5a37a30\u003c/code\u003e\u003c/a\u003e Add Github Actions pipelines (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/0756fbecf50e2d736906eb6baf5117e28c4433b3\"\u003e\u003ccode\u003e0756fbe\u003c/code\u003e\u003c/a\u003e Remove mention of finalizer from readme as it has been removed for the time b...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/d212cd14e98248ee6db8843c47cfeb622d48af39\"\u003e\u003ccode\u003ed212cd1\u003c/code\u003e\u003c/a\u003e Removes unneeded echo in .cirrus.yml CI script (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/awnumar/memguard/compare/v0.22.5...v0.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2` from 1.21.2 to 1.40.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/09a58172d9d7ad6f73a123b02d7e84c5c4a155f7\"\u003e\u003ccode\u003e09a5817\u003c/code\u003e\u003c/a\u003e Release 2025-12-02\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/58d1759452a64b5cebc3af72b0d20e0d0f4c1206\"\u003e\u003ccode\u003e58d1759\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/16ba34ea62c08755b0f9e515e49d91a4ec0a228a\"\u003e\u003ccode\u003e16ba34e\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/7873bf423b63068375552b96d515d4e4fe3b4b64\"\u003e\u003ccode\u003e7873bf4\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/9b55b02d1957debcdc49350d1e805ef35b6aebf0\"\u003e\u003ccode\u003e9b55b02\u003c/code\u003e\u003c/a\u003e bump smithy-go to v1.24.0 (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3242\"\u003e#3242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d8b017901ff4fdde54fcb11a2cc2eb96f5250fd4\"\u003e\u003ccode\u003ed8b0179\u003c/code\u003e\u003c/a\u003e Release 2025-12-01\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/e4405f01c3d6d2b9ae5ba8a2a09556ae53d5f8f2\"\u003e\u003ccode\u003ee4405f0\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/65d08b0cedc6076d337c9a733e0a103446ed2e7b\"\u003e\u003ccode\u003e65d08b0\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/f6cc036f3712a3bc31b7a8120d26455bd6fa15ea\"\u003e\u003ccode\u003ef6cc036\u003c/code\u003e\u003c/a\u003e Release 2025-11-26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/deb353f714c36d8c29020007df481749e45f38bb\"\u003e\u003ccode\u003edeb353f\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/v1.21.2...v1.40.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2/config` from 1.18.45 to 1.32.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/6b53348f842f4747905a742670a787eb1814ee20\"\u003e\u003ccode\u003e6b53348\u003c/code\u003e\u003c/a\u003e Release 2024-10-28\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/784d2d39b08ca3603afb05b6795f5026923c5326\"\u003e\u003ccode\u003e784d2d3\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/7258bd236c19b10b42c66c81184aaf6a340cb65d\"\u003e\u003ccode\u003e7258bd2\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/f322198c047da98d4adc5d828c23044708683bfe\"\u003e\u003ccode\u003ef322198\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/b65b80a89b4ec4dd531648025227300157c53864\"\u003e\u003ccode\u003eb65b80a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/2852\"\u003e#2852\u003c/a\u003e from RanVaknin/signature-header-parsing-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/803614d34f44ac114759b8c1decc393bd14db55a\"\u003e\u003ccode\u003e803614d\u003c/code\u003e\u003c/a\u003e Fixing changelog description and implementation to use TrimSpace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/b12c8cf885a2aae18cce0b8530f1cf610ff5f11a\"\u003e\u003ccode\u003eb12c8cf\u003c/code\u003e\u003c/a\u003e adding changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/f0caa97e8667ce9c31ecc78c08b5ca9a7af96634\"\u003e\u003ccode\u003ef0caa97\u003c/code\u003e\u003c/a\u003e patching GetSignedRequestSignature to cover edge cases with the signature\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/e05890387eb6dab53906151aec09eba22721ac6d\"\u003e\u003ccode\u003ee058903\u003c/code\u003e\u003c/a\u003e drop service/nimble (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/2851\"\u003e#2851\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/896793a6822d2cec6f6348cb65a09cb32a6ee834\"\u003e\u003ccode\u003e896793a\u003c/code\u003e\u003c/a\u003e Release 2024-10-25\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.45...v1.32.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2/service/secretsmanager` from 1.19.8 to 1.40.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/640b80872b2c49ad5227a4738e15e4189be4863c\"\u003e\u003ccode\u003e640b808\u003c/code\u003e\u003c/a\u003e Release 2025-08-29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/657a6e8806831b48766e05f1d9c48b0055b19ebc\"\u003e\u003ccode\u003e657a6e8\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/34a91bb5d2f6f196769403d5bde31d2725fd28a9\"\u003e\u003ccode\u003e34a91bb\u003c/code\u003e\u003c/a\u003e Update partitions file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/09f5a9cb4b1bbda70e3b22599419a610337aeef2\"\u003e\u003ccode\u003e09f5a9c\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/fff96ca569dd096eb8575d825e466dd55ed3d6f6\"\u003e\u003ccode\u003efff96ca\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d46f566c13121695d4b22c7964ed7e828d6ae68b\"\u003e\u003ccode\u003ed46f566\u003c/code\u003e\u003c/a\u003e deprecate service/sms (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3176\"\u003e#3176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/de16d4dc63c5182058b073ebd509688f42c95a15\"\u003e\u003ccode\u003ede16d4d\u003c/code\u003e\u003c/a\u003e Release 2025-08-28\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d6b83a81af56f06d0ed9edb93aad79ed6313cd51\"\u003e\u003ccode\u003ed6b83a8\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/b0f9cb7f784d4a0c67b9a3383bb1c469b3ebaf07\"\u003e\u003ccode\u003eb0f9cb7\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/822549143c11023d454d8af9e6d75bf8cc834a54\"\u003e\u003ccode\u003e8225491\u003c/code\u003e\u003c/a\u003e Release 2025-08-27\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/service/m2/v1.19.8...service/efs/v1.40.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2/service/ses` from 1.16.4 to 1.34.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/34ec0a43cbf69475be3bbbb6329c49687cc018df\"\u003e\u003ccode\u003e34ec0a4\u003c/code\u003e\u003c/a\u003e Release 2025-11-25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/540441aa03ecb2b3b2b2f1eab1b71661b0ae2481\"\u003e\u003ccode\u003e540441a\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/9869a2b39a8edb77fc98e0fc70d9bb059c6534a5\"\u003e\u003ccode\u003e9869a2b\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/a6b38c167b9ce07461c4f0af81be087055267121\"\u003e\u003ccode\u003ea6b38c1\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/3953a0d499bf4a96a11e3377af3e5291831eed6c\"\u003e\u003ccode\u003e3953a0d\u003c/code\u003e\u003c/a\u003e add explicit message deser to all s3 errors (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3237\"\u003e#3237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/e7eec69683d04dbab33314fb6de43f8a43684163\"\u003e\u003ccode\u003ee7eec69\u003c/code\u003e\u003c/a\u003e Fix panic during auth scheme resolution due to region validation (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3235\"\u003e#3235\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d68b3a05c22b3bde751da6bb70e6fe01fd02407f\"\u003e\u003ccode\u003ed68b3a0\u003c/code\u003e\u003c/a\u003e Release 2025-11-24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/292a19869df57271d51b382018591d71f09f72d3\"\u003e\u003ccode\u003e292a198\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/dfeabc64ff80e2ee65951eb84d616072c8cd4b60\"\u003e\u003ccode\u003edfeabc6\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/a7a1be5d2c14e9270e927654b63272fdfbee1aa6\"\u003e\u003ccode\u003ea7a1be5\u003c/code\u003e\u003c/a\u003e Release 2025-11-21\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/v1.16.4...service/ram/v1.34.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/btcsuite/btcd` from 0.24.2 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/btcsuite/btcd/releases\"\u003egithub.com/btcsuite/btcd's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epsbt: decode keytype as compact size by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2206\"\u003ebtcsuite/btcd#2206\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable the RpcClient to send requests to Bitcoin Core over a Unix socket. by \u003ca href=\"https://github.com/robertmin1\"\u003e\u003ccode\u003e@​robertmin1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2168\"\u003ebtcsuite/btcd#2168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the btcctl uptime command by \u003ca href=\"https://github.com/cec489\"\u003e\u003ccode\u003e@​cec489\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2203\"\u003ebtcsuite/btcd#2203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove \u003ccode\u003eerror\u003c/code\u003e return value for \u003ccode\u003eSignCompact\u003c/code\u003e by \u003ca href=\"https://github.com/zhiqiangxu\"\u003e\u003ccode\u003e@​zhiqiangxu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2211\"\u003ebtcsuite/btcd#2211\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003effldb: close block files by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2208\"\u003ebtcsuite/btcd#2208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix some comments for struct field by \u003ca href=\"https://github.com/linghuying\"\u003e\u003ccode\u003e@​linghuying\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2214\"\u003ebtcsuite/btcd#2214\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emod+rpcserver: bump to latest version of btcec by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2218\"\u003ebtcsuite/btcd#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eblockchain: copy utxo status bytes to avoid UB by \u003ca href=\"https://github.com/Crypt-iQ\"\u003e\u003ccode\u003e@​Crypt-iQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2225\"\u003ebtcsuite/btcd#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated btcd dependency of btcutil to address CVE-2024-34478 by \u003ca href=\"https://github.com/AlexsandroRyan\"\u003e\u003ccode\u003e@​AlexsandroRyan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2235\"\u003ebtcsuite/btcd#2235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewire: check TXID length before creating outpoint by \u003ca href=\"https://github.com/jharveyb\"\u003e\u003ccode\u003e@​jharveyb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2233\"\u003ebtcsuite/btcd#2233\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebugfix: check if both begin and end are numbers in \u003ccode\u003eUnmarshalJSON\u003c/code\u003e by \u003ca href=\"https://github.com/brunoerg\"\u003e\u003ccode\u003e@​brunoerg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2242\"\u003ebtcsuite/btcd#2242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpcclient: signet support by \u003ca href=\"https://github.com/wydengyre\"\u003e\u003ccode\u003e@​wydengyre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2230\"\u003ebtcsuite/btcd#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebtcjson: turn warnings into StringOrArray type by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2245\"\u003ebtcsuite/btcd#2245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFormatting code with gofmt by \u003ca href=\"https://github.com/huochexizhan\"\u003e\u003ccode\u003e@​huochexizhan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2255\"\u003ebtcsuite/btcd#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix some comments by \u003ca href=\"https://github.com/lencap\"\u003e\u003ccode\u003e@​lencap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2228\"\u003ebtcsuite/btcd#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos by \u003ca href=\"https://github.com/omahs\"\u003e\u003ccode\u003e@​omahs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2220\"\u003ebtcsuite/btcd#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct the typos [skip ci] by \u003ca href=\"https://github.com/threewebcode\"\u003e\u003ccode\u003e@​threewebcode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2093\"\u003ebtcsuite/btcd#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect link to redirect to btcutil docs by \u003ca href=\"https://github.com/sanrinconr\"\u003e\u003ccode\u003e@​sanrinconr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/1873\"\u003ebtcsuite/btcd#1873\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edelete minor unreachable code caused by t.Fatal by \u003ca href=\"https://github.com/Abirdcfly\"\u003e\u003ccode\u003e@​Abirdcfly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/1875\"\u003ebtcsuite/btcd#1875\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpcclient: add timeout to http request. by \u003ca href=\"https://github.com/ziggie1984\"\u003e\u003ccode\u003e@​ziggie1984\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2256\"\u003ebtcsuite/btcd#2256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for wtxidrelay message. by \u003ca href=\"https://github.com/marcopeereboom\"\u003e\u003ccode\u003e@​marcopeereboom\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2272\"\u003ebtcsuite/btcd#2272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emain: add flag to write execution traces by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2223\"\u003ebtcsuite/btcd#2223\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewire, peer: fix broken ibd by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2281\"\u003ebtcsuite/btcd#2281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix non-root hosts failing on resolving DNS by \u003ca href=\"https://github.com/same-id\"\u003e\u003ccode\u003e@​same-id\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2269\"\u003ebtcsuite/btcd#2269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpctest: make sure to \u003ccode\u003eWaitForShutdown\u003c/code\u003e by \u003ca href=\"https://github.com/yyforyongyu\"\u003e\u003ccode\u003e@​yyforyongyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2277\"\u003ebtcsuite/btcd#2277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpcclient: safe read and write to batch by \u003ca href=\"https://github.com/ynewmann\"\u003e\u003ccode\u003e@​ynewmann\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2273\"\u003ebtcsuite/btcd#2273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emain: add prune documentation to sample-btcd.conf by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2299\"\u003ebtcsuite/btcd#2299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypo-Update register_test.go by \u003ca href=\"https://github.com/romashka-btc\"\u003e\u003ccode\u003e@​romashka-btc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2291\"\u003ebtcsuite/btcd#2291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewire: add bitcoin network magic for default SigNet by \u003ca href=\"https://github.com/starius\"\u003e\u003ccode\u003e@​starius\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2276\"\u003ebtcsuite/btcd#2276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003epsbt: add support for PSBT_GLOBAL_XPUB type by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2296\"\u003ebtcsuite/btcd#2296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump go version by \u003ca href=\"https://github.com/gosunuts\"\u003e\u003ccode\u003e@​gosunuts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2316\"\u003ebtcsuite/btcd#2316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: using slices.Contains to simplify the code by \u003ca href=\"https://github.com/finaltrip\"\u003e\u003ccode\u003e@​finaltrip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2317\"\u003ebtcsuite/btcd#2317\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update license by \u003ca href=\"https://github.com/davidcardenasus\"\u003e\u003ccode\u003e@​davidcardenasus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2303\"\u003ebtcsuite/btcd#2303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egithub: upgrade the CI by \u003ca href=\"https://github.com/yyforyongyu\"\u003e\u003ccode\u003e@​yyforyongyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2331\"\u003ebtcsuite/btcd#2331\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti:use t.TempDir replace os.MkdirTemp to simplify test temp dir manager by \u003ca href=\"https://github.com/petersssong\"\u003e\u003ccode\u003e@​petersssong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2334\"\u003ebtcsuite/btcd#2334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: remove deprecated io/ioutil by \u003ca href=\"https://github.com/argentpapa\"\u003e\u003ccode\u003e@​argentpapa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2336\"\u003ebtcsuite/btcd#2336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update guidelines and links by \u003ca href=\"https://github.com/yyforyongyu\"\u003e\u003ccode\u003e@​yyforyongyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2333\"\u003ebtcsuite/btcd#2333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: implement testnet4 and add support for soft forks that are always active  by \u003ca href=\"https://github.com/Roasbeef\"\u003e\u003ccode\u003e@​Roasbeef\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2339\"\u003ebtcsuite/btcd#2339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enetsync: don't ask for blocks from peers on the same block height by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2304\"\u003ebtcsuite/btcd#2304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: deprecation goacc by \u003ca href=\"https://github.com/petersssong\"\u003e\u003ccode\u003e@​petersssong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2340\"\u003ebtcsuite/btcd#2340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update contribution link by \u003ca href=\"https://github.com/quantix9\"\u003e\u003ccode\u003e@​quantix9\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2348\"\u003ebtcsuite/btcd#2348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: use map.Copy for cleaner map handling by \u003ca href=\"https://github.com/xinhangzhou\"\u003e\u003ccode\u003e@​xinhangzhou\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2343\"\u003ebtcsuite/btcd#2343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003epsbt: check path minimum length by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2352\"\u003ebtcsuite/btcd#2352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edatabase: shut the program down immediately if we run out of disk space by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2358\"\u003ebtcsuite/btcd#2358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: introduce v2transport and implement BIP324 by \u003ca href=\"https://github.com/Crypt-iQ\"\u003e\u003ccode\u003e@​Crypt-iQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2260\"\u003ebtcsuite/btcd#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003epsbt: overflow checks when computing Taproot BIP32 derivation min size by \u003ca href=\"https://github.com/ffranr\"\u003e\u003ccode\u003e@​ffranr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2374\"\u003ebtcsuite/btcd#2374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev2transport: update to btcec v2.3.5, reduce module deps by \u003ca href=\"https://github.com/Roasbeef\"\u003e\u003ccode\u003e@​Roasbeef\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2381\"\u003ebtcsuite/btcd#2381\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e764c170e6a9ec55bc5882b2d2a3302276988a77\"\u003e\u003ccode\u003ee764c17\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2447\"\u003e#2447\u003c/a\u003e from Roasbeef/v-25-branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/798b4ed4a7ccd48ebeef9b25cafeb4ab56ce858f\"\u003e\u003ccode\u003e798b4ed\u003c/code\u003e\u003c/a\u003e build: bump version to v0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/442ef28bcf03797e845c8e957e5cd6d4bffb5764\"\u003e\u003ccode\u003e442ef28\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2443\"\u003e#2443\u003c/a\u003e from sputn1ck/musig2_sign_with_agg_nonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/21eb99e3bc0b4b6e0f948578ed6f1997908c5b16\"\u003e\u003ccode\u003e21eb99e\u003c/code\u003e\u003c/a\u003e musig2: add combinedNonce getter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/8f54cc6edab2d4f9348098c60c2d477c2950bbda\"\u003e\u003ccode\u003e8f54cc6\u003c/code\u003e\u003c/a\u003e musig2: add Session.RegisterCombinedNonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/b7d070601def0f94e3713879b19f1678949a8d68\"\u003e\u003ccode\u003eb7d0706\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2430\"\u003e#2430\u003c/a\u003e from Roasbeef/v-0-25-0-rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/31a762b3f67baa7ebcf357562eba74e5e3a5fb89\"\u003e\u003ccode\u003e31a762b\u003c/code\u003e\u003c/a\u003e build: bump version to v0.25.0-beta.rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e8097a1b044c3c0b3843b2aba377e87eb5fc4f9f\"\u003e\u003ccode\u003ee8097a1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2410\"\u003e#2410\u003c/a\u003e from mohamedawnallah/fallback-to-GOPATH-bin-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/29f421534c8c6c47588c2cc08741df956225e52c\"\u003e\u003ccode\u003e29f4215\u003c/code\u003e\u003c/a\u003e Makefile+workflows: fallback to \u003ccode\u003eGOPATH/bin\u003c/code\u003e on non-existent \u003ccode\u003eGOBIN\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/a4ddae2ba1b6f0cc8fe31e48e50cef018affe670\"\u003e\u003ccode\u003ea4ddae2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2409\"\u003e#2409\u003c/a\u003e from gosunuts/fix/dockerfile-go-version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/btcsuite/btcd/compare/v0.24.2...v0.25.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/btcsuite/btcd/btcec/v2` from 2.3.5 to 2.3.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/442ef28bcf03797e845c8e957e5cd6d4bffb5764\"\u003e\u003ccode\u003e442ef28\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2443\"\u003e#2443\u003c/a\u003e from sputn1ck/musig2_sign_with_agg_nonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/21eb99e3bc0b4b6e0f948578ed6f1997908c5b16\"\u003e\u003ccode\u003e21eb99e\u003c/code\u003e\u003c/a\u003e musig2: add combinedNonce getter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/8f54cc6edab2d4f9348098c60c2d477c2950bbda\"\u003e\u003ccode\u003e8f54cc6\u003c/code\u003e\u003c/a\u003e musig2: add Session.RegisterCombinedNonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/b7d070601def0f94e3713879b19f1678949a8d68\"\u003e\u003ccode\u003eb7d0706\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2430\"\u003e#2430\u003c/a\u003e from Roasbeef/v-0-25-0-rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/31a762b3f67baa7ebcf357562eba74e5e3a5fb89\"\u003e\u003ccode\u003e31a762b\u003c/code\u003e\u003c/a\u003e build: bump version to v0.25.0-beta.rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e8097a1b044c3c0b3843b2aba377e87eb5fc4f9f\"\u003e\u003ccode\u003ee8097a1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2410\"\u003e#2410\u003c/a\u003e from mohamedawnallah/fallback-to-GOPATH-bin-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/29f421534c8c6c47588c2cc08741df956225e52c\"\u003e\u003ccode\u003e29f4215\u003c/code\u003e\u003c/a\u003e Makefile+workflows: fallback to \u003ccode\u003eGOPATH/bin\u003c/code\u003e on non-existent \u003ccode\u003eGOBIN\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/a4ddae2ba1b6f0cc8fe31e48e50cef018affe670\"\u003e\u003ccode\u003ea4ddae2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2409\"\u003e#2409\u003c/a\u003e from gosunuts/fix/dockerfile-go-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/2577dd3ee3e40cd6914731386d1f95d200026508\"\u003e\u003ccode\u003e2577dd3\u003c/code\u003e\u003c/a\u003e Dockerfile: update go base image\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/c002ea3196bc883a7936e07a04f0790bc8c2bf2d\"\u003e\u003ccode\u003ec002ea3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2320\"\u003e#2320\u003c/a\u003e from gosunuts/feature/fix-ci\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/btcsuite/btcd/compare/btcec/v2.3.5...btcec/v2.3.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/btcsuite/btcd/btcutil` from 1.1.5 to 1.1.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/bda7977a9abc4a27e5c089389f60e5d5117b5433\"\u003e\u003ccode\u003ebda7977\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2235\"\u003e#2235\u003c/a\u003e from AlexsandroRyan/pkg-update-checkmarx-cve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/913f95b2b258afac7b0139c4a1bef9f7e3c5bddc\"\u003e\u003ccode\u003e913f95b\u003c/code\u003e\u003c/a\u003e Updated github.com/btcsuite/btcd to address CVE-2024-34478\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/97400aa23ec3ebc94673c7ce37d14a26b60be9ec\"\u003e\u003ccode\u003e97400aa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2225\"\u003e#2225\u003c/a\u003e from Crypt-iQ/statusbytes_08062024\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/3eda1a58a24336c4c1aabe953f84b32a03da62cb\"\u003e\u003ccode\u003e3eda1a5\u003c/code\u003e\u003c/a\u003e blockchain: copy utxo status bytes to avoid UB\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/b161cd6a199b4e35acec66afc5aad221f05fe1e3\"\u003e\u003ccode\u003eb161cd6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2218\"\u003e#2218\u003c/a\u003e from guggero/btcec-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/cefeeaa6b6a3d950eff894814e8a45adc898a0f8\"\u003e\u003ccode\u003ecefeeaa\u003c/code\u003e\u003c/a\u003e mod+rpcserver: bump to latest version of btcec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/ff2e03e11233fa25c01cf4acbf76501fc008b31f\"\u003e\u003ccode\u003eff2e03e\u003c/code\u003e\u003c/a\u003e chore: fix some comments for struct field (\u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2214\"\u003e#2214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/2134387ba8ff6d33d90afba285c5f0d52f3a0f6b\"\u003e\u003ccode\u003e2134387\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2208\"\u003e#2208\u003c/a\u003e from kcalvinalvin/2024-07-01-close-blockfiles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e5d15fddb9c486dfe382bc95dc38d2fd247813bf\"\u003e\u003ccode\u003ee5d15fd\u003c/code\u003e\u003c/a\u003e btcec/ecdsa: remove error return value for SignCompact (\u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2211\"\u003e#2211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/c9fae1ac7cca6e6d55baec913286e483e28923a9\"\u003e\u003ccode\u003ec9fae1a\u003c/code\u003e\u003c/a\u003e ffldb: close block files before deleting them\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/btcsuite/btcd/compare/btcutil/v1.1.5...btcutil/v1.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/decred/dcrd/dcrec/secp256k1/v4` from 4.2.0 to 4.4.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/f98d08ef138a99711dbbc86c569935ded8d6a986\"\u003e\u003ccode\u003ef98d08e\u003c/code\u003e\u003c/a\u003e secp256k1: Prepare v4.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/cb51153239a666e46f98c6834fdd7ea71d086221\"\u003e\u003ccode\u003ecb51153\u003c/code\u003e\u003c/a\u003e mixing: Prepare v0.5.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/35c5572f652a1837326c85d9c8811f1394ddea2e\"\u003e\u003ccode\u003e35c5572\u003c/code\u003e\u003c/a\u003e crypto/rand: Prepare v1.0.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/1ddfc95a4dc8e0139aa7a6af863a0f2b64e86638\"\u003e\u003ccode\u003e1ddfc95\u003c/code\u003e\u003c/a\u003e mixclient: Wait for runs to finish before closing client\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/b77edc3a837d42ea46e0bfecb05189feecd7de4c\"\u003e\u003ccode\u003eb77edc3\u003c/code\u003e\u003c/a\u003e mixclient: Wait for KEs from all attempted sessions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/921b7c30aec1a1fde2afef1dfc82b70cf8e16d73\"\u003e\u003ccode\u003e921b7c3\u003c/code\u003e\u003c/a\u003e docs: Update README.md to required Go 1.23/1.24.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/bcb663b5aaf8ab63699e2669b90e94c7e872ef1d\"\u003e\u003ccode\u003ebcb663b\u003c/code\u003e\u003c/a\u003e build: Test against Go 1.24.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/53648fbb64ed48aead8b3619bdd24392891fe1f6\"\u003e\u003ccode\u003e53648fb\u003c/code\u003e\u003c/a\u003e build: Update golangci-lint to v1.64.5.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/ecc32f7dcccc77331dde0a2c4725288f6a678e7e\"\u003e\u003ccode\u003eecc32f7\u003c/code\u003e\u003c/a\u003e certgen: Use t.TempDir in tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/a7466552329ebddbaf7abfe18e4c89477eaa11f8\"\u003e\u003ccode\u003ea746655\u003c/code\u003e\u003c/a\u003e build: Update to latest action versions.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/decred/dcrd/compare/dcrjson/v4.2.0...dcrec/secp256k1/v4.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/ethereum/go-ethereum` from 1.14.13 to 1.16.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ethereum/go-ethereum/releases\"\u003egithub.com/ethereum/go-ethereum's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eBallistic Drift Stabilizer (v1.16.7)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eThis is a re-roll of v1.16.6, including an important fix in the KZG cryptography library.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThis release enables the Fusaka hardfork on Ethereum mainnet\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eThe Fusaka fork is scheduled to occur at \u003ccode\u003e2025-12-03 21:49:11 UTC\u003c/code\u003e.\nPlease upgrade your node to v1.16.7 in time for the fork.\u003c/p\u003e\n\u003cp\u003eThis release also enables two blob-parameter-only (BPO) upgrades.\nThese upgrades change protocol parameters to increase the available blob capacity.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBPO1 on\u003ccode\u003e2025-12-09\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eBPO2 on \u003ccode\u003e2026-01-07\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFusaka\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSet mainnet timestamps for Osaka (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/33063\"\u003e#33063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnable Fusaka for \u003ccode\u003egeth --dev\u003c/code\u003e mode (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32917\"\u003e#32917\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eRPC\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eeth_sendRawTransactionSync\u003c/code\u003e which waits until either a timeout or the transaction is mined. This feature is mostly useful on L2s with lower blocktimes. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32830\"\u003e#32830\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32930\"\u003e#32930\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32929/\"\u003e#32929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003eeth_simulateV1\u003c/code\u003e in ethclient (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32856\"\u003e#32856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for an issue that might crash \u003ccode\u003edebug_traceCall\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/33015\"\u003e#33015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for an issuer where local transactions were not persisted to the journal (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32921\"\u003e#32921\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix for a cryptographic \u003ca href=\"https://redirect.github.com/ethereum/c-kzg-4844/pull/607\"\u003evulnerability in c-kzg-4844\u003c/a\u003e. This is only exploitable post-Fusaka. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/33093\"\u003e#33093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003egeth --genesis\u003c/code\u003e flag as an alternative to running \u003ccode\u003egeth init genesis.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32844\"\u003e#32844\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for receipt insertion during ERA file import. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32934\"\u003e#32934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWork on getting the trie node history in order to serve historical \u003ccode\u003eeth_getProof\u003c/code\u003e request with the new path-based archive node. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32907\"\u003e#32907\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32914\"\u003e#32914\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32937\"\u003e#32937\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFurther work on cmd/keeper, our guest program for zkVMs (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32816\"\u003e#32816\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVarious optimizations (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32971\"\u003e#32971\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32916\"\u003e#32916\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32965\"\u003e#32965\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32946\"\u003e#32946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNetworking\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew metrics for tracking slow peers (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32964\"\u003e#32964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for an issue where disconnected peers were not removed in txFetcher (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32947\"\u003e#32947\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor a full rundown of the changes please consult the Geth \u003ca href=\"https://github.com/ethereum/go-ethereum/milestone/195?closed=1\"\u003e1.16.6\u003c/a\u003e and \u003ca href=\"https://github.com/ethereum/go-ethereum/milestone/195?closed=1\"\u003e1.16.7\u003c/a\u003e release milestones.\u003c/p\u003e\n\u003cp\u003eAs with all our previous releases, you can find the:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built binaries for all platforms on our \u003ca href=\"https://geth.ethereum.org/downloads/\"\u003edownloads page\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eDocker images published under \u003ca href=\"https://hub.docker.com/r/ethereum/client-go\"\u003e\u003ccode\u003eethereum/client-go\u003c/code\u003e\u003c/a\u003e (use \u0026quot;stable\u0026quot; tag).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/b9f3a3d964ed3d31e710ec7dd66da9181477ecb2\"\u003e\u003ccode\u003eb9f3a3d\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into release/1.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/07129d21c0fa0aa8b6f7426344cf9ec2f31bc427\"\u003e\u003ccode\u003e07129d2\u003c/code\u003e\u003c/a\u003e version: release go-ethereum v1.16.7 stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/653f8d499473c99e2e8ada6d3adea6ec95e97a69\"\u003e\u003ccode\u003e653f8d4\u003c/code\u003e\u003c/a\u003e go.mod: update to c-kzg v2.1.5 (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33093\"\u003e#33093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/5b77af394edd7d7384fbc7f112c8c183f86dcd4b\"\u003e\u003ccode\u003e5b77af3\u003c/code\u003e\u003c/a\u003e version: begin v1.16.7 release cycle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/386c3de6c45f3e185279e6760a17f88fb98dc81a\"\u003e\u003ccode\u003e386c3de\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into release/1.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/044828e6606e3368368884e249256a093bae4a6d\"\u003e\u003ccode\u003e044828e\u003c/code\u003e\u003c/a\u003e version: release go-ethereum v1.16.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/025072427e78b3af3e9a8ddcc64007a38dd374ed\"\u003e\u003ccode\u003e0250724\u003c/code\u003e\u003c/a\u003e params: set osaka and BPO1 \u0026amp; BPO2 mainnet dates (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33063\"\u003e#33063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/28c59b7a760f498c51604791791e194853ba36b6\"\u003e\u003ccode\u003e28c59b7\u003c/code\u003e\u003c/a\u003e core/rawdb: fix db inspector by supporting trienode history (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33087\"\u003e#33087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/18a902799e50b8c0db94653bdae436573e4308a9\"\u003e\u003ccode\u003e18a9027\u003c/code\u003e\u003c/a\u003e common: fix duration comparison in PrettyAge (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33064\"\u003e#33064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/e6d34c1fee407e77b1ea573346336a4b57c94a8b\"\u003e\u003ccode\u003ee6d34c1\u003c/code\u003e\u003c/a\u003e eth/tracers: fix prestateTracer for EIP-6780 SELFDESTRUCT (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33050\"\u003e#33050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ethereum/go-ethereum/compare/v1.14.13...v1.16.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-playground/validator/v10` from 10.26.0 to 10.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-playground/validator/releases\"\u003egithub.com/go-playground/validator/v10's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 10.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate workflow.yml to support 2 most recent major versions by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1417\"\u003ego-playground/validator#1417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1456\"\u003ego-playground/validator#1456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGo 1.25 support by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1459\"\u003ego-playground/validator#1459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1463\"\u003ego-playground/validator#1463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/text from 0.22.0 to 0.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1464\"\u003ego-playground/validator#1464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-go from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1465\"\u003ego-playground/validator#1465\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/crypto from 0.33.0 to 0.42.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1467\"\u003ego-playground/validator#1467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: should panic when define duplicate field param in \u003ccode\u003erequired_if\u003c/code\u003e by \u003ca href=\"https://github.com/duyquang6\"\u003e\u003ccode\u003e@​duyquang6\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1468\"\u003ego-playground/validator#1468\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed missing keys from returned errors in map validation by \u003ca href=\"https://github.com/gelozr\"\u003e\u003ccode\u003e@​gelozr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1284\"\u003ego-playground/validator#1284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded https_url tag by \u003ca href=\"https://github.com/ahmedkamalio\"\u003e\u003ccode\u003e@​ahmedkamalio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1461\"\u003ego-playground/validator#1461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add description for 'port' validator by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1435\"\u003ego-playground/validator#1435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd alphaspace validator by \u003ca href=\"https://github.com/takaaa220\"\u003e\u003ccode\u003e@​takaaa220\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1343\"\u003ego-playground/validator#1343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duyquang6\"\u003e\u003ccode\u003e@​duyquang6\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1468\"\u003ego-playground/validator#1468\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gelozr\"\u003e\u003ccode\u003e@​gelozr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1284\"\u003ego-playground/validator#1284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ahmedkamalio\"\u003e\u003ccode\u003e@​ahmedkamalio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1461\"\u003ego-playground/validator#1461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/takaaa220\"\u003e\u003ccode\u003e@​takaaa220\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1343\"\u003ego-playground/validator#1343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-playground/validator/compare/v10.27.0...v10.28.0\"\u003ehttps://github.com/go-playground/validator/compare/v10.27.0...v10.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease 10.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Release version badge on README page by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1406\"\u003ego-playground/validator#1406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix russian E.164 error message by \u003ca href=\"https://github.com/prigornitskiy\"\u003e\u003ccode\u003e@​prigornitskiy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1349\"\u003ego-playground/validator#1349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove unnecessary statement by \u003ca href=\"https://github.com/qshuai\"\u003e\u003ccode\u003e@​qshuai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1200\"\u003ego-playground/validator#1200\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe-enable several linters by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1412\"\u003ego-playground/validator#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd support to tag validateFn by \u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1363\"\u003ego-playground/validator#1363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/crypto from 0.33.0 to 0.35.0 in /_examples/validate_fn by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1418\"\u003ego-playground/validator#1418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/net from 0.34.0 to 0.38.0 in /_examples/validate_fn by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1419\"\u003ego-playground/validator#1419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign required_without with the contract stated in the documentation by \u003ca href=\"https://github.com/jmfrees\"\u003e\u003ccode\u003e@​jmfrees\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1422\"\u003ego-playground/validator#1422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd translation example by \u003ca href=\"https://github.com/cxlblm\"\u003e\u003ccode\u003e@​cxlblm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1394\"\u003ego-playground/validator#1394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc(errors): mention RegisterTagNameFunc for FieldError.Field by \u003ca href=\"https://github.com/khan-ajamal\"\u003e\u003ccode\u003e@​khan-ajamal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1358\"\u003ego-playground/validator#1358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golangci/golangci-lint-action from 7 to 8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1425\"\u003ego-playground/validator#1425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(translation): add en translation for urn_rfc2141 by \u003ca href=\"https://github.com/ryanmalesic\"\u003e\u003ccode\u003e@​ryanmalesic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1431\"\u003ego-playground/validator#1431\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: panics when private field is validated by \u003ca href=\"https://github.com/ykalchevskiy\"\u003e\u003ccode\u003e@​ykalchevskiy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1423\"\u003ego-playground/validator#1423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: support validation for map values with struct types by \u003ca href=\"https://github.com/JunaidIslam2105\"\u003e\u003ccode\u003e@​JunaidIslam2105\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1433\"\u003ego-playground/validator#1433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOmitzero does not work with slice and map bug by \u003ca href=\"https://github.com/JunaidIslam2105\"\u003e\u003ccode\u003e@​JunaidIslam2105\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1436\"\u003ego-playground/validator#1436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: Validator panics when 'nil' is used along with required if for slices and maps by \u003ca href=\"https://github.com/JunaidIslam2105\"\u003e\u003ccode\u003e@​JunaidIslam2105\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1442\"\u003ego-playground/validator#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: typos by \u003ca href=\"https://github.com/eqsdxr\"\u003e\u003ccode\u003e@​eqsdxr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1440\"\u003ego-playground/validator#1440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: make \u0026quot;file://\u0026quot; fail \u003ccode\u003eurl\u003c/code\u003e validation by \u003ca href=\"https://github.com/bfabio\"\u003e\u003ccode\u003e@​bfabio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1444\"\u003ego-playground/validator#1444\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edisable way too aggressive and disagreeable linters by \u003ca href=\"https://github.com/deankarn\"\u003e\u003ccode\u003e@​deankarn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1445\"\u003ego-playground/validator#1445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse golangci lint file for disables by \u003ca href=\"https://github.com/deankarn\"\u003e\u003ccode\u003e@​deankarn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1447\"\u003ego-playground/validator#1447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prigornitskiy\"\u003e\u003ccode\u003e@​prigornitskiy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1349\"\u003ego-playground/validator#1349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qshuai\"\u003e\u003ccode\u003e@​qshuai\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1200\"\u003ego-playground/validator#1200\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1363\"\u003ego-playground/validator#1363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/bdc3a7d31bd8269baa07904324e8fb22fb2f9372\"\u003e\u003ccode\u003ebdc3a7d\u003c/code\u003e\u003c/a\u003e Add alphaspace validator (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1343\"\u003e#1343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/63594a0fbee5293ac7bc6c80286c3277cd2ddb45\"\u003e\u003ccode\u003e63594a0\u003c/code\u003e\u003c/a\u003e docs: add description for 'port' validator (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1435\"\u003e#1435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/45f3a8e09a4d0b995829fe0613289db4fb69b850\"\u003e\u003ccode\u003e45f3a8e\u003c/code\u003e\u003c/a\u003e Added https_url tag (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1461\"\u003e#1461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/7a23bca81c8bc72c578252b524665ea173b489da\"\u003e\u003ccode\u003e7a23bca\u003c/code\u003e\u003c/a\u003e Remove Go version 1.23 from CI workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/13130d2e78838bec6b9e4dbce756c183844590e7\"\u003e\u003ccode\u003e13130d2\u003c/code\u003e\u003c/a\u003e Fixed missing keys from returned errors in map validation (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1284\"\u003e#1284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/94e89f0942028ebfb17426b8d3c2005a46557621\"\u003e\u003ccode\u003e94e89f0\u003c/code\u003e\u003c/a\u003e fix: should panic when define duplicate field param in \u003ccode\u003erequired_if\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/6905468e4559e0937518de42c92cb6b5c023342d\"\u003e\u003ccode\u003e6905468\u003c/code\u003e\u003c/a\u003e Bump golang.org/x/crypto from 0.33.0 to 0.42.0 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/77ef70e2d1287e50641c096ca1c3d09497e7197c\"\u003e\u003ccode\u003e77ef70e\u003c/code\u003e\u003c/a\u003e Bump actions/setup-go from 5 to 6 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1465\"\u003e#1465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/78d05ae554de682d121e78a6a62d7de01be8e863\"\u003e\u003ccode\u003e78d05ae\u003c/code\u003e\u003c/a\u003e Bump golang.org/x/text from 0.22.0 to 0.29.0 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1464\"\u003e#1464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/34aea1f62ca76abe2999265d25c8dcf8507cb3ed\"\u003e\u003ccode\u003e34aea1f\u003c/code\u003e\u003c/a\u003e Bump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.10 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1463\"\u003e#1463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-playground/validator/compare/v10.26.0...v10.28.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/prometheus/client_golang` from 1.22.0 to 1.23.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_golang/releases\"\u003egithub.com/prometheus/client_golang's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.2 - 2025-09-05\u003c/h2\u003e\n\u003cp\u003eThis release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e[release-1.23] Upgrade to prometheus/common@v0.66.1 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1869\"\u003eprometheus/client_golang#1869\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[release-1.23] Cut v1.23.2 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1870\"\u003eprometheus/client_golang#1870\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_golang/compare/v1.23.1...v1.23.2\"\u003ehttps://github.com/prometheus/client_golang/compare/v1.23.1...v1.23.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.1 - 2025-09-04\u003c/h2\u003e\n\u003cp\u003eThis release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e[release-1.23] Upgrade to prometheus/common v0.66 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1866\"\u003eprometheus/client_golang#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[release-1.23] Cut v1.23.1 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1867\"\u003eprometheus/client_golang#1867\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_golang/compare/v1.23.0...v1.23.1\"\u003ehttps://github.com/prometheus/client_golang/compare/v1.23.0...v1.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0 - 2025-07-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1812\"\u003e#1812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1766\"\u003e#1766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add exemplars for native histograms \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1686\"\u003e#1686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] exp/api: Bubble up status code from writeResponse \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1823\"\u003e#1823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1833\"\u003e#1833\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[BUGFIX] exp/api: client prompt return on context cancellation \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1729\"\u003e#1729\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md\"\u003egithub.com/prometheus/client_golang's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.23.2 / 2025-09-05\u003c/h2\u003e\n\u003cp\u003eThis release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement).\nThere are no functional changes.\u003c/p\u003e\n\u003ch2\u003e1.23.1 / 2025-09-04\u003c/h2\u003e\n\u003cp\u003eThis release is made to be compatible with a backwards incompatible API change\nin prometheus/common v0.66.0. There are no functional changes.\u003c/p\u003e\n\u003ch2\u003e1.23.0 / 2025-07-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1812\"\u003e#1812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1766\"\u003e#1766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add exemplars for native histograms \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1686\"\u003e#1686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] exp/api: Bubble up status code from writeResponse \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1823\"\u003e#1823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1833\"\u003e#1833\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[BUGFIX] exp/api: client prompt return on context cancellation \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1729\"\u003e#1729\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/8179a560819f2c64ef6ade70e6ae4c73aecaca3c\"\u003e\u003ccode\u003e8179a56\u003c/code\u003e\u003c/a\u003e Cut v1.23.2 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1870\"\u003e#1870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/4142b5908bb6c8f5e412b72de5ea4b927d8c219d\"\u003e\u003ccode\u003e4142b59\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1869\"\u003e#1869\u003c/a\u003e from prometheus/arve/upgrade-common\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/4ff40f0d918efc0f59701d13622913805c2425b4\"\u003e\u003ccode\u003e4ff40f0\u003c/code\u003e\u003c/a\u003e Cut v1.23.1 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1867\"\u003e#1867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/989b0298944e64f88a54ac9c70cd8c8121f10bc9\"\u003e\u003ccode\u003e989b029\u003c/code\u003e\u003c/a\u003e Upgrade to prometheus/common v0.66 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1866\"\u003e#1866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/e4b2208dd8cb6d1425f00250db842ec3c1e8749e\"\u003e\u003ccode\u003ee4b2208\u003c/code\u003e\u003c/a\u003e Cut v1.23.0 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/d9492afd3a6f2e9782a7fc10363281bfd5b743bb\"\u003e\u003ccode\u003ed9492af\u003c/code\u003e\u003c/a\u003e cut v1.23.0-rc.1 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1842\"\u003e#1842\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/aeae8a0b4f54a8fa720d19b88638a2d048596f82\"\u003e\u003ccode\u003eaeae8a0\u003c/code\u003e\u003c/a\u003e Cut v1.23.0-rc.0 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1837\"\u003e#1837\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/b157309b723f0b8588ea604bb78dbbba196803f2\"\u003e\u003ccode\u003eb157309\u003c/code\u003e\u003c/a\u003e Update common Prometheus files (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1832\"\u003e#1832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/a704e287f467b79744c30af996b7d710d4c6900d\"\u003e\u003ccode\u003ea704e28\u003c/code\u003e\u003c/a\u003e build(deps): bump the github-actions group with 3 updates (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1826\"\u003e#1826\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/c7743110ad2c599de3d8c23682d978a12f9f36d1\"\u003e\u003ccode\u003ec774311\u003c/code\u003e\u003c/a\u003e Fix errNotImplemented reference (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1835\"\u003e#1835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/prometheus/client_model` from 0.6.1 to 0.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_model/releases\"\u003egithub.com/prometheus/client_model's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/89\"\u003eprometheus/client_model#89\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.33.0 to 1.34.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/88\"\u003eprometheus/client_model#88\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/90\"\u003eprometheus/client_model#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.34.0 to 1.34.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/91\"\u003eprometheus/client_model#91\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/92\"\u003eprometheus/client_model#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/93\"\u003eprometheus/client_model#93\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.34.1 to 1.34.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/94\"\u003eprometheus/client_model#94\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/95\"\u003eprometheus/client_model#95\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/96\"\u003eprometheus/client_model#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/97\"\u003eprometheus/client_model#97\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/98\"\u003eprometheus/client_model#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/99\"\u003eprometheus/client_model#99\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/100\"\u003eprometheus/client_model#100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/101\"\u003eprometheus/client_model#101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/103\"\u003eprometheus/client_model#103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate google.golang.org/protobuf to v1.35.1 by \u003ca href=\"https://github.com/beorn7\"\u003e\u003ccode\u003e@​beorn7\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/104\"\u003eprometheus/client_model#104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/105\"\u003eprometheus/client_model#105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/106\"\u003eprometheus/client_model#106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.35.1 to 1.35.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/107\"\u003eprometheus/client_model#107\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/108\"\u003eprometheus/client_model#108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump goo...\n\n_Description has been truncated_","html_url":"https://github.com/rsksmart/liquidity-provider-server/pull/886","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsksmart%2Fliquidity-provider-server/issues/886","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/886/packages"},{"uuid":"3694781967","node_id":"PR_kwDOH48Fr863EyNG","number":85,"state":"closed","title":"build(go): bump the go group with 11 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-17T12:10:23.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-04T13:50:21.000Z","updated_at":"2025-12-17T12:10:25.000Z","time_to_close":1117202,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(go): bump","group_name":"go","update_count":11,"packages":[{"name":"github.com/alexedwards/argon2id","old_version":"0.0.0-20211130144151-3585854a6387","new_version":"1.0.0","repository_url":"https://github.com/alexedwards/argon2id"},{"name":"github.com/benbjohnson/hashfs","old_version":"0.2.1","new_version":"0.2.2","repository_url":"https://github.com/benbjohnson/hashfs"},{"name":"github.com/bmatcuk/doublestar/v4","old_version":"4.6.0","new_version":"4.9.1","repository_url":"https://github.com/bmatcuk/doublestar"},{"name":"github.com/dgraph-io/ristretto","old_version":"0.1.1","new_version":"0.2.0","repository_url":"https://github.com/dgraph-io/ristretto"},{"name":"github.com/gorilla/csrf","old_version":"1.7.1","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/gorilla/securecookie","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/gorilla/securecookie"},{"name":"github.com/gorilla/sessions","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/gorilla/sessions"},{"name":"github.com/open-policy-agent/opa","old_version":"1.4.0","new_version":"1.11.0","repository_url":"https://github.com/open-policy-agent/opa"},{"name":"github.com/twmb/murmur3","old_version":"1.1.6","new_version":"1.1.8","repository_url":"https://github.com/twmb/murmur3"},{"name":"golang.org/x/sync","old_version":"0.17.0","new_version":"0.18.0","repository_url":"https://github.com/golang/sync"},{"name":"zombiezen.com/go/sqlite","old_version":"0.12.0","new_version":"1.4.2","repository_url":"https://github.com/zombiezen/go-sqlite"}],"path":null,"ecosystem":"go"},"body":"Bumps the go group with 11 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/alexedwards/argon2id](https://github.com/alexedwards/argon2id) | `0.0.0-20211130144151-3585854a6387` | `1.0.0` |\n| [github.com/benbjohnson/hashfs](https://github.com/benbjohnson/hashfs) | `0.2.1` | `0.2.2` |\n| [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) | `4.6.0` | `4.9.1` |\n| [github.com/dgraph-io/ristretto](https://github.com/dgraph-io/ristretto) | `0.1.1` | `0.2.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.1` | `1.7.3` |\n| [github.com/gorilla/securecookie](https://github.com/gorilla/securecookie) | `1.1.1` | `1.1.2` |\n| [github.com/gorilla/sessions](https://github.com/gorilla/sessions) | `1.2.1` | `1.4.0` |\n| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `1.4.0` | `1.11.0` |\n| [github.com/twmb/murmur3](https://github.com/twmb/murmur3) | `1.1.6` | `1.1.8` |\n| [golang.org/x/sync](https://github.com/golang/sync) | `0.17.0` | `0.18.0` |\n| [zombiezen.com/go/sqlite](https://github.com/zombiezen/go-sqlite) | `0.12.0` | `1.4.2` |\n\nUpdates `github.com/alexedwards/argon2id` from 0.0.0-20211130144151-3585854a6387 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/alexedwards/argon2id/commits/v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/benbjohnson/hashfs` from 0.2.1 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benbjohnson/hashfs/releases\"\u003egithub.com/benbjohnson/hashfs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix README Handle path by \u003ca href=\"https://github.com/benhoyt\"\u003e\u003ccode\u003e@​benhoyt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/4\"\u003ebenbjohnson/hashfs#4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't use os.IsNotExist by \u003ca href=\"https://github.com/ypdn\"\u003e\u003ccode\u003e@​ypdn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/6\"\u003ebenbjohnson/hashfs#6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benhoyt\"\u003e\u003ccode\u003e@​benhoyt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/4\"\u003ebenbjohnson/hashfs#4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ypdn\"\u003e\u003ccode\u003e@​ypdn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/6\"\u003ebenbjohnson/hashfs#6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/benbjohnson/hashfs/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/benbjohnson/hashfs/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benbjohnson/hashfs/commit/8e79949acd46352b79d49f121a2d564b35f0a828\"\u003e\u003ccode\u003e8e79949\u003c/code\u003e\u003c/a\u003e Don't use os.IsNotExist (\u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/issues/6\"\u003e#6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benbjohnson/hashfs/commit/0bd452f43646da72320145151874db3d1a27b381\"\u003e\u003ccode\u003e0bd452f\u003c/code\u003e\u003c/a\u003e Fix README Handle path (\u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/issues/4\"\u003e#4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/benbjohnson/hashfs/compare/v0.2.1...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/bmatcuk/doublestar/v4` from 4.6.0 to 4.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bmatcuk/doublestar/releases\"\u003egithub.com/bmatcuk/doublestar/v4's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSmall Performance Change\u003c/h2\u003e\n\u003cp\u003eThis release contains a small change that gives a slight performance increase. Thanks to \u003ca href=\"https://github.com/jbedard\"\u003e\u003ccode\u003e@​jbedard\u003c/code\u003e\u003c/a\u003e for the PR!\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: reduce string construction in isZeroLengthPattern by \u003ca href=\"https://github.com/jbedard\"\u003e\u003ccode\u003e@​jbedard\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/107\"\u003ebmatcuk/doublestar#107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jbedard\"\u003e\u003ccode\u003e@​jbedard\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/107\"\u003ebmatcuk/doublestar#107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.9.0...v4.9.1\"\u003ehttps://github.com/bmatcuk/doublestar/compare/v4.9.0...v4.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAdded WithCaseInsensitive option\u003c/h2\u003e\n\u003cp\u003eAdded a \u003ccode\u003eWithCaseInsensitive\u003c/code\u003e option to ignore alphabetic case when globbing. Thanks \u003ca href=\"https://github.com/braydonk\"\u003e\u003ccode\u003e@​braydonk\u003c/code\u003e\u003c/a\u003e for the PR!\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove unreachable code in match by \u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/102\"\u003ebmatcuk/doublestar#102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eWithCaseInsensitive\u003c/code\u003e \u003ccode\u003eGlobOption\u003c/code\u003e by \u003ca href=\"https://github.com/braydonk\"\u003e\u003ccode\u003e@​braydonk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/106\"\u003ebmatcuk/doublestar#106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/braydonk\"\u003e\u003ccode\u003e@​braydonk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/106\"\u003ebmatcuk/doublestar#106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.8.1...v4.9.0\"\u003ehttps://github.com/bmatcuk/doublestar/compare/v4.8.1...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSmall Performance Improvement for MatchUnvalidated\u003c/h2\u003e\n\u003cp\u003eSkip some additional validation checks in \u003ccode\u003eMatchUnvalidated\u003c/code\u003e. Thanks to \u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e for the PR!\u003c/p\u003e\n\u003cp\u003eAdditional documentation improvements from \u003ca href=\"https://github.com/timo-reymann\"\u003e\u003ccode\u003e@​timo-reymann\u003c/code\u003e\u003c/a\u003e. Thanks!\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExplicitly mention number support and add tests by \u003ca href=\"https://github.com/timo-reymann\"\u003e\u003ccode\u003e@​timo-reymann\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/100\"\u003ebmatcuk/doublestar#100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkip more validation by \u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/101\"\u003ebmatcuk/doublestar#101\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timo-reymann\"\u003e\u003ccode\u003e@​timo-reymann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/100\"\u003ebmatcuk/doublestar#100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/101\"\u003ebmatcuk/doublestar#101\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.8.0...v4.8.1\"\u003ehttps://github.com/bmatcuk/doublestar/compare/v4.8.0...v4.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFixed Escaped Meta in the \u0026quot;Base\u0026quot; of the Pattern\u003c/h2\u003e\n\u003cp\u003eIf the \u0026quot;base\u0026quot; of a pattern (ie, everything up to the first path slash before any meta characters) contains an escaped meta character, doublestar would fail to glob any files.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/tdurieux\"\u003e\u003ccode\u003e@​tdurieux\u003c/code\u003e\u003c/a\u003e for finding and fixing this bug!\u003c/p\u003e\n\u003ch2\u003eBreaking-ish Change\u003c/h2\u003e\n\u003cp\u003eI've updated \u003ccode\u003eSplitPattern\u003c/code\u003e to unescape meta characters in the first returned string. I suspect this shouldn't cause issues for anyone because, if anyone was using this function, they've probably either never passed a pattern with escaped meta characters, or hand-rolled an unescape method to fix the bug - which will now be a no-op for them.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(\u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/issues/96\"\u003e#96\u003c/a\u003e) unescapeMeta the pattern base  by \u003ca href=\"https://github.com/tdurieux\"\u003e\u003ccode\u003e@​tdurieux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/97\"\u003ebmatcuk/doublestar#97\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/8b690afa33319b0a1869367f594e53977e38bc99\"\u003e\u003ccode\u003e8b690af\u003c/code\u003e\u003c/a\u003e note about optimization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/792c3c946327797e17e733d738a09bae0c86ee75\"\u003e\u003ccode\u003e792c3c9\u003c/code\u003e\u003c/a\u003e perf: reduce string construction in isZeroLengthPattern\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/06f110a7701e8ae50bcaeaa121080533076ba51c\"\u003e\u003ccode\u003e06f110a\u003c/code\u003e\u003c/a\u003e test updates, and renamed caseInsensitive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/8cf3fc3af10ccbff98d3f2aa83550f0f3204b913\"\u003e\u003ccode\u003e8cf3fc3\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eWithCaseInsensitive\u003c/code\u003e \u003ccode\u003eGlobOption\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/5da61cf7e690c8998d43f4811467e07b4296a0cb\"\u003e\u003ccode\u003e5da61cf\u003c/code\u003e\u003c/a\u003e Remove unreachable code in match\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/b707fe4305f7f29b0ce53be76ef7f98fc8204cd9\"\u003e\u003ccode\u003eb707fe4\u003c/code\u003e\u003c/a\u003e Wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/569c123424530f9d09209f3ade0be959aa436b41\"\u003e\u003ccode\u003e569c123\u003c/code\u003e\u003c/a\u003e Add tests to make sure we're skipping validation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/3b1e3d13f0f411f346ff8fc5d77637435f6de809\"\u003e\u003ccode\u003e3b1e3d1\u003c/code\u003e\u003c/a\u003e Skip additional validations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/24bdb149bb294e18eb9d3cce89fa9631fa8e6c11\"\u003e\u003ccode\u003e24bdb14\u003c/code\u003e\u003c/a\u003e small updates to docs and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/32ab680c67801e17c4b8816dc14dd461ca795e8a\"\u003e\u003ccode\u003e32ab680\u003c/code\u003e\u003c/a\u003e test: Add tests for number ranges and sets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.6.0...v4.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/dgraph-io/ristretto` from 0.1.1 to 0.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dgraph-io/ristretto/releases\"\u003egithub.com/dgraph-io/ristretto's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e*`docs(readme): Use new Wait method by \u003ca href=\"https://github.com/angadn\"\u003e\u003ccode\u003e@​angadn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/327\"\u003edgraph-io/ristretto#327\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs: format example on readme by \u003ca href=\"https://github.com/rfyiamcool\"\u003e\u003ccode\u003e@​rfyiamcool\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/339\"\u003edgraph-io/ristretto#339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix flakes in TestDropUpdates by \u003ca href=\"https://github.com/evanj\"\u003e\u003ccode\u003e@​evanj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/334\"\u003edgraph-io/ristretto#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(Cache): document Wait, clarify Get by \u003ca href=\"https://github.com/evanj\"\u003e\u003ccode\u003e@​evanj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/333\"\u003edgraph-io/ristretto#333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typo error by \u003ca href=\"https://github.com/proost\"\u003e\u003ccode\u003e@​proost\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/341\"\u003edgraph-io/ristretto#341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: support compilation to wasip1 by \u003ca href=\"https://github.com/achille-roussel\"\u003e\u003ccode\u003e@​achille-roussel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/344\"\u003edgraph-io/ristretto#344\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove glog dependency by \u003ca href=\"https://github.com/jhawk28\"\u003e\u003ccode\u003e@​jhawk28\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/350\"\u003edgraph-io/ristretto#350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd config for cleanup ticker duration by \u003ca href=\"https://github.com/singhvikash11\"\u003e\u003ccode\u003e@​singhvikash11\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/342\"\u003edgraph-io/ristretto#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(OnEvict): Set missing Expiration field on evicted items by \u003ca href=\"https://github.com/0x1ee7\"\u003e\u003ccode\u003e@​0x1ee7\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/345\"\u003edgraph-io/ristretto#345\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euint32 -\u0026gt; uint64 in slice methods by \u003ca href=\"https://github.com/mocurin\"\u003e\u003ccode\u003e@​mocurin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/323\"\u003edgraph-io/ristretto#323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: cleanupTicker not being stopped by \u003ca href=\"https://github.com/IlyaFloppy\"\u003e\u003ccode\u003e@​IlyaFloppy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/343\"\u003edgraph-io/ristretto#343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0\"\u003ehttps://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dgraph-io/ristretto/blob/main/CHANGELOG.md\"\u003egithub.com/dgraph-io/ristretto's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[v0.2.0] - 2024-10-06\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/344\"\u003e\u003ccode\u003efix: support compilation to wasip1 by @​achille-roussel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/342\"\u003e\u003ccode\u003eadd config for cleanup ticker duration by @​singhvikash11\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/327\"\u003e\u003ccode\u003edocs(readme): Use new Wait method by @​angadn\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/339\"\u003e\u003ccode\u003edocs: format example on readme by @​rfyiamcool\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/334\"\u003e\u003ccode\u003eFix flakes in TestDropUpdates by @​evanj\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/333\"\u003e\u003ccode\u003edocs(Cache): document Wait, clarify Get by @​evanj\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/341\"\u003e\u003ccode\u003echore: fix typo error by @​proost\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/350\"\u003e\u003ccode\u003eremove glog dependency by @​jhawk28\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/345\"\u003e\u003ccode\u003efix(OnEvict): Set missing Expiration field on evicted items by @​0x1ee7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/323\"\u003e\u003ccode\u003euint32 -\u0026gt; uint64 in slice methods by @​mocurin\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/343\"\u003e\u003ccode\u003efix: cleanupTicker not being stopped by @​IlyaFloppy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/hypermodeinc/ristretto/compare/v0.1.1...v0.2.0\"\u003ehttps://github.com/hypermodeinc/ristretto/compare/v0.1.1...v0.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/185461756714d72b458a7fb6cf9441a96db82dcb\"\u003e\u003ccode\u003e1854617\u003c/code\u003e\u003c/a\u003e minor repo cleanup (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/352\"\u003e#352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/91446626cc3b34a596a024bd711f786e74851aeb\"\u003e\u003ccode\u003e9144662\u003c/code\u003e\u003c/a\u003e stop cleanupTicker while closing cache (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/343\"\u003e#343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/c00b3525a6a1c4cead9cc26b8d453da4b0e85e52\"\u003e\u003ccode\u003ec00b352\u003c/code\u003e\u003c/a\u003e uint32 to uint64 in slice methods (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/323\"\u003e#323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/e6d62cbfa02d3bd4bfd1f50f8d86786dc668ec46\"\u003e\u003ccode\u003ee6d62cb\u003c/code\u003e\u003c/a\u003e chore(ci): separate out coverage report workflow (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/353\"\u003e#353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/f0e70276b93a49aa672dd247f4dddfc5f208d07f\"\u003e\u003ccode\u003ef0e7027\u003c/code\u003e\u003c/a\u003e set missing Expiration field on evicted items (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/345\"\u003e#345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/e8dc5b0073351c9bf2a0c4ca8567089da049da44\"\u003e\u003ccode\u003ee8dc5b0\u003c/code\u003e\u003c/a\u003e add config for cleanup ticker duration (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/342\"\u003e#342\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/c5789d66fddc048e40318067bb60cf8395d8a3f8\"\u003e\u003ccode\u003ec5789d6\u003c/code\u003e\u003c/a\u003e update golangci config and cleanup repo (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/351\"\u003e#351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/bdcf5e99ac1dcfc086482e8041b79d01167c7590\"\u003e\u003ccode\u003ebdcf5e9\u003c/code\u003e\u003c/a\u003e remove glog dependency (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/350\"\u003e#350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/3f6b44a6092c4a0ad1f3ece5db1d54438ddcb39b\"\u003e\u003ccode\u003e3f6b44a\u003c/code\u003e\u003c/a\u003e fix: support compilation to wasip1 (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/344\"\u003e#344\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/c73d585ee67e15661e8148de2657f0939b0a63b4\"\u003e\u003ccode\u003ec73d585\u003c/code\u003e\u003c/a\u003e chore: fix typo error (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/341\"\u003e#341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.1 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/securecookie` from 1.1.1 to 1.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/securecookie/releases\"\u003egithub.com/gorilla/securecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix New not checking for an empty hashKey by \u003ca href=\"https://github.com/Wessie\"\u003e\u003ccode\u003e@​Wessie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/52\"\u003egorilla/securecookie#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate LICENSE \u0026amp; AUTHORS files by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/54\"\u003egorilla/securecookie#54\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate go.mod to be aware of go modules by \u003ca href=\"https://github.com/flibustenet\"\u003e\u003ccode\u003e@​flibustenet\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/55\"\u003egorilla/securecookie#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate release_drafter.yml by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/57\"\u003egorilla/securecookie#57\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[docs] Clarify usage of GenerateRandomKey by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/58\"\u003egorilla/securecookie#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egithub: remove false-match for language detection by \u003ca href=\"https://github.com/nilslice\"\u003e\u003ccode\u003e@​nilslice\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/59\"\u003egorilla/securecookie#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate config.yml by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/63\"\u003egorilla/securecookie#63\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: correct a reference to block size that was meant to be key size by \u003ca href=\"https://github.com/FiloSottile\"\u003e\u003ccode\u003e@​FiloSottile\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/64\"\u003egorilla/securecookie#64\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude an example for using DecodeMulti in the Readme by \u003ca href=\"https://github.com/tflyons\"\u003e\u003ccode\u003e@​tflyons\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/69\"\u003egorilla/securecookie#69\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/74\"\u003egorilla/securecookie#74\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/78\"\u003egorilla/securecookie#78\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: changed deprecated goo.gl links to their unshortened variant by \u003ca href=\"https://github.com/vvvvv\"\u003e\u003ccode\u003e@​vvvvv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/77\"\u003egorilla/securecookie#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/81\"\u003egorilla/securecookie#81\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate GitHub workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/82\"\u003egorilla/securecookie#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Wessie\"\u003e\u003ccode\u003e@​Wessie\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/52\"\u003egorilla/securecookie#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/flibustenet\"\u003e\u003ccode\u003e@​flibustenet\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/55\"\u003egorilla/securecookie#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nilslice\"\u003e\u003ccode\u003e@​nilslice\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/59\"\u003egorilla/securecookie#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile\"\u003e\u003ccode\u003e@​FiloSottile\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/64\"\u003egorilla/securecookie#64\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tflyons\"\u003e\u003ccode\u003e@​tflyons\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/69\"\u003egorilla/securecookie#69\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/78\"\u003egorilla/securecookie#78\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vvvvv\"\u003e\u003ccode\u003e@​vvvvv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/77\"\u003egorilla/securecookie#77\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/securecookie/compare/v1.1.1...v1.1.2\"\u003ehttps://github.com/gorilla/securecookie/compare/v1.1.1...v1.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/eae3c1840ec4adda88a4af683ad0f60bb690e7c2\"\u003e\u003ccode\u003eeae3c18\u003c/code\u003e\u003c/a\u003e update GitHub workflows (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/22eae5c820537b29d36814c94c2c70c08e391d71\"\u003e\u003ccode\u003e22eae5c\u003c/code\u003e\u003c/a\u003e Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/4ce52525b6a4243a02356b62abf6b2ef9038ff52\"\u003e\u003ccode\u003e4ce5252\u003c/code\u003e\u003c/a\u003e docs: changed deprecated goo.gl links to their unshortened variant (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/ab6b80809e59d61b23e5ae5f1c24e123f3a17133\"\u003e\u003ccode\u003eab6b808\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/78\"\u003e#78\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/80d3cb33a42adb0e57bbe375814f1b0665913576\"\u003e\u003ccode\u003e80d3cb3\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/9865a2b6137913abf1982cc4b1e8acdc35b2f052\"\u003e\u003ccode\u003e9865a2b\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/f37875ef1fb538320ab97fc6c9927d94c280ed5b\"\u003e\u003ccode\u003ef37875e\u003c/code\u003e\u003c/a\u003e build: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/74\"\u003e#74\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/61b4ad17eb88d0d1118560d1101176279be2bc88\"\u003e\u003ccode\u003e61b4ad1\u003c/code\u003e\u003c/a\u003e docs: Include an example for using DecodeMulti in the Readme (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/69\"\u003e#69\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/86450627d8e6b88e00ea41f228489b89d08a40de\"\u003e\u003ccode\u003e8645062\u003c/code\u003e\u003c/a\u003e doc: correct a reference to block size that was meant to be key size (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/64\"\u003e#64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/629b6af17341019b261eab06da74c418942918d9\"\u003e\u003ccode\u003e629b6af\u003c/code\u003e\u003c/a\u003e Create config.yml (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/63\"\u003e#63\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/securecookie/compare/v1.1.1...v1.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/sessions` from 1.2.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/sessions/releases\"\u003egithub.com/gorilla/sessions's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.4.0\u003c/h2\u003e\n\u003ch2\u003eSummary\u003c/h2\u003e\n\u003cp\u003eThere were new features important for \u003ca href=\"https://redirect.github.com/golang/go/issues/62490#issuecomment-2127685955\"\u003ecompatibility with some of the upcoming cookie security changes\u003c/a\u003e with google that required a new \u003ccode\u003ePartitioned\u003c/code\u003e attribute be added to the cookies, this attribute was only available in go 1.23, which has just recently been released.\u003c/p\u003e\n\u003cp\u003eIf you require a version that is backward compatible with a lower version than go 1.23 then you'll need to use release v1.3.0.\u003c/p\u003e\n\u003cp\u003eThe following notes show the difference between 1.2.2 and the current version because 1.3.0 was a hotfix for go 1.22 and below.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove File System Path Handling by \u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/272\"\u003e#272\u003c/a\u003e: feat: Add support for paritioned attribute in cookies as per chrome 3rd party cookie phaseout by \u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix no default samesite by \u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix gorillatoolkit link in README.md by \u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd mysql store to the readme by \u003ca href=\"https://github.com/danielepintore\"\u003e\u003ccode\u003e@​danielepintore\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/279\"\u003egorilla/sessions#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/danielepintore\"\u003e\u003ccode\u003e@​danielepintore\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/279\"\u003egorilla/sessions#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/sessions/compare/v1.2.2...v1.4.0\"\u003ehttps://github.com/gorilla/sessions/compare/v1.2.2...v1.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003cp\u003eThe maintainers of this repo merged a PR into main with the \u003ccode\u003enet/http.Cookie\u003c/code\u003e field \u003ccode\u003ePartitioned\u003c/code\u003e which is a field only available in go 1.23. As a result all usage of the main branch will not work unless users are on 1.23 which at the time of writing is currently unreleased. This broke the install for a number of users so the intent of this release is to push out a couple of features and bugfixes with the go 1.23 specific changes removed.\u003c/p\u003e\n\u003cp\u003eReleases should be used exclusively until go 1.23 is released.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove File System Path Handling by \u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/272\"\u003e#272\u003c/a\u003e: feat: Add support for paritioned attribute in cookies as per chrome 3rd party cookie phaseout by \u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix no default samesite by \u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix gorillatoolkit link in README.md by \u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/sessions/compare/v1.2.2...v1.3.0\"\u003ehttps://github.com/gorilla/sessions/compare/v1.2.2...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/230\"\u003egorilla/sessions#230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: use base32 encoder with no padding by \u003ca href=\"https://github.com/leungyauming\"\u003e\u003ccode\u003e@​leungyauming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/240\"\u003egorilla/sessions#240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add new TiKV store to README by \u003ca href=\"https://github.com/ryicoh\"\u003e\u003ccode\u003e@​ryicoh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/245\"\u003egorilla/sessions#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix linting errors for go1.17 by \u003ca href=\"https://github.com/mariusor\"\u003e\u003ccode\u003e@​mariusor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/253\"\u003egorilla/sessions#253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/261\"\u003egorilla/sessions#261\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/bb4cd60c952a9ce48ea0dc6cc7b282ff79c38263\"\u003e\u003ccode\u003ebb4cd60\u003c/code\u003e\u003c/a\u003e chore: Update readme to relect go 1.23 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/e2083f956282b2e627d9734f4ebbd51fa0339f09\"\u003e\u003ccode\u003ee2083f9\u003c/code\u003e\u003c/a\u003e chore: update to go 1.23 for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/6eef180e176e826b77f4d2f5f8e1cf855a87db02\"\u003e\u003ccode\u003e6eef180\u003c/code\u003e\u003c/a\u003e fix: Missing SameSite attribute on options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/a56e60c14e37beb3f690c14311c8ad7be7580bb5\"\u003e\u003ccode\u003ea56e60c\u003c/code\u003e\u003c/a\u003e Add mysql store to the readme (\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/466d29e7f343560836292b7c922e1385e908ef95\"\u003e\u003ccode\u003e466d29e\u003c/code\u003e\u003c/a\u003e chore: Update readme and copyrights\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/7a8159ef2d1bc1afea2b9fbb52e947ded867cf0c\"\u003e\u003ccode\u003e7a8159e\u003c/code\u003e\u003c/a\u003e chore(go): Remove go version 1.11 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/ff5660f3c355c08371621b642d76c7a4c88836c6\"\u003e\u003ccode\u003eff5660f\u003c/code\u003e\u003c/a\u003e chore(go): Add warning about main branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/8e2d54718e949e895e6a0268e9d4df396b3fbe06\"\u003e\u003ccode\u003e8e2d547\u003c/code\u003e\u003c/a\u003e chore(go): Remove vendored dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/c373b3e334dc26e3e513168292d784d7773f7d27\"\u003e\u003ccode\u003ec373b3e\u003c/code\u003e\u003c/a\u003e Fix gorillatoolkit link in README.md (\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/278\"\u003e#278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/ef99c782e9aae430b326a614151c983dcd7c2c1d\"\u003e\u003ccode\u003eef99c78\u003c/code\u003e\u003c/a\u003e fix(cookie): Add default samesite (\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/276\"\u003e#276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/sessions/compare/v1.2.1...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/open-policy-agent/opa` from 1.4.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/releases\"\u003egithub.com/open-policy-agent/opa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.11.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore efficient connection management in the \u003ccode\u003ehttp.send\u003c/code\u003e built-in function\u003c/li\u003e\n\u003cli\u003eMore performant loading of large bundles containing multiple Rego files\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImmutable Releases\u003c/h3\u003e\n\u003cp\u003eStarting with this release, OPA releases are \u003ca href=\"https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases\"\u003eimmutable\u003c/a\u003e for increased security.\u003c/p\u003e\n\u003ch3\u003eRuntime, SDK, Tooling\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ev1/ast: Fix Call parsing Text attribute including an extra character (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7989\"\u003e#7989\u003c/a\u003e) authored by \u003ca href=\"https://github.com/schmitd\"\u003e\u003ccode\u003e@​schmitd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Export built-in deprecated field (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7912\"\u003e#7912\u003c/a\u003e) authored by \u003ca href=\"https://github.com/colinjlacy\"\u003e\u003ccode\u003e@​colinjlacy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Intern common var values + some parser improvements (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8028\"\u003e#8028\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Support custom builtins in CompileModulesWithOpt (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/5580\"\u003e#8061\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebundle: Concurrent Rego parsing in bundle loader (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8067\"\u003e#8067\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecmd: Support \u003ccode\u003e--ignore\u003c/code\u003e in \u003ccode\u003eeval\u003c/code\u003e cmd when using bundle flag (\u003ccode\u003e--bundle\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8062\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage/inmem: Allow passing triggers (AST) data without conversion (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7958\"\u003e#7958\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCompiler, Topdown and Rego\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etopdown: Avoid unnecessary use of custom \u003ccode\u003ehttp.Transport\u003c/code\u003e in \u003ccode\u003ehttp.send\u003c/code\u003e built-in (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7927\"\u003e#7927\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sykesm\"\u003e\u003ccode\u003e@​sykesm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: New custom SemVer implementation (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8010\"\u003e#8010\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: Use \u003ccode\u003esync.Pool\u003c/code\u003e for eval func objects (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8054\"\u003e#8054\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs, Website, Ecosystem\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edocs: Add example for Compile API's table mapping (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8017\"\u003e#8017\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address pages with similar titles (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8046\"\u003e#8046\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address some broken links (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8022\"\u003e#8022\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Bump glob dep (CVE-2025-64756) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8056\"\u003e#8056\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Improve ground value and assignment docs (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8047\"\u003e#8047\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make iteration content flow better (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8064\"\u003e#8064\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Note package repos are community maintained (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8053\"\u003e#8053\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update terraform guide with notes about plan (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8043\"\u003e#8043\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the archive to have an edge link (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8011\"\u003e#8011\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the policy language intro (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8050\"\u003e#8050\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/ocp: Datasource example uses wrong AWS S3 URL (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8039\"\u003e#8039\u003c/a\u003e) authored by \u003ca href=\"https://github.com/SuchSkill\"\u003e\u003ccode\u003e@​SuchSkill\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/regal: Replicate sidebar fixes (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8036\"\u003e#8036\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewebsite: Various fixes and improvements by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump golangci-lint, more gocritic linters (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8052\"\u003e#8052\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTidy up and unify sync pool handling (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8068\"\u003e#8068\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuiltins: Add \u003ccode\u003eStringOperandByteSlice\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8048\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Add test cases for consistent cache behavior (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8015\"\u003e#8015\u003c/a\u003e) authored by \u003ca href=\"https://github.com/DFrenkel\"\u003e\u003ccode\u003e@​DFrenkel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutil/performance: Remove math.Log10, remove unused KeysCount (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8041\"\u003e#8041\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eworkflow: Add \u003ccode\u003eBenchmarks\u003c/code\u003e workflow (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8072\"\u003e#8072\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md\"\u003egithub.com/open-policy-agent/opa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.11.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore efficient connection management in the \u003ccode\u003ehttp.send\u003c/code\u003e built-in function\u003c/li\u003e\n\u003cli\u003eMore performant loading of large bundles containing multiple Rego files\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImmutable Releases\u003c/h3\u003e\n\u003cp\u003eStarting with this release, OPA releases are \u003ca href=\"https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases\"\u003eimmutable\u003c/a\u003e for increased security.\u003c/p\u003e\n\u003ch3\u003eRuntime, SDK, Tooling\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ev1/ast: Fix Call parsing Text attribute including an extra character (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7989\"\u003e#7989\u003c/a\u003e) authored by \u003ca href=\"https://github.com/schmitd\"\u003e\u003ccode\u003e@​schmitd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Export built-in deprecated field (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7912\"\u003e#7912\u003c/a\u003e) authored by \u003ca href=\"https://github.com/colinjlacy\"\u003e\u003ccode\u003e@​colinjlacy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Intern common var values + some parser improvements (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8028\"\u003e#8028\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Support custom builtins in CompileModulesWithOpt (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/5580\"\u003e#8061\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebundle: Concurrent Rego parsing in bundle loader (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8067\"\u003e#8067\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecmd: Support \u003ccode\u003e--ignore\u003c/code\u003e in \u003ccode\u003eeval\u003c/code\u003e cmd when using bundle flag (\u003ccode\u003e--bundle\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8062\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage/inmem: Allow passing triggers (AST) data without conversion (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7958\"\u003e#7958\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCompiler, Topdown and Rego\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etopdown: Avoid unnecessary use of custom \u003ccode\u003ehttp.Transport\u003c/code\u003e in \u003ccode\u003ehttp.send\u003c/code\u003e built-in (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7927\"\u003e#7927\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sykesm\"\u003e\u003ccode\u003e@​sykesm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: New custom SemVer implementation (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8010\"\u003e#8010\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: Use \u003ccode\u003esync.Pool\u003c/code\u003e for eval func objects (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8054\"\u003e#8054\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs, Website, Ecosystem\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edocs: Add example for Compile API's table mapping (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8017\"\u003e#8017\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address pages with similar titles (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8046\"\u003e#8046\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address some broken links (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8022\"\u003e#8022\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Bump glob dep (CVE-2025-64756) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8056\"\u003e#8056\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Improve ground value and assignment docs (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8047\"\u003e#8047\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make iteration content flow better (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8064\"\u003e#8064\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Note package repos are community maintained (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8053\"\u003e#8053\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update terraform guide with notes about plan (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8043\"\u003e#8043\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the archive to have an edge link (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8011\"\u003e#8011\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the policy language intro (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8050\"\u003e#8050\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/ocp: Datasource example uses wrong AWS S3 URL (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8039\"\u003e#8039\u003c/a\u003e) authored by \u003ca href=\"https://github.com/SuchSkill\"\u003e\u003ccode\u003e@​SuchSkill\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/regal: Replicate sidebar fixes (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8036\"\u003e#8036\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewebsite: Various fixes and improvements by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump golangci-lint, more gocritic linters (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8052\"\u003e#8052\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTidy up and unify sync pool handling (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8068\"\u003e#8068\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuiltins: Add \u003ccode\u003eStringOperandByteSlice\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8048\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Add test cases for consistent cache behavior (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8015\"\u003e#8015\u003c/a\u003e) authored by \u003ca href=\"https://github.com/DFrenkel\"\u003e\u003ccode\u003e@​DFrenkel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutil/performance: Remove math.Log10, remove unused KeysCount (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8041\"\u003e#8041\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/45cbfa1d83841971d0db96b7803b5aeeae91020e\"\u003e\u003ccode\u003e45cbfa1\u003c/code\u003e\u003c/a\u003e Prepare v1.11.0 release (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8076\"\u003e#8076\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/36590cd7665d0650eb12d4ec0818db0007a514b6\"\u003e\u003ccode\u003e36590cd\u003c/code\u003e\u003c/a\u003e deps: bump wasmtime-go v37 -\u0026gt; v39\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/545de92907b1edb9a2675d7b4aa49d47f733a84e\"\u003e\u003ccode\u003e545de92\u003c/code\u003e\u003c/a\u003e workflow: add 'Benchmarks' workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/6341217206559008f82d5198a04733bfd7f48bc5\"\u003e\u003ccode\u003e6341217\u003c/code\u003e\u003c/a\u003e ast: Export built-in deprecated field (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8069\"\u003e#8069\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d82c21c9d360799c6f0baad89b1fef1266cb9d02\"\u003e\u003ccode\u003ed82c21c\u003c/code\u003e\u003c/a\u003e cmd: Support --ignore in eval cmd when using bundle flag (-b) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8062\"\u003e#8062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/dd2ccc70249bc46e4a09e83396f4934f48ca1022\"\u003e\u003ccode\u003edd2ccc7\u003c/code\u003e\u003c/a\u003e Tidy up and unify sync pool handling (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8068\"\u003e#8068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/51a50ca042848326354e292a2b77fe8657ac8470\"\u003e\u003ccode\u003e51a50ca\u003c/code\u003e\u003c/a\u003e Concurrent Rego parsing in bundle loader (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/3882d813924a3cf3f24fe29d04d9d5bd535aba08\"\u003e\u003ccode\u003e3882d81\u003c/code\u003e\u003c/a\u003e build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /e2e (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8066\"\u003e#8066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d198154dd6b159def4586cc475b658e6ab06d176\"\u003e\u003ccode\u003ed198154\u003c/code\u003e\u003c/a\u003e build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8065\"\u003e#8065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/015175c08a1fecf7a1a21e96e804fc4394e748f8\"\u003e\u003ccode\u003e015175c\u003c/code\u003e\u003c/a\u003e docs: Make iteration content flow better (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8064\"\u003e#8064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-policy-agent/opa/compare/v1.4.0...v1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/twmb/murmur3` from 1.1.6 to 1.1.8\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/3fcd9c20f2443ea2612fca5675f4cf6849e809b9\"\u003e\u003ccode\u003e3fcd9c2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/twmb/murmur3/issues/12\"\u003e#12\u003c/a\u003e from twmb/no_asm_gccgo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/ae6072290e1e24d52ecb76b717fff41583c4d4d6\"\u003e\u003ccode\u003eae60722\u003c/code\u003e\u003c/a\u003e avoid amd64 hand rolled go asm on gccgo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/210dd316651419f3403ae3443b8724e33538eeec\"\u003e\u003ccode\u003e210dd31\u003c/code\u003e\u003c/a\u003e murmur3: duplicate generic logic for slices\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/753d98dbde7d1b1239ef99efed7782e196a064b4\"\u003e\u003ccode\u003e753d98d\u003c/code\u003e\u003c/a\u003e delete .travis.yml\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/twmb/murmur3/compare/v1.1.6...v1.1.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/sync` from 0.17.0 to 0.18.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/sync/commit/1966f539bbd7664efd5bb7462ae94d9db67f4502\"\u003e\u003ccode\u003e1966f53\u003c/code\u003e\u003c/a\u003e errgroup: fix some typos in comment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/sync/compare/v0.17.0...v0.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zombiezen.com/go/sqlite` from 0.12.0 to 1.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zombiezen/go-sqlite/releases\"\u003ezombiezen.com/go/sqlite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.2\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.37.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.1\u003c/h2\u003e\n\u003cp\u003eVersion 1.4.1 updates the \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version to 1.36.1 and includes a couple small improvements.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.36.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e*Stmt.ColumnName\u003c/code\u003e no longer performs an allocation (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/118\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe doc comment for \u003ccode\u003eOpenFlags\u003c/code\u003e has been rewritten for clarity (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/114\"\u003e#114\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.0\u003c/h2\u003e\n\u003cp\u003eVersion 1.4 adds the \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e function and fixes several bugs.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew function \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eConn.Close\u003c/code\u003e returns an error if the connection has already been closed (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/101\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.33.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esqlite3_initialize\u003c/code\u003e is now called from any top-level function to prevent race conditions during initialization. (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/18\"\u003e#18\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cp\u003eVersion 1.3 is largely a bug-fix release, but is a minor version change because of the new \u003ccode\u003esqlitemigration.Pool.Take\u003c/code\u003e method.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esqlitemigration.Pool\u003c/code\u003e now has a new method \u003ccode\u003eTake\u003c/code\u003e so that it implements a common interface with \u003ccode\u003esqlitex.Pool\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/97\"\u003e#97\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDocumented \u003ccode\u003eOpenWAL\u003c/code\u003e behavior on \u003ccode\u003esqlite.OpenConn\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress low-frequency errors with concurrent use of \u003ccode\u003esqlitemigration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/99\"\u003e#99\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe error returned from \u003ccode\u003esqlitex.NewPool\u003c/code\u003e when trying to open an in-memory database now gives correct advice (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/92\"\u003e#92\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.0\u003c/h2\u003e\n\u003cp\u003eVersion 1.2.0 adds a \u003ccode\u003esqlitex.Pool.Take\u003c/code\u003e method and improves error messages.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zombiezen/go-sqlite/blob/main/CHANGELOG.md\"\u003ezombiezen.com/go/sqlite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/releases/tag/v1.4.2\"\u003e1.4.2\u003c/a\u003e - 2025-05-23\u003c/h2\u003e\n\u003cp\u003eVersion 1.4.2 updates the \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version to 1.37.1.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.37.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/releases/tag/v1.4.1\"\u003e1.4.1\u003c/a\u003e - 2025-05-23\u003c/h2\u003e\n\u003cp\u003eVersion 1.4.1 updates the \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version to 1.36.1\nand includes a couple small improvements.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.36.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e*Stmt.ColumnName\u003c/code\u003e no longer performs an allocation\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/118\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe doc comment for \u003ccode\u003eOpenFlags\u003c/code\u003e has been rewritten for clarity\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/114\"\u003e#114\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/releases/tag/v1.4.0\"\u003e1.4.0\u003c/a\u003e - 2024-09-23\u003c/h2\u003e\n\u003cp\u003eVersion 1.4 adds the \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e function\nand fixes several bugs.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew function \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e.\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eConn.Close\u003c/code\u003e returns an error if the connection has already been closed\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/101\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.33.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esqlite3_initialize\u003c/code\u003e is now called from any top-level function\nto prevent race conditions during initialization.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/e5fb83745cf1640f27b86f6560ca32f50b2442e9\"\u003e\u003ccode\u003ee5fb837\u003c/code\u003e\u003c/a\u003e Update to modernc.org/sqlite@v1.37.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/efbdce7140799460d0a982383214e78ca4df4046\"\u003e\u003ccode\u003eefbdce7\u003c/code\u003e\u003c/a\u003e Update release notes for 1.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/be4fd8a65bbd8a8035c1abd7ec0b1088e7bb3f58\"\u003e\u003ccode\u003ebe4fd8a\u003c/code\u003e\u003c/a\u003e Eliminate allocation in \u003ccode\u003e*Stmt.ColumnName\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/eeceddedbf9698a7de0a00bb54fa49e5e6133318\"\u003e\u003ccode\u003eeecedde\u003c/code\u003e\u003c/a\u003e Update Go version used in dev and CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/eabfdc8f554ab021b6da325d2a599bd97a307f04\"\u003e\u003ccode\u003eeabfdc8\u003c/code\u003e\u003c/a\u003e Upgrade to modernc.org/sqlite@v3.36.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/a3512a3f26ed07fb3ad7a0774fc05d30a2dd3e21\"\u003e\u003ccode\u003ea3512a3\u003c/code\u003e\u003c/a\u003e Adjust \u003ccode\u003eOpenFlags\u003c/code\u003e comment wording for clarity when rendered  (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/ac68309514835610d4ec5c620278cbc5ff09003d\"\u003e\u003ccode\u003eac68309\u003c/code\u003e\u003c/a\u003e Update release notes for 1.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/c9384e71e0f1724e6374830815bdcb3408cb5e92\"\u003e\u003ccode\u003ec9384e7\u003c/code\u003e\u003c/a\u003e Update modernc.org/sqlite version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/34980cfe3bcbc742884924b245dc5dbd6a63b6aa\"\u003e\u003ccode\u003e34980cf\u003c/code\u003e\u003c/a\u003e Add explicit synchronization for sqlite3_initialize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/c29a6572e877d3c21e7be6534f56782b75e81866\"\u003e\u003ccode\u003ec29a657\u003c/code\u003e\u003c/a\u003e Add sqlitex.ResultBytes function (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com...\n\n_Description has been truncated_","html_url":"https://github.com/sargassum-world/godest/pull/85","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sargassum-world%2Fgodest/issues/85","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/85/packages"},{"uuid":"3533428276","node_id":"PR_kwDOK-QMD86urzR_","number":356,"state":"open","title":"build(deps): bump the backend group across 1 directory with 24 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-10-20T18:12:20.000Z","updated_at":"2025-10-21T18:13:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"backend","update_count":24,"packages":[{"name":"github.com/Masterminds/semver/v3","old_version":"3.3.1","new_version":"3.4.0","repository_url":"https://github.com/Masterminds/semver"},{"name":"github.com/aquasecurity/trivy","old_version":"0.58.1","new_version":"0.67.2","repository_url":"https://github.com/aquasecurity/trivy"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/operator-framework/api","old_version":"0.29.0","new_version":"0.35.0","repository_url":"https://github.com/operator-framework/api"},{"name":"github.com/pquerna/otp","old_version":"1.4.0","new_version":"1.5.0","repository_url":"https://github.com/pquerna/otp"},{"name":"github.com/rs/zerolog","old_version":"1.33.0","new_version":"1.34.0","repository_url":"https://github.com/rs/zerolog"},{"name":"oras.land/oras-go","old_version":"1.2.6","new_version":"1.2.7","repository_url":"https://github.com/oras-project/oras-go"},{"name":"sigs.k8s.io/krew","old_version":"0.4.4","new_version":"0.4.5","repository_url":"https://github.com/kubernetes-sigs/krew"}],"path":null,"ecosystem":"go"},"body":"Bumps the backend group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.3.1` | `3.4.0` |\n| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.58.1` | `0.67.2` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n| [github.com/operator-framework/api](https://github.com/operator-framework/api) | `0.29.0` | `0.35.0` |\n| [github.com/pquerna/otp](https://github.com/pquerna/otp) | `1.4.0` | `1.5.0` |\n| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.33.0` | `1.34.0` |\n| [oras.land/oras-go](https://github.com/oras-project/oras-go) | `1.2.6` | `1.2.7` |\n| [sigs.k8s.io/krew](https://github.com/kubernetes-sigs/krew) | `0.4.4` | `0.4.5` |\n\n\nUpdates `github.com/Masterminds/semver/v3` from 3.3.1 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/releases\"\u003egithub.com/Masterminds/semver/v3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cp\u003eThere are a few changes in this release to highlight:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003ccode\u003eConstraints\u003c/code\u003e now has a property \u003ccode\u003eIncludePrerelease\u003c/code\u003e. When set to true the \u003ccode\u003eCheck\u003c/code\u003e and \u003ccode\u003eValidate\u003c/code\u003e methods will include prereleases.\u003c/li\u003e\n\u003cli\u003eWhen an AND group has one constraint with a prerelease but more than one constraint then prereleases will be included. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2\u003c/code\u003e. In the past this would not have included prereleases because each constraint needed to have a prerelease. Now, only one constraint needs to have a prerelease. This is considered a long standing bug fix. Note, this does not carry across OR groups. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2 || \u0026gt; 3\u003c/code\u003e. In this case, prereleases will not be included when evaluating against \u003ccode\u003e\u0026gt;3\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eNewVersion\u003c/code\u003e coercion with leading \u0026quot;0\u0026quot;'s is restored. This can be disabled by setting the package level property \u003ccode\u003eCoerceNewVersion\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix the CodeQL link by \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore detailed errors when failed to parse with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/262\"\u003eMasterminds/semver#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating go version tested with by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/263\"\u003eMasterminds/semver#263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore the ability to have leading 0's with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/266\"\u003eMasterminds/semver#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle pre-releases on all in an and group by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/267\"\u003eMasterminds/semver#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd property to include prereleases by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/268\"\u003eMasterminds/semver#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating the error message handling by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/269\"\u003eMasterminds/semver#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the release notes and readme for new version by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/270\"\u003eMasterminds/semver#270\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ehttps://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/blob/master/CHANGELOG.md\"\u003egithub.com/Masterminds/semver/v3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.0 (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e: Added property to Constraints to include prereleases for Check and Validate\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/263\"\u003e#263\u003c/a\u003e: Updated Go testing for 1.24, 1.23, and 1.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e: Updated the error message handling for message case and wrapping errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e: Restore the ability to have leading 0's when parsing with NewVersion.\nOpt-out of this by setting CoerceNewVersion to false.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/257\"\u003e#257\u003c/a\u003e: Fixed the CodeQL link (thanks \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/262\"\u003e#262\u003c/a\u003e: Restored detailed errors when failed to parse with NewVersion. Opt-out\nof this by setting DetailedNewVersionErrors to false for faster performance.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e: Handle pre-releases for an \u0026quot;and\u0026quot; group if one constraint includes them\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/61fc460d28283a91c53be65c2e0f20b494ac8ad9\"\u003e\u003ccode\u003e61fc460\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/270\"\u003e#270\u003c/a\u003e from mattfarina/relnotes-3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/69a63e729f6254d980ff39c4ac89b5990f2be449\"\u003e\u003ccode\u003e69a63e7\u003c/code\u003e\u003c/a\u003e Update the release notes and readme for new version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/dc05094bcba909be3d0c14364bb14b5e9142dad4\"\u003e\u003ccode\u003edc05094\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e from mattfarina/lowercase-error-strings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/a2cd9c2c2e49a0a0af115a08be31d410eacdf9e4\"\u003e\u003ccode\u003ea2cd9c2\u003c/code\u003e\u003c/a\u003e Updating the error message handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/9760c473b7cc395e48276f7f2d0c33ae824e123a\"\u003e\u003ccode\u003e9760c47\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e from mattfarina/include-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/c3747513c320448dfaf6f75c6a06a14a6221896f\"\u003e\u003ccode\u003ec374751\u003c/code\u003e\u003c/a\u003e Add property to include prereleases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/057c901b9979a2a6b8e06adfbf96349a641ba2e1\"\u003e\u003ccode\u003e057c901\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e from mattfarina/fix-259\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/abab1c2f5fcf52a1483bfc4be892a0ad42afd09a\"\u003e\u003ccode\u003eabab1c2\u003c/code\u003e\u003c/a\u003e Handle pre-releases on all in an and group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/ebda872fa10e6cc730c5973bbdb512b9511eb65e\"\u003e\u003ccode\u003eebda872\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e from mattfarina/restore-calver\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/4ed619ef3b4f63d7c94b2e19725c2719054de3bd\"\u003e\u003ccode\u003e4ed619e\u003c/code\u003e\u003c/a\u003e Restore the ability to have leading 0's with NewVersion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aquasecurity/trivy` from 0.58.1 to 0.67.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/releases\"\u003egithub.com/aquasecurity/trivy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.67.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e60c57ad5ad7f270cecb51dff2dbf4d680114f6f8 release: v0.67.2 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9639\"\u003e#9639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef3ee80c8e0a92a7d61f2fee21bfb9a44d95067da fix: Use \u003ccode\u003efetch-level: 1\u003c/code\u003e to check out trivy-repo in the release workflow [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9638\"\u003e#9638\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.67.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ecbed239f3990f5d366c4604a0f57f7785e7e9ec5 release: v0.67.1 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9614\"\u003e#9614\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e1a840935bbd93b26bdbe3994d68487ca134fc407 fix: restore compatibility for google.protobuf.Value [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9631\"\u003e#9631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e3bc1490c8ca941989e219b9fccacff0f72df950c fix: using SrcVersion instead of Version for echo detector [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9629\"\u003e#9629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e542eee7c387de4ef885ee7364b0264c0fd614587 fix: add \u003ccode\u003ebuildInfo\u003c/code\u003e for \u003ccode\u003eBlobInfo\u003c/code\u003e in \u003ccode\u003erpc\u003c/code\u003e package [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9615\"\u003e#9615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef65dd053096795e7beb88c92340430ee8d89c3e8 fix(vex): don't use reused BOM [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9612\"\u003e#9612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.67.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9550\"\u003e👉 Trivy v0.67.0 release notes (click here)\u003c/a\u003e\u003c/h2\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.67.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐳 New Docker Install option\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edocker pull get.trivy.dev/image/trivy:0.67.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0670-2025-09-30\"\u003ehttps://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0670-2025-09-30\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.66.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9424\"\u003e👉 Trivy v.66.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.66.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0660-2025-09-02\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.65.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9287\"\u003e👉 Trivy v.65.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/blob/v0.67.2/CHANGELOG.md\"\u003egithub.com/aquasecurity/trivy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.67.1...v0.67.2\"\u003e0.67.2\u003c/a\u003e (2025-10-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003efetch-level: 1\u003c/code\u003e to check out trivy-repo in the release workflow [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9638\"\u003e#9638\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f3ee80c8e0a92a7d61f2fee21bfb9a44d95067da\"\u003ef3ee80c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.67.0...v0.67.1\"\u003e0.67.1\u003c/a\u003e (2025-10-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebuildInfo\u003c/code\u003e for \u003ccode\u003eBlobInfo\u003c/code\u003e in \u003ccode\u003erpc\u003c/code\u003e package [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9615\"\u003e#9615\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/542eee7c387de4ef885ee7364b0264c0fd614587\"\u003e542eee7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore compatibility for google.protobuf.Value [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9631\"\u003e#9631\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1a840935bbd93b26bdbe3994d68487ca134fc407\"\u003e1a84093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eusing SrcVersion instead of Version for echo detector [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9629\"\u003e#9629\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/3bc1490c8ca941989e219b9fccacff0f72df950c\"\u003e3bc1490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evex:\u003c/strong\u003e don't use reused BOM [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9612\"\u003e#9612\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f65dd053096795e7beb88c92340430ee8d89c3e8\"\u003ef65dd05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.66.0...v0.67.0\"\u003e0.67.0\u003c/a\u003e (2025-09-30)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd documentation URL for database lock errors (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9531\"\u003e#9531\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/eba48afd583391cef346e45a176aa5a6d77b704f\"\u003eeba48af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e change --list-all-pkgs default to true (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9510\"\u003e#9510\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/7b663d86ca65ee3eb332c857b77bfa18e6da56c4\"\u003e7b663d8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecloudformation:\u003c/strong\u003e support default values and list results in Fn::FindInMap (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9515\"\u003e#9515\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/42b3bf37bb7d39139911843297c8b8ab3551c31a\"\u003e42b3bf3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecyclonedx:\u003c/strong\u003e preserve SBOM structure when scanning SBOM files with vulnerability updates (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9439\"\u003e#9439\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/aff03ebab2e7874dd997e20b4ec9962a41eae7bb\"\u003eaff03eb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eredhat:\u003c/strong\u003e add os-release detection for RHEL-based images (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9458\"\u003e#9458\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/cb25a074501c5cf48050fdf6a0ae7c85c4f385ea\"\u003ecb25a07\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e added support for CoreOS (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9448\"\u003e#9448\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/6d562a3b48926b6efd508e067e1059564173b270\"\u003e6d562a3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eseal:\u003c/strong\u003e add seal support (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9370\"\u003e#9370\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/e4af279b29ed5b77ed1d62e31b232b1f9b92ef4f\"\u003ee4af279\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eaws:\u003c/strong\u003e use \u003ccode\u003eBuildableClient\u003c/code\u003e insead of \u003ccode\u003exhttp.Client\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9436\"\u003e#9436\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/fa6f1bfecfb68c29ad4684a6fb5d86948c7d6887\"\u003efa6f1bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclose file descriptors and pipes on error paths (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9536\"\u003e#9536\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/a4cbd6a1380b7b4dc650a312ec4e5bc47501f674\"\u003ea4cbd6a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edb:\u003c/strong\u003e Dowload database when missing but metadata still exists (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9393\"\u003e#9393\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/92ebc7e4d72424c17d93c54e5f24891710c85a60\"\u003e92ebc7e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ek8s:\u003c/strong\u003e disable parallel traversal with fs cache for k8s images (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9534\"\u003e#9534\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/c0c7a6bf1b92c868ed44172b3cd15c51667b8a6e\"\u003ec0c7a6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e handle tofu files in module detection (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9486\"\u003e#9486\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/bfd2f6ba697c223d60a7378283293d8e1fc8a8fe\"\u003ebfd2f6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e strip build metadata suffixes from image history (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9498\"\u003e#9498\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/c9388069a4325a9f8bc53bc8a82ff46d84d06847\"\u003ec938806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e unmark cty values before access (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9495\"\u003e#9495\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/8e40d27a43ecb96795a8a7d4a2444241fc7fce9a\"\u003e8e40d27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e wrap legacy ENV values in quotes to preserve spaces (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9497\"\u003e#9497\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/267a9700fa233abe1a04eada8f3ea513f3ebacb3\"\u003e267a970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enodejs:\u003c/strong\u003e parse workspaces as objects for package-lock.json files (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9518\"\u003e#9518\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/404abb3d91cb3b1c1ee027169de5a40e32ba8b8a\"\u003e404abb3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enodejs:\u003c/strong\u003e use snapshot string as \u003ccode\u003ePackage.ID\u003c/code\u003e for pnpm packages (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9330\"\u003e#9330\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/4517e8c0ef5e942b8e2e498729257374634ffbf8\"\u003e4517e8c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evex:\u003c/strong\u003e don't  suppress vulns for packages with infinity loop (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9465\"\u003e#9465\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/78f0d4ae0378f81940a5faa6497e6905cb5d034a\"\u003e78f0d4a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evuln:\u003c/strong\u003e compare \u003ccode\u003enuget\u003c/code\u003e package names in lower case (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9456\"\u003e#9456\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1ff9ac79488e0d4deab4226f1a969676a9851cdb\"\u003e1ff9ac7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.65.0...v0.66.0\"\u003e0.66.0\u003c/a\u003e (2025-09-02)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/60c57ad5ad7f270cecb51dff2dbf4d680114f6f8\"\u003e\u003ccode\u003e60c57ad\u003c/code\u003e\u003c/a\u003e release: v0.67.2 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9639\"\u003e#9639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f3ee80c8e0a92a7d61f2fee21bfb9a44d95067da\"\u003e\u003ccode\u003ef3ee80c\u003c/code\u003e\u003c/a\u003e fix: Use \u003ccode\u003efetch-level: 1\u003c/code\u003e to check out trivy-repo in the release workflow [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/cbed239f3990f5d366c4604a0f57f7785e7e9ec5\"\u003e\u003ccode\u003ecbed239\u003c/code\u003e\u003c/a\u003e release: v0.67.1 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9614\"\u003e#9614\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1a840935bbd93b26bdbe3994d68487ca134fc407\"\u003e\u003ccode\u003e1a84093\u003c/code\u003e\u003c/a\u003e fix: restore compatibility for google.protobuf.Value [backport: release/v0.67...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/3bc1490c8ca941989e219b9fccacff0f72df950c\"\u003e\u003ccode\u003e3bc1490\u003c/code\u003e\u003c/a\u003e fix: using SrcVersion instead of Version for echo detector [backport: release...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/542eee7c387de4ef885ee7364b0264c0fd614587\"\u003e\u003ccode\u003e542eee7\u003c/code\u003e\u003c/a\u003e fix: add \u003ccode\u003ebuildInfo\u003c/code\u003e for \u003ccode\u003eBlobInfo\u003c/code\u003e in \u003ccode\u003erpc\u003c/code\u003e package [backport: release/v0.67...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f65dd053096795e7beb88c92340430ee8d89c3e8\"\u003e\u003ccode\u003ef65dd05\u003c/code\u003e\u003c/a\u003e fix(vex): don't use reused BOM [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9612\"\u003e#9612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/adeb362424506fbd6b9a6213297c1a211f94755e\"\u003e\u003ccode\u003eadeb362\u003c/code\u003e\u003c/a\u003e release: v0.67.0 [main] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9432\"\u003e#9432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/78f0d4ae0378f81940a5faa6497e6905cb5d034a\"\u003e\u003ccode\u003e78f0d4a\u003c/code\u003e\u003c/a\u003e fix(vex): don't  suppress vulns for packages with infinity loop (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9465\"\u003e#9465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/fa6f1bfecfb68c29ad4684a6fb5d86948c7d6887\"\u003e\u003ccode\u003efa6f1bf\u003c/code\u003e\u003c/a\u003e fix(aws): use \u003ccode\u003eBuildableClient\u003c/code\u003e insead of \u003ccode\u003exhttp.Client\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9436\"\u003e#9436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.58.1...v0.67.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/coreos/go-oidc` from 2.2.1+incompatible to 2.3.0+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/coreos/go-oidc/releases\"\u003egithub.com/coreos/go-oidc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport signed jwt userinfo response by \u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e*: s/Json/JSON/g to appease lint by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/255\"\u003ecoreos/go-oidc#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euserinfo - handling charset in Content-Type header by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/261\"\u003ecoreos/go-oidc#261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange Go Version Used in .travis.yml to v1.14 by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIDTokenVerifier: fix typo word in Verify function's comment by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/266\"\u003ecoreos/go-oidc#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ealso run travis tests under 1.15 by \u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esupport AWS Cognito, which is not completely OIDC compliant  by \u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded power support by \u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix up v2 CI by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/448\"\u003ecoreos/go-oidc#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to maintained go-jose library by \u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ehttps://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/b7e896c40598f5307b3b5a163b6ad02ae97ec1a5\"\u003e\u003ccode\u003eb7e896c\u003c/code\u003e\u003c/a\u003e Switch to maintained gopkg.in/go-jose/go-jose.v2 library\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a57141768115b09a2f823a17726d25c998a7fc9d\"\u003e\u003ccode\u003ea571417\u003c/code\u003e\u003c/a\u003e fix up v2 CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/e05c4c73b4b5f159727021bf2921c214f61b2688\"\u003e\u003ccode\u003ee05c4c7\u003c/code\u003e\u003c/a\u003e Added power support (\u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/0a5cd3377ca67c9a7b81961f8fb286bf59891370\"\u003e\u003ccode\u003e0a5cd33\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/257\"\u003e#257\u003c/a\u003e from OurRootsOrg/v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/8e61fd8dcfb5e3af82a8a808b7d85f1044548d29\"\u003e\u003ccode\u003e8e61fd8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/275\"\u003e#275\u003c/a\u003e from mikedanese/bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a4badd1273bf233eccb3fe596b27ba8054fa9bb4\"\u003e\u003ccode\u003ea4badd1\u003c/code\u003e\u003c/a\u003e also run travis tests under 1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/50700f92176680a141cb7ccb894de3b09a30b709\"\u003e\u003ccode\u003e50700f9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/266\"\u003e#266\u003c/a\u003e from dickynovanto1103/fix-typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/86d950ac3f3c4a8ef9ca3197a5a0187c5b2e60d7\"\u003e\u003ccode\u003e86d950a\u003c/code\u003e\u003c/a\u003e IDTokenVerifier: fix typo word: \u003ccode\u003epreforms\u003c/code\u003e to \u003ccode\u003eperforms\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/638d1d6486cae85e18718a1c2a71259ae05f4855\"\u003e\u003ccode\u003e638d1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/268\"\u003e#268\u003c/a\u003e from dickynovanto1103/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/2b28d0cc38907454ddd8644363eb1e893ac07b69\"\u003e\u003ccode\u003e2b28d0c\u003c/code\u003e\u003c/a\u003e add support for AWS Cognito, which returns email_verified as a string instead...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-chi/chi/v5` from 5.2.0 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-chi/chi/releases\"\u003egithub.com/go-chi/chi/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd pathvalue example to README and implement PathValue handler. by \u003ca href=\"https://github.com/catatsuy\"\u003e\u003ccode\u003e@​catatsuy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/985\"\u003ego-chi/chi#985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow multiple whitespace between method \u0026amp; pattern by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1013\"\u003ego-chi/chi#1013\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid potential nil dereference by \u003ca href=\"https://github.com/ProjectMutilation\"\u003e\u003ccode\u003e@​ProjectMutilation\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1008\"\u003ego-chi/chi#1008\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(mux): support http.Request.Pattern in Go 1.23 by \u003ca href=\"https://github.com/Gusted\"\u003e\u003ccode\u003e@​Gusted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/986\"\u003ego-chi/chi#986\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix/608 - Fix flaky Throttle middleware test by synchronizing token usage by \u003ca href=\"https://github.com/OtavioBernardes\"\u003e\u003ccode\u003e@​OtavioBernardes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1016\"\u003ego-chi/chi#1016\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimize throttle middleware by avoiding unnecessary timer creation by \u003ca href=\"https://github.com/vasayxtx\"\u003e\u003ccode\u003e@​vasayxtx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1011\"\u003ego-chi/chi#1011\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify wildcard replacement in route patterns by \u003ca href=\"https://github.com/srpvpn\"\u003e\u003ccode\u003e@​srpvpn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1012\"\u003ego-chi/chi#1012\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace methodTypString func with reverseMethodMap by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1018\"\u003ego-chi/chi#1018\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ProjectMutilation\"\u003e\u003ccode\u003e@​ProjectMutilation\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1008\"\u003ego-chi/chi#1008\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Gusted\"\u003e\u003ccode\u003e@​Gusted\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/986\"\u003ego-chi/chi#986\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OtavioBernardes\"\u003e\u003ccode\u003e@​OtavioBernardes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1016\"\u003ego-chi/chi#1016\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/srpvpn\"\u003e\u003ccode\u003e@​srpvpn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1012\"\u003ego-chi/chi#1012\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.2...v5.2.3\"\u003ehttps://github.com/go-chi/chi/compare/v5.2.2...v5.2.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse strings.Cut in a few places by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/971\"\u003ego-chi/chi#971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix non-constant format strings in t.Fatalf by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/972\"\u003ego-chi/chi#972\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply fieldalignment fixes to optimize struct memory layout by \u003ca href=\"https://github.com/pixel365\"\u003e\u003ccode\u003e@​pixel365\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/974\"\u003ego-chi/chi#974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ego 1.24 by \u003ca href=\"https://github.com/pkieltyka\"\u003e\u003ccode\u003e@​pkieltyka\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/977\"\u003ego-chi/chi#977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: delint ioutil usage by \u003ca href=\"https://github.com/costela\"\u003e\u003ccode\u003e@​costela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/962\"\u003ego-chi/chi#962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed typo in Router interface definition by \u003ca href=\"https://github.com/mithileshgupta12\"\u003e\u003ccode\u003e@​mithileshgupta12\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/958\"\u003ego-chi/chi#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for TinyGo by \u003ca href=\"https://github.com/efraimbart\"\u003e\u003ccode\u003e@​efraimbart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/978\"\u003ego-chi/chi#978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExclude middleware/profiler.go in TinyGo, as there's no net/http/pprof pkg by \u003ca href=\"https://github.com/cxjava\"\u003e\u003ccode\u003e@​cxjava\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/982\"\u003ego-chi/chi#982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake use of strings.Cut by \u003ca href=\"https://github.com/scop\"\u003e\u003ccode\u003e@​scop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1005\"\u003ego-chi/chi#1005\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange install command format to code block by \u003ca href=\"https://github.com/sglkc\"\u003e\u003ccode\u003e@​sglkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1001\"\u003ego-chi/chi#1001\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect documentation by \u003ca href=\"https://github.com/mrdomino\"\u003e\u003ccode\u003e@​mrdomino\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/992\"\u003ego-chi/chi#992\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity fix\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/go-chi/chi/security/advisories/GHSA-vrw8-fxc6-2r93\"\u003eGHSA-vrw8-fxc6-2r93\u003c/a\u003e - \u0026quot;Host Header Injection Leads to Open Redirect in RedirectSlashes\u0026quot; \u003ca href=\"https://github.com/go-chi/chi/commit/1be7ad938cc9c5b39a9dea01a5c518848928ab65\"\u003ecommit\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003ea lower-severity Open Redirect that can't be exploited in browser or email client, as it requires manipulation of a Host header\u003c/li\u003e\n\u003cli\u003ereported by Anuraag Baishya, \u003ca href=\"https://github.com/anuraagbaishya\"\u003e\u003ccode\u003e@​anuraagbaishya\u003c/code\u003e\u003c/a\u003e. Thank you!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pixel365\"\u003e\u003ccode\u003e@​pixel365\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/974\"\u003ego-chi/chi#974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mithileshgupta12\"\u003e\u003ccode\u003e@​mithileshgupta12\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/958\"\u003ego-chi/chi#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efraimbart\"\u003e\u003ccode\u003e@​efraimbart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/978\"\u003ego-chi/chi#978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cxjava\"\u003e\u003ccode\u003e@​cxjava\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/982\"\u003ego-chi/chi#982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sglkc\"\u003e\u003ccode\u003e@​sglkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1001\"\u003ego-chi/chi#1001\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrdomino\"\u003e\u003ccode\u003e@​mrdomino\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/992\"\u003ego-chi/chi#992\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.1...v5.2.2\"\u003ehttps://github.com/go-chi/chi/compare/v5.2.1...v5.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e⚠️  Chi supports Go 1.20+\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/9b9fb55def404397748a9fc7e044efe9db1d618e\"\u003e\u003ccode\u003e9b9fb55\u003c/code\u003e\u003c/a\u003e Replace methodTypString func with reverseMethodMap (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1018\"\u003e#1018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/0265fcd786c95e79fe50423a35fa2770ef36683a\"\u003e\u003ccode\u003e0265fcd\u003c/code\u003e\u003c/a\u003e refactor: iterative wildcard collapsing and add test for consecutive wildcard...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/cf537d4016bf258bd9bdbe0dccbfdeeac364423f\"\u003e\u003ccode\u003ecf537d4\u003c/code\u003e\u003c/a\u003e Optimize throttle middleware by avoiding unnecessary timer creation (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/9040e95a07b47df59d96f3cb0e4bac107a931d46\"\u003e\u003ccode\u003e9040e95\u003c/code\u003e\u003c/a\u003e fix/608 - Fix flaky Throttle middleware test by synchronizing token usage (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/d12cc49622f31a01c6cceea7cdb62f647660102c\"\u003e\u003ccode\u003ed12cc49\u003c/code\u003e\u003c/a\u003e feat(mux): support http.Request.Pattern in Go 1.23 (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/986\"\u003e#986\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/1c2d011f59c4b2fc2127f308f2b4171db2567f19\"\u003e\u003ccode\u003e1c2d011\u003c/code\u003e\u003c/a\u003e Avoid potential nil dereference (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/78591377377c708fc96f26e51320cf378930b9d2\"\u003e\u003ccode\u003e7859137\u003c/code\u003e\u003c/a\u003e Allow multiple whitespace between method \u0026amp; pattern (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1013\"\u003e#1013\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/80d8da2a18da3e307518f6fc3abaac2aa15b4d30\"\u003e\u003ccode\u003e80d8da2\u003c/code\u003e\u003c/a\u003e Add pathvalue example to README and implement PathValue handler. (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/985\"\u003e#985\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/23c395f8524a30334126ca16fb4d37b88745b9b9\"\u003e\u003ccode\u003e23c395f\u003c/code\u003e\u003c/a\u003e Correct documentation (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/992\"\u003e#992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/5516d147c14a2b03824be7076fc6200bed906901\"\u003e\u003ccode\u003e5516d14\u003c/code\u003e\u003c/a\u003e docs: change install code to code block (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1001\"\u003e#1001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.0...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-git/go-git/v5` from 5.13.1 to 5.16.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-git/go-git/releases\"\u003egithub.com/go-git/go-git/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1567\"\u003ego-git/go-git#1567\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: merkletrie, Fix diff on sparse-checkout index. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1406\"\u003e#1406\u003c/a\u003e to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v5] plumbing: support mTLS for HTTPS protocol by \u003ca href=\"https://github.com/hiddeco\"\u003e\u003ccode\u003e@​hiddeco\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1510\"\u003ego-git/go-git#1510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1515\"\u003ego-git/go-git#1515\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: add cert auth support to \u003ccode\u003ereleases/v5.x\u003c/code\u003e by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1482\"\u003ego-git/go-git#1482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: Bump dependencies by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1505\"\u003ego-git/go-git#1505\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev5: Bump Go and dependencies to mitigate \u003ca href=\"https://pkg.go.dev/vuln/GO-2025-3487\"\u003eGO-2025-3487\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1436\"\u003ego-git/go-git#1436\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e:warning: Note that this version requires Go 1.23, due to the bump to \u003ccode\u003egolang.org/x/crypto@v0.35.0\u003c/code\u003e which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.13.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: use the correct user agent string. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/883\"\u003e#883\u003c/a\u003e by \u003ca href=\"https://github.com/uragirii\"\u003e\u003ccode\u003e@​uragirii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1364\"\u003ego-git/go-git#1364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1365\"\u003ego-git/go-git#1365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump the golang-org group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1367\"\u003ego-git/go-git#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1368\"\u003ego-git/go-git#1368\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1378\"\u003ego-git/go-git#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github/codeql-action from 3.28.0 to 3.28.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1376\"\u003ego-git/go-git#1376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1377\"\u003ego-git/go-git#1377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree, fix restoring dot slash files (backported to v5). Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1176\"\u003e#1176\u003c/a\u003e by \u003ca href=\"https://github.com/BeChris\"\u003e\u003ccode\u003e@​BeChris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1361\"\u003ego-git/go-git#1361\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/ed8216c4a2c3fdb7e4e31ce242bf7847356623c9\"\u003e\u003ccode\u003eed8216c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1567\"\u003e#1567\u003c/a\u003e from kane8n/backport-to-v5-patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/4f35ebab20f1034df1df943044903e7044e6cdf4\"\u003e\u003ccode\u003e4f35eba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1484\"\u003e#1484\u003c/a\u003e from patricsss/patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/fd1a83688236df0299d5cd677f04dccad073500c\"\u003e\u003ccode\u003efd1a836\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1561\"\u003e#1561\u003c/a\u003e from kane8n/backport-to-v5-fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/c3c841090facce33faa2c80ca475ee673442b4a5\"\u003e\u003ccode\u003ec3c8410\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1492\"\u003e#1492\u003c/a\u003e from onee-only/fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/6d4a5c61232251b48ae4238d39830ccc894ef4d8\"\u003e\u003ccode\u003e6d4a5c6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1515\"\u003e#1515\u003c/a\u003e from pjbgf/regre\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/beedd6bc1892182daa36dd45013ff28857320f58\"\u003e\u003ccode\u003ebeedd6b\u003c/code\u003e\u003c/a\u003e plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/763ce2e08aa1398c7e9e153ae3346891c80dc467\"\u003e\u003ccode\u003e763ce2e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1510\"\u003e#1510\u003c/a\u003e from hiddeco/mtls-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/5320e1b6b4578aa7272de1fa535051b9b86fbbfb\"\u003e\u003ccode\u003e5320e1b\u003c/code\u003e\u003c/a\u003e plumbing: surface transport configuration errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/9bbc93b719b15a5e0955ed9c2f6aa008f13f7e86\"\u003e\u003ccode\u003e9bbc93b\u003c/code\u003e\u003c/a\u003e plumbing: fix unintended pointer mutation in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/f3783f4abf49642326f67683f22d468db87a8822\"\u003e\u003ccode\u003ef3783f4\u003c/code\u003e\u003c/a\u003e plumbing: support mTLS for HTTPS protocol\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.1...v5.16.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/google/go-containerregistry` from 0.20.2 to 0.20.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/go-containerregistry/releases\"\u003egithub.com/google/go-containerregistry's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.20.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure that tag name is not empty if name contains colon by \u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump some deps by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2110\"\u003egoogle/go-containerregistry#2110\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.4 - Not usable as a go module\u003c/h2\u003e\n\u003cp\u003e🚨 This release was published to the Go module proxy and then re-tagged with a different commit. This means it's not usable as a Go module (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2107\"\u003egoogle/go-containerregistry#2107\u003c/a\u003e) -- please us v0.20.5 instead.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eremote/transport: Make bearer transport go-routine-safe by \u003ca href=\"https://github.com/2opremio\"\u003e\u003ccode\u003e@​2opremio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/1806\"\u003egoogle/go-containerregistry#1806\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose compare package by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2001\"\u003egoogle/go-containerregistry#2001\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/59a4b85930392a30c39462519adc8a2026d47181\"\u003e\u003ccode\u003e59a4b85\u003c/code\u003e\u003c/a\u003e Bump some deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2110\"\u003e#2110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/5b1039536cfa10ed0d467dd13f279665bfd48ad9\"\u003e\u003ccode\u003e5b10395\u003c/code\u003e\u003c/a\u003e Ensure that tag name is not empty if name contains colon (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2094\"\u003e#2094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/4eb8c4d84ef07af279d5dcc0b210d9eaa7bc79e3\"\u003e\u003ccode\u003e4eb8c4d\u003c/code\u003e\u003c/a\u003e Update validator action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2106\"\u003e#2106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/78d4a6e980c634a90ecd5729a0a5c8235923724e\"\u003e\u003ccode\u003e78d4a6e\u003c/code\u003e\u003c/a\u003e Update provenance action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2105\"\u003e#2105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/33840ffc70721fcc49e2f2a54c4b9fa5cf358edf\"\u003e\u003ccode\u003e33840ff\u003c/code\u003e\u003c/a\u003e Update goreleaser permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2104\"\u003e#2104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/8d47c3776e7873544e5f0ac3fe8787f27b95d63e\"\u003e\u003ccode\u003e8d47c37\u003c/code\u003e\u003c/a\u003e Update CodeQL permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2103\"\u003e#2103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/a61de150b11db9e2005bdc0ae5958aadbd5931c1\"\u003e\u003ccode\u003ea61de15\u003c/code\u003e\u003c/a\u003e implement TextMarshaler/JSONMarshaler more consistently (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2097\"\u003e#2097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/1d5b256a397177b0df69c259893bd93e6fc38bbe\"\u003e\u003ccode\u003e1d5b256\u003c/code\u003e\u003c/a\u003e bump go version + bump deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2093\"\u003e#2093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/ccaa0d6a53fde4b8b205ef3f0c3474c65079b740\"\u003e\u003ccode\u003eccaa0d6\u003c/code\u003e\u003c/a\u003e Migrate linter to v2 (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/098045d5e61ff426a61a0eecc19ad0c433cd35a9\"\u003e\u003ccode\u003e098045d\u003c/code\u003e\u003c/a\u003e build(deps): bump docker/docker to v28.0.0+incompatible (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.2...v0.20.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/open-policy-agent/opa` from 0.70.0 to 1.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/releases\"\u003egithub.com/open-policy-agent/opa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for EdDSA signatures in \u003ccode\u003eio.jwt\u003c/code\u003e built-ins, including a new \u003ccode\u003eio.jwt.verify_eddsa\u003c/code\u003e built-in.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEdDSA Support in built-ins (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7824\"\u003e#7824\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eSupport for the EdDSA signing algorithm has been added to built-in functions in the \u003ccode\u003eio.jwt\u003c/code\u003e namespace.\u003c/p\u003e\n\u003cp\u003eThis introduces the new \u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtverify_eddsa\"\u003eio.jwt.verify_eddsa\u003c/a\u003e built-in function, and adds EdDSA support for the following built-ins:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtdecode_verify\"\u003eio.jwt.decode_verify\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign\"\u003eio.jwt.encode_sign\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign_raw\"\u003eio.jwt.encode_sign_raw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis feature benefited greatly from the groundwork laid by \u003ca href=\"https://github.com/lestrrat\"\u003e\u003ccode\u003e@​lestrrat\u003c/code\u003e\u003c/a\u003e in (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7638\"\u003e#7638\u003c/a\u003e). 👏 🎉 🥳\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/johanfylling\"\u003e\u003ccode\u003e@​johanfylling\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/aromeyer\"\u003e\u003ccode\u003e@​aromeyer\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eRuntime\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecmd: Add back default \u003ccode\u003ecmd.RootCommand\u003c/code\u003e definition. (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7811\"\u003e#7811\u003c/a\u003e) authored by \u003ca href=\"https://github.com/philipaconrad\"\u003e\u003ccode\u003e@​philipaconrad\u003c/code\u003e\u003c/a\u003e\u003cbr /\u003e\nFixing a breaking change to the go API introduced in OPA v1.7.0.\u003c/li\u003e\n\u003cli\u003ecmd: Fix \u003ccode\u003eopa exec\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7850\"\u003e#7850\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7840\"\u003e#7840\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003cbr /\u003e\nFixing regressions introduced in OPA v1.7.0, where the \u003ccode\u003e--fail-non-empty\u003c/code\u003e and \u003ccode\u003e--stdin-input\u003c/code\u003e flags were dropped.\u003c/li\u003e\n\u003cli\u003econfig: accept env vars set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e, discern from unset (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7831\"\u003e#7831\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/ManuelNowackConfinale\"\u003e\u003ccode\u003e@​ManuelNowackConfinale\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehandlers: Add thread-safe initialization for gzipPool (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7828\"\u003e#7828\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplugins: Address race in config access (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7825\"\u003e#7825\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplugin/bundle: Correct bundle delay behavior (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7812\"\u003e#7812\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eruntime: Update server init check (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7818\"\u003e#7818\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTopdown\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eperf: Performance greatly improved for \u003ccode\u003eObject.Insert\u003c/code\u003e on existing key (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7820\"\u003e#7820\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown,bundle,plugins: Upgrade interned jwx (0.9.x) with \u003ccode\u003egithub.com/lestrrat-go/jwx/v3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7638\"\u003e#7638\u003c/a\u003e) authored by \u003ca href=\"https://github.com/lestrrat\"\u003e\u003ccode\u003e@​lestrrat\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs, Website\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate website to build from tip of main (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7848\"\u003e#7848\u003c/a\u003e) authored by \u003ca href=\"https://github.com/tsandall\"\u003e\u003ccode\u003e@​tsandall\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east/builtins: Remove space from \u003ccode\u003ecount\u003c/code\u003e description (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7836\"\u003e#7836\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add link to logic-or/and on docs index (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7826\"\u003e#7826\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add note on using LLM in PR discussions (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7859\"\u003e#7859\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Fix broken anchor links in annotations (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7827\"\u003e#7827\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Use set in the Python code example for consistence (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7860\"\u003e#7860\u003c/a\u003e) authored by \u003ca href=\"https://github.com/durnik-ivo\"\u003e\u003ccode\u003e@​durnik-ivo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update frontpage (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7847\"\u003e#7847\u003c/a\u003e) authored by \u003ca href=\"https://github.com/tsandall\"\u003e\u003ccode\u003e@​tsandall\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/rest-api: Add notes about policy IDs (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7837\"\u003e#7837\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewebsite: Use latest release rather than edge (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7781\"\u003e#7781\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md\"\u003egithub.com/open-policy-agent/opa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for EdDSA signatures in \u003ccode\u003eio.jwt\u003c/code\u003e built-ins, including a new \u003ccode\u003eio.jwt.verify_eddsa\u003c/code\u003e built-in.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEdDSA Support in built-ins (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7824\"\u003e#7824\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eSupport for the EdDSA signing algorithm has been added to built-in functions in the \u003ccode\u003eio.jwt\u003c/code\u003e namespace.\u003c/p\u003e\n\u003cp\u003eThis introduces the new \u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtverify_eddsa\"\u003eio.jwt.verify_eddsa\u003c/a\u003e built-in function, and adds EdDSA support for the following built-ins:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtdecode_verify\"\u003eio.jwt.decode_verify\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign\"\u003eio.jwt.encode_sign\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign_raw\"\u003eio.jwt.encode_sign_raw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis feature benefited greatly from the...\n\n_Description has been truncated_","html_url":"https://github.com/Rose2161/hub/pull/356","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Rose2161%2Fhub/issues/356","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/356/packages"},{"uuid":"3458572532","node_id":"PR_kwDOP3jXBs6qxNrV","number":14,"state":"open","title":"chore(deps): bump github.com/gorilla/csrf from 1.7.2 to 1.7.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-26T17:50:24.000Z","updated_at":"2025-09-26T17:50:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.2 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.2\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/blitzy-showcase/flipt/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/blitzy-showcase%2Fflipt/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"2782801463","node_id":"PR_kwDOH6ucbM6l3i43","number":296,"state":"open","title":"Bump the go_modules group with 5 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-28T19:43:24.000Z","updated_at":"2025-08-28T19:43:24.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":5,"packages":[{"name":"filippo.io/age","old_version":"1.1.1","new_version":"1.2.1","repository_url":"https://github.com/FiloSottile/age"},{"name":"github.com/ulikunitz/xz","old_version":"0.5.12","new_version":"0.5.14","repository_url":"https://github.com/ulikunitz/xz"},{"name":"golang.org/x/crypto","old_version":"0.32.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.33.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [filippo.io/age](https://github.com/FiloSottile/age) | `1.1.1` | `1.2.1` |\n| [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) | `0.5.12` | `0.5.14` |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.32.0` | `0.35.0` |\n| [golang.org/x/net](https://github.com/golang/net) | `0.33.0` | `0.38.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n\nUpdates `filippo.io/age` from 1.1.1 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/FiloSottile/age/releases\"\u003efilippo.io/age's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eage v1.2.1: security fix\u003c/h2\u003e\n\u003cp\u003eThis release fixes a security vulnerability that could allow an attacker to execute an arbitrary binary under certain conditions.\u003c/p\u003e\n\u003cp\u003eSee GHSA-32gq-x56h-299c.\u003c/p\u003e\n\u003cp\u003ePlugin names may now only contain alphanumeric characters or the four special characters \u003ccode\u003e+-._\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eThanks to ⬡-49016 for reporting this issue.\u003c/p\u003e\n\u003ch2\u003eage v1.2.0\u003c/h2\u003e\n\u003cp\u003eA small release to build the release binaries with a more recent Go toolchain, and to fix a couple CLI edge cases (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/491\"\u003eFiloSottile/age#491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/555\"\u003eFiloSottile/age#555\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eThe Go module now exposes a plugin package that provides an age plugin client. That is, Recipient and Identity implementations that invoke a plugin binary, allowing the use of age plugins in Go programs.\u003c/p\u003e\n\u003cp\u003eFinally, Recipients can now return a set of \u0026quot;labels\u0026quot; by implementing RecipientWithLabels. This allows replicating the special behavior of the scrypt Recipient in third-party Recipients, or applying policy useful for authenticated or post-quantum Recipients.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e// RecipientWithLabels can be optionally implemented by a Recipient, in which\n// case Encrypt will use WrapWithLabels instead of Wrap.\n//\n// Encrypt will succeed only if the labels returned by all the recipients\n// (assuming the empty set for those that don't implement RecipientWithLabels)\n// are the same.\n//\n// This can be used to ensure a recipient is only used with other recipients\n// with equivalent properties (for example by setting a \u0026quot;postquantum\u0026quot; label) or\n// to ensure a recipient is always used alone (by returning a random label, for\n// example to preserve its authentication properties).\ntype RecipientWithLabels interface {\n\tWrapWithLabels(fileKey []byte) (s []*Stanza, labels []string, err error)\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/482cf6fc9babd3ab06f6606762aac10447222201\"\u003e\u003ccode\u003e482cf6f\u003c/code\u003e\u003c/a\u003e plugin: restrict characters in plugin names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/cda3988cc76a139426281a1d812914b71435bd18\"\u003e\u003ccode\u003ecda3988\u003c/code\u003e\u003c/a\u003e all: fix staticcheck warnings (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/176e245b3cb3ada322c21eef0bce166dc5a5e4c7\"\u003e\u003ccode\u003e176e245\u003c/code\u003e\u003c/a\u003e README: rotate Sigsum keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/faefdc3c81efa89fd41998b77c62234ca56be10b\"\u003e\u003ccode\u003efaefdc3\u003c/code\u003e\u003c/a\u003e README: document Sigsum proofs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bbe6ce5eeb1bb70cfc705d0961c943f0dd637ffd\"\u003e\u003ccode\u003ebbe6ce5\u003c/code\u003e\u003c/a\u003e .github/workflows: update artifacts Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/1e1badabf74064ee800d19817a725f4803fa4e94\"\u003e\u003ccode\u003e1e1bada\u003c/code\u003e\u003c/a\u003e .github/workflows: go-version stable, not latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/2293a9afef6984915cb28d2a7264b145604d61e9\"\u003e\u003ccode\u003e2293a9a\u003c/code\u003e\u003c/a\u003e .github/workflows: use latest Go for bootstrap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/01fe9cd84aa5380cd09b8761af919e5d0a1386ad\"\u003e\u003ccode\u003e01fe9cd\u003c/code\u003e\u003c/a\u003e README: add pkgx installation instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bd0511b415355bf84a3861c77d47d9337ab367b1\"\u003e\u003ccode\u003ebd0511b\u003c/code\u003e\u003c/a\u003e cmd/age: detect output/input file reuse when possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/febaaded8756511fd12b7aea122e44be80c35862\"\u003e\u003ccode\u003efebaade\u003c/code\u003e\u003c/a\u003e cmd/age: create file for empty decryptions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/FiloSottile/age/compare/v1.1.1...v1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/ulikunitz/xz` from 0.5.12 to 0.5.14\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ulikunitz/xz/commit/7184815834c4777e8fa665946721d5fe114c2c35\"\u003e\u003ccode\u003e7184815\u003c/code\u003e\u003c/a\u003e Preparation of release v0.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ulikunitz/xz/commit/88ddf1d0d98d688db65de034f48960b2760d2ae2\"\u003e\u003ccode\u003e88ddf1d\u003c/code\u003e\u003c/a\u003e Address Security Issue GHSA-jc7w-c686-c4v9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ulikunitz/xz/commit/c8314b8f21e9c5e25b52da07544cac14db277e89\"\u003e\u003ccode\u003ec8314b8\u003c/code\u003e\u003c/a\u003e Add new package xio with WriteCloserStack\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ulikunitz/xz/compare/v0.5.12...v0.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.32.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/9290511cd23ab9813a307b7f2615325e3ca98902\"\u003e\u003ccode\u003e9290511\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/fa5273e461966728f91f33da62c0cf511a404c2a\"\u003e\u003ccode\u003efa5273e\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/a8ea4be81f0769fd5857e087083cbb6d3cb9f196\"\u003e\u003ccode\u003ea8ea4be\u003c/code\u003e\u003c/a\u003e ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/71d3a4cfdb0360795ce5f2d7041e01823fd22eb6\"\u003e\u003ccode\u003e71d3a4c\u003c/code\u003e\u003c/a\u003e acme: support challenges that require the ACME client to send a non-empty JSO...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.32.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.33.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.33.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/sliver/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/sliver/pull/296","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2Fsliver/issues/296","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/296/packages"},{"uuid":"2781920496","node_id":"PR_kwDOJhpXCc6l0Lzw","number":1,"state":"open","title":"Bump the go_modules group across 2 directories with 15 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-28T14:09:47.000Z","updated_at":"2025-08-28T14:09:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":15,"packages":[{"name":"github.com/go-git/go-git/v5","old_version":"5.4.2","new_version":"5.13.0","repository_url":"https://github.com/go-git/go-git"},{"name":"github.com/golang/glog","old_version":"1.0.0","new_version":"1.2.4","repository_url":"https://github.com/golang/glog"},{"name":"github.com/gorilla/csrf","old_version":"1.6.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/hashicorp/go-retryablehttp","old_version":"0.7.0","new_version":"0.7.7","repository_url":"https://github.com/hashicorp/go-retryablehttp"},{"name":"github.com/tektoncd/pipeline","old_version":"0.36.0","new_version":"0.52.1","repository_url":"https://github.com/tektoncd/pipeline"},{"name":"k8s.io/kubernetes","old_version":"1.25.3","new_version":"1.32.7","repository_url":"https://github.com/kubernetes/kubernetes"},{"name":"github.com/golang-jwt/jwt","old_version":"3.2.1+incompatible","new_version":"3.2.2+incompatible","repository_url":"https://github.com/golang-jwt/jwt"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.4.2` | `5.13.0` |\n| [github.com/golang/glog](https://github.com/golang/glog) | `1.0.0` | `1.2.4` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.6.2` | `1.7.3` |\n| [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) | `0.7.0` | `0.7.7` |\n| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.36.0` | `0.52.1` |\n| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.25.3` | `1.32.7` |\n| [github.com/golang-jwt/jwt](https://github.com/golang-jwt/jwt) | `3.2.1+incompatible` | `3.2.2+incompatible` |\n\nBumps the go_modules group with 5 updates in the /hack/tools directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.0.0-20220722155217-630584e8d5aa` | `0.35.0` |\n| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.0.0-20220608161450-d0670ef3b1eb` | `0.27.0` |\n| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.47.0` | `1.56.3` |\n| [github.com/docker/distribution](https://github.com/docker/distribution) | `2.8.1+incompatible` | `2.8.2+incompatible` |\n| [github.com/docker/docker](https://github.com/docker/docker) | `20.10.24+incompatible` | `28.0.0+incompatible` |\n\n\nUpdates `github.com/go-git/go-git/v5` from 5.4.2 to 5.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-git/go-git/releases\"\u003egithub.com/go-git/go-git/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1065\"\u003ego-git/go-git#1065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.22.0 to 0.23.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1068\"\u003ego-git/go-git#1068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.23.0 to 0.24.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1071\"\u003ego-git/go-git#1071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperly support skipping of non-mandatory extensions  by \u003ca href=\"https://github.com/codablock\"\u003e\u003ccode\u003e@​codablock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1066\"\u003ego-git/go-git#1066\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: Refine some codes in test and non-test. by \u003ca href=\"https://github.com/onee-only\"\u003e\u003ccode\u003e@​onee-only\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1077\"\u003ego-git/go-git#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: protocol/packp, client-side filter capability support by \u003ca href=\"https://github.com/edigaryev\"\u003e\u003ccode\u003e@​edigaryev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1000\"\u003ego-git/go-git#1000\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1078\"\u003ego-git/go-git#1078\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: fix sideband demux on flush by \u003ca href=\"https://github.com/aymanbagabas\"\u003e\u003ccode\u003e@​aymanbagabas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1084\"\u003ego-git/go-git#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage: dotgit, head reference usually comes first by \u003ca href=\"https://github.com/aymanbagabas\"\u003e\u003ccode\u003e@​aymanbagabas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1085\"\u003ego-git/go-git#1085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/text from 0.14.0 to 0.15.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1091\"\u003ego-git/go-git#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1094\"\u003ego-git/go-git#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.24.0 to 0.25.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1093\"\u003ego-git/go-git#1093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: Added an example for Repository.Branches by \u003ca href=\"https://github.com/johnmatthiggins\"\u003e\u003ccode\u003e@​johnmatthiggins\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1088\"\u003ego-git/go-git#1088\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree_commit, Modify checking empty commit. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/723\"\u003e#723\u003c/a\u003e by \u003ca href=\"https://github.com/onee-only\"\u003e\u003ccode\u003e@​onee-only\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1050\"\u003ego-git/go-git#1050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: transport/http, Wrap http errors to return reason. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1097\"\u003e#1097\u003c/a\u003e by \u003ca href=\"https://github.com/ggambetti\"\u003e\u003ccode\u003e@​ggambetti\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1100\"\u003ego-git/go-git#1100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.20.0 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1106\"\u003ego-git/go-git#1106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/text from 0.15.0 to 0.16.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1107\"\u003ego-git/go-git#1107\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumps Go versions and go-billy by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1056\"\u003ego-git/go-git#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e_examples: Fixed a dead link COMPATIBILITY.md by \u003ca href=\"https://github.com/gecko655\"\u003e\u003ccode\u003e@​gecko655\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1109\"\u003ego-git/go-git#1109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/jessevdk/go-flags from 1.5.0 to 1.6.1 in /cli/go-git by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1115\"\u003ego-git/go-git#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/elazarl/goproxy from v0.0.0-20230808193330-2592e75ae04a to v0.0.0-20240618083138-03be62527ccb by \u003ca href=\"https://github.com/hbelmiro\"\u003e\u003ccode\u003e@​hbelmiro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1124\"\u003ego-git/go-git#1124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.25.0 to 0.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1104\"\u003ego-git/go-git#1104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd option approximating \u003ccode\u003egit clean -x\u003c/code\u003e flag. by \u003ca href=\"https://github.com/msuozzo\"\u003e\u003ccode\u003e@​msuozzo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/995\"\u003ego-git/go-git#995\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Add option approximating \u003ccode\u003egit clean -x\u003c/code\u003e flag.\u0026quot; by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1129\"\u003ego-git/go-git#1129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reference updated concurrently error for the filesystem storer by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1116\"\u003ego-git/go-git#1116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.26.0 to 0.27.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1134\"\u003ego-git/go-git#1134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutils: merkletrie, Align error message with upstream by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1142\"\u003ego-git/go-git#1142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: transport/file, Change paths to absolute by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1141\"\u003ego-git/go-git#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: gitignore, Fix loading of ignored .gitignore files. by \u003ca href=\"https://github.com/Achilleshiel\"\u003e\u003ccode\u003e@​Achilleshiel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1114\"\u003ego-git/go-git#1114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/skeema/knownhosts from 1.2.2 to 1.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1147\"\u003ego-git/go-git#1147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: transport/ssh, Add support for SSH \u003ca href=\"https://github.com/cert-authority\"\u003e\u003ccode\u003e@​cert-authority\u003c/code\u003e\u003c/a\u003e. by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1157\"\u003ego-git/go-git#1157\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: run example tests during CI workflow by \u003ca href=\"https://github.com/crazybolillo\"\u003e\u003ccode\u003e@​crazybolillo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1030\"\u003ego-git/go-git#1030\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage: filesystem, Fix object cache not working due to uninitialised objects being put into cache by \u003ca href=\"https://github.com/SatelliteMind\"\u003e\u003ccode\u003e@​SatelliteMind\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1138\"\u003ego-git/go-git#1138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: Fix fetching missing commits by \u003ca href=\"https://github.com/AriehSchneier\"\u003e\u003ccode\u003e@​AriehSchneier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1032\"\u003ego-git/go-git#1032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: format/packfile, remove duplicate checks in findMatch() by \u003ca href=\"https://github.com/edigaryev\"\u003e\u003ccode\u003e@​edigaryev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1152\"\u003ego-git/go-git#1152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree, Fix file reported as \u003ccode\u003eUntracked\u003c/code\u003e while it is committed by \u003ca href=\"https://github.com/rodrigocam\"\u003e\u003ccode\u003e@​rodrigocam\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1023\"\u003ego-git/go-git#1023\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.22.0 to 0.23.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1160\"\u003ego-git/go-git#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: filemode, Remove check for setting size of .git/index file  by \u003ca href=\"https://github.com/nicholasSUSE\"\u003e\u003ccode\u003e@​nicholasSUSE\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1159\"\u003ego-git/go-git#1159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.27.0 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1163\"\u003ego-git/go-git#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix some lint warning and increase stalebot to 180 days by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1128\"\u003ego-git/go-git#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadjust path extracted from file: url on Windows by \u003ca href=\"https://github.com/tomqwpl\"\u003e\u003ccode\u003e@​tomqwpl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/416\"\u003ego-git/go-git#416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.23.0 to 0.24.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1164\"\u003ego-git/go-git#1164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd RestoreStaged to Worktree that mimics the behaviour of git restore --staged \u003c!-- raw HTML omitted --\u003e... by \u003ca href=\"https://github.com/ben-tbotlabs\"\u003e\u003ccode\u003e@​ben-tbotlabs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/493\"\u003ego-git/go-git#493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: signature, support the same x509 signature formats as git by \u003ca href=\"https://github.com/yoavamit\"\u003e\u003ccode\u003e@​yoavamit\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1169\"\u003ego-git/go-git#1169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow discovery of non bare repos in fsLoader by \u003ca href=\"https://github.com/jakobmoellerdev\"\u003e\u003ccode\u003e@​jakobmoellerdev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1170\"\u003ego-git/go-git#1170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.24.0 to 0.25.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1178\"\u003ego-git/go-git#1178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/text from 0.17.0 to 0.18.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1179\"\u003ego-git/go-git#1179\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.28.0 to 0.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1184\"\u003ego-git/go-git#1184\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/94bd4af1deb15a64e90c6287eaf9e9f09b192a1f\"\u003e\u003ccode\u003e94bd4af\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1261\"\u003e#1261\u003c/a\u003e from BeChris/issue680\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/8b7f5ba6f0cade1a25c5c4ca9e4d07a95c639945\"\u003e\u003ccode\u003e8b7f5ba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1262\"\u003e#1262\u003c/a\u003e from go-git/dependabot/go_modules/github.com/elazarl...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/41d80a059a481d4c623bc8185c41ce82ed8ce985\"\u003e\u003ccode\u003e41d80a0\u003c/code\u003e\u003c/a\u003e build: bump github.com/elazarl/goproxy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/499814044f111480b2a17a07c5a7a4c523ce5b87\"\u003e\u003ccode\u003e4998140\u003c/code\u003e\u003c/a\u003e git: worktree_commit, sanitize author and commiter name and email before crea...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/9049625b98bd05edb9f1d00e7ff5da763afc0745\"\u003e\u003ccode\u003e9049625\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1260\"\u003e#1260\u003c/a\u003e from go-git/dependabot/github_actions/github/codeql-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/dae48b4340d1cc6b562ade40b54049584075991f\"\u003e\u003ccode\u003edae48b4\u003c/code\u003e\u003c/a\u003e build: bump github/codeql-action from 3.27.9 to 3.28.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/7d6fbc2c2a05eb6327b298b816bc0c4f854820a6\"\u003e\u003ccode\u003e7d6fbc2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1220\"\u003e#1220\u003c/a\u003e from BeChris/accept_uppercase_hexa_in_pktline_length\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/62a77b7d343dc1ed08d1d691efa13d81788cbc29\"\u003e\u003ccode\u003e62a77b7\u003c/code\u003e\u003c/a\u003e plumbing: Fix invalid reference name error while cloning branches containing ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/5e11196652708f339737b31bf9639373610dd7d1\"\u003e\u003ccode\u003e5e11196\u003c/code\u003e\u003c/a\u003e plumbing: format/pktline, accept upercase hexadecimal value as pktline length...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/65f5e1ade083cfabacc2de4aaa68f7880e22b642\"\u003e\u003ccode\u003e65f5e1a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1256\"\u003e#1256\u003c/a\u003e from go-git/dependabot/go_modules/golang-org-232a611e2d\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-git/go-git/compare/v5.4.2...v5.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/golang/glog` from 1.0.0 to 1.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang/glog/releases\"\u003egithub.com/golang/glog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.2.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFail if log file already exists by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/74\"\u003egolang/glog#74\u003c/a\u003e:\n\u003cul\u003e\n\u003cli\u003eglog: Don't try to create/rotate a given syncBuffer twice in the same second\u003c/li\u003e\n\u003cli\u003eglog: introduce createInDir function as in internal version\u003c/li\u003e\n\u003cli\u003eglog: have createInDir fail if the file already exists\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.3...v1.2.4\"\u003ehttps://github.com/golang/glog/compare/v1.2.3...v1.2.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: check that stderr is valid before using it by default by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/72\"\u003egolang/glog#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eglog: fix typo by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/73\"\u003egolang/glog#73\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.2...v1.2.3\"\u003ehttps://github.com/golang/glog/compare/v1.2.2...v1.2.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: avoid calling user.Current() on windows by \u003ca href=\"https://github.com/bentekkie\"\u003e\u003ccode\u003e@​bentekkie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/69\"\u003egolang/glog#69\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.1...v1.2.2\"\u003ehttps://github.com/golang/glog/compare/v1.2.1...v1.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: don't hold mutex when sync'ing by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/68\"\u003egolang/glog#68\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.0...v1.2.1\"\u003ehttps://github.com/golang/glog/compare/v1.2.0...v1.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: add context variants and logsink tests by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/66\"\u003egolang/glog#66\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.1.2...v1.2.0\"\u003ehttps://github.com/golang/glog/compare/v1.1.2...v1.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003eBugfix release.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: populate symlinks -log_link directory by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/64\"\u003egolang/glog#64\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.1.1...v1.1.2\"\u003ehttps://github.com/golang/glog/compare/v1.1.1...v1.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003eBugfixes since the larger v1.1.0, which have been addressed.\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/a0e3c40a0ed0cecc58c84e7684d9ce55a54044ee\"\u003e\u003ccode\u003ea0e3c40\u003c/code\u003e\u003c/a\u003e glog: have createInDir fail if the file already exists\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/7139da234346c23dba05a8c588284c379b9c0bf8\"\u003e\u003ccode\u003e7139da2\u003c/code\u003e\u003c/a\u003e glog: introduce createInDir function as in internal version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/dd58629ba6ced28322bcb149ed86016fb1ec9a5b\"\u003e\u003ccode\u003edd58629\u003c/code\u003e\u003c/a\u003e glog: Don't try to create/rotate a given syncBuffer twice in the same second\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/04dbec0df8d03d5c187beaf5ce8e6c58e9fc82b5\"\u003e\u003ccode\u003e04dbec0\u003c/code\u003e\u003c/a\u003e glog: fix typo (\u003ca href=\"https://redirect.github.com/golang/glog/issues/73\"\u003e#73\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/459cf3b8151dcfd8aa971077774eaf0c804119e4\"\u003e\u003ccode\u003e459cf3b\u003c/code\u003e\u003c/a\u003e glog: check that stderr is valid before using it by default (\u003ca href=\"https://redirect.github.com/golang/glog/issues/72\"\u003e#72\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/97303146a4ffecf364d4300e07fca855d0062c43\"\u003e\u003ccode\u003e9730314\u003c/code\u003e\u003c/a\u003e glog: avoid calling user.Current() on windows (\u003ca href=\"https://redirect.github.com/golang/glog/issues/69\"\u003e#69\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/861d094757551d2f65d1003f0ec93bc92b254a5a\"\u003e\u003ccode\u003e861d094\u003c/code\u003e\u003c/a\u003e glog: don't hold mutex when sync'ing (\u003ca href=\"https://redirect.github.com/golang/glog/issues/68\"\u003e#68\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/b256bbe5d3f846c1d1ce73030c10973378e04cf0\"\u003e\u003ccode\u003eb256bbe\u003c/code\u003e\u003c/a\u003e glog: add context variants to most log functions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/bcf318487a966b61bca6189643b72648fa132e6e\"\u003e\u003ccode\u003ebcf3184\u003c/code\u003e\u003c/a\u003e glog/internal/logsink: add logsink tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/6b9d7f7df28d318a28dde3adb8a5e9ae9bf1abaf\"\u003e\u003ccode\u003e6b9d7f7\u003c/code\u003e\u003c/a\u003e glog: populate symlinks -log_link directory (\u003ca href=\"https://redirect.github.com/golang/glog/issues/64\"\u003e#64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/glog/compare/v1.0.0...v1.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.6.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.0\u003c/h2\u003e\n\u003cp\u003e📢  This release of \u003cem\u003egorilla/csrf\u003c/em\u003e changes the default \u003ccode\u003eSameSite\u003c/code\u003e cookie attribute to address changes in the SameSite spec (see \u003ca href=\"https://redirect.github.com/golang/go/issues/36990\"\u003egolang/go#36990\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ePreviously\u003c/strong\u003e: The \u003ccode\u003eSameSiteDefaultMode\u003c/code\u003e in \u003cem\u003ecsrf\u003c/em\u003e (prior to v1.7.0) would set \u003ccode\u003eSameSite\u003c/code\u003e on the cookie, which is not valid in some browsers, notably older versions of Chrome/Android. These browsers would not set cookies with this \u0026quot;invalid\u0026quot; attribute.\n\u003cstrong\u003eNow\u003c/strong\u003e: The default mode is \u003ccode\u003eSameSite=Lax\u003c/code\u003e, which is \u003ca href=\"https://caniuse.com/#feat=same-site-cookie-attribute\"\u003esupported by Chrome v51, Firefox v60, Safari v13 and most recent browsers\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIf you're new to SameSite, read \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite\"\u003ethe MDN documentation\u003c/a\u003e for a great overview on why this attribute helps prevent cookies from being 'leaked' to third-party domains unintentionally.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSet SameSite=Lax by default (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/136\"\u003e#136\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't set a default samesite for backwards compatibility (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/132\"\u003e#132\u003c/a\u003e) \u003ca href=\"https://github.com/euank\"\u003e\u003ccode\u003e@​euank\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/hashicorp/go-retryablehttp` from 0.7.0 to 0.7.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md\"\u003egithub.com/hashicorp/go-retryablehttp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.7.7 (May 30, 2024)\u003c/h2\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: avoid potentially leaking URL-embedded basic authentication credentials in logs (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.6 (May 9, 2024)\u003c/h2\u003e\n\u003cp\u003eENHANCEMENTS:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: support a \u003ccode\u003eRetryPrepare\u003c/code\u003e function for modifying the request before retrying (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclient: support HTTP-date values for \u003ccode\u003eRetry-After\u003c/code\u003e header value (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclient: avoid reading entire body when the body is a \u003ccode\u003e*bytes.Reader\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: fix a broken check for invalid server certificate in go 1.20+ (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.5 (Nov 8, 2023)\u003c/h2\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/207\"\u003e#207\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.4 (Jun 6, 2023)\u003c/h2\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: fixing an issue where the Content-Type header wouldn't be sent with an empty payload when using HTTP/2 (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/194\"\u003e#194\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.3 (May 15, 2023)\u003c/h2\u003e\n\u003cp\u003eInitial release\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/1542b31176d3973a6ecbc06c05a2d0df89b59afb\"\u003e\u003ccode\u003e1542b31\u003c/code\u003e\u003c/a\u003e v0.7.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/defb9f441dcf67a2a56fae733482836ea83349ac\"\u003e\u003ccode\u003edefb9f4\u003c/code\u003e\u003c/a\u003e v0.7.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/a99f07beb3c5faaa0a283617e6eb6bcf25f5049a\"\u003e\u003ccode\u003ea99f07b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/158\"\u003e#158\u003c/a\u003e from dany74q/danny/redacted-url-in-logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/8a28c574da4098c0612fe1c7135f1f6de113d411\"\u003e\u003ccode\u003e8a28c57\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into danny/redacted-url-in-logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/86e852df43aa0d94150c4629d74e5116d1ff3348\"\u003e\u003ccode\u003e86e852d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/227\"\u003e#227\u003c/a\u003e from hashicorp/dependabot/github_actions/actions/chec...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/47fe99e6460cddc5f433aad2b54dcf32281f8a53\"\u003e\u003ccode\u003e47fe99e\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.5 to 4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/490fc06be0931548d3523a4245d15e9dc5d9214d\"\u003e\u003ccode\u003e490fc06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/226\"\u003e#226\u003c/a\u003e from testwill/ioutil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/f3e9417dbfcd0dc2b4a02a1dfdeb75f1e636b692\"\u003e\u003ccode\u003ef3e9417\u003c/code\u003e\u003c/a\u003e chore: remove refs to deprecated io/ioutil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/d969eaa9c97860482749df718a35b4a269361055\"\u003e\u003ccode\u003ed969eaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/225\"\u003e#225\u003c/a\u003e from hashicorp/manicminer-patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/2ad8ed4a1d9e632284f6937e91b2f9a1d30e8298\"\u003e\u003ccode\u003e2ad8ed4\u003c/code\u003e\u003c/a\u003e v0.7.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/hashicorp/go-retryablehttp/compare/v0.7.0...v0.7.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/tektoncd/pipeline` from 0.36.0 to 0.52.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tektoncd/pipeline/releases\"\u003egithub.com/tektoncd/pipeline's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTekton Pipeline release v0.52.1 \u0026quot;California Spangled Optimus\u0026quot;\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e-\u003ca href=\"https://github.com/tektoncd/pipeline/tree/v0.52.1/docs\"\u003eDocs @ v0.52.1\u003c/a\u003e\n-\u003ca href=\"https://github.com/tektoncd/pipeline/tree/v0.52.1/examples\"\u003eExamples @ v0.52.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eInstallation one-liner\u003c/h2\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003ekubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eAttestation\u003c/h2\u003e\n\u003cp\u003eThe Rekor UUID for this release is \u003ccode\u003e24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eObtain the attestation:\u003c/p\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003eREKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825\nrekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVerify that all container images in the attestation are in the release file:\u003c/p\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003eRELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml\nREKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825\n\u003ch1\u003eObtains the list of images with sha from the attestation\u003c/h1\u003e\n\u003cp\u003eREKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid \u0026quot;$REKOR_UUID\u0026quot; --format json | jq -r .Attestation | jq -r '.subject[]|.name + \u0026quot;:v0.52.1@sha256:\u0026quot; + .digest.sha256')\u003c/p\u003e\n\u003ch1\u003eDownload the release file\u003c/h1\u003e\n\u003cp\u003ecurl \u0026quot;$RELEASE_FILE\u0026quot; \u0026gt; release.yaml\u003c/p\u003e\n\u003ch1\u003eFor each image in the attestation, match it to the release file\u003c/h1\u003e\n\u003cp\u003efor image in $REKOR_ATTESTATION_IMAGES; do\nprintf $image; grep -q $image release.yaml \u0026amp;\u0026amp; echo \u0026quot; ===\u0026gt; ok\u0026quot; || echo \u0026quot; ===\u0026gt; no match\u0026quot;;\ndone\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e:bug: [release-v0.52.x] Regression: fix results with out of order tasks (\u003ca href=\"https://redirect.github.com/tektoncd/pipeline/issues/7174\"\u003e#7174\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix regression where a different order of task definition may cause result resolution to break\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tektoncd/pipeline/blob/main/releases.md\"\u003egithub.com/tektoncd/pipeline's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eTekton Pipeline Releases\u003c/h1\u003e\n\u003ch2\u003eRelease Frequency\u003c/h2\u003e\n\u003cp\u003eTekton Pipelines follows the Tekton community [release policy][release-policy]\nas follows:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVersions are numbered according to semantic versioning: \u003ccode\u003evX.Y.Z\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eA new release is produced on a monthly basis\u003c/li\u003e\n\u003cli\u003eFour releases a year are chosen for \u003ca href=\"https://github.com/tektoncd/community/blob/main/releases.md#support-policy\"\u003elong term support (LTS)\u003c/a\u003e.\nAll remaining releases are supported for approximately 1 month (until the next\nrelease is produced)\n\u003cul\u003e\n\u003cli\u003eLTS releases take place in January, April, July and October every year\u003c/li\u003e\n\u003cli\u003eThe first Tekton Pipelines LTS release will be \u003cstrong\u003ev0.41.0\u003c/strong\u003e in October 2022\u003c/li\u003e\n\u003cli\u003eReleases happen towards the middle of the month, between the 13th and the\n20th, depending on week-ends and readiness\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eTekton Pipelines produces nightly builds, publicly available on\n\u003ccode\u003egcr.io/tekton-nightly\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eTransition Process\u003c/h3\u003e\n\u003cp\u003eBefore release v0.41 Tekton Pipelines has worked on the basis of an undocumented\nsupport period of four months, which will be maintained for the releases between\nv0.37 and v0.40.\u003c/p\u003e\n\u003ch2\u003eRelease Process\u003c/h2\u003e\n\u003cp\u003eTekton Pipeline releases are made of YAML manifests and container images.\nManifests are published to cloud object-storage as well as\n[GitHub][tekton-pipeline-releases]. Container images are signed by\n[Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be\nverified through the [public key][chains-public-key] hosted by the Tekton Chains\nproject.\u003c/p\u003e\n\u003cp\u003eFurther documentation available:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Tekton Pipeline [release process][tekton-releases-docs]\u003c/li\u003e\n\u003cli\u003e[Installing Tekton][tekton-installation]\u003c/li\u003e\n\u003cli\u003eStandard for [release notes][release-notes-standards]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease\u003c/h2\u003e\n\u003ch3\u003ev1.3 (LTS)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLatest Release\u003c/strong\u003e: [v1.3.1][v1.3-1] (2025-08-05) ([docs][v1.3-1-docs], [examples][v1.3-1-examples])\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Release\u003c/strong\u003e: [v1.3.0][v1.3-0] (2025-08-04)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEnd of Life\u003c/strong\u003e: 2026-08-04\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePatch Releases\u003c/strong\u003e: [v1.3.01][v1.3-0] [v1.3.1][v1.3-1]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.0 (LTS)\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/e7b5e5821a100d38a97eee50be60ce6580ec863e\"\u003e\u003ccode\u003ee7b5e58\u003c/code\u003e\u003c/a\u003e Regression: fix results with out of order tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/feb943c982a5c34d16f8967207f3f979715c21ab\"\u003e\u003ccode\u003efeb943c\u003c/code\u003e\u003c/a\u003e Bump github.com/jenkins-x/go-scm from 1.13.13 to 1.14.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/636419138567d24ccb4bc4d77bc76cbd006a698d\"\u003e\u003ccode\u003e6364191\u003c/code\u003e\u003c/a\u003e fix: clean results when taskrun retries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/503cc3db4e3de7a6a8c73bd3bc0e005438751c88\"\u003e\u003ccode\u003e503cc3d\u003c/code\u003e\u003c/a\u003e Bump google.golang.org/grpc from 1.56.2 to 1.58.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/3076240709fd4ceba13f24ee1eccbee3cb13ca92\"\u003e\u003ccode\u003e3076240\u003c/code\u003e\u003c/a\u003e fix 6093 task results not replaced with their values in childReferences\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/3835c75cde6c277d5e2dbef451827f11142ad52f\"\u003e\u003ccode\u003e3835c75\u003c/code\u003e\u003c/a\u003e Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/a41fafea951497796d734546730346f4d78dfb8b\"\u003e\u003ccode\u003ea41fafe\u003c/code\u003e\u003c/a\u003e Bump github.com/spiffe/spire-api-sdk from 1.7.1 to 1.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/44e17070941fb1e740cbb88b57701e9957a6cc9b\"\u003e\u003ccode\u003e44e1707\u003c/code\u003e\u003c/a\u003e Bump github.com/containerd/containerd from 1.7.3 to 1.7.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/d783556a1632924237f6e84a862a9199928a465d\"\u003e\u003ccode\u003ed783556\u003c/code\u003e\u003c/a\u003e Remove results annotations filtering\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/f27f3333d2d456d2ad7d87e30d98180d5f7541ce\"\u003e\u003ccode\u003ef27f333\u003c/code\u003e\u003c/a\u003e Bump google.golang.org/protobuf from 1.30.0 to 1.31.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tektoncd/pipeline/compare/v0.36.0...v0.52.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.0.0-20220315160706-3147a52a75dd to 0.31.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/commits/v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.8.0 to 0.33.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/dfc720dfe0cfc125116068c20efcdcb5e4eab464\"\u003e\u003ccode\u003edfc720d\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/8e66b04771e35c4e4125e8c60334b34e2423effb\"\u003e\u003ccode\u003e8e66b04\u003c/code\u003e\u003c/a\u003e html: use strings.EqualFold instead of lowering ourselves\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/b935f7b5d723c82894e1a1fd936a94dd2d1eae46\"\u003e\u003ccode\u003eb935f7b\u003c/code\u003e\u003c/a\u003e html: avoid endless loop on error token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/9af49ef148d7d8b3e4cbbd9cc0cd37f2a520a4a3\"\u003e\u003ccode\u003e9af49ef\u003c/code\u003e\u003c/a\u003e route: remove unused sizeof* consts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/6705db9a4df8f2cf16aed83e773e7a0213788b7a\"\u003e\u003ccode\u003e6705db9\u003c/code\u003e\u003c/a\u003e quic: clean up crypto streams when dropping packet protection keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/4ef7588d2b3f83775099797baac43c34e2e23200\"\u003e\u003ccode\u003e4ef7588\u003c/code\u003e\u003c/a\u003e quic: handle ACK frame in packet which drops number space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/552d8ac903a11a9fde71a88732f5b58b6b394178\"\u003e\u003ccode\u003e552d8ac\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;route: change from syscall to x/sys/unix\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/13a7c0108bd38aad013797cdb95e6bfca0bbcec6\"\u003e\u003ccode\u003e13a7c01\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;route: remove unused sizeof* consts on freebsd\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/285e1cf6650f407805ea8af9255624961b768479\"\u003e\u003ccode\u003e285e1cf\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/d0a1049b7e05d3d6f62570a8381a22301a97ae73\"\u003e\u003ccode\u003ed0a1049\u003c/code\u003e\u003c/a\u003e route: remove unused sizeof* consts on freebsd\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.8.0...v0.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/oauth2` from 0.0.0-20220608161450-d0670ef3b1eb to 0.11.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/oauth2/commits/v0.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google.golang.org/grpc` from 1.47.0 to 1.58.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-go/releases\"\u003egoogle.golang.org/grpc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 1.56.3\u003c/h2\u003e\n\u003ch1\u003eSecurity\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eserver: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)\u003c/p\u003e\n\u003cp\u003eIn addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.56.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003estatus: To fix a panic, \u003ccode\u003estatus.FromError\u003c/code\u003e now returns an error with \u003ccode\u003ecodes.Unknown\u003c/code\u003e when the error implements the \u003ccode\u003eGRPCStatus()\u003c/code\u003e method, and calling \u003ccode\u003eGRPCStatus()\u003c/code\u003e returns \u003ccode\u003enil\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6374\"\u003e#6374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.56.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eclient: handle empty address lists correctly in addrConn.updateAddrs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.56.0\u003c/h2\u003e\n\u003ch1\u003eNew Features\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eclient: support channel idleness using \u003ccode\u003eWithIdleTimeout\u003c/code\u003e dial option (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6263\"\u003e#6263\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis feature is currently disabled by default, but will be enabled with a 30 minute default in the future.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eclient: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A62-pick-first.md\"\u003egRFC A62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: Add support for Custom LB Policies (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A52-xds-custom-lb-policies.md\"\u003egRFC A52\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6224\"\u003e#6224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: support pick_first Custom LB policy (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A62-pick-first.md\"\u003egRFC A62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6317\"\u003e#6317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclient: add support for pickfirst address shuffling (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A62-pick-first.md\"\u003egRFC A62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6311\"\u003e#6311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: Add support for String Matcher Header Matcher in RDS (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6313\"\u003e#6313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds/outlierdetection: Add Channelz Logger to Outlier Detection LB (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6145\"\u003e#6145\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eSpecial Thanks: \u003ca href=\"https://github.com/s-matyukevich\"\u003e\u003ccode\u003e@​s-matyukevich\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003exds: enable RLS in xDS by default (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6343\"\u003e#6343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eorca: add support for application_utilization field and missing range checks on several metrics setters\u003c/li\u003e\n\u003cli\u003ebalancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A58-client-side-weighted-round-robin-lb-policy.md\"\u003egRFC A58\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6241\"\u003e#6241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eauthz: add conversion of json to RBAC Audit Logging config (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6192\"\u003e#6192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eauthz: add support for stdout logger (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6230\"\u003e#6230\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6298\"\u003e#6298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eauthz: support customizable audit functionality for authorization policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6192\"\u003e#6192\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6230\"\u003e#6230\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6298\"\u003e#6298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6158\"\u003e#6158\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6304\"\u003e#6304\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6225\"\u003e#6225\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug Fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eorca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6245\"\u003e#6245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6361\"\u003e#6361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6361\"\u003e#6361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eAPI Changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eorca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6223\"\u003e#6223\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.55.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003estatus: To fix a panic, \u003ccode\u003estatus.FromError\u003c/code\u003e now returns an error with \u003ccode\u003ecodes.Unknown\u003c/code\u003e when the error implements the \u003ccode\u003eGRPCStatus()\u003c/code\u003e method, and calling \u003ccode\u003eGRPCStatus()\u003c/code\u003e returns \u003ccode\u003enil\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6374\"\u003e#6374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.55.0\u003c/h2\u003e\n\u003ch1\u003eBehavior Changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003exds: enable federation support by default (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6151\"\u003e#6151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003estatus: \u003ccode\u003estatus.Code\u003c/code\u003e and \u003ccode\u003estatus.FromError\u003c/code\u003e handle wrapped errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6031\"\u003e#6031\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6150\"\u003e#6150\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/1055b481ed2204a29d233286b9b50c42b63f8825\"\u003e\u003ccode\u003e1055b48\u003c/code\u003e\u003c/a\u003e Update version.go to 1.56.3 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6713\"\u003e#6713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/5efd7bd73e11fea58d1c7f1c110902e78a286299\"\u003e\u003ccode\u003e5efd7bd\u003c/code\u003e\u003c/a\u003e server: prohibit more than MaxConcurrentStreams handlers from running at once...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/bd1f038e7234580c2694e433bec5cd97e7b7f662\"\u003e\u003ccode\u003ebd1f038\u003c/code\u003e\u003c/a\u003e Upgrade version.go to 1.56.3-dev (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6434\"\u003e#6434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/faab8736bf73291f92b867d5dae31c927d53d508\"\u003e\u003ccode\u003efaab873\u003c/code\u003e\u003c/a\u003e Update version.go to v1.56.2 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6432\"\u003e#6432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/6b0b291d79831b1c8caafceec268b82c92253f96\"\u003e\u003ccode\u003e6b0b291\u003c/code\u003e\u003c/a\u003e status: fix panic when servers return a wrapped error with status OK (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6374\"\u003e#6374\u003c/a\u003e) ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/ed56401aa514462d5371713b8ec5c889da33953c\"\u003e\u003ccode\u003eed56401\u003c/code\u003e\u003c/a\u003e [PSM interop] Don't fail target if sub-target already failed (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6390\"\u003e#6390\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6405\"\u003e#6405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/cd6a794f0bdcf9a216e8f4d3c5717faf96d9fd78\"\u003e\u003ccode\u003ecd6a794\u003c/code\u003e\u003c/a\u003e Update version.go to v1.56.2-dev (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6387\"\u003e#6387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/5b67e5ea449ef0686a0c0b6de48cd4cb63e3db2a\"\u003e\u003ccode\u003e5b67e5e\u003c/code\u003e\u003c/a\u003e Update version.go to v1.56.1 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6386\"\u003e#6386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/d0f5150384a87f9fcac488a9c18727a55b7354c1\"\u003e\u003ccode\u003ed0f5150\u003c/code\u003e\u003c/a\u003e client: handle empty address lists correctly in addrConn.updateAddrs (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6354\"\u003e#6354\u003c/a\u003e) ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/997c1ea101cc5d496d2b148388f1df49632a9171\"\u003e\u003ccode\u003e997c1ea\u003c/code\u003e\u003c/a\u003e Change version to 1.56.1-dev (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6345\"\u003e#6345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-go/compare/v1.47.0...v1.56.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google.golang.org/protobuf` from 1.28.0 to 1.31.0\n\nUpdates `k8s.io/kubernetes` from 1.25.3 to 1.32.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kubernetes/kubernetes/releases\"\u003ek8s.io/kubernetes's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eKubernetes v1.32.7\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.6\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.5\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.4\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.3\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003ethe CHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003ethe CHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003ethe CHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.0-rc.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/158eee9fac884b429a92465edd0d88a43f81de34\"\u003e\u003ccode\u003e158eee9\u003c/code\u003e\u003c/a\u003e Release commit for Kubernetes v1.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/79edb7e03dc1744b483053f74ecc56e38961b289\"\u003e\u003ccode\u003e79edb7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132281\"\u003e#132281\u003c/a\u003e\u003ccode\u003eneolit123/automated-cherry-pick-of-#130782\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/39ec379044d251babf124f1150db63e957132cdc\"\u003e\u003ccode\u003e39ec379\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/131578\"\u003e#131578\u003c/a\u003e\u003ccode\u003endbaker1/automated-cherry-pick-of-#131251\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/bcb9d4ce05b5eadeccefd54ca9953b0875b39272\"\u003e\u003ccode\u003ebcb9d4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132727\"\u003e#132727\u003c/a\u003e\u003ccode\u003emimowo/automated-cherry-pick-of-#132614\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/f5f9e1b3cc09cda2621073c27c07098181a96525\"\u003e\u003ccode\u003ef5f9e1b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132861\"\u003e#132861\u003c/a\u003e\u003ccode\u003emimowo/automated-cherry-pick-of-#132502\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/bb2ad5a64465e839d2bc0cee0bf88fa4d7666188\"\u003e\u003ccode\u003ebb2ad5a\u003c/code\u003e\u003c/a\u003e Use per-policy marker names for VAP integration tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/5b6a01c2c6afe1e6b2288b5826115def2d36992c\"\u003e\u003ccode\u003e5b6a01c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132159\"\u003e#132159\u003c/a\u003e\u003ccode\u003elinxiulei/automated-cherry-pick-of-#132109\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/339ead430761b4032f7c8368f00e548f4c430ac4\"\u003e\u003ccode\u003e339ead4\u003c/code\u003e\u003c/a\u003e Review remarks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/4c58a9d19d05fd48f2ec3e3e6533bbc0ab58c1fe\"\u003e\u003ccode\u003e4c58a9d\u003c/code\u003e\u003c/a\u003e Fix validation for Job with suspend=true,completions=0 to set Complete condition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/c14c5722a2e8f357dac32be1e1018925b05158e0\"\u003e\u003ccode\u003ec14c572\u003c/code\u003e\u003c/a\u003e Update CHANGELOG/CHANGELOG-1.32.md for v1.32.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kubernetes/kubernetes/compare/v1.25.3...v1.32.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/golang-jwt/jwt` from 3.2.1+incompatible to 3.2.2+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang-jwt/jwt/releases\"\u003egithub.com/golang-jwt/jwt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eStarting from this release, we are adopting the policy to support the most 2 recent versions of Go currently available. By the time of this release, this is Go 1.15 and 1.16 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/28\"\u003e#28\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed a potential issue that could occur when the presence of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003eiat\u003c/code\u003e or \u003ccode\u003enbf\u003c/code\u003e was not required for verification and contained invalid contents, i.e. non-numeric/date. Thanks for \u003ca href=\"https://github.com/thaJeztah\"\u003e\u003ccode\u003e@​thaJeztah\u003c/code\u003e\u003c/a\u003e for making us aware of that and \u003ca href=\"https://github.com/giorgos-f3\"\u003e\u003ccode\u003e@​giorgos-f3\u003c/code\u003e\u003c/a\u003e for originally reporting it to the formtech fork (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/40\"\u003e#40\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded support for EdDSA / ED25519 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/36\"\u003e#36\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eOptimized allocations (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/33\"\u003e#33\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md\"\u003egithub.com/golang-jwt/jwt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ccode\u003ejwt-go\u003c/code\u003e Version History\u003c/h1\u003e\n\u003cp\u003eThe following version history is kept for historic purposes. To retrieve the current changes of each version, please refer to the change-log of the specific release versions on \u003ca href=\"https://github.com/golang-jwt/jwt/releases\"\u003ehttps://github.com/golang-jwt/jwt/releases\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduces support for Go modules. The \u003ccode\u003ev4\u003c/code\u003e version will be backwards compatible with \u003ccode\u003ev3.x.y\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eStarting from this release, we are adopting the policy to support the most 2 recent versions of Go currently available. By the time of this release, this is Go 1.15 and 1.16 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/28\"\u003e#28\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed a potential issue that could occur when the verification of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003eiat\u003c/code\u003e or \u003ccode\u003enbf\u003c/code\u003e was not required and contained invalid contents, i.e. non-numeric/date. Thanks for \u003ca href=\"https://github.com/thaJeztah\"\u003e\u003ccode\u003e@​thaJeztah\u003c/code\u003e\u003c/a\u003e for making us aware of that and \u003ca href=\"https://github.com/giorgos-f3\"\u003e\u003ccode\u003e@​giorgos-f3\u003c/code\u003e\u003c/a\u003e for originally reporting it to the formtech fork (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/40\"\u003e#40\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded support for EdDSA / ED25519 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/36\"\u003e#36\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eOptimized allocations (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/33\"\u003e#33\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eImport Path Change\u003c/strong\u003e: See MIGRATION_GUIDE.md for tips on updating your code\n\u003cul\u003e\n\u003cli\u003eChanged the import path from \u003ccode\u003egithub.com/dgrijalva/jwt-go\u003c/code\u003e to \u003ccode\u003egithub.com/golang-jwt/jwt\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFixed type confusing issue between \u003ccode\u003estring\u003c/code\u003e and \u003ccode\u003e[]string\u003c/code\u003e in \u003ccode\u003eVerifyAudience\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/12\"\u003e#12\u003c/a\u003e). This fixes CVE-2020-26160\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e3.2.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdded method \u003ccode\u003eParseUnverified\u003c/code\u003e to allow users to split up the tasks of parsing and validation\u003c/li\u003e\n\u003cli\u003eHMAC signing method returns \u003ccode\u003eErrInvalidKeyType\u003c/code\u003e instead of \u003ccode\u003eErrInvalidKey\u003c/code\u003e where appropriate\u003c/li\u003e\n\u003cli\u003eAdded options to \u003ccode\u003erequest.ParseFromRequest\u003c/code\u003e, which allows for an arbitrary list of modifiers to parsing behavior. Initial set include \u003ccode\u003eWithClaims\u003c/code\u003e and \u003ccode\u003eWithParser\u003c/code\u003e. Existing usage of this function will continue to work as before.\u003c/li\u003e\n\u003cli\u003eDeprecated \u003ccode\u003eParseFromRequestWithClaims\u003c/code\u003e to simplify API in the future.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e3.1.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprovements to \u003ccode\u003ejwt\u003c/code\u003e command line tool\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eSkipClaimsValidation\u003c/code\u003e option to \u003ccode\u003eParser\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation updates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e3.0.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCompatibility Breaking Changes\u003c/strong\u003e: See MIGRATION_GUIDE.md for tips on updating your code\n\u003cul\u003e\n\u003cli\u003eDropped support for \u003ccode\u003e[]byte\u003c/code\u003e keys when using RSA signing methods.  This convenience feature could contribute to security vulnerabilities involving mismatched key types with signing methods.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eParseFromRequest\u003c/code\u003e has been moved to \u003ccode\u003erequest\u003c/code\u003e subpackage and usage has changed\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eClaims\u003c/code\u003e property on \u003ccode\u003eToken\u003c/code\u003e is now type \u003ccode\u003eClaims\u003c/code\u003e instead of \u003ccode\u003emap[string]interface{}\u003c/code\u003e.  The default value is type \u003ccode\u003eMapClaims\u003c/code\u003e, which is an alias to \u003ccode\u003emap[string]interface{}\u003c/code\u003e.  This makes it possible to use a custom type when decoding claims.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eOther Additions and Changes\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eClaims\u003c/code\u003e interface type to allow users to decode the claims into a custom type\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eParseWithClaims\u003c/code\u003e, which takes a third argument of type \u003ccode\u003eClaims\u003c/code\u003e.  Use this function instead of \u003ccode\u003eParse\u003c/code\u003e if you have a custom type you'd like to decode into.\u003c/li\u003e\n\u003cli\u003eDramatically improved the functionality and flexibility of \u003ccode\u003eParseFromRequest\u003c/code\u003e, which is now in the \u003ccode\u003erequest\u003c/code\u003e subpackage\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eParseFromRequestWithClaims\u003c/code\u003e which is the \u003ccode\u003eFromRequest\u003c/code\u003e equivalent of \u003ccode\u003eParseWithClaims\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded new interface type \u003ccode\u003eExtractor\u003c/code\u003e, which is used for extracting JWT strings from http requests.  Used with \u003ccode\u003eParseFromRequest\u003c/code\u003e and \u003ccode\u003eParseFromRequestWithClaims\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded several new, more specific, validation errors to error type bitmask\u003c/li\u003e\n\u003cli\u003eMoved examples from README to executable example files\u003c/li\u003e\n\u003cli\u003eSigning method registry is now thread safe\u003c/li\u003e\n\u003cli\u003eAdded new property to \u003ccode\u003eValidationError\u003c/code\u003e, which contains the raw error returned by calls made by parse/verify (such as those returned by keyfunc or json parser)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/4bbdd8ac624fc7a9ef7aec841c43d99b5fe65a29\"\u003e\u003ccode\u003e4bbdd8a\u003c/code\u003e\u003c/a\u003e Prepare release 3.2.2 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/42\"\u003e#42\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/8e9d9ebf6f4a43a4ae610493f1cc0c05f5630350\"\u003e\u003ccode\u003e8e9d9eb\u003c/code\u003e\u003c/a\u003e Fix security vulnerability (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/324836737fe659697dc72a99569d7049b2f9b9d9\"\u003e\u003ccode\u003e3248367\u003c/code\u003e\u003c/a\u003e add ed25519 support (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/36\"\u003e#36\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/860640e8862db5e9e96147c826d1aaca518fa27b\"\u003e\u003ccode\u003e860640e\u003c/code\u003e\u003c/a\u003e Allocation optimization (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/33\"\u003e#33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/3008b2bdeacbf196c7f52b174d9ab0c9d9276110\"\u003e\u003ccode\u003e3008b2b\u003c/code\u003e\u003c/a\u003e remove support for Go \u0026lt;= 1.14 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/28\"\u003e#28\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang-jwt/jwt/compare/v3.2.1...v3.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/det...\n\n_Description has been truncated_","html_url":"https://github.com/etamong/test-infra/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/etamong%2Ftest-infra/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2774592918","node_id":"PR_kwDOK-QMD86lYO2W","number":349,"state":"open","title":"build(deps): bump the backend group across 1 directory with 23 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-26T10:09:17.000Z","updated_at":"2025-08-26T10:09:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"backend","update_count":23,"packages":[{"name":"github.com/Masterminds/semver/v3","old_version":"3.3.1","new_version":"3.4.0","repository_url":"https://github.com/Masterminds/semver"},{"name":"github.com/aquasecurity/trivy","old_version":"0.58.1","new_version":"0.65.0","repository_url":"https://github.com/aquasecurity/trivy"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/operator-framework/api","old_version":"0.29.0","new_version":"0.33.0","repository_url":"https://github.com/operator-framework/api"},{"name":"github.com/pquerna/otp","old_version":"1.4.0","new_version":"1.5.0","repository_url":"https://github.com/pquerna/otp"},{"name":"github.com/rs/zerolog","old_version":"1.33.0","new_version":"1.34.0","repository_url":"https://github.com/rs/zerolog"},{"name":"github.com/stretchr/testify","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/stretchr/testify"},{"name":"sigs.k8s.io/krew","old_version":"0.4.4","new_version":"0.4.5","repository_url":"https://github.com/kubernetes-sigs/krew"}],"path":null,"ecosystem":"go"},"body":"Bumps the backend group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.3.1` | `3.4.0` |\n| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.58.1` | `0.65.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n| [github.com/operator-framework/api](https://github.com/operator-framework/api) | `0.29.0` | `0.33.0` |\n| [github.com/pquerna/otp](https://github.com/pquerna/otp) | `1.4.0` | `1.5.0` |\n| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.33.0` | `1.34.0` |\n| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.10.0` | `1.11.0` |\n| [sigs.k8s.io/krew](https://github.com/kubernetes-sigs/krew) | `0.4.4` | `0.4.5` |\n\n\nUpdates `github.com/Masterminds/semver/v3` from 3.3.1 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/releases\"\u003egithub.com/Masterminds/semver/v3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cp\u003eThere are a few changes in this release to highlight:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003ccode\u003eConstraints\u003c/code\u003e now has a property \u003ccode\u003eIncludePrerelease\u003c/code\u003e. When set to true the \u003ccode\u003eCheck\u003c/code\u003e and \u003ccode\u003eValidate\u003c/code\u003e methods will include prereleases.\u003c/li\u003e\n\u003cli\u003eWhen an AND group has one constraint with a prerelease but more than one constraint then prereleases will be included. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2\u003c/code\u003e. In the past this would not have included prereleases because each constraint needed to have a prerelease. Now, only one constraint needs to have a prerelease. This is considered a long standing bug fix. Note, this does not carry across OR groups. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2 || \u0026gt; 3\u003c/code\u003e. In this case, prereleases will not be included when evaluating against \u003ccode\u003e\u0026gt;3\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eNewVersion\u003c/code\u003e coercion with leading \u0026quot;0\u0026quot;'s is restored. This can be disabled by setting the package level property \u003ccode\u003eCoerceNewVersion\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix the CodeQL link by \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore detailed errors when failed to parse with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/262\"\u003eMasterminds/semver#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating go version tested with by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/263\"\u003eMasterminds/semver#263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore the ability to have leading 0's with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/266\"\u003eMasterminds/semver#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle pre-releases on all in an and group by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/267\"\u003eMasterminds/semver#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd property to include prereleases by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/268\"\u003eMasterminds/semver#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating the error message handling by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/269\"\u003eMasterminds/semver#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the release notes and readme for new version by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/270\"\u003eMasterminds/semver#270\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ehttps://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/blob/master/CHANGELOG.md\"\u003egithub.com/Masterminds/semver/v3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.0 (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e: Added property to Constraints to include prereleases for Check and Validate\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/263\"\u003e#263\u003c/a\u003e: Updated Go testing for 1.24, 1.23, and 1.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e: Updated the error message handling for message case and wrapping errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e: Restore the ability to have leading 0's when parsing with NewVersion.\nOpt-out of this by setting CoerceNewVersion to false.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/257\"\u003e#257\u003c/a\u003e: Fixed the CodeQL link (thanks \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/262\"\u003e#262\u003c/a\u003e: Restored detailed errors when failed to parse with NewVersion. Opt-out\nof this by setting DetailedNewVersionErrors to false for faster performance.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e: Handle pre-releases for an \u0026quot;and\u0026quot; group if one constraint includes them\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/61fc460d28283a91c53be65c2e0f20b494ac8ad9\"\u003e\u003ccode\u003e61fc460\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/270\"\u003e#270\u003c/a\u003e from mattfarina/relnotes-3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/69a63e729f6254d980ff39c4ac89b5990f2be449\"\u003e\u003ccode\u003e69a63e7\u003c/code\u003e\u003c/a\u003e Update the release notes and readme for new version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/dc05094bcba909be3d0c14364bb14b5e9142dad4\"\u003e\u003ccode\u003edc05094\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e from mattfarina/lowercase-error-strings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/a2cd9c2c2e49a0a0af115a08be31d410eacdf9e4\"\u003e\u003ccode\u003ea2cd9c2\u003c/code\u003e\u003c/a\u003e Updating the error message handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/9760c473b7cc395e48276f7f2d0c33ae824e123a\"\u003e\u003ccode\u003e9760c47\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e from mattfarina/include-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/c3747513c320448dfaf6f75c6a06a14a6221896f\"\u003e\u003ccode\u003ec374751\u003c/code\u003e\u003c/a\u003e Add property to include prereleases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/057c901b9979a2a6b8e06adfbf96349a641ba2e1\"\u003e\u003ccode\u003e057c901\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e from mattfarina/fix-259\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/abab1c2f5fcf52a1483bfc4be892a0ad42afd09a\"\u003e\u003ccode\u003eabab1c2\u003c/code\u003e\u003c/a\u003e Handle pre-releases on all in an and group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/ebda872fa10e6cc730c5973bbdb512b9511eb65e\"\u003e\u003ccode\u003eebda872\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e from mattfarina/restore-calver\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/4ed619ef3b4f63d7c94b2e19725c2719054de3bd\"\u003e\u003ccode\u003e4ed619e\u003c/code\u003e\u003c/a\u003e Restore the ability to have leading 0's with NewVersion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aquasecurity/trivy` from 0.58.1 to 0.65.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/releases\"\u003egithub.com/aquasecurity/trivy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.65.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9287\"\u003e👉 Trivy v.65.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.65.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0650-2025-07-30\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.64.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e86ee3c1176d4707536914dfa65ac8eca452e14cd release: v0.64.1 [release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9122\"\u003e#9122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4e1272283a643bfca2d7231d286006219715fada fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9127\"\u003e#9127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e9a7d38432cf00f00970259e5ac3edd060e00ccff fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9124\"\u003e#9124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e53adfba3c25664b01e3a36fdec334b39b53c07f1 fix(rootio): check full version to detect \u003ccode\u003eroot.io\u003c/code\u003e packages [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9120\"\u003e#9120\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e8cf1bf9f6f86936ee7dcd29e0d1cd1ec106e28f6 fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9119\"\u003e#9119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.64.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9105\"\u003e👉 Trivy v.64.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.64.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0640-2025-06-30\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.63.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/8945\"\u003e👉 Trivy v.63.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.63.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0630-2025-05-29\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.62.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ec75ed2156c8fa801d6998016f46f6b953e8a9556 release: v0.62.1 [release/v0.62] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/8825\"\u003e#8825\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md\"\u003egithub.com/aquasecurity/trivy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.64.0...v0.65.0\"\u003e0.65.0\u003c/a\u003e (2025-07-30)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd graceful shutdown with signal handling (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9242\"\u003e#9242\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/2c05882f45071928c14d8212ef6c4f0f7048245d\"\u003e2c05882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd HTTP request/response tracing support (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9125\"\u003e#9125\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/aa5b32a19f4d61d0df72c11fd314c5a0b7284202\"\u003eaa5b32a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ealma:\u003c/strong\u003e add AlmaLinux 10 support (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9207\"\u003e#9207\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/861d51e99a45ee448f86fe195dedcaefb811c919\"\u003e861d51e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eflag:\u003c/strong\u003e add schema validation for \u003ccode\u003e--server\u003c/code\u003e flag (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9270\"\u003e#9270\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/ed4640ec27f2575a50d7e6d516c9e2e45a59bb7f\"\u003eed4640e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eimage:\u003c/strong\u003e add Docker context resolution (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9166\"\u003e#9166\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/99cd4e776c0c6cc689126e53fa86ee6333ba6277\"\u003e99cd4e7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elicense:\u003c/strong\u003e observe pkg types option in license scanner (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9091\"\u003e#9091\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/d44af8cfa21a145d14ca6e5e1ed4742d892f2dc5\"\u003ed44af8c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e add private ip google access attribute to subnetwork (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9199\"\u003e#9199\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/263845cfc1419401f24adc8bc6316f3ea0caacad\"\u003e263845c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e added logging and versioning to the gcp storage bucket (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9226\"\u003e#9226\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/110f80ea29951863997dd5a1c48fe14eb81e230b\"\u003e110f80e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erepo:\u003c/strong\u003e add git repository metadata to reports (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9252\"\u003e#9252\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f4b2cf10e917d58c0840f789e083bd3f268a8af1\"\u003ef4b2cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereport:\u003c/strong\u003e add CVSS vectors in sarif report (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9157\"\u003e#9157\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/60723e6cfce82ede2863cf545a189c581246f4e9\"\u003e60723e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e add SHA-512 hash support for CycloneDX SBOM (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9126\"\u003e#9126\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/12d6706961423acb12430c8b3d986b4aa4671d04\"\u003e12d6706\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ealma:\u003c/strong\u003e parse epochs from rpmqa file (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9101\"\u003e#9101\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/82db2fcc8034c911cc7a67f5a82d2f081d9c1fdf\"\u003e82db2fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ealso check \u003ccode\u003efilepath\u003c/code\u003e when removing duplicate packages (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9142\"\u003e#9142\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/4d10a815dde53f5e128366f1dd0837a1dc29c17b\"\u003e4d10a81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eaws:\u003c/strong\u003e update amazon linux 2 EOL date (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9176\"\u003e#9176\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/0ecfed6ea75cfe33e0f436a9015ac72a679e754e\"\u003e0ecfed6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e Add more non-sensitive flags to telemetry (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9110\"\u003e#9110\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/7041a39bdcf21c5b3114137d9a931f529eac2566\"\u003e7041a39\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e ensure correct command is picked by telemetry (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9260\"\u003e#9260\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4ad00f301a5fd7326060a567871c6f4a9711696\"\u003eb4ad00f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e panic: attempt to get os.Args[1] when len(os.Args) \u0026lt; 2 (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9206\"\u003e#9206\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/adfa879e4e8ab88f211222a13d2b89013ae9a853\"\u003eadfa879\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elicense:\u003c/strong\u003e add missed \u003ccode\u003eGFDL-NIV-1.1\u003c/code\u003e and \u003ccode\u003eGFDL-NIV-1.2\u003c/code\u003e into Trivy mapping (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9116\"\u003e#9116\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/a692f296d15f7241ba5ff082e4e69926b1c728a8\"\u003ea692f29\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elicense:\u003c/strong\u003e handle WITH operator for \u003ccode\u003eLaxSplitLicenses\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9232\"\u003e#9232\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4193d0d31a167aafdcd9d9ccd89f3f124eef7ee\"\u003eb4193d0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emigrate from \u003ccode\u003e*.list\u003c/code\u003e to \u003ccode\u003e*.md5sums\u003c/code\u003e files for \u003ccode\u003edpkg\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9131\"\u003e#9131\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f224de3e39b08672212ec0f94660c36bef77bc30\"\u003ef224de3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e correctly adapt azure storage account (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9138\"\u003e#9138\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/51aa0222604829706193eb2ff3a6886742bb42b4\"\u003e51aa022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e correctly parse empty port ranges in google_compute_firewall (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9237\"\u003e#9237\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/77bab7b6d25c712e2db7dc53956985c2721728e9\"\u003e77bab7b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e fix log bucket in schema (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9235\"\u003e#9235\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/7ebc129ab726f3133d940708837b7edda2621105\"\u003e7ebc129\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e skip rewriting expr if attr is nil (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9113\"\u003e#9113\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/42ccd3df9a7c838a99facb8248e1a68eaf47a999\"\u003e42ccd3d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enodejs:\u003c/strong\u003e don't use prerelease logic for compare npm constraints  (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9208\"\u003e#9208\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/fe96436b99bae3bbfc7498d2ad222d4acccdfcf1\"\u003efe96436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprevent graceful shutdown message on normal exit (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9244\"\u003e#9244\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/6095984d5340633740204a7a40f002a5643802b9\"\u003e6095984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erootio:\u003c/strong\u003e check full version to detect \u003ccode\u003eroot.io\u003c/code\u003e packages (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9117\"\u003e#9117\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/c2ddd44d98594a2066cb5b5acbb9ad2aaad8fd96\"\u003ec2ddd44\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erootio:\u003c/strong\u003e fix severity selection (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9181\"\u003e#9181\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/6fafbeb60609a020b47266743250ea847234cbbd\"\u003e6fafbeb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e merge in-graph and out-of-graph OS packages in scan results (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9194\"\u003e#9194\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/aa944cc6da43e2035f74e9d842f487c0d2f993f4\"\u003eaa944cc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e use correct field for licenses in CycloneDX reports (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9057\"\u003e#9057\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/143da88dd82dfbe204f4c2afe46af3b01701675d\"\u003e143da88\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecret:\u003c/strong\u003e add UTF-8 validation in secret scanner to prevent protobuf marshalling errors (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9253\"\u003e#9253\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/54832a77b50e2da3a3ceacbb6ce1b13e45605cde\"\u003e54832a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecret:\u003c/strong\u003e fix line numbers for multiple-line secrets (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9104\"\u003e#9104\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/e57974649e4a3a275b9cf02db191b3f6bf10340f\"\u003ee579746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eserver:\u003c/strong\u003e add HTTP transport setup to server mode (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9217\"\u003e#9217\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1163b044c7e91a81bba3a862cc4a38e90182f0b4\"\u003e1163b04\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupporting .egg-info/METADATA in python.Packaging analyzer (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9151\"\u003e#9151\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/e306e2dc5275c0e75f056c8c7ee9ff9261c78e7f\"\u003ee306e2d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eterraform:\u003c/strong\u003e \u003ccode\u003efor_each\u003c/code\u003e on a map returns a resource for every key (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9156\"\u003e#9156\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/153318f65f7e5059bcc064bd2cd651cc720791a9\"\u003e153318f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.63.0...v0.64.0\"\u003e0.64.0\u003c/a\u003e (2025-06-30)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b2b15459bac0efef73531c73b45e80d40ddd0fec\"\u003e\u003ccode\u003eb2b1545\u003c/code\u003e\u003c/a\u003e release: v0.65.0 [main] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9108\"\u003e#9108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4ad00f301a5fd7326060a567871c6f4a9711696\"\u003e\u003ccode\u003eb4ad00f\u003c/code\u003e\u003c/a\u003e fix(cli): ensure correct command is picked by telemetry (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9260\"\u003e#9260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/ed4640ec27f2575a50d7e6d516c9e2e45a59bb7f\"\u003e\u003ccode\u003eed4640e\u003c/code\u003e\u003c/a\u003e feat(flag): add schema validation for \u003ccode\u003e--server\u003c/code\u003e flag (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9270\"\u003e#9270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1a0c038fa567f4b04b610dc3d994222a77ae8efc\"\u003e\u003ccode\u003e1a0c038\u003c/code\u003e\u003c/a\u003e chore(deps): bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/011cefc325ba25c0cd70c80356f7d48dc4d19588\"\u003e\u003ccode\u003e011cefc\u003c/code\u003e\u003c/a\u003e ci: skip undefined labels in discussion triage action (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9175\"\u003e#9175\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f4b2cf10e917d58c0840f789e083bd3f268a8af1\"\u003e\u003ccode\u003ef4b2cf1\u003c/code\u003e\u003c/a\u003e feat(repo): add git repository metadata to reports (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9252\"\u003e#9252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4193d0d31a167aafdcd9d9ccd89f3f124eef7ee\"\u003e\u003ccode\u003eb4193d0\u003c/code\u003e\u003c/a\u003e fix(license): handle WITH operator for \u003ccode\u003eLaxSplitLicenses\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9232\"\u003e#9232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/d2d0ec2b6d71a8228fd707eee1b7e0f0aa3ab0d1\"\u003e\u003ccode\u003ed2d0ec2\u003c/code\u003e\u003c/a\u003e chore: add modernize tool integration for code modernization (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9251\"\u003e#9251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/54832a77b50e2da3a3ceacbb6ce1b13e45605cde\"\u003e\u003ccode\u003e54832a7\u003c/code\u003e\u003c/a\u003e fix(secret): add UTF-8 validation in secret scanner to prevent protobuf marsh...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/8f5b56005a4e8752976524750089dc9ea2c91e40\"\u003e\u003ccode\u003e8f5b560\u003c/code\u003e\u003c/a\u003e chore: implement process-safe temp file cleanup (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9241\"\u003e#9241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.58.1...v0.65.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/coreos/go-oidc` from 2.2.1+incompatible to 2.3.0+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/coreos/go-oidc/releases\"\u003egithub.com/coreos/go-oidc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport signed jwt userinfo response by \u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e*: s/Json/JSON/g to appease lint by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/255\"\u003ecoreos/go-oidc#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euserinfo - handling charset in Content-Type header by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/261\"\u003ecoreos/go-oidc#261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange Go Version Used in .travis.yml to v1.14 by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIDTokenVerifier: fix typo word in Verify function's comment by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/266\"\u003ecoreos/go-oidc#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ealso run travis tests under 1.15 by \u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esupport AWS Cognito, which is not completely OIDC compliant  by \u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded power support by \u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix up v2 CI by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/448\"\u003ecoreos/go-oidc#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to maintained go-jose library by \u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ehttps://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/b7e896c40598f5307b3b5a163b6ad02ae97ec1a5\"\u003e\u003ccode\u003eb7e896c\u003c/code\u003e\u003c/a\u003e Switch to maintained gopkg.in/go-jose/go-jose.v2 library\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a57141768115b09a2f823a17726d25c998a7fc9d\"\u003e\u003ccode\u003ea571417\u003c/code\u003e\u003c/a\u003e fix up v2 CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/e05c4c73b4b5f159727021bf2921c214f61b2688\"\u003e\u003ccode\u003ee05c4c7\u003c/code\u003e\u003c/a\u003e Added power support (\u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/0a5cd3377ca67c9a7b81961f8fb286bf59891370\"\u003e\u003ccode\u003e0a5cd33\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/257\"\u003e#257\u003c/a\u003e from OurRootsOrg/v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/8e61fd8dcfb5e3af82a8a808b7d85f1044548d29\"\u003e\u003ccode\u003e8e61fd8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/275\"\u003e#275\u003c/a\u003e from mikedanese/bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a4badd1273bf233eccb3fe596b27ba8054fa9bb4\"\u003e\u003ccode\u003ea4badd1\u003c/code\u003e\u003c/a\u003e also run travis tests under 1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/50700f92176680a141cb7ccb894de3b09a30b709\"\u003e\u003ccode\u003e50700f9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/266\"\u003e#266\u003c/a\u003e from dickynovanto1103/fix-typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/86d950ac3f3c4a8ef9ca3197a5a0187c5b2e60d7\"\u003e\u003ccode\u003e86d950a\u003c/code\u003e\u003c/a\u003e IDTokenVerifier: fix typo word: \u003ccode\u003epreforms\u003c/code\u003e to \u003ccode\u003eperforms\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/638d1d6486cae85e18718a1c2a71259ae05f4855\"\u003e\u003ccode\u003e638d1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/268\"\u003e#268\u003c/a\u003e from dickynovanto1103/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/2b28d0cc38907454ddd8644363eb1e893ac07b69\"\u003e\u003ccode\u003e2b28d0c\u003c/code\u003e\u003c/a\u003e add support for AWS Cognito, which returns email_verified as a string instead...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-chi/chi/v5` from 5.2.0 to 5.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-chi/chi/releases\"\u003egithub.com/go-chi/chi/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e⚠️  Chi supports Go 1.20+\u003c/h2\u003e\n\u003cp\u003eStarting this release, we will now support the four most recent major versions of Go. See \u003ca href=\"https://redirect.github.com/go-chi/chi/issues/963\"\u003ego-chi/chi#963\u003c/a\u003e for related discussion.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport the four most recent major versions of Go by \u003ca href=\"https://github.com/VojtechVitek\"\u003e\u003ccode\u003e@​VojtechVitek\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/969\"\u003ego-chi/chi#969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/go-chi/chi/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/71307f9b7e4e9527638bc951c42b782cd1560331\"\u003e\u003ccode\u003e71307f9\u003c/code\u003e\u003c/a\u003e Support the four most recent major versions of Go (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/969\"\u003e#969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.0...v5.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-git/go-git/v5` from 5.13.1 to 5.16.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-git/go-git/releases\"\u003egithub.com/go-git/go-git/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1567\"\u003ego-git/go-git#1567\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: merkletrie, Fix diff on sparse-checkout index. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1406\"\u003e#1406\u003c/a\u003e to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v5] plumbing: support mTLS for HTTPS protocol by \u003ca href=\"https://github.com/hiddeco\"\u003e\u003ccode\u003e@​hiddeco\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1510\"\u003ego-git/go-git#1510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1515\"\u003ego-git/go-git#1515\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: add cert auth support to \u003ccode\u003ereleases/v5.x\u003c/code\u003e by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1482\"\u003ego-git/go-git#1482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: Bump dependencies by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1505\"\u003ego-git/go-git#1505\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev5: Bump Go and dependencies to mitigate \u003ca href=\"https://pkg.go.dev/vuln/GO-2025-3487\"\u003eGO-2025-3487\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1436\"\u003ego-git/go-git#1436\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e:warning: Note that this version requires Go 1.23, due to the bump to \u003ccode\u003egolang.org/x/crypto@v0.35.0\u003c/code\u003e which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.13.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: use the correct user agent string. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/883\"\u003e#883\u003c/a\u003e by \u003ca href=\"https://github.com/uragirii\"\u003e\u003ccode\u003e@​uragirii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1364\"\u003ego-git/go-git#1364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1365\"\u003ego-git/go-git#1365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump the golang-org group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1367\"\u003ego-git/go-git#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1368\"\u003ego-git/go-git#1368\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1378\"\u003ego-git/go-git#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github/codeql-action from 3.28.0 to 3.28.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1376\"\u003ego-git/go-git#1376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1377\"\u003ego-git/go-git#1377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree, fix restoring dot slash files (backported to v5). Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1176\"\u003e#1176\u003c/a\u003e by \u003ca href=\"https://github.com/BeChris\"\u003e\u003ccode\u003e@​BeChris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1361\"\u003ego-git/go-git#1361\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/ed8216c4a2c3fdb7e4e31ce242bf7847356623c9\"\u003e\u003ccode\u003eed8216c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1567\"\u003e#1567\u003c/a\u003e from kane8n/backport-to-v5-patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/4f35ebab20f1034df1df943044903e7044e6cdf4\"\u003e\u003ccode\u003e4f35eba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1484\"\u003e#1484\u003c/a\u003e from patricsss/patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/fd1a83688236df0299d5cd677f04dccad073500c\"\u003e\u003ccode\u003efd1a836\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1561\"\u003e#1561\u003c/a\u003e from kane8n/backport-to-v5-fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/c3c841090facce33faa2c80ca475ee673442b4a5\"\u003e\u003ccode\u003ec3c8410\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1492\"\u003e#1492\u003c/a\u003e from onee-only/fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/6d4a5c61232251b48ae4238d39830ccc894ef4d8\"\u003e\u003ccode\u003e6d4a5c6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1515\"\u003e#1515\u003c/a\u003e from pjbgf/regre\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/beedd6bc1892182daa36dd45013ff28857320f58\"\u003e\u003ccode\u003ebeedd6b\u003c/code\u003e\u003c/a\u003e plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/763ce2e08aa1398c7e9e153ae3346891c80dc467\"\u003e\u003ccode\u003e763ce2e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1510\"\u003e#1510\u003c/a\u003e from hiddeco/mtls-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/5320e1b6b4578aa7272de1fa535051b9b86fbbfb\"\u003e\u003ccode\u003e5320e1b\u003c/code\u003e\u003c/a\u003e plumbing: surface transport configuration errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/9bbc93b719b15a5e0955ed9c2f6aa008f13f7e86\"\u003e\u003ccode\u003e9bbc93b\u003c/code\u003e\u003c/a\u003e plumbing: fix unintended pointer mutation in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/f3783f4abf49642326f67683f22d468db87a8822\"\u003e\u003ccode\u003ef3783f4\u003c/code\u003e\u003c/a\u003e plumbing: support mTLS for HTTPS protocol\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.1...v5.16.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/google/go-containerregistry` from 0.20.2 to 0.20.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/go-containerregistry/releases\"\u003egithub.com/google/go-containerregistry's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.20.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure that tag name is not empty if name contains colon by \u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump some deps by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2110\"\u003egoogle/go-containerregistry#2110\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.4 - Not usable as a go module\u003c/h2\u003e\n\u003cp\u003e🚨 This release was published to the Go module proxy and then re-tagged with a different commit. This means it's not usable as a Go module (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2107\"\u003egoogle/go-containerregistry#2107\u003c/a\u003e) -- please us v0.20.5 instead.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eremote/transport: Make bearer transport go-routine-safe by \u003ca href=\"https://github.com/2opremio\"\u003e\u003ccode\u003e@​2opremio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/1806\"\u003egoogle/go-containerregistry#1806\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose compare package by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2001\"\u003egoogle/go-containerregistry#2001\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/59a4b85930392a30c39462519adc8a2026d47181\"\u003e\u003ccode\u003e59a4b85\u003c/code\u003e\u003c/a\u003e Bump some deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2110\"\u003e#2110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/5b1039536cfa10ed0d467dd13f279665bfd48ad9\"\u003e\u003ccode\u003e5b10395\u003c/code\u003e\u003c/a\u003e Ensure that tag name is not empty if name contains colon (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2094\"\u003e#2094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/4eb8c4d84ef07af279d5dcc0b210d9eaa7bc79e3\"\u003e\u003ccode\u003e4eb8c4d\u003c/code\u003e\u003c/a\u003e Update validator action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2106\"\u003e#2106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/78d4a6e980c634a90ecd5729a0a5c8235923724e\"\u003e\u003ccode\u003e78d4a6e\u003c/code\u003e\u003c/a\u003e Update provenance action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2105\"\u003e#2105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/33840ffc70721fcc49e2f2a54c4b9fa5cf358edf\"\u003e\u003ccode\u003e33840ff\u003c/code\u003e\u003c/a\u003e Update goreleaser permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2104\"\u003e#2104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/8d47c3776e7873544e5f0ac3fe8787f27b95d63e\"\u003e\u003ccode\u003e8d47c37\u003c/code\u003e\u003c/a\u003e Update CodeQL permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2103\"\u003e#2103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/a61de150b11db9e2005bdc0ae5958aadbd5931c1\"\u003e\u003ccode\u003ea61de15\u003c/code\u003e\u003c/a\u003e implement TextMarshaler/JSONMarshaler more consistently (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2097\"\u003e#2097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/1d5b256a397177b0df69c259893bd93e6fc38bbe\"\u003e\u003ccode\u003e1d5b256\u003c/code\u003e\u003c/a\u003e bump go version + bump deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2093\"\u003e#2093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/ccaa0d6a53fde4b8b205ef3f0c3474c65079b740\"\u003e\u003ccode\u003eccaa0d6\u003c/code\u003e\u003c/a\u003e Migrate linter to v2 (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/098045d5e61ff426a61a0eecc19ad0c433cd35a9\"\u003e\u003ccode\u003e098045d\u003c/code\u003e\u003c/a\u003e build(deps): bump docker/docker to v28.0.0+incompatible (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.2...v0.20.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/open-policy-agent/opa` from 0.70.0 to 1.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/releases\"\u003egithub.com/open-policy-agent/opa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImprovements to the OPA website and documentation\u003c/li\u003e\n\u003cli\u003eAllowing keywords in Rego references\u003c/li\u003e\n\u003cli\u003eParallel test execution\u003c/li\u003e\n\u003cli\u003eFaster built-in function execution\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eModernized OPA Website (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7037\"\u003e#7037\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eWe're continuing to modernize the OPA website with a new design and improved user experience.\u003c/p\u003e\n\u003cp\u003eSome highlights:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference#built-in-functions\"\u003eBuiltins\u003c/a\u003e: You can now search them on the docs page!\u003c/li\u003e\n\u003cli\u003eSidebar redesign: Making it easier to find what you're looking for in our docs\u003c/li\u003e\n\u003cli\u003eFeedback forms: Closing the feedback loop between docs authors and readers -- Please let us know if you dislike, or like, a docs page.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs#1-download-opa\"\u003eDownloads page\u003c/a\u003e: Find your OS' installation instructions on a less cluttered page!\u003c/li\u003e\n\u003cli\u003eAnd much more\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sky3n3t\"\u003e\u003ccode\u003e@​sky3n3t\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eAllowing keywords in Rego references (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7709\"\u003e#7709\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003ePreviously, Rego references could not contain terms that conflict with Rego keywords such as \u003ccode\u003epackage\u003c/code\u003e, \u003ccode\u003eif\u003c/code\u003e, \u003ccode\u003eelse\u003c/code\u003e, \u003ccode\u003enot\u003c/code\u003e, etc.\nin certain constructs:\u003c/p\u003e\n\u003cpre lang=\"rego\"\u003e\u003ccode\u003epackage example\n\u003cp\u003eallow if {\ninput.package.source         # not allowed (before v1.6.0)\ninput[\u0026quot;package\u0026quot;].destination # allowed\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe constraints for valid Rego references have been relaxed to allow keywords.\nThe above example is now valid and will no longer cause a compilation error.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/johanfylling\"\u003e\u003ccode\u003e@​johanfylling\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eParallel Test Execution (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7442\"\u003e#7442\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eBy default, OPA will now run tests in parallel (defaulting to one parallel execution thread per available CPU core), significantly speeding up test execution time for large test suites.\nThe performance boost is closely tied to the number of tests in your project and your selected parallelism level. For larger projects and default settings, 2-3x performance gains have been measured on a MacBook Pro.\u003c/p\u003e\n\u003cp\u003eParallelism can be disabled to run tests sequentially by setting the \u003ccode\u003e--parallel\u003c/code\u003e flag to \u003ccode\u003e1\u003c/code\u003e. E.g. \u003ccode\u003eopa test . --parallel=1\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md\"\u003egithub.com/open-policy-agent/opa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.6.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImprovements to the OPA website and documentation\u003c/li\u003e\n\u003cli\u003eAllowing keywords in Rego references\u003c/li\u003e\n\u003cli\u003eParallel test execution\u003c/li\u003e\n\u003cli\u003eFaster built-in function execution\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eModernized OPA Website (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7037\"\u003e#7037\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eWe're continuing to modernize the OPA website with a new design and improved user experience.\u003c/p\u003e\n\u003cp\u003eSome highlights:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference#built-in-functions\"\u003eBuiltins\u003c/a\u003e: You can now search them on the docs page!\u003c/li\u003e\n\u003cli\u003eSidebar redesign: Making it easier to find what you're looking for in our docs\u003c/li\u003e\n\u003cli\u003eFeedback forms: Closing the feedback loop between docs authors and readers -- Please let us know if you dislike, or like, a docs page.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs#1-download-opa\"\u003eDownloads page\u003c/a\u003e: Find your OS' installation instructions on a less cluttered page!\u003c/li\u003e\n\u003cli\u003eAnd much more\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sky3n3t\"\u003e\u003ccode\u003e@​sky3n3t\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eAllowing keywords in Rego references (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7709\"\u003e#7709\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003ePreviously, Rego references could not contain terms that conflict with Rego keywords such as \u003ccode\u003epackage\u003c/code\u003e, \u003ccode\u003eif\u003c/code\u003e, \u003ccode\u003eelse\u003c/code\u003e, \u003ccode\u003enot\u003c/code\u003e, etc.\nin certain constructs:\u003c/p\u003e\n\u003cpre lang=\"rego\"\u003e\u003ccode\u003epackage example\n\u003cp\u003eallow if {\ninput.package.source         # not allowed (before v1.6.0)\ninput[\u0026quot;package\u0026quot;].destination # allowed\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe constraints for valid Rego references have been relaxed to allow keywords.\nThe above example is now valid and will no longer cause a compilation error.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/johanfylling\"\u003e\u003ccode\u003e@​johanfylling\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eParallel Test Execution (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7442\"\u003e#7442\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eBy default, OPA will now run tests in parallel (defaulting to one parallel execution thread per available CPU core), significantly speeding up test execution time for large test suites.\nThe performance boost is closely tied to the number of tests in your project and your selected parallelism level. For larger projects and default settings, 2-3x performance gains have been measured on a MacBook Pro.\u003c/p\u003e\n\u003cp\u003eParallelism can be disabled to run tests sequentially by setting the \u003ccode\u003e--parallel\u003c/code\u003e flag to \u003ccode\u003e1\u003c/code\u003e. E.g. \u003ccode\u003eopa test . --parallel=1\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/710b5a62789fbe8ad231b2fc0090c664f1ac93ba\"\u003e\u003ccode\u003e710b5a6\u003c/code\u003e\u003c/a\u003e Prepare v1.6.0 release (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7732\"\u003e#7732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d3e83fbd773514a7bf1cba728371457714189579\"\u003e\u003ccode\u003ed3e83fb\u003c/code\u003e\u003c/a\u003e website: add titles back to the sidebar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/fc51c9ca0bc541bd835beed518d04c949e660837\"\u003e\u003ccode\u003efc51c9c\u003c/code\u003e\u003c/a\u003e docs: Revise sidebar order and layout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/13b9e521e9c1bf38870eeb610630ba7335ac86db\"\u003e\u003ccode\u003e13b9e52\u003c/code\u003e\u003c/a\u003e ast: Ensure surplus leading zeros always error (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7726\"\u003e#7726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/9750787ae4527392e8c46f83c3ff4f5184fe8051\"\u003e\u003ccode\u003e9750787\u003c/code\u003e\u003c/a\u003e perf: Only pass built-in context to calls depending on it (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7728\"\u003e#7728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/2b4722e90da8837436d2d9e6b9702267d94a1c7b\"\u003e\u003ccode\u003e2b4722e\u003c/code\u003e\u003c/a\u003e docs: Redirect old admission control link (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7730\"\u003e#7730\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/3a560fa2475f9e143b106bf7019178ba3d93dd77\"\u003e\u003ccode\u003e3a560fa\u003c/code\u003e\u003c/a\u003e docs: Update sidebar (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7723\"\u003e#7723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d917e3a4a8fe44e7ff40a937c9f8b0dc6ca6801c\"\u003e\u003ccode\u003ed917e3a\u003c/code\u003e\u003c/a\u003e plugin/decision: check if event is too large after compression (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7521\"\u003e#7521\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/817b6635a80f8c8e9607ea36360a5b78c6f48e5d\"\u003e\u003ccode\u003e817b663\u003c/code\u003e\u003c/a\u003e ast,format: Allowing keywords in Rego references (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7709\"\u003e#7709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/1679d797980c2ff6b21647ec6f5280b61034045b\"\u003e\u003ccode\u003e1679d79\u003c/code\u003e\u003c/a\u003e docs: Move code example data inside the PlaygroundComponent (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7724\"\u003e#7724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-policy-agent/opa/compare/v0.70.0...v1.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/opencontainers/image-spec` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opencontainers/image-spec/releases\"\u003egithub.com/opencontainers/image-spec's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003eVote Passed  \u003ccode\u003e[+5 -0 nv1]\u003c/code\u003e  - \u003ca href=\"https://groups.google.com/a/opencontainers.org/g/dev/c/T-olx0jdT18\"\u003ehttps://groups.google.com/a/opencontainers.org/g/dev/c/T-olx0jdT18\u003c/a\u003e\n\u003cstrong\u003eRelease PR\u003c/strong\u003e : \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/pull/1247\"\u003eopencontainers/image-spec#1247\u003c/a\u003e\n\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/opencontainers/image-spec/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/opencontainers/image-spec/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/147f9c13cedb47a0c4d9a11a222961073d585877\"\u003e\u003ccode\u003e147f9c1\u003c/code\u003e\u003c/a\u003e Release v1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/fbb4662eb53b80bd38f7597406cf1211317768f0\"\u003e\u003ccode\u003efbb4662\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1238\"\u003e#1238\u003c/a\u003e from mkenigs/wording-nit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/81e457e1db4ee2f924f357264bbe5c0daa029fcd\"\u003e\u003ccode\u003e81e457e\u003c/code\u003e\u003c/a\u003e Fix grammar nit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/92353b0bee778725c617e7d57317b568a7796bd0\"\u003e\u003ccode\u003e92353b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1225\"\u003e#1225\u003c/a\u003e from sudo-bmitch/pr-doc-go-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/1a0b9f98c1c11718d80223fbf089d2aa37077c84\"\u003e\u003ccode\u003e1a0b9f9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1230\"\u003e#1230\u003c/a\u003e from sudo-bmitch/pr-layout-extensibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/f2726353bb5752468e8458583cbd4084815f9c72\"\u003e\u003ccode\u003ef272635\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1228\"\u003e#1228\u003c/a\u003e from sudo-bmitch/pr-mixed-digest-algo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/e0462ab8067a57f91114dc2bab4dacebce1c3f26\"\u003e\u003ccode\u003ee0462ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1229\"\u003e#1229\u003c/a\u003e from tianon/setup-go\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/cf536e39757294783fa346666fb2b2bb0d50cb58\"\u003e\u003ccode\u003ecf536e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1227\"\u003e#1227\u003c/a\u003e from sudo-bmitch/pr-rm-project-doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/60acaacb8003bff5882298333a4a017d6aedcd6a\"\u003e\u003ccode\u003e60acaac\u003c/code\u003e\u003c/a\u003e Document extensibility of the image layout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/4dcf9627be8cc874a43b2fa5ede5549136b37fb2\"\u003e\u003ccode\u003e4dcf962\u003c/code\u003e\u003c/a\u003e Document Go version policy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/opencontainers/image-spec/compare/v1.1.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/operator-framework/api` from 0.29.0 to 0.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/operator-framework/api/releases\"\u003egithub.com/operator-framework/api's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.33.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 in the k8s-dependencies group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/operator-framework/api/pull/436\"\u003eoperator-framework/api#436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github.com/google/cel-go from 0.25.0 to 0.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/operator-framework/api/pull/437\"\u003eoperator-framework/api#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enormalize unit test targets across repos.  add skip/target test args by \u003ca href=\"https://github.com/grokspawn\"\u003e\u003ccode\u003e@​grokspawn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/operator-framework/api/pull/438\"\u003eoperator-framework/api#438\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version to fix \u003ca href=\"https://pkg.go.dev/vuln/GO-2025-3751\"\u003ehttps...\n\n_Description has been truncated_","html_url":"https://github.com/Rose2161/hub/pull/349","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Rose2161%2Fhub/issues/349","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/349/packages"},{"uuid":"2769517599","node_id":"PR_kwDOPjLc186lE3wf","number":6,"state":"open","title":"chore(deps): bump github.com/gorilla/csrf from 1.7.0 to 1.7.3","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-24T03:18:26.000Z","updated_at":"2025-08-24T03:18:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.0","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.0 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.0...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.0\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Reality2byte/eth2-beaconchain-explorer/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Reality2byte/eth2-beaconchain-explorer/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Reality2byte%2Feth2-beaconchain-explorer/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"2758937155","node_id":"PR_kwDOPhBrr86kcgpD","number":1,"state":"closed","title":"Bump the go_modules group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-20T08:49:35.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-20T08:48:50.000Z","updated_at":"2025-08-20T08:49:35.000Z","time_to_close":45,"merged_at":"2025-08-20T08:49:35.000Z","merged_by":"encode9241","closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":2,"packages":[{"name":"github.com/gorilla/csrf","old_version":"1.6.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"golang.org/x/crypto","old_version":"0.0.0-20200128174031-69ecbb4d6d5d","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 2 updates in the / directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf) and [golang.org/x/crypto](https://github.com/golang/crypto).\n\nUpdates `github.com/gorilla/csrf` from 1.6.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.0\u003c/h2\u003e\n\u003cp\u003e📢  This release of \u003cem\u003egorilla/csrf\u003c/em\u003e changes the default \u003ccode\u003eSameSite\u003c/code\u003e cookie attribute to address changes in the SameSite spec (see \u003ca href=\"https://redirect.github.com/golang/go/issues/36990\"\u003egolang/go#36990\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ePreviously\u003c/strong\u003e: The \u003ccode\u003eSameSiteDefaultMode\u003c/code\u003e in \u003cem\u003ecsrf\u003c/em\u003e (prior to v1.7.0) would set \u003ccode\u003eSameSite\u003c/code\u003e on the cookie, which is not valid in some browsers, notably older versions of Chrome/Android. These browsers would not set cookies with this \u0026quot;invalid\u0026quot; attribute.\n\u003cstrong\u003eNow\u003c/strong\u003e: The default mode is \u003ccode\u003eSameSite=Lax\u003c/code\u003e, which is \u003ca href=\"https://caniuse.com/#feat=same-site-cookie-attribute\"\u003esupported by Chrome v51, Firefox v60, Safari v13 and most recent browsers\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIf you're new to SameSite, read \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite\"\u003ethe MDN documentation\u003c/a\u003e for a great overview on why this attribute helps prevent cookies from being 'leaked' to third-party domains unintentionally.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSet SameSite=Lax by default (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/136\"\u003e#136\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't set a default samesite for backwards compatibility (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/132\"\u003e#132\u003c/a\u003e) \u003ca href=\"https://github.com/euank\"\u003e\u003ccode\u003e@​euank\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.0.0-20200128174031-69ecbb4d6d5d to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/commits/v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/encode9241/gophish/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/encode9241/gophish/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/encode9241%2Fgophish/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2751596484","node_id":"PR_kwDOKhgMc86kAgfE","number":1,"state":"open","title":"Bump the go_modules group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-17T23:10:38.000Z","updated_at":"2025-08-17T23:10:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":4,"packages":[{"name":"filippo.io/age","old_version":"1.1.1","new_version":"1.2.1","repository_url":"https://github.com/FiloSottile/age"},{"name":"golang.org/x/crypto","old_version":"0.32.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.33.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 4 updates in the / directory: [filippo.io/age](https://github.com/FiloSottile/age), [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net) and [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\n\nUpdates `filippo.io/age` from 1.1.1 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/FiloSottile/age/releases\"\u003efilippo.io/age's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eage v1.2.1: security fix\u003c/h2\u003e\n\u003cp\u003eThis release fixes a security vulnerability that could allow an attacker to execute an arbitrary binary under certain conditions.\u003c/p\u003e\n\u003cp\u003eSee GHSA-32gq-x56h-299c.\u003c/p\u003e\n\u003cp\u003ePlugin names may now only contain alphanumeric characters or the four special characters \u003ccode\u003e+-._\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eThanks to ⬡-49016 for reporting this issue.\u003c/p\u003e\n\u003ch2\u003eage v1.2.0\u003c/h2\u003e\n\u003cp\u003eA small release to build the release binaries with a more recent Go toolchain, and to fix a couple CLI edge cases (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/491\"\u003eFiloSottile/age#491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/555\"\u003eFiloSottile/age#555\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eThe Go module now exposes a plugin package that provides an age plugin client. That is, Recipient and Identity implementations that invoke a plugin binary, allowing the use of age plugins in Go programs.\u003c/p\u003e\n\u003cp\u003eFinally, Recipients can now return a set of \u0026quot;labels\u0026quot; by implementing RecipientWithLabels. This allows replicating the special behavior of the scrypt Recipient in third-party Recipients, or applying policy useful for authenticated or post-quantum Recipients.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e// RecipientWithLabels can be optionally implemented by a Recipient, in which\n// case Encrypt will use WrapWithLabels instead of Wrap.\n//\n// Encrypt will succeed only if the labels returned by all the recipients\n// (assuming the empty set for those that don't implement RecipientWithLabels)\n// are the same.\n//\n// This can be used to ensure a recipient is only used with other recipients\n// with equivalent properties (for example by setting a \u0026quot;postquantum\u0026quot; label) or\n// to ensure a recipient is always used alone (by returning a random label, for\n// example to preserve its authentication properties).\ntype RecipientWithLabels interface {\n\tWrapWithLabels(fileKey []byte) (s []*Stanza, labels []string, err error)\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/482cf6fc9babd3ab06f6606762aac10447222201\"\u003e\u003ccode\u003e482cf6f\u003c/code\u003e\u003c/a\u003e plugin: restrict characters in plugin names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/cda3988cc76a139426281a1d812914b71435bd18\"\u003e\u003ccode\u003ecda3988\u003c/code\u003e\u003c/a\u003e all: fix staticcheck warnings (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/176e245b3cb3ada322c21eef0bce166dc5a5e4c7\"\u003e\u003ccode\u003e176e245\u003c/code\u003e\u003c/a\u003e README: rotate Sigsum keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/faefdc3c81efa89fd41998b77c62234ca56be10b\"\u003e\u003ccode\u003efaefdc3\u003c/code\u003e\u003c/a\u003e README: document Sigsum proofs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bbe6ce5eeb1bb70cfc705d0961c943f0dd637ffd\"\u003e\u003ccode\u003ebbe6ce5\u003c/code\u003e\u003c/a\u003e .github/workflows: update artifacts Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/1e1badabf74064ee800d19817a725f4803fa4e94\"\u003e\u003ccode\u003e1e1bada\u003c/code\u003e\u003c/a\u003e .github/workflows: go-version stable, not latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/2293a9afef6984915cb28d2a7264b145604d61e9\"\u003e\u003ccode\u003e2293a9a\u003c/code\u003e\u003c/a\u003e .github/workflows: use latest Go for bootstrap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/01fe9cd84aa5380cd09b8761af919e5d0a1386ad\"\u003e\u003ccode\u003e01fe9cd\u003c/code\u003e\u003c/a\u003e README: add pkgx installation instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bd0511b415355bf84a3861c77d47d9337ab367b1\"\u003e\u003ccode\u003ebd0511b\u003c/code\u003e\u003c/a\u003e cmd/age: detect output/input file reuse when possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/febaaded8756511fd12b7aea122e44be80c35862\"\u003e\u003ccode\u003efebaade\u003c/code\u003e\u003c/a\u003e cmd/age: create file for empty decryptions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/FiloSottile/age/compare/v1.1.1...v1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.32.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/9290511cd23ab9813a307b7f2615325e3ca98902\"\u003e\u003ccode\u003e9290511\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/fa5273e461966728f91f33da62c0cf511a404c2a\"\u003e\u003ccode\u003efa5273e\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/a8ea4be81f0769fd5857e087083cbb6d3cb9f196\"\u003e\u003ccode\u003ea8ea4be\u003c/code\u003e\u003c/a\u003e ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/71d3a4cfdb0360795ce5f2d7041e01823fd22eb6\"\u003e\u003ccode\u003e71d3a4c\u003c/code\u003e\u003c/a\u003e acme: support challenges that require the ACME client to send a non-empty JSO...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.32.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.33.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.33.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/oilcrest/sliver/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/oilcrest/sliver/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/oilcrest%2Fsliver/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"2746476003","node_id":"PR_kwDOMZsG2M6js-Xj","number":7,"state":"closed","title":"build(deps): bump the go_modules group across 5 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-14T15:49:43.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-14T15:09:24.000Z","updated_at":"2025-08-14T15:49:43.000Z","time_to_close":2419,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"go_modules","update_count":7,"packages":[{"name":"golang.org/x/crypto","old_version":"0.35.0","new_version":"0.41.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/oauth2","old_version":"0.26.0","new_version":"0.27.0","repository_url":"https://github.com/golang/oauth2"},{"name":"github.com/go-viper/mapstructure/v2","old_version":"2.0.0-alpha.1","new_version":"2.3.0","repository_url":"https://github.com/go-viper/mapstructure"},{"name":"github.com/cloudflare/circl","old_version":"1.3.7","new_version":"1.6.1","repository_url":"https://github.com/cloudflare/circl"},{"name":"github.com/docker/docker","old_version":"27.4.1+incompatible","new_version":"28.0.0+incompatible","repository_url":"https://github.com/docker/docker"},{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.35.0` | `0.41.0` |\n| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.26.0` | `0.27.0` |\n| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.0.0-alpha.1` | `2.3.0` |\n| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.7` | `1.6.1` |\n| [github.com/docker/docker](https://github.com/docker/docker) | `27.4.1+incompatible` | `28.0.0+incompatible` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.3-0.20250123201450-9dd6af1f6d30` | `1.7.3` |\n\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp.arm64/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/breakglass directory: [golang.org/x/crypto](https://github.com/golang/crypto).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\n\nUpdates `golang.org/x/crypto` from 0.35.0 to 0.41.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/ef5341b70697ceb55f904384bd982587224e8b0c\"\u003e\u003ccode\u003eef5341b\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b999374650442ee37e9bbd97d6a11ad7ed999b98\"\u003e\u003ccode\u003eb999374\u003c/code\u003e\u003c/a\u003e acme: fix pebble subprocess output data race\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/c247dead11de7671a21a6c5169555e2aa5313caa\"\u003e\u003ccode\u003ec247dea\u003c/code\u003e\u003c/a\u003e x509roots/fallback: store bundle certs directly in DER\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1fda73153feef7b246f24005838c387e354e5e3b\"\u003e\u003ccode\u003e1fda731\u003c/code\u003e\u003c/a\u003e acme: increase pebble test waitForServer attempts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1b4c3d2e8c8be172c6af8f2f72778e69e74d2e78\"\u003e\u003ccode\u003e1b4c3d2\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b903b535d3ef82fab12a9cc0fa50fccc396ced55\"\u003e\u003ccode\u003eb903b53\u003c/code\u003e\u003c/a\u003e acme: capture pebble test subprocess stdout/stderr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/459a9db11b9c43bb1d61722bfd371751d6de05c9\"\u003e\u003ccode\u003e459a9db\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/74e709ad8a8068445173aa5f3e8d7c89caf510c3\"\u003e\u003ccode\u003e74e709a\u003c/code\u003e\u003c/a\u003e ssh: add AlgorithmNegotiationError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b3790b8d914304c8187dc2c86800101c329d77cd\"\u003e\u003ccode\u003eb3790b8\u003c/code\u003e\u003c/a\u003e acme: fix TLSALPN01ChallengeCert for IP address identifiers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1dc4269656dd23b2c4e71c51b8af6bc2b63eecb7\"\u003e\u003ccode\u003e1dc4269\u003c/code\u003e\u003c/a\u003e acme: add Pebble integration testing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/crypto/compare/v0.35.0...v0.41.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.36.0 to 0.42.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/oauth2` from 0.26.0 to 0.27.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3\"\u003e\u003ccode\u003e681b4d8\u003c/code\u003e\u003c/a\u003e jws: split token into fixed number of parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/3f78298beea38fb76a3fbca33e3056f4b7eb5502\"\u003e\u003ccode\u003e3f78298\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/109dabf9017129171d1807e485ca5633ecd095ac\"\u003e\u003ccode\u003e109dabf\u003c/code\u003e\u003c/a\u003e endpoints: add links/provider for Discord\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/ac571fa341c2a2b979d2b2c8341fd24767ef5d47\"\u003e\u003ccode\u003eac571fa\u003c/code\u003e\u003c/a\u003e oauth2: fix docs for Config.DeviceAuth\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/314ee5b92bf23c4973aa8e61eba3ff458e80eef2\"\u003e\u003ccode\u003e314ee5b\u003c/code\u003e\u003c/a\u003e endpoints: add patreon endpoint\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/oauth2/compare/v0.26.0...v0.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-viper/mapstructure/v2` from 2.0.0-alpha.1 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-viper/mapstructure/releases\"\u003egithub.com/go-viper/mapstructure/v2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.1.7 to 4.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/46\"\u003ego-viper/mapstructure#46\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/47\"\u003ego-viper/mapstructure#47\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[enhancement] Add check for \u003ccode\u003ereflect.Value\u003c/code\u003e in \u003ccode\u003eComposeDecodeHookFunc\u003c/code\u003e by \u003ca href=\"https://github.com/mahadzaryab1\"\u003e\u003ccode\u003e@​mahadzaryab1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/52\"\u003ego-viper/mapstructure#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/51\"\u003ego-viper/mapstructure#51\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.0 to 4.2.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/50\"\u003ego-viper/mapstructure#50\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/55\"\u003ego-viper/mapstructure#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.2.0 to 5.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/58\"\u003ego-viper/mapstructure#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add Go 1.24 to the test matrix by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/74\"\u003ego-viper/mapstructure#74\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/72\"\u003ego-viper/mapstructure#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump golangci/golangci-lint-action from 6.5.0 to 6.5.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/76\"\u003ego-viper/mapstructure#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.3.0 to 5.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/78\"\u003ego-viper/mapstructure#78\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add decode hook for netip.Prefix by \u003ca href=\"https://github.com/tklauser\"\u003e\u003ccode\u003e@​tklauser\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/85\"\u003ego-viper/mapstructure#85\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/86\"\u003ego-viper/mapstructure#86\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/87\"\u003ego-viper/mapstructure#87\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/93\"\u003ego-viper/mapstructure#93\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.17 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/92\"\u003ego-viper/mapstructure#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.19 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/97\"\u003ego-viper/mapstructure#97\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/96\"\u003ego-viper/mapstructure#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/90\"\u003ego-viper/mapstructure#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd omitzero tag. by \u003ca href=\"https://github.com/Crystalix007\"\u003e\u003ccode\u003e@​Crystalix007\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/98\"\u003ego-viper/mapstructure#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse error structs instead of duplicated strings by \u003ca href=\"https://github.com/m1k1o\"\u003e\u003ccode\u003e@​m1k1o\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/102\"\u003ego-viper/mapstructure#102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.19 to 3.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/101\"\u003ego-viper/mapstructure#101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add common error interface by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/105\"\u003ego-viper/mapstructure#105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate linter by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/106\"\u003ego-viper/mapstructure#106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeature allow unset pointer by \u003ca href=\"https://github.com/rostislaved\"\u003e\u003ccode\u003e@​rostislaved\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/80\"\u003ego-viper/mapstructure#80\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tklauser\"\u003e\u003ccode\u003e@​tklauser\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/85\"\u003ego-viper/mapstructure#85\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/90\"\u003ego-viper/mapstructure#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Crystalix007\"\u003e\u003ccode\u003e@​Crystalix007\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/98\"\u003ego-viper/mapstructure#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rostislaved\"\u003e\u003ccode\u003e@​rostislaved\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/80\"\u003ego-viper/mapstructure#80\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0\"\u003ehttps://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePass appropriate empty Value to hooks by \u003ca href=\"https://github.com/yurishkuro\"\u003e\u003ccode\u003e@​yurishkuro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/45\"\u003ego-viper/mapstructure#45\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yurishkuro\"\u003e\u003ccode\u003e@​yurishkuro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/45\"\u003ego-viper/mapstructure#45\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.2.0...v2.2.1\"\u003ehttps://github.com/go-viper/mapstructure/compare/v2.2.0...v2.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(decoder-configs): add flag to force decoding nil input in decoder config by \u003ca href=\"https://github.com/mahadzaryab1\"\u003e\u003ccode\u003e@​mahadzaryab1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/42\"\u003ego-viper/mapstructure#42\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd decode hooks for *url.URL by \u003ca href=\"https://github.com/einzigartigerName\"\u003e\u003ccode\u003e@​einzigartigerName\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/41\"\u003ego-viper/mapstructure#41\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/8c61ec1924fcfa522f9fc6b4618c672db61d1a38\"\u003e\u003ccode\u003e8c61ec1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/80\"\u003e#80\u003c/a\u003e from rostislaved/feature-allow-unset-pointer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/df765f469ad16a1996fd0f0ae6a32b20535b966a\"\u003e\u003ccode\u003edf765f4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/106\"\u003e#106\u003c/a\u003e from go-viper/update-linter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/5f34b05aa12639380ef7c2af69eb6f8fd629dbd0\"\u003e\u003ccode\u003e5f34b05\u003c/code\u003e\u003c/a\u003e update linter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/36de1e1d74f55681536097ff8467a8ce952ef183\"\u003e\u003ccode\u003e36de1e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/105\"\u003e#105\u003c/a\u003e from go-viper/error-refactor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/6a283a390ee7bc0f9331f58199db234902e0739f\"\u003e\u003ccode\u003e6a283a3\u003c/code\u003e\u003c/a\u003e chore: update error type doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/599cb73236404c044abcf278a45c3928d7480dd0\"\u003e\u003ccode\u003e599cb73\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/101\"\u003e#101\u003c/a\u003e from go-viper/dependabot/github_actions/github/codeql...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/ed3f92181528ff776a0324107b8b55026e93766a\"\u003e\u003ccode\u003eed3f921\u003c/code\u003e\u003c/a\u003e feat: remove value from error messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/a3f8b227dcdae324c070d389152837f0aa635f4b\"\u003e\u003ccode\u003ea3f8b22\u003c/code\u003e\u003c/a\u003e revert: error message change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/9661f6d07c319da00ae0508d99df5f3f0c3953bd\"\u003e\u003ccode\u003e9661f6d\u003c/code\u003e\u003c/a\u003e feat: add common error interface\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/f12f6c76fe743c8e4cc6465c6a9f16fcd8cede57\"\u003e\u003ccode\u003ef12f6c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/102\"\u003e#102\u003c/a\u003e from m1k1o/prettify-errors2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.0.0-alpha.1...v2.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/cloudflare/circl` from 1.3.7 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cloudflare/circl/releases\"\u003egithub.com/cloudflare/circl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eCIRCL v1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes some point checks on the FourQ curve.\u003c/li\u003e\n\u003cli\u003eHybrid KEM fails on low-order points.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem/hybrid: ensure X25519 hybrids fails with low order points by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/541\"\u003ecloudflare/circl#541\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e.github: Use native ARM64 builders instead of QEMU by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/542\"\u003ecloudflare/circl#542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes several errors on twisted Edwards curves. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/545\"\u003ecloudflare/circl#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.6.1 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/546\"\u003ecloudflare/circl#546\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eCIRCL v1.6.0\u003c/h2\u003e\n\u003ch3\u003eNew!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/vdaf/prio3\"\u003ePrio3\u003c/a\u003e Verifiable Distributed Aggregation Function (\u003ca href=\"https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/\"\u003edraft-irtf-cfrg-vdaf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/kem/xwing\"\u003eX-Wing\u003c/a\u003e: general-purpose hybrid post-quantum KEM (\u003ca href=\"https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/\"\u003edraft-connolly-cfrg-xwing-kem\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd OIDs to ML-DSA by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/519\"\u003ecloudflare/circl#519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdds Prio3 a set of verifiable distributed aggregation functions. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/522\"\u003ecloudflare/circl#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun semgrep cronjob only in upstream repository. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/526\"\u003ecloudflare/circl#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eX-Wing PQ/T hybrid by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/471\"\u003ecloudflare/circl#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eckem: move crypto/elliptic to crypto/ecdh by \u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehpke: Update HPKE code to use ecdh stdlib package. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/530\"\u003ecloudflare/circl#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprio3: Adds polynomial multiplication using NTT by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/532\"\u003ecloudflare/circl#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Prio3 in readme. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/527\"\u003ecloudflare/circl#527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eCIRCL v1.5.0\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNew:\u003c/strong\u003e ML-DSA, Module-Lattice-based Digital Signature Algorithm.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem: add X25519MLKEM768 TLS hybrid KEM by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/510\"\u003ecloudflare/circl#510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate semgrep.yml by \u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erepo: Some fixes reported by CodeQL by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/515\"\u003ecloudflare/circl#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ML-DSA (FIPS204) by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/480\"\u003ecloudflare/circl#480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esign/mldsa: Add test for ML-DSA signature verification. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/517\"\u003ecloudflare/circl#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.5.0 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/518\"\u003ecloudflare/circl#518\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56\"\u003e\u003ccode\u003ec6d33e3\u003c/code\u003e\u003c/a\u003e Release v1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/0c3868ef6fc8ce864bc4104863186afdd2947f14\"\u003e\u003ccode\u003e0c3868e\u003c/code\u003e\u003c/a\u003e curve4q: Shared must fail with low order points.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/9fd570dd508eef941d3f42fb94413a899b96d52e\"\u003e\u003ccode\u003e9fd570d\u003c/code\u003e\u003c/a\u003e curve4q: Test showing DH does not fails on identity point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c988ceba827fe09896e770c152646dded447903d\"\u003e\u003ccode\u003ec988ceb\u003c/code\u003e\u003c/a\u003e fourq: Correctly unmarshalling point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/ef2611dcde7f6d25e31082412bbb30f2a870d133\"\u003e\u003ccode\u003eef2611d\u003c/code\u003e\u003c/a\u003e fourq: Test showing point unmarshal fails.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/05eba44d1a35f979c5f3ac914bcc50c1122e8ced\"\u003e\u003ccode\u003e05eba44\u003c/code\u003e\u003c/a\u003e fourq: Handle the case of Z=0 for IsOnCurve and IsEqual.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/eef08780cc3cb9befa20014e65f731391103be6b\"\u003e\u003ccode\u003eeef0878\u003c/code\u003e\u003c/a\u003e fourq: Test showing isEqual and IsOnCurve fail.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/2298474ef688938e4a81ca14990b9a11a8677e2a\"\u003e\u003ccode\u003e2298474\u003c/code\u003e\u003c/a\u003e goldilocks; Handling points with z=0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/5a940a111507232035d0b753fbf3068c52d6b8ac\"\u003e\u003ccode\u003e5a940a1\u003c/code\u003e\u003c/a\u003e goldilocks: Test for IsEqual must fail with Z=0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/48c3b6a2746a18db4d8b675ab296980514359340\"\u003e\u003ccode\u003e48c3b6a\u003c/code\u003e\u003c/a\u003e ed25519: Fix isEqual to handle points with Z=0.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.3.7...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/docker/docker` from 27.4.1+incompatible to 28.0.0+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/docker/releases\"\u003egithub.com/docker/docker's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev28.0.0\u003c/h2\u003e\n\u003ch1\u003e28.0.0\u003c/h1\u003e\n\u003cp\u003eFor a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.0.0\"\u003edocker/cli, 28.0.0 milestone\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A28.0.0\"\u003emoby/moby, 28.0.0 milestone\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecated and removed features, see \u003ca href=\"https://github.com/docker/cli/blob/v28.0.0/docs/deprecated.md\"\u003eDeprecated Features\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eChanges to the Engine API, see \u003ca href=\"https://github.com/moby/moby/blob/v28.0.0/docs/api/version-history.md\"\u003eAPI version history\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ability to mount an image inside a container via \u003ccode\u003e--mount type=image\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48798\"\u003emoby/moby#48798\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eYou can also specify \u003ccode\u003e--mount type=image,image-subpath=[subpath],...\u003c/code\u003e option to mount a specific path from the image. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5755\"\u003edocker/cli#5755\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edocker images --tree\u003c/code\u003e now shows metadata badges. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5744\"\u003edocker/cli#5744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edocker load\u003c/code\u003e, \u003ccode\u003edocker save\u003c/code\u003e, and \u003ccode\u003edocker history\u003c/code\u003e now support a \u003ccode\u003e--platform\u003c/code\u003e flag allowing you to choose a specific platform for single-platform operations on multi-platform images. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5331\"\u003edocker/cli#5331\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eOOMScoreAdj\u003c/code\u003e to \u003ccode\u003edocker service create\u003c/code\u003e and \u003ccode\u003edocker stack\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5145\"\u003edocker/cli#5145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edocker buildx prune\u003c/code\u003e now supports \u003ccode\u003ereserved-space\u003c/code\u003e, \u003ccode\u003emax-used-space\u003c/code\u003e, \u003ccode\u003emin-free-space\u003c/code\u003e and \u003ccode\u003ekeep-bytes\u003c/code\u003e filters. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48720\"\u003emoby/moby#48720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWindows: Add support for running containerd as a child process of the daemon, instead of using a system-installed containerd. \u003ca href=\"https://redirect.github.com/moby/moby/pull/47955\"\u003emoby/moby#47955\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNetworking\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003edocker-proxy\u003c/code\u003e binary has been updated, older versions will not work with the updated \u003ccode\u003edockerd\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48132\"\u003emoby/moby#48132\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eClose a window in which the userland proxy (\u003ccode\u003edocker-proxy\u003c/code\u003e) could accept TCP connections, that would then fail after \u003ccode\u003eiptables\u003c/code\u003e NAT rules were set up.\u003c/li\u003e\n\u003cli\u003eThe executable \u003ccode\u003erootlesskit-docker-proxy\u003c/code\u003e is no longer used, it has been removed from the build and distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDNS nameservers read from the host's \u003ccode\u003e/etc/resolv.conf\u003c/code\u003e are now always accessed from the host's network namespace. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48290\"\u003emoby/moby#48290\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eWhen the host's \u003ccode\u003e/etc/resolv.conf\u003c/code\u003e contains no nameservers and there are no \u003ccode\u003e--dns\u003c/code\u003e overrides, Google's DNS servers are no longer used, apart from by the default bridge network and in build containers.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eContainer interfaces in bridge and macvlan networks now use randomly generated MAC addresses. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48808\"\u003emoby/moby#48808\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eGratuitous ARP / Neighbour Advertisement messages will be sent when the interfaces are started so that, when IP addresses are reused, they're associated with the newly generated MAC address.\u003c/li\u003e\n\u003cli\u003eIPv6 addresses in the default bridge network are now IPAM-assigned, rather than being derived from the MAC address.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eThe deprecated OCI \u003ccode\u003eprestart\u003c/code\u003e hook is now only used by build containers. For other containers, network interfaces are added to the network namespace after task creation is complete, before the container task is started. \u003ca href=\"https://redirect.github.com/moby/moby/pull/47406\"\u003emoby/moby#47406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a new \u003ccode\u003egw-priority\u003c/code\u003e option to \u003ccode\u003edocker run\u003c/code\u003e, \u003ccode\u003edocker container create\u003c/code\u003e, and \u003ccode\u003edocker network connect\u003c/code\u003e. This option will be used by the Engine to determine which network provides the default gateway for a container. On \u003ccode\u003edocker run\u003c/code\u003e, this option is only available through the extended \u003ccode\u003e--network\u003c/code\u003e syntax. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5664\"\u003edocker/cli#5664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a new netlabel \u003ccode\u003ecom.docker.network.endpoint.ifname\u003c/code\u003e to customize the interface name used when connecting a container to a network. It's supported by all built-in network drivers on Linux. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49155\"\u003emoby/moby#49155\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eWhen a container is created with multiple networks specified, there's no guarantee on the order networks will be connected to the container. So, if a custom interface name uses the same prefix as the auto-generated names, for example \u003ccode\u003eeth\u003c/code\u003e, the container might fail to start.\u003c/li\u003e\n\u003cli\u003eThe recommended practice is to use a different prefix, for example \u003ccode\u003een0\u003c/code\u003e, or a numerical suffix high enough to never collide, for example \u003ccode\u003eeth100\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThis label can be specified on \u003ccode\u003edocker network connect\u003c/code\u003e via the \u003ccode\u003e--driver-opt\u003c/code\u003e flag, for example \u003ccode\u003edocker network connect --driver-opt=com.docker.network.endpoint.ifname=foobar …\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eOr via the long-form \u003ccode\u003e--network\u003c/code\u003e flag on \u003ccode\u003edocker run\u003c/code\u003e, for example \u003ccode\u003edocker run --network=name=bridge,driver-opt=com.docker.network.endpoint.ifname=foobar …\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eIf a custom network driver reports capability \u003ccode\u003eGwAllocChecker\u003c/code\u003e then, before a network is created, it will get a \u003ccode\u003eGwAllocCheckerRequest\u003c/code\u003e with the network's options. The custom driver may then reply that no gateway IP address should be allocated. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49372\"\u003emoby/moby#49372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePort publishing in bridge networks\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edockerd\u003c/code\u003e now requires \u003ccode\u003eipset\u003c/code\u003e support in the Linux kernel. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48596\"\u003emoby/moby#48596\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eiptables\u003c/code\u003e and \u003ccode\u003eip6tables\u003c/code\u003e rules used to implement port publishing and network isolation have been extensively modified. This enables some of the following functional changes, and is a first step in refactoring to enable native \u003ccode\u003enftables\u003c/code\u003e support in a future release. \u003ca href=\"https://redirect.github.com/moby/moby/issues/48815\"\u003emoby/moby#48815\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf it becomes necessary to downgrade to an earlier version of the daemon, some manual cleanup of the new rules will be necessary. The simplest and surest approach is to reboot the host, or use \u003ccode\u003eiptables -F\u003c/code\u003e and \u003ccode\u003eip6tables -F\u003c/code\u003e to flush all existing \u003ccode\u003eiptables\u003c/code\u003e rules from the \u003ccode\u003efilter\u003c/code\u003e table before starting the older version of the daemon. When that is not possible, run the following commands as root:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eiptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eiptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -j DOCKER\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eIf you were previously running with the iptables filter-FORWARD policy set to \u003ccode\u003eACCEPT\u003c/code\u003e and need to restore access to unpublished ports, also delete per-bridge-network rules from the \u003ccode\u003eDOCKER\u003c/code\u003e chains. For example, \u003ccode\u003eiptables -D DOCKER ! -i docker0 -o docker0 -j DROP\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix a security issue that was allowing remote hosts to connect directly to a container on its published ports. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49325\"\u003emoby/moby#49325\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix a security issue that was allowing neighbor hosts to connect to ports mapped on a loopback address. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49325\"\u003emoby/moby#49325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/af898abe44662d9554fb15ee4d4a7307f1b8e315\"\u003e\u003ccode\u003eaf898ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49495\"\u003e#49495\u003c/a\u003e from vvoland/update-buildkit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/d67f035d31bab71be3ae7dcaacba41f5a98aad11\"\u003e\u003ccode\u003ed67f035\u003c/code\u003e\u003c/a\u003e vendor: github.com/moby/buildkit v0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/00ab386b5a2ebcf85b6a03b800f593c3a140c6a8\"\u003e\u003ccode\u003e00ab386\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49491\"\u003e#49491\u003c/a\u003e from vvoland/update-buildkit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/1fde8c46159cb41f584c01551f83cc21ecf924d9\"\u003e\u003ccode\u003e1fde8c4\u003c/code\u003e\u003c/a\u003e builder-next: fix cdi manager\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/cde9f0752e9c9f63b459e0247ff7df0b35488af3\"\u003e\u003ccode\u003ecde9f07\u003c/code\u003e\u003c/a\u003e vendor: github.com/moby/buildkit v0.20.0-rc3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/89e1429b65f194b25fe2e31088a4c4e69a651a47\"\u003e\u003ccode\u003e89e1429\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49490\"\u003e#49490\u003c/a\u003e from thaJeztah/dockerfile_linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/b2b55903d0bb54e11bfe22204c1e0b73627943eb\"\u003e\u003ccode\u003eb2b5590\u003c/code\u003e\u003c/a\u003e Dockerfile: fix linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/62bc5979908f152a8929ce44927cbdd929bf53ea\"\u003e\u003ccode\u003e62bc597\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49480\"\u003e#49480\u003c/a\u003e from thaJeztah/docs_api_1.48\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/670cd81423932b3e9103f0893c5d5e63a079ae58\"\u003e\u003ccode\u003e670cd81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49485\"\u003e#49485\u003c/a\u003e from vvoland/c8d-list-panic\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/a3628f3f8e806ede250e2c95f6757070c9fb56e4\"\u003e\u003ccode\u003ea3628f3\u003c/code\u003e\u003c/a\u003e docs/api: add documentation for API v1.48\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/docker/compare/v27.4.1...v28.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.17.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/ef5341b70697ceb55f904384bd982587224e8b0c\"\u003e\u003ccode\u003eef5341b\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b999374650442ee37e9bbd97d6a11ad7ed999b98\"\u003e\u003ccode\u003eb999374\u003c/code\u003e\u003c/a\u003e acme: fix pebble subprocess output data race\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/c247dead11de7671a21a6c5169555e2aa5313caa\"\u003e\u003ccode\u003ec247dea\u003c/code\u003e\u003c/a\u003e x509roots/fallback: store bundle certs directly in DER\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1fda73153feef7b246f24005838c387e354e5e3b\"\u003e\u003ccode\u003e1fda731\u003c/code\u003e\u003c/a\u003e acme: increase pebble test waitForServer attempts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1b4c3d2e8c8be172c6af8f2f72778e69e74d2e78\"\u003e\u003ccode\u003e1b4c3d2\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b903b535d3ef82fab12a9cc0fa50fccc396ced55\"\u003e\u003ccode\u003eb903b53\u003c/code\u003e\u003c/a\u003e acme: capture pebble test subprocess stdout/stderr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/459a9db11b9c43bb1d61722bfd371751d6de05c9\"\u003e\u003ccode\u003e459a9db\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/74e709ad8a8068445173aa5f3e8d7c89caf510c3\"\u003e\u003ccode\u003e74e709a\u003c/code\u003e\u003c/a\u003e ssh: add AlgorithmNegotiationError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b3790b8d914304c8187dc2c86800101c329d77cd\"\u003e\u003ccode\u003eb3790b8\u003c/code\u003e\u003c/a\u003e acme: fix TLSALPN01ChallengeCert for IP address identifiers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1dc4269656dd23b2c4e71c51b8af6bc2b63eecb7\"\u003e\u003ccode\u003e1dc4269\u003c/code\u003e\u003c/a\u003e acme: add Pebble integration testing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/crypto/compare/v0.35.0...v0.41.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/offsoc/tailscale/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/offsoc/tailscale/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsoc%2Ftailscale/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"2744421314","node_id":"PR_kwDOPBY0Xs6jlIvC","number":2,"state":"open","title":"chore(deps): bump the go_modules group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-14T00:04:25.000Z","updated_at":"2025-08-14T00:04:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"go_modules","update_count":2,"packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"helm.sh/helm/v3","old_version":"3.18.2","new_version":"3.18.5","repository_url":"https://github.com/helm/helm"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 2 updates in the /src directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf) and [helm.sh/helm/v3](https://github.com/helm/helm).\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `helm.sh/helm/v3` from 3.18.2 to 3.18.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/helm/helm/releases\"\u003ehelm.sh/helm/v3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHelm v3.18.5 is a security release. Users are encouraged to upgrade for the best experience.\u003c/p\u003e\n\u003cp\u003eThe community keeps growing, and we'd love to see you there!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eJoin the discussion in \u003ca href=\"https://kubernetes.slack.com\"\u003eKubernetes Slack\u003c/a\u003e:\n\u003cul\u003e\n\u003cli\u003efor questions and just to hang out\u003c/li\u003e\n\u003cli\u003efor discussing PRs, code, and bugs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eHang out at the Public Developer Call: Thursday, 9:30 Pacific via \u003ca href=\"https://zoom.us/j/696660622\"\u003eZoom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest, debug, and contribute charts: \u003ca href=\"https://artifacthub.io/packages/search?kind=0\"\u003eArtifactHub/packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity Advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/security/advisories/GHSA-9h84-qmv7-982p\"\u003eHelm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/security/advisories/GHSA-f9f8-9pmf-xv68\"\u003eIncorrect YAML Content Leads To Panic\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstallation and Upgrading\u003c/h2\u003e\n\u003cp\u003eDownload Helm v3.18.5. The common platform binaries are here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-amd64.tar.gz\"\u003eMacOS amd64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-amd64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 3200c32cf19bf69b446e97c0060af39f018d2e441e418ad174ba39052f63fb15)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-arm64.tar.gz\"\u003eMacOS arm64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-arm64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 32ce3f4910d5a96c1170f3f8f230d4c8b8bc007e5d47b085b8416cfe559d7925)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-amd64.tar.gz\"\u003eLinux amd64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-amd64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 9879bf9c471cdecbbee5ee17cf1de1849b0ffd12871ea01f17ede6861d7134f5)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm.tar.gz\"\u003eLinux arm\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 4be47fa77476bfd6416a44853e28983e7c8594156259813ecf35d004044fb17d)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm64.tar.gz\"\u003eLinux arm64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / d25d2c1b1c5a9844755ab5c66e6df4d6b31c25e6d92dd2ce66c137a63ddf9f2c)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-386.tar.gz\"\u003eLinux i386\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-386.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 1ee980e47bb37f388abdce3a7e8da64a9b372352c4cb645bda5ddd401973bee3)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-ppc64le.tar.gz\"\u003eLinux ppc64le\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-ppc64le.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 9d300e0efced9b244aedcc9d11c49647deb4c5afc8d2298c988498dc530bc932)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-s390x.tar.gz\"\u003eLinux s390x\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-s390x.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / c779bb4dea8026294378a9ad6447095fb8f56671a8c49437344dd342de2a3156)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-riscv64.tar.gz\"\u003eLinux riscv64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-riscv64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / f79d06dc5e966c341fc8ad1a0d5e032f7d681e62c4a51a4d22badec4b9857144)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-amd64.zip\"\u003eWindows amd64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-amd64.zip.sha256sum\"\u003echecksum\u003c/a\u003e / 464bfd7792d6c682778fc1d5e5bcc9ac5ce83457fe3c4b7a3d0af4dc3ef03eb1)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-arm64.zip\"\u003eWindows arm64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-arm64.zip.sha256sum\"\u003echecksum\u003c/a\u003e / 82411e3ee4e349d30221ddf6c26397bb0a41666939b338ccf39f4cd2ec4e4410)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe \u003ca href=\"https://helm.sh/docs/intro/quickstart/\"\u003eQuickstart Guide\u003c/a\u003e will get you going from there. For \u003cstrong\u003eupgrade instructions\u003c/strong\u003e or detailed installation notes, check the \u003ca href=\"https://helm.sh/docs/intro/install/\"\u003einstall guide\u003c/a\u003e. You can also use a \u003ca href=\"https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3\"\u003escript to install\u003c/a\u003e on any system with \u003ccode\u003ebash\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Next\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e3.18.6 will contain only bug fixes.\u003c/li\u003e\n\u003cli\u003e3.19.5 is the next feature release. This release will focus on ...\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix Chart.yaml handling 7799b483f52ceb665264a4056da3d2569d60f910 (Matt Farina)\u003c/li\u003e\n\u003cli\u003eHandle messy index files dd8502f7b4fd5824a696c99909babd0fbed77e9e (Matt Farina)\u003c/li\u003e\n\u003cli\u003ejson schema fix cb8595bc650e2ec7459427d2b0430599431a3dbe (Robert Sirchia)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eHelm v3.18.4 is a security release. Users are encouraged to upgrade for the best experience.\u003c/p\u003e\n\u003cp\u003eThe community keeps growing, and we'd love to see you there!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eJoin the discussion in \u003ca href=\"https://kubernetes.slack.com\"\u003eKubernetes Slack\u003c/a\u003e:\n\u003cul\u003e\n\u003cli\u003efor questions and just to hang out\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/b78692c18f0fb38fe5ba4571a674de067a4c53a5\"\u003e\u003ccode\u003eb78692c\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/ec5f59e2db56533d042a124f5bae54dd87b558e6\"\u003e\u003ccode\u003eec5f59e\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/7799b483f52ceb665264a4056da3d2569d60f910\"\u003e\u003ccode\u003e7799b48\u003c/code\u003e\u003c/a\u003e fix Chart.yaml handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/dd8502f7b4fd5824a696c99909babd0fbed77e9e\"\u003e\u003ccode\u003edd8502f\u003c/code\u003e\u003c/a\u003e Handle messy index files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/cb8595bc650e2ec7459427d2b0430599431a3dbe\"\u003e\u003ccode\u003ecb8595b\u003c/code\u003e\u003c/a\u003e json schema fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/d80839cf37d860c8aa9a0503fe463278f26cd5e2\"\u003e\u003ccode\u003ed80839c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/helm/helm/issues/31037\"\u003e#31037\u003c/a\u003e from mattfarina/disable-goimports-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/f20a4ad1d5c953ca0fb3d3b30aa9aa796d472ef1\"\u003e\u003ccode\u003ef20a4ad\u003c/code\u003e\u003c/a\u003e Disabling linter due to unknown issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/c48c500247cac5e0bd782bdc540b79b57092b2a8\"\u003e\u003ccode\u003ec48c500\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/563b0947b995c48354319aa054830db61f793a08\"\u003e\u003ccode\u003e563b094\u003c/code\u003e\u003c/a\u003e build(deps): bump the k8s-io group with 7 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/00de613324df4dd930e6d231d9aae7f9dee29c76\"\u003e\u003ccode\u003e00de613\u003c/code\u003e\u003c/a\u003e Updating link handling\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/helm/helm/compare/v3.18.2...v3.18.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Lynquatiq/harbor/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Lynquatiq/harbor/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lynquatiq%2Fharbor/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"2737852467","node_id":"PR_kwDOE17YVc6jMFAz","number":3,"state":"open","title":"Bump github.com/gorilla/csrf from 1.7.0 to 1.7.3","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-12T06:35:06.000Z","updated_at":"2025-08-12T06:35:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.0","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.0 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.0...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.0\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vijay8059/GoWebApp/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/vijay8059/GoWebApp/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vijay8059%2FGoWebApp/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"2722003266","node_id":"PR_kwDON7p0Kc6iPnlC","number":13,"state":"closed","title":"Bump the go_modules group across 5 directories with 4 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-05T18:23:19.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-05T18:01:20.000Z","updated_at":"2025-08-05T18:23:19.000Z","time_to_close":1319,"merged_at":"2025-08-05T18:23:19.000Z","merged_by":"Cringely","closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":4,"packages":[{"name":"golang.org/x/crypto","old_version":"0.33.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.35.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/cloudflare/circl","old_version":"1.3.7","new_version":"1.6.1","repository_url":"https://github.com/cloudflare/circl"},{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"golang.org/x/net","old_version":"0.23.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"golang.org/x/net","old_version":"0.23.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"golang.org/x/crypto","old_version":"0.17.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.23.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 4 updates in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net), [github.com/cloudflare/circl](https://github.com/cloudflare/circl) and [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp.arm64/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/breakglass directory: [golang.org/x/crypto](https://github.com/golang/crypto).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\n\nUpdates `golang.org/x/crypto` from 0.33.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.35.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/cloudflare/circl` from 1.3.7 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cloudflare/circl/releases\"\u003egithub.com/cloudflare/circl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eCIRCL v1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes some point checks on the FourQ curve.\u003c/li\u003e\n\u003cli\u003eHybrid KEM fails on low-order points.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem/hybrid: ensure X25519 hybrids fails with low order points by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/541\"\u003ecloudflare/circl#541\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e.github: Use native ARM64 builders instead of QEMU by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/542\"\u003ecloudflare/circl#542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes several errors on twisted Edwards curves. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/545\"\u003ecloudflare/circl#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.6.1 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/546\"\u003ecloudflare/circl#546\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eCIRCL v1.6.0\u003c/h2\u003e\n\u003ch3\u003eNew!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/vdaf/prio3\"\u003ePrio3\u003c/a\u003e Verifiable Distributed Aggregation Function (\u003ca href=\"https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/\"\u003edraft-irtf-cfrg-vdaf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/kem/xwing\"\u003eX-Wing\u003c/a\u003e: general-purpose hybrid post-quantum KEM (\u003ca href=\"https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/\"\u003edraft-connolly-cfrg-xwing-kem\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd OIDs to ML-DSA by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/519\"\u003ecloudflare/circl#519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdds Prio3 a set of verifiable distributed aggregation functions. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/522\"\u003ecloudflare/circl#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun semgrep cronjob only in upstream repository. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/526\"\u003ecloudflare/circl#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eX-Wing PQ/T hybrid by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/471\"\u003ecloudflare/circl#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eckem: move crypto/elliptic to crypto/ecdh by \u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehpke: Update HPKE code to use ecdh stdlib package. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/530\"\u003ecloudflare/circl#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprio3: Adds polynomial multiplication using NTT by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/532\"\u003ecloudflare/circl#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Prio3 in readme. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/527\"\u003ecloudflare/circl#527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eCIRCL v1.5.0\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNew:\u003c/strong\u003e ML-DSA, Module-Lattice-based Digital Signature Algorithm.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem: add X25519MLKEM768 TLS hybrid KEM by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/510\"\u003ecloudflare/circl#510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate semgrep.yml by \u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erepo: Some fixes reported by CodeQL by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/515\"\u003ecloudflare/circl#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ML-DSA (FIPS204) by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/480\"\u003ecloudflare/circl#480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esign/mldsa: Add test for ML-DSA signature verification. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/517\"\u003ecloudflare/circl#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.5.0 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/518\"\u003ecloudflare/circl#518\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56\"\u003e\u003ccode\u003ec6d33e3\u003c/code\u003e\u003c/a\u003e Release v1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/0c3868ef6fc8ce864bc4104863186afdd2947f14\"\u003e\u003ccode\u003e0c3868e\u003c/code\u003e\u003c/a\u003e curve4q: Shared must fail with low order points.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/9fd570dd508eef941d3f42fb94413a899b96d52e\"\u003e\u003ccode\u003e9fd570d\u003c/code\u003e\u003c/a\u003e curve4q: Test showing DH does not fails on identity point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c988ceba827fe09896e770c152646dded447903d\"\u003e\u003ccode\u003ec988ceb\u003c/code\u003e\u003c/a\u003e fourq: Correctly unmarshalling point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/ef2611dcde7f6d25e31082412bbb30f2a870d133\"\u003e\u003ccode\u003eef2611d\u003c/code\u003e\u003c/a\u003e fourq: Test showing point unmarshal fails.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/05eba44d1a35f979c5f3ac914bcc50c1122e8ced\"\u003e\u003ccode\u003e05eba44\u003c/code\u003e\u003c/a\u003e fourq: Handle the case of Z=0 for IsOnCurve and IsEqual.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/eef08780cc3cb9befa20014e65f731391103be6b\"\u003e\u003ccode\u003eeef0878\u003c/code\u003e\u003c/a\u003e fourq: Test showing isEqual and IsOnCurve fail.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/2298474ef688938e4a81ca14990b9a11a8677e2a\"\u003e\u003ccode\u003e2298474\u003c/code\u003e\u003c/a\u003e goldilocks; Handling points with z=0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/5a940a111507232035d0b753fbf3068c52d6b8ac\"\u003e\u003ccode\u003e5a940a1\u003c/code\u003e\u003c/a\u003e goldilocks: Test for IsEqual must fail with Z=0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/48c3b6a2746a18db4d8b675ab296980514359340\"\u003e\u003ccode\u003e48c3b6a\u003c/code\u003e\u003c/a\u003e ed25519: Fix isEqual to handle points with Z=0.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.3.7...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.17.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Cringely/docker-alpine-nfs-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Cringely/docker-alpine-nfs-server/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cringely%2Fdocker-alpine-nfs-server/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"2722001267","node_id":"PR_kwDON7p0Kc6iPnFz","number":12,"state":"open","title":"Bump the go_modules group across 5 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-05T18:00:34.000Z","updated_at":"2025-08-05T18:00:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":5,"packages":[{"name":"golang.org/x/crypto","old_version":"0.33.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.35.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/go-viper/mapstructure/v2","old_version":"2.3.0","new_version":"2.4.0","repository_url":"https://github.com/go-viper/mapstructure"},{"name":"github.com/cloudflare/circl","old_version":"1.3.7","new_version":"1.6.1","repository_url":"https://github.com/cloudflare/circl"},{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.33.0` | `0.35.0` |\n| [golang.org/x/net](https://github.com/golang/net) | `0.35.0` | `0.38.0` |\n| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.3.0` | `2.4.0` |\n| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.7` | `1.6.1` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.3-0.20250123201450-9dd6af1f6d30` | `1.7.3` |\n\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp.arm64/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/breakglass directory: [golang.org/x/crypto](https://github.com/golang/crypto).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\n\nUpdates `golang.org/x/crypto` from 0.33.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.35.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-viper/mapstructure/v2` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-viper/mapstructure/releases\"\u003egithub.com/go-viper/mapstructure/v2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: replace interface{} with any by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/115\"\u003ego-viper/mapstructure#115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.0 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/114\"\u003ego-viper/mapstructure#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneric tests by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/118\"\u003ego-viper/mapstructure#118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix godoc reference link in README.md by \u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/107\"\u003ego-viper/mapstructure#107\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add StringToTimeLocationHookFunc to convert strings to *time.Location by \u003ca href=\"https://github.com/ErfanMomeniii\"\u003e\u003ccode\u003e@​ErfanMomeniii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/117\"\u003ego-viper/mapstructure#117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add back previous StringToSlice as a weak function by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/119\"\u003ego-viper/mapstructure#119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ErfanMomeniii\"\u003e\u003ccode\u003e@​ErfanMomeniii\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/117\"\u003ego-viper/mapstructure#117\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0\"\u003ehttps://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/b9794a5f0e73d425210d6614ed833067029155f5\"\u003e\u003ccode\u003eb9794a5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/119\"\u003e#119\u003c/a\u003e from go-viper/string-to-weak-slice\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/17cdcb0741054e2a33938adf6bd1f2a5c0aa8f30\"\u003e\u003ccode\u003e17cdcb0\u003c/code\u003e\u003c/a\u003e feat: add back previous StringToSlice as a weak function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/3caca3614c3ab2c5b5d359c44fdcd72058887b19\"\u003e\u003ccode\u003e3caca36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/117\"\u003e#117\u003c/a\u003e from ErfanMomeniii/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/9a861bc115f2b54ed4e494662f29c172d9ef046a\"\u003e\u003ccode\u003e9a861bc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/107\"\u003e#107\u003c/a\u003e from peczenyj/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/86ed5b59da0615fb8c3a413f401cdf0231f1234c\"\u003e\u003ccode\u003e86ed5b5\u003c/code\u003e\u003c/a\u003e refactor: update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/ace5b4e8b3dec99468ffa9498e42fb09d177b0a6\"\u003e\u003ccode\u003eace5b4e\u003c/code\u003e\u003c/a\u003e chore: add interface any linter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/1a4f1aef38bfa8549762aaf42c7c18a5d268e76e\"\u003e\u003ccode\u003e1a4f1ae\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/118\"\u003e#118\u003c/a\u003e from go-viper/generic-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/a2689090ed4348033c36724d866faf1f911a9f63\"\u003e\u003ccode\u003ea268909\u003c/code\u003e\u003c/a\u003e fix: lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/17f1fd44eb7606b109c9bb017c0a1c6d3e93b5cd\"\u003e\u003ccode\u003e17f1fd4\u003c/code\u003e\u003c/a\u003e test: add more comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/b48c8566836bf291bfee2b217d51fc36e8e61f6f\"\u003e\u003ccode\u003eb48c856\u003c/code\u003e\u003c/a\u003e test: expand tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/cloudflare/circl` from 1.3.7 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cloudflare/circl/releases\"\u003egithub.com/cloudflare/circl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eCIRCL v1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes some point checks on the FourQ curve.\u003c/li\u003e\n\u003cli\u003eHybrid KEM fails on low-order points.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem/hybrid: ensure X25519 hybrids fails with low order points by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/541\"\u003ecloudflare/circl#541\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e.github: Use native ARM64 builders instead of QEMU by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/542\"\u003ecloudflare/circl#542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes several errors on twisted Edwards curves. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/545\"\u003ecloudflare/circl#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.6.1 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/546\"\u003ecloudflare/circl#546\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eCIRCL v1.6.0\u003c/h2\u003e\n\u003ch3\u003eNew!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/vdaf/prio3\"\u003ePrio3\u003c/a\u003e Verifiable Distributed Aggregation Function (\u003ca href=\"https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/\"\u003edraft-irtf-cfrg-vdaf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/kem/xwing\"\u003eX-Wing\u003c/a\u003e: general-purpose hybrid post-quantum KEM (\u003ca href=\"https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/\"\u003edraft-connolly-cfrg-xwing-kem\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd OIDs to ML-DSA by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/519\"\u003ecloudflare/circl#519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdds Prio3 a set of verifiable distributed aggregation functions. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/522\"\u003ecloudflare/circl#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun semgrep cronjob only in upstream repository. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/526\"\u003ecloudflare/circl#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eX-Wing PQ/T hybrid by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/471\"\u003ecloudflare/circl#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eckem: move crypto/elliptic to crypto/ecdh by \u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehpke: Update HPKE code to use ecdh stdlib package. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/530\"\u003ecloudflare/circl#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprio3: Adds polynomial multiplication using NTT by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/532\"\u003ecloudflare/circl#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Prio3 in readme. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/527\"\u003ecloudflare/circl#527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eCIRCL v1.5.0\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNew:\u003c/strong\u003e ML-DSA, Module-Lattice-based Digital Signature Algorithm.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem: add X25519MLKEM768 TLS hybrid KEM by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/510\"\u003ecloudflare/circl#510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate semgrep.yml by \u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erepo: Some fixes reported by CodeQL by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/515\"\u003ecloudflare/circl#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ML-DSA (FIPS204) by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/480\"\u003ecloudflare/circl#480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esign/mldsa: Add test for ML-DSA signature verification. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/517\"\u003ecloudflare/circl#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.5.0 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/518\"\u003ecloudflare/circl#518\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56\"\u003e\u003ccode\u003ec6d33e3\u003c/code\u003e\u003c/a\u003e Release v1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/0c3868ef6fc8ce864bc4104863186afdd2947f14\"\u003e\u003ccode\u003e0c3868e\u003c/code\u003e\u003c/a\u003e curve4q: Shared must fail with low order points.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/9fd570dd508eef941d3f42fb94413a899b96d52e\"\u003e\u003ccode\u003e9fd570d\u003c/code\u003e\u003c/a\u003e curve4q: Test showing DH does not fails on identity point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c988ceba827fe09896e770c152646dded447903d\"\u003e\u003ccode\u003ec988ceb\u003c/code\u003e\u003c/a\u003e fourq: Correctly unmarshalling point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/ef2611dcde7f6d25e31082412bbb30f2a870d133\"\u003e\u003ccode\u003eef2611d\u003c/code\u003e\u003c/a\u003e fourq: Test showing point unmarshal fails.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/05eba44d1a35f979c5f3ac914bcc50c1122e8ced\"\u003e\u003ccode\u003e05eba44\u003c/code\u003e\u003c/a\u003e fourq: Handle the case of Z=0 for IsOnCurve and IsEqual.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/eef08780cc3cb9befa20014e65f731391103be6b\"\u003e\u003ccode\u003eeef0878\u003c/code\u003e\u003c/a\u003e fourq: Test showing isEqual and IsOnCurve fail.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/2298474ef688938e4a81ca14990b9a11a8677e2a\"\u003e\u003ccode\u003e2298474\u003c/code\u003e\u003c/a\u003e goldilocks; Handling points with z=0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/5a940a111507232035d0b753fbf3068c52d6b8ac\"\u003e\u003ccode\u003e5a940a1\u003c/code\u003e\u003c/a\u003e goldilocks: Test for IsEqual must fail with Z=0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/48c3b6a2746a18db4d8b675ab296980514359340\"\u003e\u003ccode\u003e48c3b6a\u003c/code\u003e\u003c/a\u003e ed25519: Fix isEqual to handle points with Z=0.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.3.7...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.17.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Cringely/docker-alpine-nfs-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Cringely/docker-alpine-nfs-server/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cringely%2Fdocker-alpine-nfs-server/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"},{"uuid":"2719808396","node_id":"PR_kwDOLRx7CM6iHPuM","number":40,"state":"closed","title":"Bump github.com/gorilla/csrf from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3 in the go_modules group","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-05T22:10:21.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-05T04:15:36.000Z","updated_at":"2025-08-05T22:10:21.000Z","time_to_close":64485,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":"the go_modules group","ecosystem":"go"},"body":"Bumps the go_modules group with 1 update: [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.3-0.20250123201450-9dd6af1f6d30\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Shellgate/s-ui/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Shellgate/s-ui/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shellgate%2Fs-ui/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"},{"uuid":"2719678256","node_id":"PR_kwDOLRj6tc6iGv8w","number":703,"state":"closed","title":"Bump github.com/gorilla/csrf from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-05T11:07:32.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-05T02:44:50.000Z","updated_at":"2025-08-05T11:07:32.000Z","time_to_close":30162,"merged_at":"2025-08-05T11:07:32.000Z","merged_by":"alireza0","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.3-0.20250123201450-9dd6af1f6d30\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/alireza0/s-ui/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/alireza0/s-ui/pull/703","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/alireza0%2Fs-ui/issues/703","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/703/packages"},{"uuid":"2716359725","node_id":"PR_kwDOD8vdAM6h6Fwt","number":1290,"state":"closed","title":"build(deps): bump github.com/gorilla/csrf from 1.7.2 to 1.7.3 in the go_modules group across 1 directory","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-08-21T23:37:37.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-03T22:43:05.000Z","updated_at":"2025-08-21T23:37:37.000Z","time_to_close":1558472,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":"the go_modules group across 1 directory","ecosystem":"go"},"body":"Bumps the go_modules group with 1 update in the / directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.2\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ashirt-ops/ashirt-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ashirt-ops/ashirt-server/pull/1290","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashirt-ops%2Fashirt-server/issues/1290","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1290/packages"},{"uuid":"2716321381","node_id":"PR_kwDOD8vdAM6h58Zl","number":1288,"state":"closed","title":"build(deps): bump the go_modules group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-08-03T22:43:05.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-03T21:31:22.000Z","updated_at":"2025-08-03T22:43:05.000Z","time_to_close":4303,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"go_modules","update_count":3,"packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/go-jose/go-jose/v4","old_version":"4.1.1","new_version":"4.1.2","repository_url":"https://github.com/go-jose/go-jose"},{"name":"github.com/golang-jwt/jwt/v5","old_version":"5.2.3","new_version":"5.3.0","repository_url":"https://github.com/golang-jwt/jwt"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 3 updates in the / directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf), [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) and [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt).\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-jose/go-jose/v4` from 4.1.1 to 4.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-jose/go-jose/releases\"\u003egithub.com/go-jose/go-jose/v4's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003ego-jose v4.1.2 improves some documentation, errors, and removes the only 3rd-party dependency.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate go-jose documentation by \u003ca href=\"https://github.com/mcpherrinm\"\u003e\u003ccode\u003e@​mcpherrinm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/198\"\u003ego-jose/go-jose#198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove dependency on testify by \u003ca href=\"https://github.com/wardviaene\"\u003e\u003ccode\u003e@​wardviaene\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/197\"\u003ego-jose/go-jose#197\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove error message for invalid private keys by \u003ca href=\"https://github.com/ProjectMutilation\"\u003e\u003ccode\u003e@​ProjectMutilation\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/195\"\u003ego-jose/go-jose#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJWK unsupported error when unmarshalling by \u003ca href=\"https://github.com/fprojetto\"\u003e\u003ccode\u003e@​fprojetto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/191\"\u003ego-jose/go-jose#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd JSONWebKey type to makeJWERecipient by \u003ca href=\"https://github.com/alvarolivie\"\u003e\u003ccode\u003e@​alvarolivie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/200\"\u003ego-jose/go-jose#200\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etestutils/assert: remove True, Nil, NotNil by \u003ca href=\"https://github.com/jsha\"\u003e\u003ccode\u003e@​jsha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/202\"\u003ego-jose/go-jose#202\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wardviaene\"\u003e\u003ccode\u003e@​wardviaene\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/197\"\u003ego-jose/go-jose#197\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fprojetto\"\u003e\u003ccode\u003e@​fprojetto\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/191\"\u003ego-jose/go-jose#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alvarolivie\"\u003e\u003ccode\u003e@​alvarolivie\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/200\"\u003ego-jose/go-jose#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-jose/go-jose/compare/v4.1.1...v4.1.2\"\u003ehttps://github.com/go-jose/go-jose/compare/v4.1.1...v4.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/a1565a41aa008ae6545e0f50a636d254de5b4596\"\u003e\u003ccode\u003ea1565a4\u003c/code\u003e\u003c/a\u003e testutils/assert: remove True, Nil, NotNil (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/3a80e136a96e747bf44049414eadc02828df4d33\"\u003e\u003ccode\u003e3a80e13\u003c/code\u003e\u003c/a\u003e jwe: accept non-pointer JSONWebKey in Recipient (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/e2cde041d199a8c559bcbc6572e2fc72cf055089\"\u003e\u003ccode\u003ee2cde04\u003c/code\u003e\u003c/a\u003e jwk: JSONWebKey.UnmarshalJSON can return ErrUnsupportedKeyType (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/191\"\u003e#191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/6a171721f2bf99351950aa451aff9f9817eff116\"\u003e\u003ccode\u003e6a17172\u003c/code\u003e\u003c/a\u003e jwk: list all missing fields on error (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/195\"\u003e#195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/10dbdce82afc0c28be2a712be0ad3d9e1c43e789\"\u003e\u003ccode\u003e10dbdce\u003c/code\u003e\u003c/a\u003e Remove dependency on testify (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/6acb8e6fe8c9fa9761b842e153c4b5e8afe9a92d\"\u003e\u003ccode\u003e6acb8e6\u003c/code\u003e\u003c/a\u003e Update go-jose documentation (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/go-jose/go-jose/compare/v4.1.1...v4.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/golang-jwt/jwt/v5` from 5.2.3 to 5.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang-jwt/jwt/releases\"\u003egithub.com/golang-jwt/jwt/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.3.0\u003c/h2\u003e\n\u003cp\u003eThis release is almost identical to to \u003ccode\u003ev5.2.3\u003c/code\u003e but now correctly indicates Go 1.21 as minimum requirement.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCreate CODEOWNERS by \u003ca href=\"https://github.com/oxisto\"\u003e\u003ccode\u003e@​oxisto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/449\"\u003egolang-jwt/jwt#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump Go version to indicate correct minimum requirement by \u003ca href=\"https://github.com/oxisto\"\u003e\u003ccode\u003e@​oxisto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/452\"\u003egolang-jwt/jwt#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang-jwt/jwt/compare/v5.2.3...v5.3.0\"\u003ehttps://github.com/golang-jwt/jwt/compare/v5.2.3...v5.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/e9547a11aa603c52a31e315cdcaa71d0f25b921a\"\u003e\u003ccode\u003ee9547a1\u003c/code\u003e\u003c/a\u003e Bump Go version to indicate correct minimum requirement (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/3839817bf313f2cfe58853dcbe542ffd06300831\"\u003e\u003ccode\u003e3839817\u003c/code\u003e\u003c/a\u003e Create CODEOWNERS (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/449\"\u003e#449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang-jwt/jwt/compare/v5.2.3...v5.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ashirt-ops/ashirt-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ashirt-ops/ashirt-server/pull/1288","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashirt-ops%2Fashirt-server/issues/1288","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1288/packages"}],"issue_packages":[{"old_version":"1.7.1","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-12-31T14:07:02.000Z","version_change":"1.7.1 → 1.7.3","issue":{"uuid":"3772897389","node_id":"PR_kwDOQxs4XM67HFUP","number":9,"state":"open","title":"chore(deps): bump github.com/gorilla/csrf from 1.7.1 to 1.7.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-12-31T14:07:02.000Z","updated_at":"2025-12-31T16:00:49.952Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.1","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.1 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.1\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/10XScale-in/zitadel/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/10XScale-in%2Fzitadel/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-12-15T21:30:26.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"3732197642","node_id":"PR_kwDOFqmHs865BG49","number":886,"state":"closed","title":"chore(deps): bump the go-updates group across 1 directory with 19 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-01-16T23:03:23.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-15T21:30:26.000Z","updated_at":"2026-01-16T23:03:25.000Z","time_to_close":2770377,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"go-updates","update_count":19,"packages":[{"name":"github.com/awnumar/memguard","old_version":"0.22.5","new_version":"0.23.0","repository_url":"https://github.com/awnumar/memguard"},{"name":"github.com/aws/aws-sdk-go-v2","old_version":"1.21.2","new_version":"1.40.1","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/aws/aws-sdk-go-v2/config","old_version":"1.18.45","new_version":"1.32.3","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/aws/aws-sdk-go-v2/service/secretsmanager","old_version":"1.19.8","new_version":"1.40.3","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/aws/aws-sdk-go-v2/service/ses","old_version":"1.16.4","new_version":"1.34.15","repository_url":"https://github.com/aws/aws-sdk-go-v2"},{"name":"github.com/btcsuite/btcd","old_version":"0.24.2","new_version":"0.25.0","repository_url":"https://github.com/btcsuite/btcd"},{"name":"github.com/btcsuite/btcd/btcec/v2","old_version":"2.3.5","new_version":"2.3.6","repository_url":"https://github.com/btcsuite/btcd"},{"name":"github.com/btcsuite/btcd/btcutil","old_version":"1.1.5","new_version":"1.1.6","repository_url":"https://github.com/btcsuite/btcd"},{"name":"github.com/decred/dcrd/dcrec/secp256k1/v4","old_version":"4.2.0","new_version":"4.4.0","repository_url":"https://github.com/decred/dcrd"},{"name":"github.com/ethereum/go-ethereum","old_version":"1.14.13","new_version":"1.16.7","repository_url":"https://github.com/ethereum/go-ethereum"},{"name":"github.com/go-playground/validator/v10","old_version":"10.26.0","new_version":"10.28.0","repository_url":"https://github.com/go-playground/validator"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/prometheus/client_golang","old_version":"1.22.0","new_version":"1.23.2","repository_url":"https://github.com/prometheus/client_golang"},{"name":"go.mongodb.org/mongo-driver","old_version":"1.17.4","new_version":"1.17.6","repository_url":"https://github.com/mongodb/mongo-go-driver"}],"path":null,"ecosystem":"go"},"body":"Bumps the go-updates group with 14 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/awnumar/memguard](https://github.com/awnumar/memguard) | `0.22.5` | `0.23.0` |\n| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.21.2` | `1.40.1` |\n| [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) | `1.18.45` | `1.32.3` |\n| [github.com/aws/aws-sdk-go-v2/service/secretsmanager](https://github.com/aws/aws-sdk-go-v2) | `1.19.8` | `1.40.3` |\n| [github.com/aws/aws-sdk-go-v2/service/ses](https://github.com/aws/aws-sdk-go-v2) | `1.16.4` | `1.34.15` |\n| [github.com/btcsuite/btcd](https://github.com/btcsuite/btcd) | `0.24.2` | `0.25.0` |\n| [github.com/btcsuite/btcd/btcec/v2](https://github.com/btcsuite/btcd) | `2.3.5` | `2.3.6` |\n| [github.com/btcsuite/btcd/btcutil](https://github.com/btcsuite/btcd) | `1.1.5` | `1.1.6` |\n| [github.com/decred/dcrd/dcrec/secp256k1/v4](https://github.com/decred/dcrd) | `4.2.0` | `4.4.0` |\n| [github.com/ethereum/go-ethereum](https://github.com/ethereum/go-ethereum) | `1.14.13` | `1.16.7` |\n| [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.26.0` | `10.28.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n| [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) | `1.22.0` | `1.23.2` |\n| [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) | `1.17.4` | `1.17.6` |\n\n\nUpdates `github.com/awnumar/memguard` from 0.22.5 to 0.23.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/awnumar/memguard/releases\"\u003egithub.com/awnumar/memguard's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.23.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove concurrent test; replace depreciated Slice conversion by \u003ca href=\"https://github.com/awnumar\"\u003e\u003ccode\u003e@​awnumar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/172\"\u003eawnumar/memguard#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumping minor version since last release upgraded Go version in \u003ccode\u003ego.mod\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/awnumar/memguard/compare/v0.22.6...v0.23.0\"\u003ehttps://github.com/awnumar/memguard/compare/v0.22.6...v0.23.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.22.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Github Actions pipelines by \u003ca href=\"https://github.com/awnumar\"\u003e\u003ccode\u003e@​awnumar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/168\"\u003eawnumar/memguard#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprovements to concurrency issues, addition of test \u003ca href=\"https://github.com/hydrogen18\"\u003e\u003ccode\u003e@​hydrogen18\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/167\"\u003eawnumar/memguard#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ego: update dependencies by \u003ca href=\"https://github.com/yznima\"\u003e\u003ccode\u003e@​yznima\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/awnumar/memguard/pull/171\"\u003eawnumar/memguard#171\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/awnumar/memguard/compare/v0.22.5...v0.22.6\"\u003ehttps://github.com/awnumar/memguard/compare/v0.22.5...v0.22.6\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/b28f39516a01241560455fbd11ecb573706cd4a7\"\u003e\u003ccode\u003eb28f395\u003c/code\u003e\u003c/a\u003e Improve concurrent test; replace depreciated Slice conversion (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/172\"\u003e#172\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/b6e6daefecc9e6d35dba0de05cda9523d5376119\"\u003e\u003ccode\u003eb6e6dae\u003c/code\u003e\u003c/a\u003e Delete .cirrus.yml\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/195f0b6e9cd09ac3881c4fb93174aecd85cd196b\"\u003e\u003ccode\u003e195f0b6\u003c/code\u003e\u003c/a\u003e go: update dependencies (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/171\"\u003e#171\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/3152cda6d138dca44a45a0d06aa445cb2630e487\"\u003e\u003ccode\u003e3152cda\u003c/code\u003e\u003c/a\u003e Fix concurrency issues leading to panic in Coffer (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/7d0d55fface1b80101b43301166efa821111aa63\"\u003e\u003ccode\u003e7d0d55f\u003c/code\u003e\u003c/a\u003e Update status badge\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/5a37a300739b80d4bb4e23aa1241f081e6a82a59\"\u003e\u003ccode\u003e5a37a30\u003c/code\u003e\u003c/a\u003e Add Github Actions pipelines (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/0756fbecf50e2d736906eb6baf5117e28c4433b3\"\u003e\u003ccode\u003e0756fbe\u003c/code\u003e\u003c/a\u003e Remove mention of finalizer from readme as it has been removed for the time b...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/awnumar/memguard/commit/d212cd14e98248ee6db8843c47cfeb622d48af39\"\u003e\u003ccode\u003ed212cd1\u003c/code\u003e\u003c/a\u003e Removes unneeded echo in .cirrus.yml CI script (\u003ca href=\"https://redirect.github.com/awnumar/memguard/issues/161\"\u003e#161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/awnumar/memguard/compare/v0.22.5...v0.23.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2` from 1.21.2 to 1.40.1\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/09a58172d9d7ad6f73a123b02d7e84c5c4a155f7\"\u003e\u003ccode\u003e09a5817\u003c/code\u003e\u003c/a\u003e Release 2025-12-02\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/58d1759452a64b5cebc3af72b0d20e0d0f4c1206\"\u003e\u003ccode\u003e58d1759\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/16ba34ea62c08755b0f9e515e49d91a4ec0a228a\"\u003e\u003ccode\u003e16ba34e\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/7873bf423b63068375552b96d515d4e4fe3b4b64\"\u003e\u003ccode\u003e7873bf4\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/9b55b02d1957debcdc49350d1e805ef35b6aebf0\"\u003e\u003ccode\u003e9b55b02\u003c/code\u003e\u003c/a\u003e bump smithy-go to v1.24.0 (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3242\"\u003e#3242\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d8b017901ff4fdde54fcb11a2cc2eb96f5250fd4\"\u003e\u003ccode\u003ed8b0179\u003c/code\u003e\u003c/a\u003e Release 2025-12-01\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/e4405f01c3d6d2b9ae5ba8a2a09556ae53d5f8f2\"\u003e\u003ccode\u003ee4405f0\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/65d08b0cedc6076d337c9a733e0a103446ed2e7b\"\u003e\u003ccode\u003e65d08b0\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/f6cc036f3712a3bc31b7a8120d26455bd6fa15ea\"\u003e\u003ccode\u003ef6cc036\u003c/code\u003e\u003c/a\u003e Release 2025-11-26\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/deb353f714c36d8c29020007df481749e45f38bb\"\u003e\u003ccode\u003edeb353f\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/v1.21.2...v1.40.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2/config` from 1.18.45 to 1.32.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/6b53348f842f4747905a742670a787eb1814ee20\"\u003e\u003ccode\u003e6b53348\u003c/code\u003e\u003c/a\u003e Release 2024-10-28\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/784d2d39b08ca3603afb05b6795f5026923c5326\"\u003e\u003ccode\u003e784d2d3\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/7258bd236c19b10b42c66c81184aaf6a340cb65d\"\u003e\u003ccode\u003e7258bd2\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/f322198c047da98d4adc5d828c23044708683bfe\"\u003e\u003ccode\u003ef322198\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/b65b80a89b4ec4dd531648025227300157c53864\"\u003e\u003ccode\u003eb65b80a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/2852\"\u003e#2852\u003c/a\u003e from RanVaknin/signature-header-parsing-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/803614d34f44ac114759b8c1decc393bd14db55a\"\u003e\u003ccode\u003e803614d\u003c/code\u003e\u003c/a\u003e Fixing changelog description and implementation to use TrimSpace\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/b12c8cf885a2aae18cce0b8530f1cf610ff5f11a\"\u003e\u003ccode\u003eb12c8cf\u003c/code\u003e\u003c/a\u003e adding changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/f0caa97e8667ce9c31ecc78c08b5ca9a7af96634\"\u003e\u003ccode\u003ef0caa97\u003c/code\u003e\u003c/a\u003e patching GetSignedRequestSignature to cover edge cases with the signature\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/e05890387eb6dab53906151aec09eba22721ac6d\"\u003e\u003ccode\u003ee058903\u003c/code\u003e\u003c/a\u003e drop service/nimble (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/2851\"\u003e#2851\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/896793a6822d2cec6f6348cb65a09cb32a6ee834\"\u003e\u003ccode\u003e896793a\u003c/code\u003e\u003c/a\u003e Release 2024-10-25\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/config/v1.18.45...v1.32.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2/service/secretsmanager` from 1.19.8 to 1.40.3\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/640b80872b2c49ad5227a4738e15e4189be4863c\"\u003e\u003ccode\u003e640b808\u003c/code\u003e\u003c/a\u003e Release 2025-08-29\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/657a6e8806831b48766e05f1d9c48b0055b19ebc\"\u003e\u003ccode\u003e657a6e8\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/34a91bb5d2f6f196769403d5bde31d2725fd28a9\"\u003e\u003ccode\u003e34a91bb\u003c/code\u003e\u003c/a\u003e Update partitions file\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/09f5a9cb4b1bbda70e3b22599419a610337aeef2\"\u003e\u003ccode\u003e09f5a9c\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/fff96ca569dd096eb8575d825e466dd55ed3d6f6\"\u003e\u003ccode\u003efff96ca\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d46f566c13121695d4b22c7964ed7e828d6ae68b\"\u003e\u003ccode\u003ed46f566\u003c/code\u003e\u003c/a\u003e deprecate service/sms (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3176\"\u003e#3176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/de16d4dc63c5182058b073ebd509688f42c95a15\"\u003e\u003ccode\u003ede16d4d\u003c/code\u003e\u003c/a\u003e Release 2025-08-28\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d6b83a81af56f06d0ed9edb93aad79ed6313cd51\"\u003e\u003ccode\u003ed6b83a8\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/b0f9cb7f784d4a0c67b9a3383bb1c469b3ebaf07\"\u003e\u003ccode\u003eb0f9cb7\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/822549143c11023d454d8af9e6d75bf8cc834a54\"\u003e\u003ccode\u003e8225491\u003c/code\u003e\u003c/a\u003e Release 2025-08-27\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/service/m2/v1.19.8...service/efs/v1.40.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aws/aws-sdk-go-v2/service/ses` from 1.16.4 to 1.34.15\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/34ec0a43cbf69475be3bbbb6329c49687cc018df\"\u003e\u003ccode\u003e34ec0a4\u003c/code\u003e\u003c/a\u003e Release 2025-11-25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/540441aa03ecb2b3b2b2f1eab1b71661b0ae2481\"\u003e\u003ccode\u003e540441a\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/9869a2b39a8edb77fc98e0fc70d9bb059c6534a5\"\u003e\u003ccode\u003e9869a2b\u003c/code\u003e\u003c/a\u003e Update endpoints model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/a6b38c167b9ce07461c4f0af81be087055267121\"\u003e\u003ccode\u003ea6b38c1\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/3953a0d499bf4a96a11e3377af3e5291831eed6c\"\u003e\u003ccode\u003e3953a0d\u003c/code\u003e\u003c/a\u003e add explicit message deser to all s3 errors (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3237\"\u003e#3237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/e7eec69683d04dbab33314fb6de43f8a43684163\"\u003e\u003ccode\u003ee7eec69\u003c/code\u003e\u003c/a\u003e Fix panic during auth scheme resolution due to region validation (\u003ca href=\"https://redirect.github.com/aws/aws-sdk-go-v2/issues/3235\"\u003e#3235\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/d68b3a05c22b3bde751da6bb70e6fe01fd02407f\"\u003e\u003ccode\u003ed68b3a0\u003c/code\u003e\u003c/a\u003e Release 2025-11-24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/292a19869df57271d51b382018591d71f09f72d3\"\u003e\u003ccode\u003e292a198\u003c/code\u003e\u003c/a\u003e Regenerated Clients\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/dfeabc64ff80e2ee65951eb84d616072c8cd4b60\"\u003e\u003ccode\u003edfeabc6\u003c/code\u003e\u003c/a\u003e Update API model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws/aws-sdk-go-v2/commit/a7a1be5d2c14e9270e927654b63272fdfbee1aa6\"\u003e\u003ccode\u003ea7a1be5\u003c/code\u003e\u003c/a\u003e Release 2025-11-21\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws/aws-sdk-go-v2/compare/v1.16.4...service/ram/v1.34.15\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/btcsuite/btcd` from 0.24.2 to 0.25.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/btcsuite/btcd/releases\"\u003egithub.com/btcsuite/btcd's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.25.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003epsbt: decode keytype as compact size by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2206\"\u003ebtcsuite/btcd#2206\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable the RpcClient to send requests to Bitcoin Core over a Unix socket. by \u003ca href=\"https://github.com/robertmin1\"\u003e\u003ccode\u003e@​robertmin1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2168\"\u003ebtcsuite/btcd#2168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix the btcctl uptime command by \u003ca href=\"https://github.com/cec489\"\u003e\u003ccode\u003e@​cec489\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2203\"\u003ebtcsuite/btcd#2203\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove \u003ccode\u003eerror\u003c/code\u003e return value for \u003ccode\u003eSignCompact\u003c/code\u003e by \u003ca href=\"https://github.com/zhiqiangxu\"\u003e\u003ccode\u003e@​zhiqiangxu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2211\"\u003ebtcsuite/btcd#2211\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003effldb: close block files by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2208\"\u003ebtcsuite/btcd#2208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix some comments for struct field by \u003ca href=\"https://github.com/linghuying\"\u003e\u003ccode\u003e@​linghuying\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2214\"\u003ebtcsuite/btcd#2214\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emod+rpcserver: bump to latest version of btcec by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2218\"\u003ebtcsuite/btcd#2218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eblockchain: copy utxo status bytes to avoid UB by \u003ca href=\"https://github.com/Crypt-iQ\"\u003e\u003ccode\u003e@​Crypt-iQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2225\"\u003ebtcsuite/btcd#2225\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdated btcd dependency of btcutil to address CVE-2024-34478 by \u003ca href=\"https://github.com/AlexsandroRyan\"\u003e\u003ccode\u003e@​AlexsandroRyan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2235\"\u003ebtcsuite/btcd#2235\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewire: check TXID length before creating outpoint by \u003ca href=\"https://github.com/jharveyb\"\u003e\u003ccode\u003e@​jharveyb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2233\"\u003ebtcsuite/btcd#2233\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebugfix: check if both begin and end are numbers in \u003ccode\u003eUnmarshalJSON\u003c/code\u003e by \u003ca href=\"https://github.com/brunoerg\"\u003e\u003ccode\u003e@​brunoerg\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2242\"\u003ebtcsuite/btcd#2242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpcclient: signet support by \u003ca href=\"https://github.com/wydengyre\"\u003e\u003ccode\u003e@​wydengyre\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2230\"\u003ebtcsuite/btcd#2230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebtcjson: turn warnings into StringOrArray type by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2245\"\u003ebtcsuite/btcd#2245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFormatting code with gofmt by \u003ca href=\"https://github.com/huochexizhan\"\u003e\u003ccode\u003e@​huochexizhan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2255\"\u003ebtcsuite/btcd#2255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix some comments by \u003ca href=\"https://github.com/lencap\"\u003e\u003ccode\u003e@​lencap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2228\"\u003ebtcsuite/btcd#2228\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix typos by \u003ca href=\"https://github.com/omahs\"\u003e\u003ccode\u003e@​omahs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2220\"\u003ebtcsuite/btcd#2220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: correct the typos [skip ci] by \u003ca href=\"https://github.com/threewebcode\"\u003e\u003ccode\u003e@​threewebcode\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2093\"\u003ebtcsuite/btcd#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect link to redirect to btcutil docs by \u003ca href=\"https://github.com/sanrinconr\"\u003e\u003ccode\u003e@​sanrinconr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/1873\"\u003ebtcsuite/btcd#1873\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edelete minor unreachable code caused by t.Fatal by \u003ca href=\"https://github.com/Abirdcfly\"\u003e\u003ccode\u003e@​Abirdcfly\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/1875\"\u003ebtcsuite/btcd#1875\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpcclient: add timeout to http request. by \u003ca href=\"https://github.com/ziggie1984\"\u003e\u003ccode\u003e@​ziggie1984\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2256\"\u003ebtcsuite/btcd#2256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for wtxidrelay message. by \u003ca href=\"https://github.com/marcopeereboom\"\u003e\u003ccode\u003e@​marcopeereboom\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2272\"\u003ebtcsuite/btcd#2272\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emain: add flag to write execution traces by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2223\"\u003ebtcsuite/btcd#2223\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewire, peer: fix broken ibd by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2281\"\u003ebtcsuite/btcd#2281\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix non-root hosts failing on resolving DNS by \u003ca href=\"https://github.com/same-id\"\u003e\u003ccode\u003e@​same-id\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2269\"\u003ebtcsuite/btcd#2269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpctest: make sure to \u003ccode\u003eWaitForShutdown\u003c/code\u003e by \u003ca href=\"https://github.com/yyforyongyu\"\u003e\u003ccode\u003e@​yyforyongyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2277\"\u003ebtcsuite/btcd#2277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erpcclient: safe read and write to batch by \u003ca href=\"https://github.com/ynewmann\"\u003e\u003ccode\u003e@​ynewmann\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2273\"\u003ebtcsuite/btcd#2273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emain: add prune documentation to sample-btcd.conf by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2299\"\u003ebtcsuite/btcd#2299\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etypo-Update register_test.go by \u003ca href=\"https://github.com/romashka-btc\"\u003e\u003ccode\u003e@​romashka-btc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2291\"\u003ebtcsuite/btcd#2291\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewire: add bitcoin network magic for default SigNet by \u003ca href=\"https://github.com/starius\"\u003e\u003ccode\u003e@​starius\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2276\"\u003ebtcsuite/btcd#2276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003epsbt: add support for PSBT_GLOBAL_XPUB type by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2296\"\u003ebtcsuite/btcd#2296\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edeps: bump go version by \u003ca href=\"https://github.com/gosunuts\"\u003e\u003ccode\u003e@​gosunuts\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2316\"\u003ebtcsuite/btcd#2316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: using slices.Contains to simplify the code by \u003ca href=\"https://github.com/finaltrip\"\u003e\u003ccode\u003e@​finaltrip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2317\"\u003ebtcsuite/btcd#2317\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: update license by \u003ca href=\"https://github.com/davidcardenasus\"\u003e\u003ccode\u003e@​davidcardenasus\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2303\"\u003ebtcsuite/btcd#2303\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egithub: upgrade the CI by \u003ca href=\"https://github.com/yyforyongyu\"\u003e\u003ccode\u003e@​yyforyongyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2331\"\u003ebtcsuite/btcd#2331\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti:use t.TempDir replace os.MkdirTemp to simplify test temp dir manager by \u003ca href=\"https://github.com/petersssong\"\u003e\u003ccode\u003e@​petersssong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2334\"\u003ebtcsuite/btcd#2334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: remove deprecated io/ioutil by \u003ca href=\"https://github.com/argentpapa\"\u003e\u003ccode\u003e@​argentpapa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2336\"\u003ebtcsuite/btcd#2336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update guidelines and links by \u003ca href=\"https://github.com/yyforyongyu\"\u003e\u003ccode\u003e@​yyforyongyu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2333\"\u003ebtcsuite/btcd#2333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: implement testnet4 and add support for soft forks that are always active  by \u003ca href=\"https://github.com/Roasbeef\"\u003e\u003ccode\u003e@​Roasbeef\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2339\"\u003ebtcsuite/btcd#2339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enetsync: don't ask for blocks from peers on the same block height by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2304\"\u003ebtcsuite/btcd#2304\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: deprecation goacc by \u003ca href=\"https://github.com/petersssong\"\u003e\u003ccode\u003e@​petersssong\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2340\"\u003ebtcsuite/btcd#2340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update contribution link by \u003ca href=\"https://github.com/quantix9\"\u003e\u003ccode\u003e@​quantix9\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2348\"\u003ebtcsuite/btcd#2348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: use map.Copy for cleaner map handling by \u003ca href=\"https://github.com/xinhangzhou\"\u003e\u003ccode\u003e@​xinhangzhou\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2343\"\u003ebtcsuite/btcd#2343\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003epsbt: check path minimum length by \u003ca href=\"https://github.com/guggero\"\u003e\u003ccode\u003e@​guggero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2352\"\u003ebtcsuite/btcd#2352\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edatabase: shut the program down immediately if we run out of disk space by \u003ca href=\"https://github.com/kcalvinalvin\"\u003e\u003ccode\u003e@​kcalvinalvin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2358\"\u003ebtcsuite/btcd#2358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emulti: introduce v2transport and implement BIP324 by \u003ca href=\"https://github.com/Crypt-iQ\"\u003e\u003ccode\u003e@​Crypt-iQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2260\"\u003ebtcsuite/btcd#2260\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003epsbt: overflow checks when computing Taproot BIP32 derivation min size by \u003ca href=\"https://github.com/ffranr\"\u003e\u003ccode\u003e@​ffranr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2374\"\u003ebtcsuite/btcd#2374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev2transport: update to btcec v2.3.5, reduce module deps by \u003ca href=\"https://github.com/Roasbeef\"\u003e\u003ccode\u003e@​Roasbeef\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/btcsuite/btcd/pull/2381\"\u003ebtcsuite/btcd#2381\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e764c170e6a9ec55bc5882b2d2a3302276988a77\"\u003e\u003ccode\u003ee764c17\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2447\"\u003e#2447\u003c/a\u003e from Roasbeef/v-25-branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/798b4ed4a7ccd48ebeef9b25cafeb4ab56ce858f\"\u003e\u003ccode\u003e798b4ed\u003c/code\u003e\u003c/a\u003e build: bump version to v0.25\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/442ef28bcf03797e845c8e957e5cd6d4bffb5764\"\u003e\u003ccode\u003e442ef28\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2443\"\u003e#2443\u003c/a\u003e from sputn1ck/musig2_sign_with_agg_nonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/21eb99e3bc0b4b6e0f948578ed6f1997908c5b16\"\u003e\u003ccode\u003e21eb99e\u003c/code\u003e\u003c/a\u003e musig2: add combinedNonce getter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/8f54cc6edab2d4f9348098c60c2d477c2950bbda\"\u003e\u003ccode\u003e8f54cc6\u003c/code\u003e\u003c/a\u003e musig2: add Session.RegisterCombinedNonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/b7d070601def0f94e3713879b19f1678949a8d68\"\u003e\u003ccode\u003eb7d0706\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2430\"\u003e#2430\u003c/a\u003e from Roasbeef/v-0-25-0-rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/31a762b3f67baa7ebcf357562eba74e5e3a5fb89\"\u003e\u003ccode\u003e31a762b\u003c/code\u003e\u003c/a\u003e build: bump version to v0.25.0-beta.rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e8097a1b044c3c0b3843b2aba377e87eb5fc4f9f\"\u003e\u003ccode\u003ee8097a1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2410\"\u003e#2410\u003c/a\u003e from mohamedawnallah/fallback-to-GOPATH-bin-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/29f421534c8c6c47588c2cc08741df956225e52c\"\u003e\u003ccode\u003e29f4215\u003c/code\u003e\u003c/a\u003e Makefile+workflows: fallback to \u003ccode\u003eGOPATH/bin\u003c/code\u003e on non-existent \u003ccode\u003eGOBIN\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/a4ddae2ba1b6f0cc8fe31e48e50cef018affe670\"\u003e\u003ccode\u003ea4ddae2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2409\"\u003e#2409\u003c/a\u003e from gosunuts/fix/dockerfile-go-version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/btcsuite/btcd/compare/v0.24.2...v0.25.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/btcsuite/btcd/btcec/v2` from 2.3.5 to 2.3.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/442ef28bcf03797e845c8e957e5cd6d4bffb5764\"\u003e\u003ccode\u003e442ef28\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2443\"\u003e#2443\u003c/a\u003e from sputn1ck/musig2_sign_with_agg_nonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/21eb99e3bc0b4b6e0f948578ed6f1997908c5b16\"\u003e\u003ccode\u003e21eb99e\u003c/code\u003e\u003c/a\u003e musig2: add combinedNonce getter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/8f54cc6edab2d4f9348098c60c2d477c2950bbda\"\u003e\u003ccode\u003e8f54cc6\u003c/code\u003e\u003c/a\u003e musig2: add Session.RegisterCombinedNonce\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/b7d070601def0f94e3713879b19f1678949a8d68\"\u003e\u003ccode\u003eb7d0706\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2430\"\u003e#2430\u003c/a\u003e from Roasbeef/v-0-25-0-rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/31a762b3f67baa7ebcf357562eba74e5e3a5fb89\"\u003e\u003ccode\u003e31a762b\u003c/code\u003e\u003c/a\u003e build: bump version to v0.25.0-beta.rc1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e8097a1b044c3c0b3843b2aba377e87eb5fc4f9f\"\u003e\u003ccode\u003ee8097a1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2410\"\u003e#2410\u003c/a\u003e from mohamedawnallah/fallback-to-GOPATH-bin-dir\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/29f421534c8c6c47588c2cc08741df956225e52c\"\u003e\u003ccode\u003e29f4215\u003c/code\u003e\u003c/a\u003e Makefile+workflows: fallback to \u003ccode\u003eGOPATH/bin\u003c/code\u003e on non-existent \u003ccode\u003eGOBIN\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/a4ddae2ba1b6f0cc8fe31e48e50cef018affe670\"\u003e\u003ccode\u003ea4ddae2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2409\"\u003e#2409\u003c/a\u003e from gosunuts/fix/dockerfile-go-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/2577dd3ee3e40cd6914731386d1f95d200026508\"\u003e\u003ccode\u003e2577dd3\u003c/code\u003e\u003c/a\u003e Dockerfile: update go base image\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/c002ea3196bc883a7936e07a04f0790bc8c2bf2d\"\u003e\u003ccode\u003ec002ea3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2320\"\u003e#2320\u003c/a\u003e from gosunuts/feature/fix-ci\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/btcsuite/btcd/compare/btcec/v2.3.5...btcec/v2.3.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/btcsuite/btcd/btcutil` from 1.1.5 to 1.1.6\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/bda7977a9abc4a27e5c089389f60e5d5117b5433\"\u003e\u003ccode\u003ebda7977\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2235\"\u003e#2235\u003c/a\u003e from AlexsandroRyan/pkg-update-checkmarx-cve\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/913f95b2b258afac7b0139c4a1bef9f7e3c5bddc\"\u003e\u003ccode\u003e913f95b\u003c/code\u003e\u003c/a\u003e Updated github.com/btcsuite/btcd to address CVE-2024-34478\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/97400aa23ec3ebc94673c7ce37d14a26b60be9ec\"\u003e\u003ccode\u003e97400aa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2225\"\u003e#2225\u003c/a\u003e from Crypt-iQ/statusbytes_08062024\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/3eda1a58a24336c4c1aabe953f84b32a03da62cb\"\u003e\u003ccode\u003e3eda1a5\u003c/code\u003e\u003c/a\u003e blockchain: copy utxo status bytes to avoid UB\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/b161cd6a199b4e35acec66afc5aad221f05fe1e3\"\u003e\u003ccode\u003eb161cd6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2218\"\u003e#2218\u003c/a\u003e from guggero/btcec-fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/cefeeaa6b6a3d950eff894814e8a45adc898a0f8\"\u003e\u003ccode\u003ecefeeaa\u003c/code\u003e\u003c/a\u003e mod+rpcserver: bump to latest version of btcec\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/ff2e03e11233fa25c01cf4acbf76501fc008b31f\"\u003e\u003ccode\u003eff2e03e\u003c/code\u003e\u003c/a\u003e chore: fix some comments for struct field (\u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2214\"\u003e#2214\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/2134387ba8ff6d33d90afba285c5f0d52f3a0f6b\"\u003e\u003ccode\u003e2134387\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2208\"\u003e#2208\u003c/a\u003e from kcalvinalvin/2024-07-01-close-blockfiles\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/e5d15fddb9c486dfe382bc95dc38d2fd247813bf\"\u003e\u003ccode\u003ee5d15fd\u003c/code\u003e\u003c/a\u003e btcec/ecdsa: remove error return value for SignCompact (\u003ca href=\"https://redirect.github.com/btcsuite/btcd/issues/2211\"\u003e#2211\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/btcsuite/btcd/commit/c9fae1ac7cca6e6d55baec913286e483e28923a9\"\u003e\u003ccode\u003ec9fae1a\u003c/code\u003e\u003c/a\u003e ffldb: close block files before deleting them\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/btcsuite/btcd/compare/btcutil/v1.1.5...btcutil/v1.1.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/decred/dcrd/dcrec/secp256k1/v4` from 4.2.0 to 4.4.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/f98d08ef138a99711dbbc86c569935ded8d6a986\"\u003e\u003ccode\u003ef98d08e\u003c/code\u003e\u003c/a\u003e secp256k1: Prepare v4.4.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/cb51153239a666e46f98c6834fdd7ea71d086221\"\u003e\u003ccode\u003ecb51153\u003c/code\u003e\u003c/a\u003e mixing: Prepare v0.5.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/35c5572f652a1837326c85d9c8811f1394ddea2e\"\u003e\u003ccode\u003e35c5572\u003c/code\u003e\u003c/a\u003e crypto/rand: Prepare v1.0.1.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/1ddfc95a4dc8e0139aa7a6af863a0f2b64e86638\"\u003e\u003ccode\u003e1ddfc95\u003c/code\u003e\u003c/a\u003e mixclient: Wait for runs to finish before closing client\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/b77edc3a837d42ea46e0bfecb05189feecd7de4c\"\u003e\u003ccode\u003eb77edc3\u003c/code\u003e\u003c/a\u003e mixclient: Wait for KEs from all attempted sessions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/921b7c30aec1a1fde2afef1dfc82b70cf8e16d73\"\u003e\u003ccode\u003e921b7c3\u003c/code\u003e\u003c/a\u003e docs: Update README.md to required Go 1.23/1.24.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/bcb663b5aaf8ab63699e2669b90e94c7e872ef1d\"\u003e\u003ccode\u003ebcb663b\u003c/code\u003e\u003c/a\u003e build: Test against Go 1.24.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/53648fbb64ed48aead8b3619bdd24392891fe1f6\"\u003e\u003ccode\u003e53648fb\u003c/code\u003e\u003c/a\u003e build: Update golangci-lint to v1.64.5.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/ecc32f7dcccc77331dde0a2c4725288f6a678e7e\"\u003e\u003ccode\u003eecc32f7\u003c/code\u003e\u003c/a\u003e certgen: Use t.TempDir in tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/decred/dcrd/commit/a7466552329ebddbaf7abfe18e4c89477eaa11f8\"\u003e\u003ccode\u003ea746655\u003c/code\u003e\u003c/a\u003e build: Update to latest action versions.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/decred/dcrd/compare/dcrjson/v4.2.0...dcrec/secp256k1/v4.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/ethereum/go-ethereum` from 1.14.13 to 1.16.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ethereum/go-ethereum/releases\"\u003egithub.com/ethereum/go-ethereum's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eBallistic Drift Stabilizer (v1.16.7)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eThis is a re-roll of v1.16.6, including an important fix in the KZG cryptography library.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eThis release enables the Fusaka hardfork on Ethereum mainnet\u003c/strong\u003e.\u003c/p\u003e\n\u003cp\u003eThe Fusaka fork is scheduled to occur at \u003ccode\u003e2025-12-03 21:49:11 UTC\u003c/code\u003e.\nPlease upgrade your node to v1.16.7 in time for the fork.\u003c/p\u003e\n\u003cp\u003eThis release also enables two blob-parameter-only (BPO) upgrades.\nThese upgrades change protocol parameters to increase the available blob capacity.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eBPO1 on\u003ccode\u003e2025-12-09\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eBPO2 on \u003ccode\u003e2026-01-07\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFusaka\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSet mainnet timestamps for Osaka (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/33063\"\u003e#33063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnable Fusaka for \u003ccode\u003egeth --dev\u003c/code\u003e mode (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32917\"\u003e#32917\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eRPC\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eeth_sendRawTransactionSync\u003c/code\u003e which waits until either a timeout or the transaction is mined. This feature is mostly useful on L2s with lower blocktimes. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32830\"\u003e#32830\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32930\"\u003e#32930\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32929/\"\u003e#32929\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for \u003ccode\u003eeth_simulateV1\u003c/code\u003e in ethclient (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32856\"\u003e#32856\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for an issue that might crash \u003ccode\u003edebug_traceCall\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/33015\"\u003e#33015\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for an issuer where local transactions were not persisted to the journal (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32921\"\u003e#32921\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCore\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix for a cryptographic \u003ca href=\"https://redirect.github.com/ethereum/c-kzg-4844/pull/607\"\u003evulnerability in c-kzg-4844\u003c/a\u003e. This is only exploitable post-Fusaka. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/33093\"\u003e#33093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003egeth --genesis\u003c/code\u003e flag as an alternative to running \u003ccode\u003egeth init genesis.json\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32844\"\u003e#32844\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for receipt insertion during ERA file import. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32934\"\u003e#32934\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWork on getting the trie node history in order to serve historical \u003ccode\u003eeth_getProof\u003c/code\u003e request with the new path-based archive node. (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32907\"\u003e#32907\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32914\"\u003e#32914\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32937\"\u003e#32937\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFurther work on cmd/keeper, our guest program for zkVMs (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32816\"\u003e#32816\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eVarious optimizations (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32971\"\u003e#32971\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32916\"\u003e#32916\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32965\"\u003e#32965\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32946\"\u003e#32946\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNetworking\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew metrics for tracking slow peers (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32964\"\u003e#32964\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix for an issue where disconnected peers were not removed in txFetcher (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/pull/32947\"\u003e#32947\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eFor a full rundown of the changes please consult the Geth \u003ca href=\"https://github.com/ethereum/go-ethereum/milestone/195?closed=1\"\u003e1.16.6\u003c/a\u003e and \u003ca href=\"https://github.com/ethereum/go-ethereum/milestone/195?closed=1\"\u003e1.16.7\u003c/a\u003e release milestones.\u003c/p\u003e\n\u003cp\u003eAs with all our previous releases, you can find the:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ePre-built binaries for all platforms on our \u003ca href=\"https://geth.ethereum.org/downloads/\"\u003edownloads page\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eDocker images published under \u003ca href=\"https://hub.docker.com/r/ethereum/client-go\"\u003e\u003ccode\u003eethereum/client-go\u003c/code\u003e\u003c/a\u003e (use \u0026quot;stable\u0026quot; tag).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/b9f3a3d964ed3d31e710ec7dd66da9181477ecb2\"\u003e\u003ccode\u003eb9f3a3d\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into release/1.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/07129d21c0fa0aa8b6f7426344cf9ec2f31bc427\"\u003e\u003ccode\u003e07129d2\u003c/code\u003e\u003c/a\u003e version: release go-ethereum v1.16.7 stable\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/653f8d499473c99e2e8ada6d3adea6ec95e97a69\"\u003e\u003ccode\u003e653f8d4\u003c/code\u003e\u003c/a\u003e go.mod: update to c-kzg v2.1.5 (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33093\"\u003e#33093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/5b77af394edd7d7384fbc7f112c8c183f86dcd4b\"\u003e\u003ccode\u003e5b77af3\u003c/code\u003e\u003c/a\u003e version: begin v1.16.7 release cycle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/386c3de6c45f3e185279e6760a17f88fb98dc81a\"\u003e\u003ccode\u003e386c3de\u003c/code\u003e\u003c/a\u003e Merge branch 'master' into release/1.16\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/044828e6606e3368368884e249256a093bae4a6d\"\u003e\u003ccode\u003e044828e\u003c/code\u003e\u003c/a\u003e version: release go-ethereum v1.16.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/025072427e78b3af3e9a8ddcc64007a38dd374ed\"\u003e\u003ccode\u003e0250724\u003c/code\u003e\u003c/a\u003e params: set osaka and BPO1 \u0026amp; BPO2 mainnet dates (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33063\"\u003e#33063\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/28c59b7a760f498c51604791791e194853ba36b6\"\u003e\u003ccode\u003e28c59b7\u003c/code\u003e\u003c/a\u003e core/rawdb: fix db inspector by supporting trienode history (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33087\"\u003e#33087\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/18a902799e50b8c0db94653bdae436573e4308a9\"\u003e\u003ccode\u003e18a9027\u003c/code\u003e\u003c/a\u003e common: fix duration comparison in PrettyAge (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33064\"\u003e#33064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ethereum/go-ethereum/commit/e6d34c1fee407e77b1ea573346336a4b57c94a8b\"\u003e\u003ccode\u003ee6d34c1\u003c/code\u003e\u003c/a\u003e eth/tracers: fix prestateTracer for EIP-6780 SELFDESTRUCT (\u003ca href=\"https://redirect.github.com/ethereum/go-ethereum/issues/33050\"\u003e#33050\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/ethereum/go-ethereum/compare/v1.14.13...v1.16.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-playground/validator/v10` from 10.26.0 to 10.28.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-playground/validator/releases\"\u003egithub.com/go-playground/validator/v10's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 10.28.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate workflow.yml to support 2 most recent major versions by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1417\"\u003ego-playground/validator#1417\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1456\"\u003ego-playground/validator#1456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGo 1.25 support by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1459\"\u003ego-playground/validator#1459\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1463\"\u003ego-playground/validator#1463\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/text from 0.22.0 to 0.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1464\"\u003ego-playground/validator#1464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-go from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1465\"\u003ego-playground/validator#1465\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/crypto from 0.33.0 to 0.42.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1467\"\u003ego-playground/validator#1467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: should panic when define duplicate field param in \u003ccode\u003erequired_if\u003c/code\u003e by \u003ca href=\"https://github.com/duyquang6\"\u003e\u003ccode\u003e@​duyquang6\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1468\"\u003ego-playground/validator#1468\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed missing keys from returned errors in map validation by \u003ca href=\"https://github.com/gelozr\"\u003e\u003ccode\u003e@​gelozr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1284\"\u003ego-playground/validator#1284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded https_url tag by \u003ca href=\"https://github.com/ahmedkamalio\"\u003e\u003ccode\u003e@​ahmedkamalio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1461\"\u003ego-playground/validator#1461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add description for 'port' validator by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1435\"\u003ego-playground/validator#1435\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd alphaspace validator by \u003ca href=\"https://github.com/takaaa220\"\u003e\u003ccode\u003e@​takaaa220\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1343\"\u003ego-playground/validator#1343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/duyquang6\"\u003e\u003ccode\u003e@​duyquang6\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1468\"\u003ego-playground/validator#1468\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gelozr\"\u003e\u003ccode\u003e@​gelozr\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1284\"\u003ego-playground/validator#1284\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ahmedkamalio\"\u003e\u003ccode\u003e@​ahmedkamalio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1461\"\u003ego-playground/validator#1461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/takaaa220\"\u003e\u003ccode\u003e@​takaaa220\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1343\"\u003ego-playground/validator#1343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-playground/validator/compare/v10.27.0...v10.28.0\"\u003ehttps://github.com/go-playground/validator/compare/v10.27.0...v10.28.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease 10.27.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix Release version badge on README page by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1406\"\u003ego-playground/validator#1406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix russian E.164 error message by \u003ca href=\"https://github.com/prigornitskiy\"\u003e\u003ccode\u003e@​prigornitskiy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1349\"\u003ego-playground/validator#1349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: remove unnecessary statement by \u003ca href=\"https://github.com/qshuai\"\u003e\u003ccode\u003e@​qshuai\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1200\"\u003ego-playground/validator#1200\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRe-enable several linters by \u003ca href=\"https://github.com/nodivbyzero\"\u003e\u003ccode\u003e@​nodivbyzero\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1412\"\u003ego-playground/validator#1412\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd support to tag validateFn by \u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1363\"\u003ego-playground/validator#1363\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/crypto from 0.33.0 to 0.35.0 in /_examples/validate_fn by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1418\"\u003ego-playground/validator#1418\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golang.org/x/net from 0.34.0 to 0.38.0 in /_examples/validate_fn by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1419\"\u003ego-playground/validator#1419\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAlign required_without with the contract stated in the documentation by \u003ca href=\"https://github.com/jmfrees\"\u003e\u003ccode\u003e@​jmfrees\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1422\"\u003ego-playground/validator#1422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd translation example by \u003ca href=\"https://github.com/cxlblm\"\u003e\u003ccode\u003e@​cxlblm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1394\"\u003ego-playground/validator#1394\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc(errors): mention RegisterTagNameFunc for FieldError.Field by \u003ca href=\"https://github.com/khan-ajamal\"\u003e\u003ccode\u003e@​khan-ajamal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1358\"\u003ego-playground/validator#1358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump golangci/golangci-lint-action from 7 to 8 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1425\"\u003ego-playground/validator#1425\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(translation): add en translation for urn_rfc2141 by \u003ca href=\"https://github.com/ryanmalesic\"\u003e\u003ccode\u003e@​ryanmalesic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1431\"\u003ego-playground/validator#1431\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: panics when private field is validated by \u003ca href=\"https://github.com/ykalchevskiy\"\u003e\u003ccode\u003e@​ykalchevskiy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1423\"\u003ego-playground/validator#1423\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: support validation for map values with struct types by \u003ca href=\"https://github.com/JunaidIslam2105\"\u003e\u003ccode\u003e@​JunaidIslam2105\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1433\"\u003ego-playground/validator#1433\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOmitzero does not work with slice and map bug by \u003ca href=\"https://github.com/JunaidIslam2105\"\u003e\u003ccode\u003e@​JunaidIslam2105\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1436\"\u003ego-playground/validator#1436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix: Validator panics when 'nil' is used along with required if for slices and maps by \u003ca href=\"https://github.com/JunaidIslam2105\"\u003e\u003ccode\u003e@​JunaidIslam2105\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1442\"\u003ego-playground/validator#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: typos by \u003ca href=\"https://github.com/eqsdxr\"\u003e\u003ccode\u003e@​eqsdxr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1440\"\u003ego-playground/validator#1440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: make \u0026quot;file://\u0026quot; fail \u003ccode\u003eurl\u003c/code\u003e validation by \u003ca href=\"https://github.com/bfabio\"\u003e\u003ccode\u003e@​bfabio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1444\"\u003ego-playground/validator#1444\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edisable way too aggressive and disagreeable linters by \u003ca href=\"https://github.com/deankarn\"\u003e\u003ccode\u003e@​deankarn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1445\"\u003ego-playground/validator#1445\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euse golangci lint file for disables by \u003ca href=\"https://github.com/deankarn\"\u003e\u003ccode\u003e@​deankarn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1447\"\u003ego-playground/validator#1447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prigornitskiy\"\u003e\u003ccode\u003e@​prigornitskiy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1349\"\u003ego-playground/validator#1349\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/qshuai\"\u003e\u003ccode\u003e@​qshuai\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1200\"\u003ego-playground/validator#1200\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-playground/validator/pull/1363\"\u003ego-playground/validator#1363\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/bdc3a7d31bd8269baa07904324e8fb22fb2f9372\"\u003e\u003ccode\u003ebdc3a7d\u003c/code\u003e\u003c/a\u003e Add alphaspace validator (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1343\"\u003e#1343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/63594a0fbee5293ac7bc6c80286c3277cd2ddb45\"\u003e\u003ccode\u003e63594a0\u003c/code\u003e\u003c/a\u003e docs: add description for 'port' validator (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1435\"\u003e#1435\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/45f3a8e09a4d0b995829fe0613289db4fb69b850\"\u003e\u003ccode\u003e45f3a8e\u003c/code\u003e\u003c/a\u003e Added https_url tag (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1461\"\u003e#1461\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/7a23bca81c8bc72c578252b524665ea173b489da\"\u003e\u003ccode\u003e7a23bca\u003c/code\u003e\u003c/a\u003e Remove Go version 1.23 from CI workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/13130d2e78838bec6b9e4dbce756c183844590e7\"\u003e\u003ccode\u003e13130d2\u003c/code\u003e\u003c/a\u003e Fixed missing keys from returned errors in map validation (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1284\"\u003e#1284\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/94e89f0942028ebfb17426b8d3c2005a46557621\"\u003e\u003ccode\u003e94e89f0\u003c/code\u003e\u003c/a\u003e fix: should panic when define duplicate field param in \u003ccode\u003erequired_if\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/6905468e4559e0937518de42c92cb6b5c023342d\"\u003e\u003ccode\u003e6905468\u003c/code\u003e\u003c/a\u003e Bump golang.org/x/crypto from 0.33.0 to 0.42.0 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/77ef70e2d1287e50641c096ca1c3d09497e7197c\"\u003e\u003ccode\u003e77ef70e\u003c/code\u003e\u003c/a\u003e Bump actions/setup-go from 5 to 6 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1465\"\u003e#1465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/78d05ae554de682d121e78a6a62d7de01be8e863\"\u003e\u003ccode\u003e78d05ae\u003c/code\u003e\u003c/a\u003e Bump golang.org/x/text from 0.22.0 to 0.29.0 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1464\"\u003e#1464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-playground/validator/commit/34aea1f62ca76abe2999265d25c8dcf8507cb3ed\"\u003e\u003ccode\u003e34aea1f\u003c/code\u003e\u003c/a\u003e Bump github.com/gabriel-vasile/mimetype from 1.4.8 to 1.4.10 (\u003ca href=\"https://redirect.github.com/go-playground/validator/issues/1463\"\u003e#1463\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-playground/validator/compare/v10.26.0...v10.28.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/prometheus/client_golang` from 1.22.0 to 1.23.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_golang/releases\"\u003egithub.com/prometheus/client_golang's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.23.2 - 2025-09-05\u003c/h2\u003e\n\u003cp\u003eThis release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e[release-1.23] Upgrade to prometheus/common@v0.66.1 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1869\"\u003eprometheus/client_golang#1869\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[release-1.23] Cut v1.23.2 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1870\"\u003eprometheus/client_golang#1870\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_golang/compare/v1.23.1...v1.23.2\"\u003ehttps://github.com/prometheus/client_golang/compare/v1.23.1...v1.23.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.1 - 2025-09-04\u003c/h2\u003e\n\u003cp\u003eThis release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003e[release-1.23] Upgrade to prometheus/common v0.66 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1866\"\u003eprometheus/client_golang#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[release-1.23] Cut v1.23.1 by \u003ca href=\"https://github.com/aknuds1\"\u003e\u003ccode\u003e@​aknuds1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_golang/pull/1867\"\u003eprometheus/client_golang#1867\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/prometheus/client_golang/compare/v1.23.0...v1.23.1\"\u003ehttps://github.com/prometheus/client_golang/compare/v1.23.0...v1.23.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.23.0 - 2025-07-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1812\"\u003e#1812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1766\"\u003e#1766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add exemplars for native histograms \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1686\"\u003e#1686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] exp/api: Bubble up status code from writeResponse \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1823\"\u003e#1823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1833\"\u003e#1833\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[BUGFIX] exp/api: client prompt return on context cancellation \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1729\"\u003e#1729\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md\"\u003egithub.com/prometheus/client_golang's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.23.2 / 2025-09-05\u003c/h2\u003e\n\u003cp\u003eThis release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement).\nThere are no functional changes.\u003c/p\u003e\n\u003ch2\u003e1.23.1 / 2025-09-04\u003c/h2\u003e\n\u003cp\u003eThis release is made to be compatible with a backwards incompatible API change\nin prometheus/common v0.66.0. There are no functional changes.\u003c/p\u003e\n\u003ch2\u003e1.23.0 / 2025-07-30\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[CHANGE] Minimum required Go version is now 1.23, only the two latest Go versions are supported from now on. \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1812\"\u003e#1812\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add WrapCollectorWith and WrapCollectorWithPrefix \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1766\"\u003e#1766\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[FEATURE] Add exemplars for native histograms \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1686\"\u003e#1686\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] exp/api: Bubble up status code from writeResponse \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1823\"\u003e#1823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[ENHANCEMENT] collector/go: Update runtime metrics for Go v1.23 and v1.24 \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1833\"\u003e#1833\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[BUGFIX] exp/api: client prompt return on context cancellation \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1729\"\u003e#1729\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/8179a560819f2c64ef6ade70e6ae4c73aecaca3c\"\u003e\u003ccode\u003e8179a56\u003c/code\u003e\u003c/a\u003e Cut v1.23.2 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1870\"\u003e#1870\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/4142b5908bb6c8f5e412b72de5ea4b927d8c219d\"\u003e\u003ccode\u003e4142b59\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1869\"\u003e#1869\u003c/a\u003e from prometheus/arve/upgrade-common\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/4ff40f0d918efc0f59701d13622913805c2425b4\"\u003e\u003ccode\u003e4ff40f0\u003c/code\u003e\u003c/a\u003e Cut v1.23.1 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1867\"\u003e#1867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/989b0298944e64f88a54ac9c70cd8c8121f10bc9\"\u003e\u003ccode\u003e989b029\u003c/code\u003e\u003c/a\u003e Upgrade to prometheus/common v0.66 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1866\"\u003e#1866\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/e4b2208dd8cb6d1425f00250db842ec3c1e8749e\"\u003e\u003ccode\u003ee4b2208\u003c/code\u003e\u003c/a\u003e Cut v1.23.0 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1848\"\u003e#1848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/d9492afd3a6f2e9782a7fc10363281bfd5b743bb\"\u003e\u003ccode\u003ed9492af\u003c/code\u003e\u003c/a\u003e cut v1.23.0-rc.1 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1842\"\u003e#1842\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/aeae8a0b4f54a8fa720d19b88638a2d048596f82\"\u003e\u003ccode\u003eaeae8a0\u003c/code\u003e\u003c/a\u003e Cut v1.23.0-rc.0 (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1837\"\u003e#1837\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/b157309b723f0b8588ea604bb78dbbba196803f2\"\u003e\u003ccode\u003eb157309\u003c/code\u003e\u003c/a\u003e Update common Prometheus files (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1832\"\u003e#1832\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/a704e287f467b79744c30af996b7d710d4c6900d\"\u003e\u003ccode\u003ea704e28\u003c/code\u003e\u003c/a\u003e build(deps): bump the github-actions group with 3 updates (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1826\"\u003e#1826\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/prometheus/client_golang/commit/c7743110ad2c599de3d8c23682d978a12f9f36d1\"\u003e\u003ccode\u003ec774311\u003c/code\u003e\u003c/a\u003e Fix errNotImplemented reference (\u003ca href=\"https://redirect.github.com/prometheus/client_golang/issues/1835\"\u003e#1835\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/prometheus/client_golang/compare/v1.22.0...v1.23.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/prometheus/client_model` from 0.6.1 to 0.6.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/prometheus/client_model/releases\"\u003egithub.com/prometheus/client_model's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.6.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/89\"\u003eprometheus/client_model#89\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.33.0 to 1.34.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/88\"\u003eprometheus/client_model#88\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/90\"\u003eprometheus/client_model#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.34.0 to 1.34.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/91\"\u003eprometheus/client_model#91\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/92\"\u003eprometheus/client_model#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/93\"\u003eprometheus/client_model#93\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.34.1 to 1.34.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/94\"\u003eprometheus/client_model#94\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/95\"\u003eprometheus/client_model#95\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/96\"\u003eprometheus/client_model#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/97\"\u003eprometheus/client_model#97\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/98\"\u003eprometheus/client_model#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/99\"\u003eprometheus/client_model#99\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/100\"\u003eprometheus/client_model#100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/101\"\u003eprometheus/client_model#101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/103\"\u003eprometheus/client_model#103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate google.golang.org/protobuf to v1.35.1 by \u003ca href=\"https://github.com/beorn7\"\u003e\u003ccode\u003e@​beorn7\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/104\"\u003eprometheus/client_model#104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/105\"\u003eprometheus/client_model#105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/106\"\u003eprometheus/client_model#106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump google.golang.org/protobuf from 1.35.1 to 1.35.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/107\"\u003eprometheus/client_model#107\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSynchronize common files from prometheus/prometheus by \u003ca href=\"https://github.com/prombot\"\u003e\u003ccode\u003e@​prombot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/prometheus/client_model/pull/108\"\u003eprometheus/client_model#108\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump goo...\n\n_Description has been truncated_","html_url":"https://github.com/rsksmart/liquidity-provider-server/pull/886","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rsksmart%2Fliquidity-provider-server/issues/886","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/886/packages"}},{"old_version":"1.7.1","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-12-04T13:50:21.000Z","version_change":"1.7.1 → 1.7.3","issue":{"uuid":"3694781967","node_id":"PR_kwDOH48Fr863EyNG","number":85,"state":"closed","title":"build(go): bump the go group with 11 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-12-17T12:10:23.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-04T13:50:21.000Z","updated_at":"2025-12-17T12:10:25.000Z","time_to_close":1117202,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(go): bump","group_name":"go","update_count":11,"packages":[{"name":"github.com/alexedwards/argon2id","old_version":"0.0.0-20211130144151-3585854a6387","new_version":"1.0.0","repository_url":"https://github.com/alexedwards/argon2id"},{"name":"github.com/benbjohnson/hashfs","old_version":"0.2.1","new_version":"0.2.2","repository_url":"https://github.com/benbjohnson/hashfs"},{"name":"github.com/bmatcuk/doublestar/v4","old_version":"4.6.0","new_version":"4.9.1","repository_url":"https://github.com/bmatcuk/doublestar"},{"name":"github.com/dgraph-io/ristretto","old_version":"0.1.1","new_version":"0.2.0","repository_url":"https://github.com/dgraph-io/ristretto"},{"name":"github.com/gorilla/csrf","old_version":"1.7.1","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/gorilla/securecookie","old_version":"1.1.1","new_version":"1.1.2","repository_url":"https://github.com/gorilla/securecookie"},{"name":"github.com/gorilla/sessions","old_version":"1.2.1","new_version":"1.4.0","repository_url":"https://github.com/gorilla/sessions"},{"name":"github.com/open-policy-agent/opa","old_version":"1.4.0","new_version":"1.11.0","repository_url":"https://github.com/open-policy-agent/opa"},{"name":"github.com/twmb/murmur3","old_version":"1.1.6","new_version":"1.1.8","repository_url":"https://github.com/twmb/murmur3"},{"name":"golang.org/x/sync","old_version":"0.17.0","new_version":"0.18.0","repository_url":"https://github.com/golang/sync"},{"name":"zombiezen.com/go/sqlite","old_version":"0.12.0","new_version":"1.4.2","repository_url":"https://github.com/zombiezen/go-sqlite"}],"path":null,"ecosystem":"go"},"body":"Bumps the go group with 11 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/alexedwards/argon2id](https://github.com/alexedwards/argon2id) | `0.0.0-20211130144151-3585854a6387` | `1.0.0` |\n| [github.com/benbjohnson/hashfs](https://github.com/benbjohnson/hashfs) | `0.2.1` | `0.2.2` |\n| [github.com/bmatcuk/doublestar/v4](https://github.com/bmatcuk/doublestar) | `4.6.0` | `4.9.1` |\n| [github.com/dgraph-io/ristretto](https://github.com/dgraph-io/ristretto) | `0.1.1` | `0.2.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.1` | `1.7.3` |\n| [github.com/gorilla/securecookie](https://github.com/gorilla/securecookie) | `1.1.1` | `1.1.2` |\n| [github.com/gorilla/sessions](https://github.com/gorilla/sessions) | `1.2.1` | `1.4.0` |\n| [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa) | `1.4.0` | `1.11.0` |\n| [github.com/twmb/murmur3](https://github.com/twmb/murmur3) | `1.1.6` | `1.1.8` |\n| [golang.org/x/sync](https://github.com/golang/sync) | `0.17.0` | `0.18.0` |\n| [zombiezen.com/go/sqlite](https://github.com/zombiezen/go-sqlite) | `0.12.0` | `1.4.2` |\n\nUpdates `github.com/alexedwards/argon2id` from 0.0.0-20211130144151-3585854a6387 to 1.0.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/alexedwards/argon2id/commits/v1.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/benbjohnson/hashfs` from 0.2.1 to 0.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/benbjohnson/hashfs/releases\"\u003egithub.com/benbjohnson/hashfs's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix README Handle path by \u003ca href=\"https://github.com/benhoyt\"\u003e\u003ccode\u003e@​benhoyt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/4\"\u003ebenbjohnson/hashfs#4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't use os.IsNotExist by \u003ca href=\"https://github.com/ypdn\"\u003e\u003ccode\u003e@​ypdn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/6\"\u003ebenbjohnson/hashfs#6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benhoyt\"\u003e\u003ccode\u003e@​benhoyt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/4\"\u003ebenbjohnson/hashfs#4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ypdn\"\u003e\u003ccode\u003e@​ypdn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/pull/6\"\u003ebenbjohnson/hashfs#6\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/benbjohnson/hashfs/compare/v0.2.1...v0.2.2\"\u003ehttps://github.com/benbjohnson/hashfs/compare/v0.2.1...v0.2.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benbjohnson/hashfs/commit/8e79949acd46352b79d49f121a2d564b35f0a828\"\u003e\u003ccode\u003e8e79949\u003c/code\u003e\u003c/a\u003e Don't use os.IsNotExist (\u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/issues/6\"\u003e#6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benbjohnson/hashfs/commit/0bd452f43646da72320145151874db3d1a27b381\"\u003e\u003ccode\u003e0bd452f\u003c/code\u003e\u003c/a\u003e Fix README Handle path (\u003ca href=\"https://redirect.github.com/benbjohnson/hashfs/issues/4\"\u003e#4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/benbjohnson/hashfs/compare/v0.2.1...v0.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/bmatcuk/doublestar/v4` from 4.6.0 to 4.9.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/bmatcuk/doublestar/releases\"\u003egithub.com/bmatcuk/doublestar/v4's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSmall Performance Change\u003c/h2\u003e\n\u003cp\u003eThis release contains a small change that gives a slight performance increase. Thanks to \u003ca href=\"https://github.com/jbedard\"\u003e\u003ccode\u003e@​jbedard\u003c/code\u003e\u003c/a\u003e for the PR!\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eperf: reduce string construction in isZeroLengthPattern by \u003ca href=\"https://github.com/jbedard\"\u003e\u003ccode\u003e@​jbedard\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/107\"\u003ebmatcuk/doublestar#107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jbedard\"\u003e\u003ccode\u003e@​jbedard\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/107\"\u003ebmatcuk/doublestar#107\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.9.0...v4.9.1\"\u003ehttps://github.com/bmatcuk/doublestar/compare/v4.9.0...v4.9.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eAdded WithCaseInsensitive option\u003c/h2\u003e\n\u003cp\u003eAdded a \u003ccode\u003eWithCaseInsensitive\u003c/code\u003e option to ignore alphabetic case when globbing. Thanks \u003ca href=\"https://github.com/braydonk\"\u003e\u003ccode\u003e@​braydonk\u003c/code\u003e\u003c/a\u003e for the PR!\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove unreachable code in match by \u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/102\"\u003ebmatcuk/doublestar#102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eWithCaseInsensitive\u003c/code\u003e \u003ccode\u003eGlobOption\u003c/code\u003e by \u003ca href=\"https://github.com/braydonk\"\u003e\u003ccode\u003e@​braydonk\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/106\"\u003ebmatcuk/doublestar#106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/braydonk\"\u003e\u003ccode\u003e@​braydonk\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/106\"\u003ebmatcuk/doublestar#106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.8.1...v4.9.0\"\u003ehttps://github.com/bmatcuk/doublestar/compare/v4.8.1...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eSmall Performance Improvement for MatchUnvalidated\u003c/h2\u003e\n\u003cp\u003eSkip some additional validation checks in \u003ccode\u003eMatchUnvalidated\u003c/code\u003e. Thanks to \u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e for the PR!\u003c/p\u003e\n\u003cp\u003eAdditional documentation improvements from \u003ca href=\"https://github.com/timo-reymann\"\u003e\u003ccode\u003e@​timo-reymann\u003c/code\u003e\u003c/a\u003e. Thanks!\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExplicitly mention number support and add tests by \u003ca href=\"https://github.com/timo-reymann\"\u003e\u003ccode\u003e@​timo-reymann\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/100\"\u003ebmatcuk/doublestar#100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSkip more validation by \u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/101\"\u003ebmatcuk/doublestar#101\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/timo-reymann\"\u003e\u003ccode\u003e@​timo-reymann\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/100\"\u003ebmatcuk/doublestar#100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/lukemassa\"\u003e\u003ccode\u003e@​lukemassa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/101\"\u003ebmatcuk/doublestar#101\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.8.0...v4.8.1\"\u003ehttps://github.com/bmatcuk/doublestar/compare/v4.8.0...v4.8.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eFixed Escaped Meta in the \u0026quot;Base\u0026quot; of the Pattern\u003c/h2\u003e\n\u003cp\u003eIf the \u0026quot;base\u0026quot; of a pattern (ie, everything up to the first path slash before any meta characters) contains an escaped meta character, doublestar would fail to glob any files.\u003c/p\u003e\n\u003cp\u003eThanks to \u003ca href=\"https://github.com/tdurieux\"\u003e\u003ccode\u003e@​tdurieux\u003c/code\u003e\u003c/a\u003e for finding and fixing this bug!\u003c/p\u003e\n\u003ch2\u003eBreaking-ish Change\u003c/h2\u003e\n\u003cp\u003eI've updated \u003ccode\u003eSplitPattern\u003c/code\u003e to unescape meta characters in the first returned string. I suspect this shouldn't cause issues for anyone because, if anyone was using this function, they've probably either never passed a pattern with escaped meta characters, or hand-rolled an unescape method to fix the bug - which will now be a no-op for them.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix(\u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/issues/96\"\u003e#96\u003c/a\u003e) unescapeMeta the pattern base  by \u003ca href=\"https://github.com/tdurieux\"\u003e\u003ccode\u003e@​tdurieux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/bmatcuk/doublestar/pull/97\"\u003ebmatcuk/doublestar#97\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/8b690afa33319b0a1869367f594e53977e38bc99\"\u003e\u003ccode\u003e8b690af\u003c/code\u003e\u003c/a\u003e note about optimization\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/792c3c946327797e17e733d738a09bae0c86ee75\"\u003e\u003ccode\u003e792c3c9\u003c/code\u003e\u003c/a\u003e perf: reduce string construction in isZeroLengthPattern\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/06f110a7701e8ae50bcaeaa121080533076ba51c\"\u003e\u003ccode\u003e06f110a\u003c/code\u003e\u003c/a\u003e test updates, and renamed caseInsensitive\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/8cf3fc3af10ccbff98d3f2aa83550f0f3204b913\"\u003e\u003ccode\u003e8cf3fc3\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eWithCaseInsensitive\u003c/code\u003e \u003ccode\u003eGlobOption\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/5da61cf7e690c8998d43f4811467e07b4296a0cb\"\u003e\u003ccode\u003e5da61cf\u003c/code\u003e\u003c/a\u003e Remove unreachable code in match\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/b707fe4305f7f29b0ce53be76ef7f98fc8204cd9\"\u003e\u003ccode\u003eb707fe4\u003c/code\u003e\u003c/a\u003e Wording\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/569c123424530f9d09209f3ade0be959aa436b41\"\u003e\u003ccode\u003e569c123\u003c/code\u003e\u003c/a\u003e Add tests to make sure we're skipping validation\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/3b1e3d13f0f411f346ff8fc5d77637435f6de809\"\u003e\u003ccode\u003e3b1e3d1\u003c/code\u003e\u003c/a\u003e Skip additional validations\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/24bdb149bb294e18eb9d3cce89fa9631fa8e6c11\"\u003e\u003ccode\u003e24bdb14\u003c/code\u003e\u003c/a\u003e small updates to docs and tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bmatcuk/doublestar/commit/32ab680c67801e17c4b8816dc14dd461ca795e8a\"\u003e\u003ccode\u003e32ab680\u003c/code\u003e\u003c/a\u003e test: Add tests for number ranges and sets\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/bmatcuk/doublestar/compare/v4.6.0...v4.9.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/dgraph-io/ristretto` from 0.1.1 to 0.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dgraph-io/ristretto/releases\"\u003egithub.com/dgraph-io/ristretto's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e*`docs(readme): Use new Wait method by \u003ca href=\"https://github.com/angadn\"\u003e\u003ccode\u003e@​angadn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/327\"\u003edgraph-io/ristretto#327\u003c/a\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edocs: format example on readme by \u003ca href=\"https://github.com/rfyiamcool\"\u003e\u003ccode\u003e@​rfyiamcool\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/339\"\u003edgraph-io/ristretto#339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix flakes in TestDropUpdates by \u003ca href=\"https://github.com/evanj\"\u003e\u003ccode\u003e@​evanj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/334\"\u003edgraph-io/ristretto#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs(Cache): document Wait, clarify Get by \u003ca href=\"https://github.com/evanj\"\u003e\u003ccode\u003e@​evanj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/333\"\u003edgraph-io/ristretto#333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: fix typo error by \u003ca href=\"https://github.com/proost\"\u003e\u003ccode\u003e@​proost\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/341\"\u003edgraph-io/ristretto#341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: support compilation to wasip1 by \u003ca href=\"https://github.com/achille-roussel\"\u003e\u003ccode\u003e@​achille-roussel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/344\"\u003edgraph-io/ristretto#344\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove glog dependency by \u003ca href=\"https://github.com/jhawk28\"\u003e\u003ccode\u003e@​jhawk28\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/350\"\u003edgraph-io/ristretto#350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadd config for cleanup ticker duration by \u003ca href=\"https://github.com/singhvikash11\"\u003e\u003ccode\u003e@​singhvikash11\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/342\"\u003edgraph-io/ristretto#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(OnEvict): Set missing Expiration field on evicted items by \u003ca href=\"https://github.com/0x1ee7\"\u003e\u003ccode\u003e@​0x1ee7\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/345\"\u003edgraph-io/ristretto#345\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euint32 -\u0026gt; uint64 in slice methods by \u003ca href=\"https://github.com/mocurin\"\u003e\u003ccode\u003e@​mocurin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/323\"\u003edgraph-io/ristretto#323\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: cleanupTicker not being stopped by \u003ca href=\"https://github.com/IlyaFloppy\"\u003e\u003ccode\u003e@​IlyaFloppy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/pull/343\"\u003edgraph-io/ristretto#343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0\"\u003ehttps://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dgraph-io/ristretto/blob/main/CHANGELOG.md\"\u003egithub.com/dgraph-io/ristretto's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e[v0.2.0] - 2024-10-06\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAdded\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/344\"\u003e\u003ccode\u003efix: support compilation to wasip1 by @​achille-roussel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/342\"\u003e\u003ccode\u003eadd config for cleanup ticker duration by @​singhvikash11\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFixed\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/327\"\u003e\u003ccode\u003edocs(readme): Use new Wait method by @​angadn\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/339\"\u003e\u003ccode\u003edocs: format example on readme by @​rfyiamcool\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/334\"\u003e\u003ccode\u003eFix flakes in TestDropUpdates by @​evanj\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/333\"\u003e\u003ccode\u003edocs(Cache): document Wait, clarify Get by @​evanj\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/341\"\u003e\u003ccode\u003echore: fix typo error by @​proost\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/350\"\u003e\u003ccode\u003eremove glog dependency by @​jhawk28\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/345\"\u003e\u003ccode\u003efix(OnEvict): Set missing Expiration field on evicted items by @​0x1ee7\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/323\"\u003e\u003ccode\u003euint32 -\u0026gt; uint64 in slice methods by @​mocurin\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/hypermodeinc/ristretto/pull/343\"\u003e\u003ccode\u003efix: cleanupTicker not being stopped by @​IlyaFloppy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/hypermodeinc/ristretto/compare/v0.1.1...v0.2.0\"\u003ehttps://github.com/hypermodeinc/ristretto/compare/v0.1.1...v0.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/185461756714d72b458a7fb6cf9441a96db82dcb\"\u003e\u003ccode\u003e1854617\u003c/code\u003e\u003c/a\u003e minor repo cleanup (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/352\"\u003e#352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/91446626cc3b34a596a024bd711f786e74851aeb\"\u003e\u003ccode\u003e9144662\u003c/code\u003e\u003c/a\u003e stop cleanupTicker while closing cache (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/343\"\u003e#343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/c00b3525a6a1c4cead9cc26b8d453da4b0e85e52\"\u003e\u003ccode\u003ec00b352\u003c/code\u003e\u003c/a\u003e uint32 to uint64 in slice methods (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/323\"\u003e#323\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/e6d62cbfa02d3bd4bfd1f50f8d86786dc668ec46\"\u003e\u003ccode\u003ee6d62cb\u003c/code\u003e\u003c/a\u003e chore(ci): separate out coverage report workflow (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/353\"\u003e#353\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/f0e70276b93a49aa672dd247f4dddfc5f208d07f\"\u003e\u003ccode\u003ef0e7027\u003c/code\u003e\u003c/a\u003e set missing Expiration field on evicted items (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/345\"\u003e#345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/e8dc5b0073351c9bf2a0c4ca8567089da049da44\"\u003e\u003ccode\u003ee8dc5b0\u003c/code\u003e\u003c/a\u003e add config for cleanup ticker duration (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/342\"\u003e#342\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/c5789d66fddc048e40318067bb60cf8395d8a3f8\"\u003e\u003ccode\u003ec5789d6\u003c/code\u003e\u003c/a\u003e update golangci config and cleanup repo (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/351\"\u003e#351\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/bdcf5e99ac1dcfc086482e8041b79d01167c7590\"\u003e\u003ccode\u003ebdcf5e9\u003c/code\u003e\u003c/a\u003e remove glog dependency (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/350\"\u003e#350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/3f6b44a6092c4a0ad1f3ece5db1d54438ddcb39b\"\u003e\u003ccode\u003e3f6b44a\u003c/code\u003e\u003c/a\u003e fix: support compilation to wasip1 (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/344\"\u003e#344\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dgraph-io/ristretto/commit/c73d585ee67e15661e8148de2657f0939b0a63b4\"\u003e\u003ccode\u003ec73d585\u003c/code\u003e\u003c/a\u003e chore: fix typo error (\u003ca href=\"https://redirect.github.com/dgraph-io/ristretto/issues/341\"\u003e#341\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.1 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/securecookie` from 1.1.1 to 1.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/securecookie/releases\"\u003egithub.com/gorilla/securecookie's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease v1.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix New not checking for an empty hashKey by \u003ca href=\"https://github.com/Wessie\"\u003e\u003ccode\u003e@​Wessie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/52\"\u003egorilla/securecookie#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate LICENSE \u0026amp; AUTHORS files by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/54\"\u003egorilla/securecookie#54\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate go.mod to be aware of go modules by \u003ca href=\"https://github.com/flibustenet\"\u003e\u003ccode\u003e@​flibustenet\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/55\"\u003egorilla/securecookie#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate release_drafter.yml by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/57\"\u003egorilla/securecookie#57\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[docs] Clarify usage of GenerateRandomKey by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/58\"\u003egorilla/securecookie#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egithub: remove false-match for language detection by \u003ca href=\"https://github.com/nilslice\"\u003e\u003ccode\u003e@​nilslice\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/59\"\u003egorilla/securecookie#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate config.yml by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/63\"\u003egorilla/securecookie#63\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edoc: correct a reference to block size that was meant to be key size by \u003ca href=\"https://github.com/FiloSottile\"\u003e\u003ccode\u003e@​FiloSottile\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/64\"\u003egorilla/securecookie#64\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude an example for using DecodeMulti in the Readme by \u003ca href=\"https://github.com/tflyons\"\u003e\u003ccode\u003e@​tflyons\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/69\"\u003egorilla/securecookie#69\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/74\"\u003egorilla/securecookie#74\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/78\"\u003egorilla/securecookie#78\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: changed deprecated goo.gl links to their unshortened variant by \u003ca href=\"https://github.com/vvvvv\"\u003e\u003ccode\u003e@​vvvvv\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/77\"\u003egorilla/securecookie#77\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/81\"\u003egorilla/securecookie#81\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate GitHub workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/82\"\u003egorilla/securecookie#82\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Wessie\"\u003e\u003ccode\u003e@​Wessie\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/52\"\u003egorilla/securecookie#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/flibustenet\"\u003e\u003ccode\u003e@​flibustenet\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/55\"\u003egorilla/securecookie#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nilslice\"\u003e\u003ccode\u003e@​nilslice\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/59\"\u003egorilla/securecookie#59\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile\"\u003e\u003ccode\u003e@​FiloSottile\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/64\"\u003egorilla/securecookie#64\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tflyons\"\u003e\u003ccode\u003e@​tflyons\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/69\"\u003egorilla/securecookie#69\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/78\"\u003egorilla/securecookie#78\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vvvvv\"\u003e\u003ccode\u003e@​vvvvv\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/securecookie/pull/77\"\u003egorilla/securecookie#77\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/securecookie/compare/v1.1.1...v1.1.2\"\u003ehttps://github.com/gorilla/securecookie/compare/v1.1.1...v1.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/eae3c1840ec4adda88a4af683ad0f60bb690e7c2\"\u003e\u003ccode\u003eeae3c18\u003c/code\u003e\u003c/a\u003e update GitHub workflows (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/82\"\u003e#82\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/22eae5c820537b29d36814c94c2c70c08e391d71\"\u003e\u003ccode\u003e22eae5c\u003c/code\u003e\u003c/a\u003e Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/81\"\u003e#81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/4ce52525b6a4243a02356b62abf6b2ef9038ff52\"\u003e\u003ccode\u003e4ce5252\u003c/code\u003e\u003c/a\u003e docs: changed deprecated goo.gl links to their unshortened variant (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/77\"\u003e#77\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/ab6b80809e59d61b23e5ae5f1c24e123f3a17133\"\u003e\u003ccode\u003eab6b808\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/78\"\u003e#78\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/80d3cb33a42adb0e57bbe375814f1b0665913576\"\u003e\u003ccode\u003e80d3cb3\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/9865a2b6137913abf1982cc4b1e8acdc35b2f052\"\u003e\u003ccode\u003e9865a2b\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/f37875ef1fb538320ab97fc6c9927d94c280ed5b\"\u003e\u003ccode\u003ef37875e\u003c/code\u003e\u003c/a\u003e build: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/74\"\u003e#74\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/61b4ad17eb88d0d1118560d1101176279be2bc88\"\u003e\u003ccode\u003e61b4ad1\u003c/code\u003e\u003c/a\u003e docs: Include an example for using DecodeMulti in the Readme (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/69\"\u003e#69\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/86450627d8e6b88e00ea41f228489b89d08a40de\"\u003e\u003ccode\u003e8645062\u003c/code\u003e\u003c/a\u003e doc: correct a reference to block size that was meant to be key size (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/64\"\u003e#64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/securecookie/commit/629b6af17341019b261eab06da74c418942918d9\"\u003e\u003ccode\u003e629b6af\u003c/code\u003e\u003c/a\u003e Create config.yml (\u003ca href=\"https://redirect.github.com/gorilla/securecookie/issues/63\"\u003e#63\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/securecookie/compare/v1.1.1...v1.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/sessions` from 1.2.1 to 1.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/sessions/releases\"\u003egithub.com/gorilla/sessions's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.4.0\u003c/h2\u003e\n\u003ch2\u003eSummary\u003c/h2\u003e\n\u003cp\u003eThere were new features important for \u003ca href=\"https://redirect.github.com/golang/go/issues/62490#issuecomment-2127685955\"\u003ecompatibility with some of the upcoming cookie security changes\u003c/a\u003e with google that required a new \u003ccode\u003ePartitioned\u003c/code\u003e attribute be added to the cookies, this attribute was only available in go 1.23, which has just recently been released.\u003c/p\u003e\n\u003cp\u003eIf you require a version that is backward compatible with a lower version than go 1.23 then you'll need to use release v1.3.0.\u003c/p\u003e\n\u003cp\u003eThe following notes show the difference between 1.2.2 and the current version because 1.3.0 was a hotfix for go 1.22 and below.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove File System Path Handling by \u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/272\"\u003e#272\u003c/a\u003e: feat: Add support for paritioned attribute in cookies as per chrome 3rd party cookie phaseout by \u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix no default samesite by \u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix gorillatoolkit link in README.md by \u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd mysql store to the readme by \u003ca href=\"https://github.com/danielepintore\"\u003e\u003ccode\u003e@​danielepintore\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/279\"\u003egorilla/sessions#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/danielepintore\"\u003e\u003ccode\u003e@​danielepintore\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/279\"\u003egorilla/sessions#279\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/sessions/compare/v1.2.2...v1.4.0\"\u003ehttps://github.com/gorilla/sessions/compare/v1.2.2...v1.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.3.0\u003c/h2\u003e\n\u003cp\u003eThe maintainers of this repo merged a PR into main with the \u003ccode\u003enet/http.Cookie\u003c/code\u003e field \u003ccode\u003ePartitioned\u003c/code\u003e which is a field only available in go 1.23. As a result all usage of the main branch will not work unless users are on 1.23 which at the time of writing is currently unreleased. This broke the install for a number of users so the intent of this release is to push out a couple of features and bugfixes with the go 1.23 specific changes removed.\u003c/p\u003e\n\u003cp\u003eReleases should be used exclusively until go 1.23 is released.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove File System Path Handling by \u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/272\"\u003e#272\u003c/a\u003e: feat: Add support for paritioned attribute in cookies as per chrome 3rd party cookie phaseout by \u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix no default samesite by \u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix gorillatoolkit link in README.md by \u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moloch\"\u003e\u003ccode\u003e@​moloch\u003c/code\u003e\u003c/a\u003e-- made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/274\"\u003egorilla/sessions#274\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kashishbehl\"\u003e\u003ccode\u003e@​kashishbehl\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/273\"\u003egorilla/sessions#273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bharat-rajani\"\u003e\u003ccode\u003e@​bharat-rajani\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/276\"\u003egorilla/sessions#276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mbacalan\"\u003e\u003ccode\u003e@​mbacalan\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/278\"\u003egorilla/sessions#278\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/sessions/compare/v1.2.2...v1.3.0\"\u003ehttps://github.com/gorilla/sessions/compare/v1.2.2...v1.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 by \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/230\"\u003egorilla/sessions#230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: use base32 encoder with no padding by \u003ca href=\"https://github.com/leungyauming\"\u003e\u003ccode\u003e@​leungyauming\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/240\"\u003egorilla/sessions#240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add new TiKV store to README by \u003ca href=\"https://github.com/ryicoh\"\u003e\u003ccode\u003e@​ryicoh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/245\"\u003egorilla/sessions#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix linting errors for go1.17 by \u003ca href=\"https://github.com/mariusor\"\u003e\u003ccode\u003e@​mariusor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/253\"\u003egorilla/sessions#253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/sessions/pull/261\"\u003egorilla/sessions#261\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/bb4cd60c952a9ce48ea0dc6cc7b282ff79c38263\"\u003e\u003ccode\u003ebb4cd60\u003c/code\u003e\u003c/a\u003e chore: Update readme to relect go 1.23 release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/e2083f956282b2e627d9734f4ebbd51fa0339f09\"\u003e\u003ccode\u003ee2083f9\u003c/code\u003e\u003c/a\u003e chore: update to go 1.23 for workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/6eef180e176e826b77f4d2f5f8e1cf855a87db02\"\u003e\u003ccode\u003e6eef180\u003c/code\u003e\u003c/a\u003e fix: Missing SameSite attribute on options\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/a56e60c14e37beb3f690c14311c8ad7be7580bb5\"\u003e\u003ccode\u003ea56e60c\u003c/code\u003e\u003c/a\u003e Add mysql store to the readme (\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/279\"\u003e#279\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/466d29e7f343560836292b7c922e1385e908ef95\"\u003e\u003ccode\u003e466d29e\u003c/code\u003e\u003c/a\u003e chore: Update readme and copyrights\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/7a8159ef2d1bc1afea2b9fbb52e947ded867cf0c\"\u003e\u003ccode\u003e7a8159e\u003c/code\u003e\u003c/a\u003e chore(go): Remove go version 1.11 support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/ff5660f3c355c08371621b642d76c7a4c88836c6\"\u003e\u003ccode\u003eff5660f\u003c/code\u003e\u003c/a\u003e chore(go): Add warning about main branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/8e2d54718e949e895e6a0268e9d4df396b3fbe06\"\u003e\u003ccode\u003e8e2d547\u003c/code\u003e\u003c/a\u003e chore(go): Remove vendored dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/c373b3e334dc26e3e513168292d784d7773f7d27\"\u003e\u003ccode\u003ec373b3e\u003c/code\u003e\u003c/a\u003e Fix gorillatoolkit link in README.md (\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/278\"\u003e#278\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/sessions/commit/ef99c782e9aae430b326a614151c983dcd7c2c1d\"\u003e\u003ccode\u003eef99c78\u003c/code\u003e\u003c/a\u003e fix(cookie): Add default samesite (\u003ca href=\"https://redirect.github.com/gorilla/sessions/issues/276\"\u003e#276\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/sessions/compare/v1.2.1...v1.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/open-policy-agent/opa` from 1.4.0 to 1.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/releases\"\u003egithub.com/open-policy-agent/opa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.11.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore efficient connection management in the \u003ccode\u003ehttp.send\u003c/code\u003e built-in function\u003c/li\u003e\n\u003cli\u003eMore performant loading of large bundles containing multiple Rego files\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImmutable Releases\u003c/h3\u003e\n\u003cp\u003eStarting with this release, OPA releases are \u003ca href=\"https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases\"\u003eimmutable\u003c/a\u003e for increased security.\u003c/p\u003e\n\u003ch3\u003eRuntime, SDK, Tooling\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ev1/ast: Fix Call parsing Text attribute including an extra character (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7989\"\u003e#7989\u003c/a\u003e) authored by \u003ca href=\"https://github.com/schmitd\"\u003e\u003ccode\u003e@​schmitd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Export built-in deprecated field (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7912\"\u003e#7912\u003c/a\u003e) authored by \u003ca href=\"https://github.com/colinjlacy\"\u003e\u003ccode\u003e@​colinjlacy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Intern common var values + some parser improvements (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8028\"\u003e#8028\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Support custom builtins in CompileModulesWithOpt (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/5580\"\u003e#8061\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebundle: Concurrent Rego parsing in bundle loader (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8067\"\u003e#8067\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecmd: Support \u003ccode\u003e--ignore\u003c/code\u003e in \u003ccode\u003eeval\u003c/code\u003e cmd when using bundle flag (\u003ccode\u003e--bundle\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8062\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage/inmem: Allow passing triggers (AST) data without conversion (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7958\"\u003e#7958\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCompiler, Topdown and Rego\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etopdown: Avoid unnecessary use of custom \u003ccode\u003ehttp.Transport\u003c/code\u003e in \u003ccode\u003ehttp.send\u003c/code\u003e built-in (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7927\"\u003e#7927\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sykesm\"\u003e\u003ccode\u003e@​sykesm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: New custom SemVer implementation (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8010\"\u003e#8010\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: Use \u003ccode\u003esync.Pool\u003c/code\u003e for eval func objects (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8054\"\u003e#8054\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs, Website, Ecosystem\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edocs: Add example for Compile API's table mapping (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8017\"\u003e#8017\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address pages with similar titles (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8046\"\u003e#8046\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address some broken links (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8022\"\u003e#8022\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Bump glob dep (CVE-2025-64756) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8056\"\u003e#8056\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Improve ground value and assignment docs (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8047\"\u003e#8047\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make iteration content flow better (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8064\"\u003e#8064\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Note package repos are community maintained (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8053\"\u003e#8053\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update terraform guide with notes about plan (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8043\"\u003e#8043\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the archive to have an edge link (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8011\"\u003e#8011\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the policy language intro (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8050\"\u003e#8050\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/ocp: Datasource example uses wrong AWS S3 URL (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8039\"\u003e#8039\u003c/a\u003e) authored by \u003ca href=\"https://github.com/SuchSkill\"\u003e\u003ccode\u003e@​SuchSkill\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/regal: Replicate sidebar fixes (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8036\"\u003e#8036\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewebsite: Various fixes and improvements by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump golangci-lint, more gocritic linters (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8052\"\u003e#8052\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTidy up and unify sync pool handling (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8068\"\u003e#8068\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuiltins: Add \u003ccode\u003eStringOperandByteSlice\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8048\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Add test cases for consistent cache behavior (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8015\"\u003e#8015\u003c/a\u003e) authored by \u003ca href=\"https://github.com/DFrenkel\"\u003e\u003ccode\u003e@​DFrenkel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutil/performance: Remove math.Log10, remove unused KeysCount (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8041\"\u003e#8041\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eworkflow: Add \u003ccode\u003eBenchmarks\u003c/code\u003e workflow (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8072\"\u003e#8072\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md\"\u003egithub.com/open-policy-agent/opa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.11.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMore efficient connection management in the \u003ccode\u003ehttp.send\u003c/code\u003e built-in function\u003c/li\u003e\n\u003cli\u003eMore performant loading of large bundles containing multiple Rego files\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eImmutable Releases\u003c/h3\u003e\n\u003cp\u003eStarting with this release, OPA releases are \u003ca href=\"https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/immutable-releases\"\u003eimmutable\u003c/a\u003e for increased security.\u003c/p\u003e\n\u003ch3\u003eRuntime, SDK, Tooling\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ev1/ast: Fix Call parsing Text attribute including an extra character (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7989\"\u003e#7989\u003c/a\u003e) authored by \u003ca href=\"https://github.com/schmitd\"\u003e\u003ccode\u003e@​schmitd\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Export built-in deprecated field (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7912\"\u003e#7912\u003c/a\u003e) authored by \u003ca href=\"https://github.com/colinjlacy\"\u003e\u003ccode\u003e@​colinjlacy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Intern common var values + some parser improvements (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8028\"\u003e#8028\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east: Support custom builtins in CompileModulesWithOpt (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/5580\"\u003e#8061\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebundle: Concurrent Rego parsing in bundle loader (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8067\"\u003e#8067\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecmd: Support \u003ccode\u003e--ignore\u003c/code\u003e in \u003ccode\u003eeval\u003c/code\u003e cmd when using bundle flag (\u003ccode\u003e--bundle\u003c/code\u003e) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8062\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage/inmem: Allow passing triggers (AST) data without conversion (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7958\"\u003e#7958\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCompiler, Topdown and Rego\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etopdown: Avoid unnecessary use of custom \u003ccode\u003ehttp.Transport\u003c/code\u003e in \u003ccode\u003ehttp.send\u003c/code\u003e built-in (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7927\"\u003e#7927\u003c/a\u003e) authored by \u003ca href=\"https://github.com/sykesm\"\u003e\u003ccode\u003e@​sykesm\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: New custom SemVer implementation (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8010\"\u003e#8010\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown: Use \u003ccode\u003esync.Pool\u003c/code\u003e for eval func objects (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8054\"\u003e#8054\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs, Website, Ecosystem\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edocs: Add example for Compile API's table mapping (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8017\"\u003e#8017\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address pages with similar titles (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8046\"\u003e#8046\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Address some broken links (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8022\"\u003e#8022\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Bump glob dep (CVE-2025-64756) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8056\"\u003e#8056\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Improve ground value and assignment docs (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8047\"\u003e#8047\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Make iteration content flow better (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8064\"\u003e#8064\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Note package repos are community maintained (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8053\"\u003e#8053\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update terraform guide with notes about plan (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8043\"\u003e#8043\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the archive to have an edge link (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8011\"\u003e#8011\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update the policy language intro (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8050\"\u003e#8050\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/ocp: Datasource example uses wrong AWS S3 URL (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8039\"\u003e#8039\u003c/a\u003e) authored by \u003ca href=\"https://github.com/SuchSkill\"\u003e\u003ccode\u003e@​SuchSkill\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/regal: Replicate sidebar fixes (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8036\"\u003e#8036\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewebsite: Various fixes and improvements by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump golangci-lint, more gocritic linters (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8052\"\u003e#8052\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTidy up and unify sync pool handling (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8068\"\u003e#8068\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuiltins: Add \u003ccode\u003eStringOperandByteSlice\u003c/code\u003e helper (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8048\"\u003e#8048\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etest: Add test cases for consistent cache behavior (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8015\"\u003e#8015\u003c/a\u003e) authored by \u003ca href=\"https://github.com/DFrenkel\"\u003e\u003ccode\u003e@​DFrenkel\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutil/performance: Remove math.Log10, remove unused KeysCount (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/8041\"\u003e#8041\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/45cbfa1d83841971d0db96b7803b5aeeae91020e\"\u003e\u003ccode\u003e45cbfa1\u003c/code\u003e\u003c/a\u003e Prepare v1.11.0 release (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8076\"\u003e#8076\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/36590cd7665d0650eb12d4ec0818db0007a514b6\"\u003e\u003ccode\u003e36590cd\u003c/code\u003e\u003c/a\u003e deps: bump wasmtime-go v37 -\u0026gt; v39\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/545de92907b1edb9a2675d7b4aa49d47f733a84e\"\u003e\u003ccode\u003e545de92\u003c/code\u003e\u003c/a\u003e workflow: add 'Benchmarks' workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/6341217206559008f82d5198a04733bfd7f48bc5\"\u003e\u003ccode\u003e6341217\u003c/code\u003e\u003c/a\u003e ast: Export built-in deprecated field (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8069\"\u003e#8069\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d82c21c9d360799c6f0baad89b1fef1266cb9d02\"\u003e\u003ccode\u003ed82c21c\u003c/code\u003e\u003c/a\u003e cmd: Support --ignore in eval cmd when using bundle flag (-b) (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8062\"\u003e#8062\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/dd2ccc70249bc46e4a09e83396f4934f48ca1022\"\u003e\u003ccode\u003edd2ccc7\u003c/code\u003e\u003c/a\u003e Tidy up and unify sync pool handling (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8068\"\u003e#8068\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/51a50ca042848326354e292a2b77fe8657ac8470\"\u003e\u003ccode\u003e51a50ca\u003c/code\u003e\u003c/a\u003e Concurrent Rego parsing in bundle loader (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8067\"\u003e#8067\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/3882d813924a3cf3f24fe29d04d9d5bd535aba08\"\u003e\u003ccode\u003e3882d81\u003c/code\u003e\u003c/a\u003e build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 in /e2e (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8066\"\u003e#8066\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d198154dd6b159def4586cc475b658e6ab06d176\"\u003e\u003ccode\u003ed198154\u003c/code\u003e\u003c/a\u003e build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8065\"\u003e#8065\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/015175c08a1fecf7a1a21e96e804fc4394e748f8\"\u003e\u003ccode\u003e015175c\u003c/code\u003e\u003c/a\u003e docs: Make iteration content flow better (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/8064\"\u003e#8064\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-policy-agent/opa/compare/v1.4.0...v1.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/twmb/murmur3` from 1.1.6 to 1.1.8\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/3fcd9c20f2443ea2612fca5675f4cf6849e809b9\"\u003e\u003ccode\u003e3fcd9c2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/twmb/murmur3/issues/12\"\u003e#12\u003c/a\u003e from twmb/no_asm_gccgo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/ae6072290e1e24d52ecb76b717fff41583c4d4d6\"\u003e\u003ccode\u003eae60722\u003c/code\u003e\u003c/a\u003e avoid amd64 hand rolled go asm on gccgo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/210dd316651419f3403ae3443b8724e33538eeec\"\u003e\u003ccode\u003e210dd31\u003c/code\u003e\u003c/a\u003e murmur3: duplicate generic logic for slices\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/twmb/murmur3/commit/753d98dbde7d1b1239ef99efed7782e196a064b4\"\u003e\u003ccode\u003e753d98d\u003c/code\u003e\u003c/a\u003e delete .travis.yml\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/twmb/murmur3/compare/v1.1.6...v1.1.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/sync` from 0.17.0 to 0.18.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/sync/commit/1966f539bbd7664efd5bb7462ae94d9db67f4502\"\u003e\u003ccode\u003e1966f53\u003c/code\u003e\u003c/a\u003e errgroup: fix some typos in comment\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/sync/compare/v0.17.0...v0.18.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `zombiezen.com/go/sqlite` from 0.12.0 to 1.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zombiezen/go-sqlite/releases\"\u003ezombiezen.com/go/sqlite's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.4.2\u003c/h2\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.37.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.1\u003c/h2\u003e\n\u003cp\u003eVersion 1.4.1 updates the \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version to 1.36.1 and includes a couple small improvements.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.36.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e*Stmt.ColumnName\u003c/code\u003e no longer performs an allocation (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/118\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe doc comment for \u003ccode\u003eOpenFlags\u003c/code\u003e has been rewritten for clarity (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/114\"\u003e#114\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.4.0\u003c/h2\u003e\n\u003cp\u003eVersion 1.4 adds the \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e function and fixes several bugs.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew function \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eConn.Close\u003c/code\u003e returns an error if the connection has already been closed (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/101\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.33.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esqlite3_initialize\u003c/code\u003e is now called from any top-level function to prevent race conditions during initialization. (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/18\"\u003e#18\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003cp\u003eVersion 1.3 is largely a bug-fix release, but is a minor version change because of the new \u003ccode\u003esqlitemigration.Pool.Take\u003c/code\u003e method.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esqlitemigration.Pool\u003c/code\u003e now has a new method \u003ccode\u003eTake\u003c/code\u003e so that it implements a common interface with \u003ccode\u003esqlitex.Pool\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/97\"\u003e#97\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDocumented \u003ccode\u003eOpenWAL\u003c/code\u003e behavior on \u003ccode\u003esqlite.OpenConn\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAddress low-frequency errors with concurrent use of \u003ccode\u003esqlitemigration\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/99\"\u003e#99\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe error returned from \u003ccode\u003esqlitex.NewPool\u003c/code\u003e when trying to open an in-memory database now gives correct advice (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/92\"\u003e#92\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.2.0\u003c/h2\u003e\n\u003cp\u003eVersion 1.2.0 adds a \u003ccode\u003esqlitex.Pool.Take\u003c/code\u003e method and improves error messages.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/zombiezen/go-sqlite/blob/main/CHANGELOG.md\"\u003ezombiezen.com/go/sqlite's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/releases/tag/v1.4.2\"\u003e1.4.2\u003c/a\u003e - 2025-05-23\u003c/h2\u003e\n\u003cp\u003eVersion 1.4.2 updates the \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version to 1.37.1.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.37.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/releases/tag/v1.4.1\"\u003e1.4.1\u003c/a\u003e - 2025-05-23\u003c/h2\u003e\n\u003cp\u003eVersion 1.4.1 updates the \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version to 1.36.1\nand includes a couple small improvements.\u003c/p\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.36.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e*Stmt.ColumnName\u003c/code\u003e no longer performs an allocation\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/118\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe doc comment for \u003ccode\u003eOpenFlags\u003c/code\u003e has been rewritten for clarity\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/114\"\u003e#114\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/releases/tag/v1.4.0\"\u003e1.4.0\u003c/a\u003e - 2024-09-23\u003c/h2\u003e\n\u003cp\u003eVersion 1.4 adds the \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e function\nand fixes several bugs.\u003c/p\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eNew function \u003ccode\u003esqlitex.ResultBytes\u003c/code\u003e.\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/pull/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eConn.Close\u003c/code\u003e returns an error if the connection has already been closed\n(\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/101\"\u003e#101\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eThe minimum \u003ccode\u003emodernc.org/sqlite\u003c/code\u003e version updated to 1.33.1.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003esqlite3_initialize\u003c/code\u003e is now called from any top-level function\nto prevent race conditions during initialization.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/e5fb83745cf1640f27b86f6560ca32f50b2442e9\"\u003e\u003ccode\u003ee5fb837\u003c/code\u003e\u003c/a\u003e Update to modernc.org/sqlite@v1.37.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/efbdce7140799460d0a982383214e78ca4df4046\"\u003e\u003ccode\u003eefbdce7\u003c/code\u003e\u003c/a\u003e Update release notes for 1.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/be4fd8a65bbd8a8035c1abd7ec0b1088e7bb3f58\"\u003e\u003ccode\u003ebe4fd8a\u003c/code\u003e\u003c/a\u003e Eliminate allocation in \u003ccode\u003e*Stmt.ColumnName\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/eeceddedbf9698a7de0a00bb54fa49e5e6133318\"\u003e\u003ccode\u003eeecedde\u003c/code\u003e\u003c/a\u003e Update Go version used in dev and CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/eabfdc8f554ab021b6da325d2a599bd97a307f04\"\u003e\u003ccode\u003eeabfdc8\u003c/code\u003e\u003c/a\u003e Upgrade to modernc.org/sqlite@v3.36.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/a3512a3f26ed07fb3ad7a0774fc05d30a2dd3e21\"\u003e\u003ccode\u003ea3512a3\u003c/code\u003e\u003c/a\u003e Adjust \u003ccode\u003eOpenFlags\u003c/code\u003e comment wording for clarity when rendered  (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/114\"\u003e#114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/ac68309514835610d4ec5c620278cbc5ff09003d\"\u003e\u003ccode\u003eac68309\u003c/code\u003e\u003c/a\u003e Update release notes for 1.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/c9384e71e0f1724e6374830815bdcb3408cb5e92\"\u003e\u003ccode\u003ec9384e7\u003c/code\u003e\u003c/a\u003e Update modernc.org/sqlite version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/34980cfe3bcbc742884924b245dc5dbd6a63b6aa\"\u003e\u003ccode\u003e34980cf\u003c/code\u003e\u003c/a\u003e Add explicit synchronization for sqlite3_initialize\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/zombiezen/go-sqlite/commit/c29a6572e877d3c21e7be6534f56782b75e81866\"\u003e\u003ccode\u003ec29a657\u003c/code\u003e\u003c/a\u003e Add sqlitex.ResultBytes function (\u003ca href=\"https://redirect.github.com/zombiezen/go-sqlite/issues/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com...\n\n_Description has been truncated_","html_url":"https://github.com/sargassum-world/godest/pull/85","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sargassum-world%2Fgodest/issues/85","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/85/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-10-20T18:12:20.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"3533428276","node_id":"PR_kwDOK-QMD86urzR_","number":356,"state":"open","title":"build(deps): bump the backend group across 1 directory with 24 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2025-10-20T18:12:20.000Z","updated_at":"2025-10-21T18:13:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"backend","update_count":24,"packages":[{"name":"github.com/Masterminds/semver/v3","old_version":"3.3.1","new_version":"3.4.0","repository_url":"https://github.com/Masterminds/semver"},{"name":"github.com/aquasecurity/trivy","old_version":"0.58.1","new_version":"0.67.2","repository_url":"https://github.com/aquasecurity/trivy"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/operator-framework/api","old_version":"0.29.0","new_version":"0.35.0","repository_url":"https://github.com/operator-framework/api"},{"name":"github.com/pquerna/otp","old_version":"1.4.0","new_version":"1.5.0","repository_url":"https://github.com/pquerna/otp"},{"name":"github.com/rs/zerolog","old_version":"1.33.0","new_version":"1.34.0","repository_url":"https://github.com/rs/zerolog"},{"name":"oras.land/oras-go","old_version":"1.2.6","new_version":"1.2.7","repository_url":"https://github.com/oras-project/oras-go"},{"name":"sigs.k8s.io/krew","old_version":"0.4.4","new_version":"0.4.5","repository_url":"https://github.com/kubernetes-sigs/krew"}],"path":null,"ecosystem":"go"},"body":"Bumps the backend group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.3.1` | `3.4.0` |\n| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.58.1` | `0.67.2` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n| [github.com/operator-framework/api](https://github.com/operator-framework/api) | `0.29.0` | `0.35.0` |\n| [github.com/pquerna/otp](https://github.com/pquerna/otp) | `1.4.0` | `1.5.0` |\n| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.33.0` | `1.34.0` |\n| [oras.land/oras-go](https://github.com/oras-project/oras-go) | `1.2.6` | `1.2.7` |\n| [sigs.k8s.io/krew](https://github.com/kubernetes-sigs/krew) | `0.4.4` | `0.4.5` |\n\n\nUpdates `github.com/Masterminds/semver/v3` from 3.3.1 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/releases\"\u003egithub.com/Masterminds/semver/v3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cp\u003eThere are a few changes in this release to highlight:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003ccode\u003eConstraints\u003c/code\u003e now has a property \u003ccode\u003eIncludePrerelease\u003c/code\u003e. When set to true the \u003ccode\u003eCheck\u003c/code\u003e and \u003ccode\u003eValidate\u003c/code\u003e methods will include prereleases.\u003c/li\u003e\n\u003cli\u003eWhen an AND group has one constraint with a prerelease but more than one constraint then prereleases will be included. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2\u003c/code\u003e. In the past this would not have included prereleases because each constraint needed to have a prerelease. Now, only one constraint needs to have a prerelease. This is considered a long standing bug fix. Note, this does not carry across OR groups. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2 || \u0026gt; 3\u003c/code\u003e. In this case, prereleases will not be included when evaluating against \u003ccode\u003e\u0026gt;3\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eNewVersion\u003c/code\u003e coercion with leading \u0026quot;0\u0026quot;'s is restored. This can be disabled by setting the package level property \u003ccode\u003eCoerceNewVersion\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix the CodeQL link by \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore detailed errors when failed to parse with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/262\"\u003eMasterminds/semver#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating go version tested with by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/263\"\u003eMasterminds/semver#263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore the ability to have leading 0's with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/266\"\u003eMasterminds/semver#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle pre-releases on all in an and group by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/267\"\u003eMasterminds/semver#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd property to include prereleases by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/268\"\u003eMasterminds/semver#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating the error message handling by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/269\"\u003eMasterminds/semver#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the release notes and readme for new version by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/270\"\u003eMasterminds/semver#270\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ehttps://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/blob/master/CHANGELOG.md\"\u003egithub.com/Masterminds/semver/v3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.0 (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e: Added property to Constraints to include prereleases for Check and Validate\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/263\"\u003e#263\u003c/a\u003e: Updated Go testing for 1.24, 1.23, and 1.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e: Updated the error message handling for message case and wrapping errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e: Restore the ability to have leading 0's when parsing with NewVersion.\nOpt-out of this by setting CoerceNewVersion to false.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/257\"\u003e#257\u003c/a\u003e: Fixed the CodeQL link (thanks \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/262\"\u003e#262\u003c/a\u003e: Restored detailed errors when failed to parse with NewVersion. Opt-out\nof this by setting DetailedNewVersionErrors to false for faster performance.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e: Handle pre-releases for an \u0026quot;and\u0026quot; group if one constraint includes them\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/61fc460d28283a91c53be65c2e0f20b494ac8ad9\"\u003e\u003ccode\u003e61fc460\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/270\"\u003e#270\u003c/a\u003e from mattfarina/relnotes-3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/69a63e729f6254d980ff39c4ac89b5990f2be449\"\u003e\u003ccode\u003e69a63e7\u003c/code\u003e\u003c/a\u003e Update the release notes and readme for new version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/dc05094bcba909be3d0c14364bb14b5e9142dad4\"\u003e\u003ccode\u003edc05094\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e from mattfarina/lowercase-error-strings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/a2cd9c2c2e49a0a0af115a08be31d410eacdf9e4\"\u003e\u003ccode\u003ea2cd9c2\u003c/code\u003e\u003c/a\u003e Updating the error message handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/9760c473b7cc395e48276f7f2d0c33ae824e123a\"\u003e\u003ccode\u003e9760c47\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e from mattfarina/include-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/c3747513c320448dfaf6f75c6a06a14a6221896f\"\u003e\u003ccode\u003ec374751\u003c/code\u003e\u003c/a\u003e Add property to include prereleases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/057c901b9979a2a6b8e06adfbf96349a641ba2e1\"\u003e\u003ccode\u003e057c901\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e from mattfarina/fix-259\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/abab1c2f5fcf52a1483bfc4be892a0ad42afd09a\"\u003e\u003ccode\u003eabab1c2\u003c/code\u003e\u003c/a\u003e Handle pre-releases on all in an and group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/ebda872fa10e6cc730c5973bbdb512b9511eb65e\"\u003e\u003ccode\u003eebda872\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e from mattfarina/restore-calver\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/4ed619ef3b4f63d7c94b2e19725c2719054de3bd\"\u003e\u003ccode\u003e4ed619e\u003c/code\u003e\u003c/a\u003e Restore the ability to have leading 0's with NewVersion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aquasecurity/trivy` from 0.58.1 to 0.67.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/releases\"\u003egithub.com/aquasecurity/trivy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.67.2\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e60c57ad5ad7f270cecb51dff2dbf4d680114f6f8 release: v0.67.2 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9639\"\u003e#9639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef3ee80c8e0a92a7d61f2fee21bfb9a44d95067da fix: Use \u003ccode\u003efetch-level: 1\u003c/code\u003e to check out trivy-repo in the release workflow [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9638\"\u003e#9638\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.67.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ecbed239f3990f5d366c4604a0f57f7785e7e9ec5 release: v0.67.1 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9614\"\u003e#9614\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e1a840935bbd93b26bdbe3994d68487ca134fc407 fix: restore compatibility for google.protobuf.Value [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9631\"\u003e#9631\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e3bc1490c8ca941989e219b9fccacff0f72df950c fix: using SrcVersion instead of Version for echo detector [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9629\"\u003e#9629\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e542eee7c387de4ef885ee7364b0264c0fd614587 fix: add \u003ccode\u003ebuildInfo\u003c/code\u003e for \u003ccode\u003eBlobInfo\u003c/code\u003e in \u003ccode\u003erpc\u003c/code\u003e package [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9615\"\u003e#9615\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ef65dd053096795e7beb88c92340430ee8d89c3e8 fix(vex): don't use reused BOM [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9612\"\u003e#9612\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.67.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9550\"\u003e👉 Trivy v0.67.0 release notes (click here)\u003c/a\u003e\u003c/h2\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.67.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.67.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐳 New Docker Install option\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edocker pull get.trivy.dev/image/trivy:0.67.0\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0670-2025-09-30\"\u003ehttps://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0670-2025-09-30\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.66.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9424\"\u003e👉 Trivy v.66.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.66.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.66.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0660-2025-09-02\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.65.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9287\"\u003e👉 Trivy v.65.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/blob/v0.67.2/CHANGELOG.md\"\u003egithub.com/aquasecurity/trivy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.67.1...v0.67.2\"\u003e0.67.2\u003c/a\u003e (2025-10-10)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUse \u003ccode\u003efetch-level: 1\u003c/code\u003e to check out trivy-repo in the release workflow [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9638\"\u003e#9638\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f3ee80c8e0a92a7d61f2fee21bfb9a44d95067da\"\u003ef3ee80c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.67.0...v0.67.1\"\u003e0.67.1\u003c/a\u003e (2025-10-09)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003ebuildInfo\u003c/code\u003e for \u003ccode\u003eBlobInfo\u003c/code\u003e in \u003ccode\u003erpc\u003c/code\u003e package [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9615\"\u003e#9615\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/542eee7c387de4ef885ee7364b0264c0fd614587\"\u003e542eee7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003erestore compatibility for google.protobuf.Value [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9631\"\u003e#9631\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1a840935bbd93b26bdbe3994d68487ca134fc407\"\u003e1a84093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eusing SrcVersion instead of Version for echo detector [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9629\"\u003e#9629\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/3bc1490c8ca941989e219b9fccacff0f72df950c\"\u003e3bc1490\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evex:\u003c/strong\u003e don't use reused BOM [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9612\"\u003e#9612\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f65dd053096795e7beb88c92340430ee8d89c3e8\"\u003ef65dd05\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.66.0...v0.67.0\"\u003e0.67.0\u003c/a\u003e (2025-09-30)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd documentation URL for database lock errors (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9531\"\u003e#9531\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/eba48afd583391cef346e45a176aa5a6d77b704f\"\u003eeba48af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e change --list-all-pkgs default to true (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9510\"\u003e#9510\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/7b663d86ca65ee3eb332c857b77bfa18e6da56c4\"\u003e7b663d8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecloudformation:\u003c/strong\u003e support default values and list results in Fn::FindInMap (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9515\"\u003e#9515\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/42b3bf37bb7d39139911843297c8b8ab3551c31a\"\u003e42b3bf3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecyclonedx:\u003c/strong\u003e preserve SBOM structure when scanning SBOM files with vulnerability updates (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9439\"\u003e#9439\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/aff03ebab2e7874dd997e20b4ec9962a41eae7bb\"\u003eaff03eb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eredhat:\u003c/strong\u003e add os-release detection for RHEL-based images (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9458\"\u003e#9458\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/cb25a074501c5cf48050fdf6a0ae7c85c4f385ea\"\u003ecb25a07\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e added support for CoreOS (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9448\"\u003e#9448\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/6d562a3b48926b6efd508e067e1059564173b270\"\u003e6d562a3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eseal:\u003c/strong\u003e add seal support (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9370\"\u003e#9370\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/e4af279b29ed5b77ed1d62e31b232b1f9b92ef4f\"\u003ee4af279\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eaws:\u003c/strong\u003e use \u003ccode\u003eBuildableClient\u003c/code\u003e insead of \u003ccode\u003exhttp.Client\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9436\"\u003e#9436\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/fa6f1bfecfb68c29ad4684a6fb5d86948c7d6887\"\u003efa6f1bf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclose file descriptors and pipes on error paths (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9536\"\u003e#9536\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/a4cbd6a1380b7b4dc650a312ec4e5bc47501f674\"\u003ea4cbd6a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edb:\u003c/strong\u003e Dowload database when missing but metadata still exists (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9393\"\u003e#9393\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/92ebc7e4d72424c17d93c54e5f24891710c85a60\"\u003e92ebc7e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ek8s:\u003c/strong\u003e disable parallel traversal with fs cache for k8s images (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9534\"\u003e#9534\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/c0c7a6bf1b92c868ed44172b3cd15c51667b8a6e\"\u003ec0c7a6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e handle tofu files in module detection (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9486\"\u003e#9486\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/bfd2f6ba697c223d60a7378283293d8e1fc8a8fe\"\u003ebfd2f6b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e strip build metadata suffixes from image history (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9498\"\u003e#9498\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/c9388069a4325a9f8bc53bc8a82ff46d84d06847\"\u003ec938806\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e unmark cty values before access (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9495\"\u003e#9495\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/8e40d27a43ecb96795a8a7d4a2444241fc7fce9a\"\u003e8e40d27\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e wrap legacy ENV values in quotes to preserve spaces (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9497\"\u003e#9497\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/267a9700fa233abe1a04eada8f3ea513f3ebacb3\"\u003e267a970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enodejs:\u003c/strong\u003e parse workspaces as objects for package-lock.json files (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9518\"\u003e#9518\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/404abb3d91cb3b1c1ee027169de5a40e32ba8b8a\"\u003e404abb3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enodejs:\u003c/strong\u003e use snapshot string as \u003ccode\u003ePackage.ID\u003c/code\u003e for pnpm packages (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9330\"\u003e#9330\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/4517e8c0ef5e942b8e2e498729257374634ffbf8\"\u003e4517e8c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evex:\u003c/strong\u003e don't  suppress vulns for packages with infinity loop (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9465\"\u003e#9465\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/78f0d4ae0378f81940a5faa6497e6905cb5d034a\"\u003e78f0d4a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003evuln:\u003c/strong\u003e compare \u003ccode\u003enuget\u003c/code\u003e package names in lower case (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9456\"\u003e#9456\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1ff9ac79488e0d4deab4226f1a969676a9851cdb\"\u003e1ff9ac7\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.65.0...v0.66.0\"\u003e0.66.0\u003c/a\u003e (2025-09-02)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/60c57ad5ad7f270cecb51dff2dbf4d680114f6f8\"\u003e\u003ccode\u003e60c57ad\u003c/code\u003e\u003c/a\u003e release: v0.67.2 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9639\"\u003e#9639\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f3ee80c8e0a92a7d61f2fee21bfb9a44d95067da\"\u003e\u003ccode\u003ef3ee80c\u003c/code\u003e\u003c/a\u003e fix: Use \u003ccode\u003efetch-level: 1\u003c/code\u003e to check out trivy-repo in the release workflow [ba...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/cbed239f3990f5d366c4604a0f57f7785e7e9ec5\"\u003e\u003ccode\u003ecbed239\u003c/code\u003e\u003c/a\u003e release: v0.67.1 [release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9614\"\u003e#9614\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1a840935bbd93b26bdbe3994d68487ca134fc407\"\u003e\u003ccode\u003e1a84093\u003c/code\u003e\u003c/a\u003e fix: restore compatibility for google.protobuf.Value [backport: release/v0.67...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/3bc1490c8ca941989e219b9fccacff0f72df950c\"\u003e\u003ccode\u003e3bc1490\u003c/code\u003e\u003c/a\u003e fix: using SrcVersion instead of Version for echo detector [backport: release...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/542eee7c387de4ef885ee7364b0264c0fd614587\"\u003e\u003ccode\u003e542eee7\u003c/code\u003e\u003c/a\u003e fix: add \u003ccode\u003ebuildInfo\u003c/code\u003e for \u003ccode\u003eBlobInfo\u003c/code\u003e in \u003ccode\u003erpc\u003c/code\u003e package [backport: release/v0.67...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f65dd053096795e7beb88c92340430ee8d89c3e8\"\u003e\u003ccode\u003ef65dd05\u003c/code\u003e\u003c/a\u003e fix(vex): don't use reused BOM [backport: release/v0.67] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9612\"\u003e#9612\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/adeb362424506fbd6b9a6213297c1a211f94755e\"\u003e\u003ccode\u003eadeb362\u003c/code\u003e\u003c/a\u003e release: v0.67.0 [main] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9432\"\u003e#9432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/78f0d4ae0378f81940a5faa6497e6905cb5d034a\"\u003e\u003ccode\u003e78f0d4a\u003c/code\u003e\u003c/a\u003e fix(vex): don't  suppress vulns for packages with infinity loop (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9465\"\u003e#9465\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/fa6f1bfecfb68c29ad4684a6fb5d86948c7d6887\"\u003e\u003ccode\u003efa6f1bf\u003c/code\u003e\u003c/a\u003e fix(aws): use \u003ccode\u003eBuildableClient\u003c/code\u003e insead of \u003ccode\u003exhttp.Client\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9436\"\u003e#9436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.58.1...v0.67.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/coreos/go-oidc` from 2.2.1+incompatible to 2.3.0+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/coreos/go-oidc/releases\"\u003egithub.com/coreos/go-oidc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport signed jwt userinfo response by \u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e*: s/Json/JSON/g to appease lint by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/255\"\u003ecoreos/go-oidc#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euserinfo - handling charset in Content-Type header by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/261\"\u003ecoreos/go-oidc#261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange Go Version Used in .travis.yml to v1.14 by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIDTokenVerifier: fix typo word in Verify function's comment by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/266\"\u003ecoreos/go-oidc#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ealso run travis tests under 1.15 by \u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esupport AWS Cognito, which is not completely OIDC compliant  by \u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded power support by \u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix up v2 CI by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/448\"\u003ecoreos/go-oidc#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to maintained go-jose library by \u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ehttps://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/b7e896c40598f5307b3b5a163b6ad02ae97ec1a5\"\u003e\u003ccode\u003eb7e896c\u003c/code\u003e\u003c/a\u003e Switch to maintained gopkg.in/go-jose/go-jose.v2 library\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a57141768115b09a2f823a17726d25c998a7fc9d\"\u003e\u003ccode\u003ea571417\u003c/code\u003e\u003c/a\u003e fix up v2 CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/e05c4c73b4b5f159727021bf2921c214f61b2688\"\u003e\u003ccode\u003ee05c4c7\u003c/code\u003e\u003c/a\u003e Added power support (\u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/0a5cd3377ca67c9a7b81961f8fb286bf59891370\"\u003e\u003ccode\u003e0a5cd33\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/257\"\u003e#257\u003c/a\u003e from OurRootsOrg/v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/8e61fd8dcfb5e3af82a8a808b7d85f1044548d29\"\u003e\u003ccode\u003e8e61fd8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/275\"\u003e#275\u003c/a\u003e from mikedanese/bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a4badd1273bf233eccb3fe596b27ba8054fa9bb4\"\u003e\u003ccode\u003ea4badd1\u003c/code\u003e\u003c/a\u003e also run travis tests under 1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/50700f92176680a141cb7ccb894de3b09a30b709\"\u003e\u003ccode\u003e50700f9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/266\"\u003e#266\u003c/a\u003e from dickynovanto1103/fix-typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/86d950ac3f3c4a8ef9ca3197a5a0187c5b2e60d7\"\u003e\u003ccode\u003e86d950a\u003c/code\u003e\u003c/a\u003e IDTokenVerifier: fix typo word: \u003ccode\u003epreforms\u003c/code\u003e to \u003ccode\u003eperforms\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/638d1d6486cae85e18718a1c2a71259ae05f4855\"\u003e\u003ccode\u003e638d1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/268\"\u003e#268\u003c/a\u003e from dickynovanto1103/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/2b28d0cc38907454ddd8644363eb1e893ac07b69\"\u003e\u003ccode\u003e2b28d0c\u003c/code\u003e\u003c/a\u003e add support for AWS Cognito, which returns email_verified as a string instead...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-chi/chi/v5` from 5.2.0 to 5.2.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-chi/chi/releases\"\u003egithub.com/go-chi/chi/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd pathvalue example to README and implement PathValue handler. by \u003ca href=\"https://github.com/catatsuy\"\u003e\u003ccode\u003e@​catatsuy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/985\"\u003ego-chi/chi#985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow multiple whitespace between method \u0026amp; pattern by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1013\"\u003ego-chi/chi#1013\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid potential nil dereference by \u003ca href=\"https://github.com/ProjectMutilation\"\u003e\u003ccode\u003e@​ProjectMutilation\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1008\"\u003ego-chi/chi#1008\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat(mux): support http.Request.Pattern in Go 1.23 by \u003ca href=\"https://github.com/Gusted\"\u003e\u003ccode\u003e@​Gusted\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/986\"\u003ego-chi/chi#986\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix/608 - Fix flaky Throttle middleware test by synchronizing token usage by \u003ca href=\"https://github.com/OtavioBernardes\"\u003e\u003ccode\u003e@​OtavioBernardes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1016\"\u003ego-chi/chi#1016\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOptimize throttle middleware by avoiding unnecessary timer creation by \u003ca href=\"https://github.com/vasayxtx\"\u003e\u003ccode\u003e@​vasayxtx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1011\"\u003ego-chi/chi#1011\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSimplify wildcard replacement in route patterns by \u003ca href=\"https://github.com/srpvpn\"\u003e\u003ccode\u003e@​srpvpn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1012\"\u003ego-chi/chi#1012\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace methodTypString func with reverseMethodMap by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1018\"\u003ego-chi/chi#1018\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ProjectMutilation\"\u003e\u003ccode\u003e@​ProjectMutilation\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1008\"\u003ego-chi/chi#1008\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Gusted\"\u003e\u003ccode\u003e@​Gusted\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/986\"\u003ego-chi/chi#986\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/OtavioBernardes\"\u003e\u003ccode\u003e@​OtavioBernardes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1016\"\u003ego-chi/chi#1016\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/srpvpn\"\u003e\u003ccode\u003e@​srpvpn\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1012\"\u003ego-chi/chi#1012\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.2...v5.2.3\"\u003ehttps://github.com/go-chi/chi/compare/v5.2.2...v5.2.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse strings.Cut in a few places by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/971\"\u003ego-chi/chi#971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix non-constant format strings in t.Fatalf by \u003ca href=\"https://github.com/JRaspass\"\u003e\u003ccode\u003e@​JRaspass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/972\"\u003ego-chi/chi#972\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApply fieldalignment fixes to optimize struct memory layout by \u003ca href=\"https://github.com/pixel365\"\u003e\u003ccode\u003e@​pixel365\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/974\"\u003ego-chi/chi#974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ego 1.24 by \u003ca href=\"https://github.com/pkieltyka\"\u003e\u003ccode\u003e@​pkieltyka\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/977\"\u003ego-chi/chi#977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: delint ioutil usage by \u003ca href=\"https://github.com/costela\"\u003e\u003ccode\u003e@​costela\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/962\"\u003ego-chi/chi#962\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed typo in Router interface definition by \u003ca href=\"https://github.com/mithileshgupta12\"\u003e\u003ccode\u003e@​mithileshgupta12\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/958\"\u003ego-chi/chi#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for TinyGo by \u003ca href=\"https://github.com/efraimbart\"\u003e\u003ccode\u003e@​efraimbart\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/978\"\u003ego-chi/chi#978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExclude middleware/profiler.go in TinyGo, as there's no net/http/pprof pkg by \u003ca href=\"https://github.com/cxjava\"\u003e\u003ccode\u003e@​cxjava\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/982\"\u003ego-chi/chi#982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake use of strings.Cut by \u003ca href=\"https://github.com/scop\"\u003e\u003ccode\u003e@​scop\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1005\"\u003ego-chi/chi#1005\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange install command format to code block by \u003ca href=\"https://github.com/sglkc\"\u003e\u003ccode\u003e@​sglkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1001\"\u003ego-chi/chi#1001\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect documentation by \u003ca href=\"https://github.com/mrdomino\"\u003e\u003ccode\u003e@​mrdomino\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/992\"\u003ego-chi/chi#992\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity fix\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes \u003ca href=\"https://github.com/go-chi/chi/security/advisories/GHSA-vrw8-fxc6-2r93\"\u003eGHSA-vrw8-fxc6-2r93\u003c/a\u003e - \u0026quot;Host Header Injection Leads to Open Redirect in RedirectSlashes\u0026quot; \u003ca href=\"https://github.com/go-chi/chi/commit/1be7ad938cc9c5b39a9dea01a5c518848928ab65\"\u003ecommit\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003ea lower-severity Open Redirect that can't be exploited in browser or email client, as it requires manipulation of a Host header\u003c/li\u003e\n\u003cli\u003ereported by Anuraag Baishya, \u003ca href=\"https://github.com/anuraagbaishya\"\u003e\u003ccode\u003e@​anuraagbaishya\u003c/code\u003e\u003c/a\u003e. Thank you!\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pixel365\"\u003e\u003ccode\u003e@​pixel365\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/974\"\u003ego-chi/chi#974\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mithileshgupta12\"\u003e\u003ccode\u003e@​mithileshgupta12\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/958\"\u003ego-chi/chi#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/efraimbart\"\u003e\u003ccode\u003e@​efraimbart\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/978\"\u003ego-chi/chi#978\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cxjava\"\u003e\u003ccode\u003e@​cxjava\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/982\"\u003ego-chi/chi#982\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sglkc\"\u003e\u003ccode\u003e@​sglkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/1001\"\u003ego-chi/chi#1001\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mrdomino\"\u003e\u003ccode\u003e@​mrdomino\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/992\"\u003ego-chi/chi#992\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.1...v5.2.2\"\u003ehttps://github.com/go-chi/chi/compare/v5.2.1...v5.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e⚠️  Chi supports Go 1.20+\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/9b9fb55def404397748a9fc7e044efe9db1d618e\"\u003e\u003ccode\u003e9b9fb55\u003c/code\u003e\u003c/a\u003e Replace methodTypString func with reverseMethodMap (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1018\"\u003e#1018\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/0265fcd786c95e79fe50423a35fa2770ef36683a\"\u003e\u003ccode\u003e0265fcd\u003c/code\u003e\u003c/a\u003e refactor: iterative wildcard collapsing and add test for consecutive wildcard...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/cf537d4016bf258bd9bdbe0dccbfdeeac364423f\"\u003e\u003ccode\u003ecf537d4\u003c/code\u003e\u003c/a\u003e Optimize throttle middleware by avoiding unnecessary timer creation (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1011\"\u003e#1011\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/9040e95a07b47df59d96f3cb0e4bac107a931d46\"\u003e\u003ccode\u003e9040e95\u003c/code\u003e\u003c/a\u003e fix/608 - Fix flaky Throttle middleware test by synchronizing token usage (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1\"\u003e#1\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/d12cc49622f31a01c6cceea7cdb62f647660102c\"\u003e\u003ccode\u003ed12cc49\u003c/code\u003e\u003c/a\u003e feat(mux): support http.Request.Pattern in Go 1.23 (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/986\"\u003e#986\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/1c2d011f59c4b2fc2127f308f2b4171db2567f19\"\u003e\u003ccode\u003e1c2d011\u003c/code\u003e\u003c/a\u003e Avoid potential nil dereference (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1008\"\u003e#1008\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/78591377377c708fc96f26e51320cf378930b9d2\"\u003e\u003ccode\u003e7859137\u003c/code\u003e\u003c/a\u003e Allow multiple whitespace between method \u0026amp; pattern (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1013\"\u003e#1013\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/80d8da2a18da3e307518f6fc3abaac2aa15b4d30\"\u003e\u003ccode\u003e80d8da2\u003c/code\u003e\u003c/a\u003e Add pathvalue example to README and implement PathValue handler. (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/985\"\u003e#985\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/23c395f8524a30334126ca16fb4d37b88745b9b9\"\u003e\u003ccode\u003e23c395f\u003c/code\u003e\u003c/a\u003e Correct documentation (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/992\"\u003e#992\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/5516d147c14a2b03824be7076fc6200bed906901\"\u003e\u003ccode\u003e5516d14\u003c/code\u003e\u003c/a\u003e docs: change install code to code block (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/1001\"\u003e#1001\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.0...v5.2.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-git/go-git/v5` from 5.13.1 to 5.16.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-git/go-git/releases\"\u003egithub.com/go-git/go-git/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1567\"\u003ego-git/go-git#1567\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: merkletrie, Fix diff on sparse-checkout index. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1406\"\u003e#1406\u003c/a\u003e to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v5] plumbing: support mTLS for HTTPS protocol by \u003ca href=\"https://github.com/hiddeco\"\u003e\u003ccode\u003e@​hiddeco\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1510\"\u003ego-git/go-git#1510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1515\"\u003ego-git/go-git#1515\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: add cert auth support to \u003ccode\u003ereleases/v5.x\u003c/code\u003e by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1482\"\u003ego-git/go-git#1482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: Bump dependencies by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1505\"\u003ego-git/go-git#1505\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev5: Bump Go and dependencies to mitigate \u003ca href=\"https://pkg.go.dev/vuln/GO-2025-3487\"\u003eGO-2025-3487\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1436\"\u003ego-git/go-git#1436\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e:warning: Note that this version requires Go 1.23, due to the bump to \u003ccode\u003egolang.org/x/crypto@v0.35.0\u003c/code\u003e which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.13.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: use the correct user agent string. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/883\"\u003e#883\u003c/a\u003e by \u003ca href=\"https://github.com/uragirii\"\u003e\u003ccode\u003e@​uragirii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1364\"\u003ego-git/go-git#1364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1365\"\u003ego-git/go-git#1365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump the golang-org group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1367\"\u003ego-git/go-git#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1368\"\u003ego-git/go-git#1368\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1378\"\u003ego-git/go-git#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github/codeql-action from 3.28.0 to 3.28.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1376\"\u003ego-git/go-git#1376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1377\"\u003ego-git/go-git#1377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree, fix restoring dot slash files (backported to v5). Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1176\"\u003e#1176\u003c/a\u003e by \u003ca href=\"https://github.com/BeChris\"\u003e\u003ccode\u003e@​BeChris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1361\"\u003ego-git/go-git#1361\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/ed8216c4a2c3fdb7e4e31ce242bf7847356623c9\"\u003e\u003ccode\u003eed8216c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1567\"\u003e#1567\u003c/a\u003e from kane8n/backport-to-v5-patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/4f35ebab20f1034df1df943044903e7044e6cdf4\"\u003e\u003ccode\u003e4f35eba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1484\"\u003e#1484\u003c/a\u003e from patricsss/patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/fd1a83688236df0299d5cd677f04dccad073500c\"\u003e\u003ccode\u003efd1a836\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1561\"\u003e#1561\u003c/a\u003e from kane8n/backport-to-v5-fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/c3c841090facce33faa2c80ca475ee673442b4a5\"\u003e\u003ccode\u003ec3c8410\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1492\"\u003e#1492\u003c/a\u003e from onee-only/fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/6d4a5c61232251b48ae4238d39830ccc894ef4d8\"\u003e\u003ccode\u003e6d4a5c6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1515\"\u003e#1515\u003c/a\u003e from pjbgf/regre\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/beedd6bc1892182daa36dd45013ff28857320f58\"\u003e\u003ccode\u003ebeedd6b\u003c/code\u003e\u003c/a\u003e plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/763ce2e08aa1398c7e9e153ae3346891c80dc467\"\u003e\u003ccode\u003e763ce2e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1510\"\u003e#1510\u003c/a\u003e from hiddeco/mtls-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/5320e1b6b4578aa7272de1fa535051b9b86fbbfb\"\u003e\u003ccode\u003e5320e1b\u003c/code\u003e\u003c/a\u003e plumbing: surface transport configuration errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/9bbc93b719b15a5e0955ed9c2f6aa008f13f7e86\"\u003e\u003ccode\u003e9bbc93b\u003c/code\u003e\u003c/a\u003e plumbing: fix unintended pointer mutation in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/f3783f4abf49642326f67683f22d468db87a8822\"\u003e\u003ccode\u003ef3783f4\u003c/code\u003e\u003c/a\u003e plumbing: support mTLS for HTTPS protocol\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.1...v5.16.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/google/go-containerregistry` from 0.20.2 to 0.20.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/go-containerregistry/releases\"\u003egithub.com/google/go-containerregistry's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.20.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure that tag name is not empty if name contains colon by \u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump some deps by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2110\"\u003egoogle/go-containerregistry#2110\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.4 - Not usable as a go module\u003c/h2\u003e\n\u003cp\u003e🚨 This release was published to the Go module proxy and then re-tagged with a different commit. This means it's not usable as a Go module (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2107\"\u003egoogle/go-containerregistry#2107\u003c/a\u003e) -- please us v0.20.5 instead.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eremote/transport: Make bearer transport go-routine-safe by \u003ca href=\"https://github.com/2opremio\"\u003e\u003ccode\u003e@​2opremio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/1806\"\u003egoogle/go-containerregistry#1806\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose compare package by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2001\"\u003egoogle/go-containerregistry#2001\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/59a4b85930392a30c39462519adc8a2026d47181\"\u003e\u003ccode\u003e59a4b85\u003c/code\u003e\u003c/a\u003e Bump some deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2110\"\u003e#2110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/5b1039536cfa10ed0d467dd13f279665bfd48ad9\"\u003e\u003ccode\u003e5b10395\u003c/code\u003e\u003c/a\u003e Ensure that tag name is not empty if name contains colon (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2094\"\u003e#2094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/4eb8c4d84ef07af279d5dcc0b210d9eaa7bc79e3\"\u003e\u003ccode\u003e4eb8c4d\u003c/code\u003e\u003c/a\u003e Update validator action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2106\"\u003e#2106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/78d4a6e980c634a90ecd5729a0a5c8235923724e\"\u003e\u003ccode\u003e78d4a6e\u003c/code\u003e\u003c/a\u003e Update provenance action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2105\"\u003e#2105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/33840ffc70721fcc49e2f2a54c4b9fa5cf358edf\"\u003e\u003ccode\u003e33840ff\u003c/code\u003e\u003c/a\u003e Update goreleaser permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2104\"\u003e#2104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/8d47c3776e7873544e5f0ac3fe8787f27b95d63e\"\u003e\u003ccode\u003e8d47c37\u003c/code\u003e\u003c/a\u003e Update CodeQL permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2103\"\u003e#2103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/a61de150b11db9e2005bdc0ae5958aadbd5931c1\"\u003e\u003ccode\u003ea61de15\u003c/code\u003e\u003c/a\u003e implement TextMarshaler/JSONMarshaler more consistently (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2097\"\u003e#2097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/1d5b256a397177b0df69c259893bd93e6fc38bbe\"\u003e\u003ccode\u003e1d5b256\u003c/code\u003e\u003c/a\u003e bump go version + bump deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2093\"\u003e#2093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/ccaa0d6a53fde4b8b205ef3f0c3474c65079b740\"\u003e\u003ccode\u003eccaa0d6\u003c/code\u003e\u003c/a\u003e Migrate linter to v2 (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/098045d5e61ff426a61a0eecc19ad0c433cd35a9\"\u003e\u003ccode\u003e098045d\u003c/code\u003e\u003c/a\u003e build(deps): bump docker/docker to v28.0.0+incompatible (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.2...v0.20.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/open-policy-agent/opa` from 0.70.0 to 1.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/releases\"\u003egithub.com/open-policy-agent/opa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for EdDSA signatures in \u003ccode\u003eio.jwt\u003c/code\u003e built-ins, including a new \u003ccode\u003eio.jwt.verify_eddsa\u003c/code\u003e built-in.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEdDSA Support in built-ins (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7824\"\u003e#7824\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eSupport for the EdDSA signing algorithm has been added to built-in functions in the \u003ccode\u003eio.jwt\u003c/code\u003e namespace.\u003c/p\u003e\n\u003cp\u003eThis introduces the new \u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtverify_eddsa\"\u003eio.jwt.verify_eddsa\u003c/a\u003e built-in function, and adds EdDSA support for the following built-ins:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtdecode_verify\"\u003eio.jwt.decode_verify\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign\"\u003eio.jwt.encode_sign\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign_raw\"\u003eio.jwt.encode_sign_raw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis feature benefited greatly from the groundwork laid by \u003ca href=\"https://github.com/lestrrat\"\u003e\u003ccode\u003e@​lestrrat\u003c/code\u003e\u003c/a\u003e in (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7638\"\u003e#7638\u003c/a\u003e). 👏 🎉 🥳\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/johanfylling\"\u003e\u003ccode\u003e@​johanfylling\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/aromeyer\"\u003e\u003ccode\u003e@​aromeyer\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eRuntime\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ecmd: Add back default \u003ccode\u003ecmd.RootCommand\u003c/code\u003e definition. (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7811\"\u003e#7811\u003c/a\u003e) authored by \u003ca href=\"https://github.com/philipaconrad\"\u003e\u003ccode\u003e@​philipaconrad\u003c/code\u003e\u003c/a\u003e\u003cbr /\u003e\nFixing a breaking change to the go API introduced in OPA v1.7.0.\u003c/li\u003e\n\u003cli\u003ecmd: Fix \u003ccode\u003eopa exec\u003c/code\u003e parameters (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7850\"\u003e#7850\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7840\"\u003e#7840\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e\u003cbr /\u003e\nFixing regressions introduced in OPA v1.7.0, where the \u003ccode\u003e--fail-non-empty\u003c/code\u003e and \u003ccode\u003e--stdin-input\u003c/code\u003e flags were dropped.\u003c/li\u003e\n\u003cli\u003econfig: accept env vars set to \u003ccode\u003e\u0026quot;\u0026quot;\u003c/code\u003e, discern from unset (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7831\"\u003e#7831\u003c/a\u003e) authored by \u003ca href=\"https://github.com/srenatus\"\u003e\u003ccode\u003e@​srenatus\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/ManuelNowackConfinale\"\u003e\u003ccode\u003e@​ManuelNowackConfinale\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehandlers: Add thread-safe initialization for gzipPool (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7828\"\u003e#7828\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplugins: Address race in config access (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7825\"\u003e#7825\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplugin/bundle: Correct bundle delay behavior (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7812\"\u003e#7812\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eruntime: Update server init check (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7818\"\u003e#7818\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eTopdown\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eperf: Performance greatly improved for \u003ccode\u003eObject.Insert\u003c/code\u003e on existing key (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7820\"\u003e#7820\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etopdown,bundle,plugins: Upgrade interned jwx (0.9.x) with \u003ccode\u003egithub.com/lestrrat-go/jwx/v3\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7638\"\u003e#7638\u003c/a\u003e) authored by \u003ca href=\"https://github.com/lestrrat\"\u003e\u003ccode\u003e@​lestrrat\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocs, Website\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate website to build from tip of main (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7848\"\u003e#7848\u003c/a\u003e) authored by \u003ca href=\"https://github.com/tsandall\"\u003e\u003ccode\u003e@​tsandall\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003east/builtins: Remove space from \u003ccode\u003ecount\u003c/code\u003e description (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7836\"\u003e#7836\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add link to logic-or/and on docs index (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7826\"\u003e#7826\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add note on using LLM in PR discussions (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7859\"\u003e#7859\u003c/a\u003e) authored by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Fix broken anchor links in annotations (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7827\"\u003e#7827\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Use set in the Python code example for consistence (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7860\"\u003e#7860\u003c/a\u003e) authored by \u003ca href=\"https://github.com/durnik-ivo\"\u003e\u003ccode\u003e@​durnik-ivo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Update frontpage (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7847\"\u003e#7847\u003c/a\u003e) authored by \u003ca href=\"https://github.com/tsandall\"\u003e\u003ccode\u003e@​tsandall\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs/rest-api: Add notes about policy IDs (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7837\"\u003e#7837\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ewebsite: Use latest release rather than edge (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7781\"\u003e#7781\u003c/a\u003e) authored by \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md\"\u003egithub.com/open-policy-agent/opa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for EdDSA signatures in \u003ccode\u003eio.jwt\u003c/code\u003e built-ins, including a new \u003ccode\u003eio.jwt.verify_eddsa\u003c/code\u003e built-in.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eEdDSA Support in built-ins (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7824\"\u003e#7824\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eSupport for the EdDSA signing algorithm has been added to built-in functions in the \u003ccode\u003eio.jwt\u003c/code\u003e namespace.\u003c/p\u003e\n\u003cp\u003eThis introduces the new \u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtverify_eddsa\"\u003eio.jwt.verify_eddsa\u003c/a\u003e built-in function, and adds EdDSA support for the following built-ins:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokens#builtin-tokens-iojwtdecode_verify\"\u003eio.jwt.decode_verify\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign\"\u003eio.jwt.encode_sign\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference/builtins/tokensign#builtin-tokensign-iojwtencode_sign_raw\"\u003eio.jwt.encode_sign_raw\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis feature benefited greatly from the...\n\n_Description has been truncated_","html_url":"https://github.com/Rose2161/hub/pull/356","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Rose2161%2Fhub/issues/356","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/356/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-09-26T17:50:24.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"3458572532","node_id":"PR_kwDOP3jXBs6qxNrV","number":14,"state":"open","title":"chore(deps): bump github.com/gorilla/csrf from 1.7.2 to 1.7.3","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-09-26T17:50:24.000Z","updated_at":"2025-09-26T17:50:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.2 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.2\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/blitzy-showcase/flipt/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/blitzy-showcase%2Fflipt/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-28T19:43:24.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"2782801463","node_id":"PR_kwDOH6ucbM6l3i43","number":296,"state":"open","title":"Bump the go_modules group with 5 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-28T19:43:24.000Z","updated_at":"2025-08-28T19:43:24.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":5,"packages":[{"name":"filippo.io/age","old_version":"1.1.1","new_version":"1.2.1","repository_url":"https://github.com/FiloSottile/age"},{"name":"github.com/ulikunitz/xz","old_version":"0.5.12","new_version":"0.5.14","repository_url":"https://github.com/ulikunitz/xz"},{"name":"golang.org/x/crypto","old_version":"0.32.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.33.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 5 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [filippo.io/age](https://github.com/FiloSottile/age) | `1.1.1` | `1.2.1` |\n| [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) | `0.5.12` | `0.5.14` |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.32.0` | `0.35.0` |\n| [golang.org/x/net](https://github.com/golang/net) | `0.33.0` | `0.38.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n\nUpdates `filippo.io/age` from 1.1.1 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/FiloSottile/age/releases\"\u003efilippo.io/age's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eage v1.2.1: security fix\u003c/h2\u003e\n\u003cp\u003eThis release fixes a security vulnerability that could allow an attacker to execute an arbitrary binary under certain conditions.\u003c/p\u003e\n\u003cp\u003eSee GHSA-32gq-x56h-299c.\u003c/p\u003e\n\u003cp\u003ePlugin names may now only contain alphanumeric characters or the four special characters \u003ccode\u003e+-._\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eThanks to ⬡-49016 for reporting this issue.\u003c/p\u003e\n\u003ch2\u003eage v1.2.0\u003c/h2\u003e\n\u003cp\u003eA small release to build the release binaries with a more recent Go toolchain, and to fix a couple CLI edge cases (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/491\"\u003eFiloSottile/age#491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/555\"\u003eFiloSottile/age#555\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eThe Go module now exposes a plugin package that provides an age plugin client. That is, Recipient and Identity implementations that invoke a plugin binary, allowing the use of age plugins in Go programs.\u003c/p\u003e\n\u003cp\u003eFinally, Recipients can now return a set of \u0026quot;labels\u0026quot; by implementing RecipientWithLabels. This allows replicating the special behavior of the scrypt Recipient in third-party Recipients, or applying policy useful for authenticated or post-quantum Recipients.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e// RecipientWithLabels can be optionally implemented by a Recipient, in which\n// case Encrypt will use WrapWithLabels instead of Wrap.\n//\n// Encrypt will succeed only if the labels returned by all the recipients\n// (assuming the empty set for those that don't implement RecipientWithLabels)\n// are the same.\n//\n// This can be used to ensure a recipient is only used with other recipients\n// with equivalent properties (for example by setting a \u0026quot;postquantum\u0026quot; label) or\n// to ensure a recipient is always used alone (by returning a random label, for\n// example to preserve its authentication properties).\ntype RecipientWithLabels interface {\n\tWrapWithLabels(fileKey []byte) (s []*Stanza, labels []string, err error)\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/482cf6fc9babd3ab06f6606762aac10447222201\"\u003e\u003ccode\u003e482cf6f\u003c/code\u003e\u003c/a\u003e plugin: restrict characters in plugin names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/cda3988cc76a139426281a1d812914b71435bd18\"\u003e\u003ccode\u003ecda3988\u003c/code\u003e\u003c/a\u003e all: fix staticcheck warnings (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/176e245b3cb3ada322c21eef0bce166dc5a5e4c7\"\u003e\u003ccode\u003e176e245\u003c/code\u003e\u003c/a\u003e README: rotate Sigsum keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/faefdc3c81efa89fd41998b77c62234ca56be10b\"\u003e\u003ccode\u003efaefdc3\u003c/code\u003e\u003c/a\u003e README: document Sigsum proofs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bbe6ce5eeb1bb70cfc705d0961c943f0dd637ffd\"\u003e\u003ccode\u003ebbe6ce5\u003c/code\u003e\u003c/a\u003e .github/workflows: update artifacts Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/1e1badabf74064ee800d19817a725f4803fa4e94\"\u003e\u003ccode\u003e1e1bada\u003c/code\u003e\u003c/a\u003e .github/workflows: go-version stable, not latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/2293a9afef6984915cb28d2a7264b145604d61e9\"\u003e\u003ccode\u003e2293a9a\u003c/code\u003e\u003c/a\u003e .github/workflows: use latest Go for bootstrap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/01fe9cd84aa5380cd09b8761af919e5d0a1386ad\"\u003e\u003ccode\u003e01fe9cd\u003c/code\u003e\u003c/a\u003e README: add pkgx installation instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bd0511b415355bf84a3861c77d47d9337ab367b1\"\u003e\u003ccode\u003ebd0511b\u003c/code\u003e\u003c/a\u003e cmd/age: detect output/input file reuse when possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/febaaded8756511fd12b7aea122e44be80c35862\"\u003e\u003ccode\u003efebaade\u003c/code\u003e\u003c/a\u003e cmd/age: create file for empty decryptions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/FiloSottile/age/compare/v1.1.1...v1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/ulikunitz/xz` from 0.5.12 to 0.5.14\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ulikunitz/xz/commit/7184815834c4777e8fa665946721d5fe114c2c35\"\u003e\u003ccode\u003e7184815\u003c/code\u003e\u003c/a\u003e Preparation of release v0.5.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ulikunitz/xz/commit/88ddf1d0d98d688db65de034f48960b2760d2ae2\"\u003e\u003ccode\u003e88ddf1d\u003c/code\u003e\u003c/a\u003e Address Security Issue GHSA-jc7w-c686-c4v9\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ulikunitz/xz/commit/c8314b8f21e9c5e25b52da07544cac14db277e89\"\u003e\u003ccode\u003ec8314b8\u003c/code\u003e\u003c/a\u003e Add new package xio with WriteCloserStack\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ulikunitz/xz/compare/v0.5.12...v0.5.14\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.32.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/9290511cd23ab9813a307b7f2615325e3ca98902\"\u003e\u003ccode\u003e9290511\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/fa5273e461966728f91f33da62c0cf511a404c2a\"\u003e\u003ccode\u003efa5273e\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/a8ea4be81f0769fd5857e087083cbb6d3cb9f196\"\u003e\u003ccode\u003ea8ea4be\u003c/code\u003e\u003c/a\u003e ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/71d3a4cfdb0360795ce5f2d7041e01823fd22eb6\"\u003e\u003ccode\u003e71d3a4c\u003c/code\u003e\u003c/a\u003e acme: support challenges that require the ACME client to send a non-empty JSO...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.32.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.33.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.33.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/sliver/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/sliver/pull/296","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2Fsliver/issues/296","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/296/packages"}},{"old_version":"1.6.2","new_version":"1.7.3","update_type":"minor","path":null,"pr_created_at":"2025-08-28T14:09:47.000Z","version_change":"1.6.2 → 1.7.3","issue":{"uuid":"2781920496","node_id":"PR_kwDOJhpXCc6l0Lzw","number":1,"state":"open","title":"Bump the go_modules group across 2 directories with 15 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-28T14:09:47.000Z","updated_at":"2025-08-28T14:09:48.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":15,"packages":[{"name":"github.com/go-git/go-git/v5","old_version":"5.4.2","new_version":"5.13.0","repository_url":"https://github.com/go-git/go-git"},{"name":"github.com/golang/glog","old_version":"1.0.0","new_version":"1.2.4","repository_url":"https://github.com/golang/glog"},{"name":"github.com/gorilla/csrf","old_version":"1.6.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/hashicorp/go-retryablehttp","old_version":"0.7.0","new_version":"0.7.7","repository_url":"https://github.com/hashicorp/go-retryablehttp"},{"name":"github.com/tektoncd/pipeline","old_version":"0.36.0","new_version":"0.52.1","repository_url":"https://github.com/tektoncd/pipeline"},{"name":"k8s.io/kubernetes","old_version":"1.25.3","new_version":"1.32.7","repository_url":"https://github.com/kubernetes/kubernetes"},{"name":"github.com/golang-jwt/jwt","old_version":"3.2.1+incompatible","new_version":"3.2.2+incompatible","repository_url":"https://github.com/golang-jwt/jwt"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.4.2` | `5.13.0` |\n| [github.com/golang/glog](https://github.com/golang/glog) | `1.0.0` | `1.2.4` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.6.2` | `1.7.3` |\n| [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) | `0.7.0` | `0.7.7` |\n| [github.com/tektoncd/pipeline](https://github.com/tektoncd/pipeline) | `0.36.0` | `0.52.1` |\n| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.25.3` | `1.32.7` |\n| [github.com/golang-jwt/jwt](https://github.com/golang-jwt/jwt) | `3.2.1+incompatible` | `3.2.2+incompatible` |\n\nBumps the go_modules group with 5 updates in the /hack/tools directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.0.0-20220722155217-630584e8d5aa` | `0.35.0` |\n| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.0.0-20220608161450-d0670ef3b1eb` | `0.27.0` |\n| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.47.0` | `1.56.3` |\n| [github.com/docker/distribution](https://github.com/docker/distribution) | `2.8.1+incompatible` | `2.8.2+incompatible` |\n| [github.com/docker/docker](https://github.com/docker/docker) | `20.10.24+incompatible` | `28.0.0+incompatible` |\n\n\nUpdates `github.com/go-git/go-git/v5` from 5.4.2 to 5.13.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-git/go-git/releases\"\u003egithub.com/go-git/go-git/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.13.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild: bump github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0 in /cli/go-git by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1065\"\u003ego-git/go-git#1065\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.22.0 to 0.23.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1068\"\u003ego-git/go-git#1068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.23.0 to 0.24.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1071\"\u003ego-git/go-git#1071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eProperly support skipping of non-mandatory extensions  by \u003ca href=\"https://github.com/codablock\"\u003e\u003ccode\u003e@​codablock\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1066\"\u003ego-git/go-git#1066\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: Refine some codes in test and non-test. by \u003ca href=\"https://github.com/onee-only\"\u003e\u003ccode\u003e@​onee-only\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1077\"\u003ego-git/go-git#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: protocol/packp, client-side filter capability support by \u003ca href=\"https://github.com/edigaryev\"\u003e\u003ccode\u003e@​edigaryev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1000\"\u003ego-git/go-git#1000\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.22.0 to 0.23.0 in /cli/go-git by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1078\"\u003ego-git/go-git#1078\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: fix sideband demux on flush by \u003ca href=\"https://github.com/aymanbagabas\"\u003e\u003ccode\u003e@​aymanbagabas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1084\"\u003ego-git/go-git#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage: dotgit, head reference usually comes first by \u003ca href=\"https://github.com/aymanbagabas\"\u003e\u003ccode\u003e@​aymanbagabas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1085\"\u003ego-git/go-git#1085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/text from 0.14.0 to 0.15.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1091\"\u003ego-git/go-git#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/crypto from 0.22.0 to 0.23.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1094\"\u003ego-git/go-git#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.24.0 to 0.25.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1093\"\u003ego-git/go-git#1093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: Added an example for Repository.Branches by \u003ca href=\"https://github.com/johnmatthiggins\"\u003e\u003ccode\u003e@​johnmatthiggins\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1088\"\u003ego-git/go-git#1088\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree_commit, Modify checking empty commit. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/723\"\u003e#723\u003c/a\u003e by \u003ca href=\"https://github.com/onee-only\"\u003e\u003ccode\u003e@​onee-only\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1050\"\u003ego-git/go-git#1050\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: transport/http, Wrap http errors to return reason. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1097\"\u003e#1097\u003c/a\u003e by \u003ca href=\"https://github.com/ggambetti\"\u003e\u003ccode\u003e@​ggambetti\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1100\"\u003ego-git/go-git#1100\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.20.0 to 0.21.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1106\"\u003ego-git/go-git#1106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/text from 0.15.0 to 0.16.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1107\"\u003ego-git/go-git#1107\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBumps Go versions and go-billy by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1056\"\u003ego-git/go-git#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e_examples: Fixed a dead link COMPATIBILITY.md by \u003ca href=\"https://github.com/gecko655\"\u003e\u003ccode\u003e@​gecko655\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1109\"\u003ego-git/go-git#1109\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/jessevdk/go-flags from 1.5.0 to 1.6.1 in /cli/go-git by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1115\"\u003ego-git/go-git#1115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/elazarl/goproxy from v0.0.0-20230808193330-2592e75ae04a to v0.0.0-20240618083138-03be62527ccb by \u003ca href=\"https://github.com/hbelmiro\"\u003e\u003ccode\u003e@​hbelmiro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1124\"\u003ego-git/go-git#1124\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.25.0 to 0.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1104\"\u003ego-git/go-git#1104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd option approximating \u003ccode\u003egit clean -x\u003c/code\u003e flag. by \u003ca href=\"https://github.com/msuozzo\"\u003e\u003ccode\u003e@​msuozzo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/995\"\u003ego-git/go-git#995\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Add option approximating \u003ccode\u003egit clean -x\u003c/code\u003e flag.\u0026quot; by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1129\"\u003ego-git/go-git#1129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix reference updated concurrently error for the filesystem storer by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1116\"\u003ego-git/go-git#1116\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.26.0 to 0.27.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1134\"\u003ego-git/go-git#1134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutils: merkletrie, Align error message with upstream by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1142\"\u003ego-git/go-git#1142\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: transport/file, Change paths to absolute by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1141\"\u003ego-git/go-git#1141\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: gitignore, Fix loading of ignored .gitignore files. by \u003ca href=\"https://github.com/Achilleshiel\"\u003e\u003ccode\u003e@​Achilleshiel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1114\"\u003ego-git/go-git#1114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/skeema/knownhosts from 1.2.2 to 1.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1147\"\u003ego-git/go-git#1147\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: transport/ssh, Add support for SSH \u003ca href=\"https://github.com/cert-authority\"\u003e\u003ccode\u003e@​cert-authority\u003c/code\u003e\u003c/a\u003e. by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1157\"\u003ego-git/go-git#1157\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: run example tests during CI workflow by \u003ca href=\"https://github.com/crazybolillo\"\u003e\u003ccode\u003e@​crazybolillo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1030\"\u003ego-git/go-git#1030\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003estorage: filesystem, Fix object cache not working due to uninitialised objects being put into cache by \u003ca href=\"https://github.com/SatelliteMind\"\u003e\u003ccode\u003e@​SatelliteMind\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1138\"\u003ego-git/go-git#1138\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: Fix fetching missing commits by \u003ca href=\"https://github.com/AriehSchneier\"\u003e\u003ccode\u003e@​AriehSchneier\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1032\"\u003ego-git/go-git#1032\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: format/packfile, remove duplicate checks in findMatch() by \u003ca href=\"https://github.com/edigaryev\"\u003e\u003ccode\u003e@​edigaryev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1152\"\u003ego-git/go-git#1152\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree, Fix file reported as \u003ccode\u003eUntracked\u003c/code\u003e while it is committed by \u003ca href=\"https://github.com/rodrigocam\"\u003e\u003ccode\u003e@​rodrigocam\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1023\"\u003ego-git/go-git#1023\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.22.0 to 0.23.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1160\"\u003ego-git/go-git#1160\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: filemode, Remove check for setting size of .git/index file  by \u003ca href=\"https://github.com/nicholasSUSE\"\u003e\u003ccode\u003e@​nicholasSUSE\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1159\"\u003ego-git/go-git#1159\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.27.0 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1163\"\u003ego-git/go-git#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix some lint warning and increase stalebot to 180 days by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1128\"\u003ego-git/go-git#1128\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eadjust path extracted from file: url on Windows by \u003ca href=\"https://github.com/tomqwpl\"\u003e\u003ccode\u003e@​tomqwpl\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/416\"\u003ego-git/go-git#416\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.23.0 to 0.24.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1164\"\u003ego-git/go-git#1164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd RestoreStaged to Worktree that mimics the behaviour of git restore --staged \u003c!-- raw HTML omitted --\u003e... by \u003ca href=\"https://github.com/ben-tbotlabs\"\u003e\u003ccode\u003e@​ben-tbotlabs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/493\"\u003ego-git/go-git#493\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eplumbing: signature, support the same x509 signature formats as git by \u003ca href=\"https://github.com/yoavamit\"\u003e\u003ccode\u003e@​yoavamit\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1169\"\u003ego-git/go-git#1169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: allow discovery of non bare repos in fsLoader by \u003ca href=\"https://github.com/jakobmoellerdev\"\u003e\u003ccode\u003e@​jakobmoellerdev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1170\"\u003ego-git/go-git#1170\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.24.0 to 0.25.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1178\"\u003ego-git/go-git#1178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/text from 0.17.0 to 0.18.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1179\"\u003ego-git/go-git#1179\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/net from 0.28.0 to 0.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1184\"\u003ego-git/go-git#1184\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/94bd4af1deb15a64e90c6287eaf9e9f09b192a1f\"\u003e\u003ccode\u003e94bd4af\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1261\"\u003e#1261\u003c/a\u003e from BeChris/issue680\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/8b7f5ba6f0cade1a25c5c4ca9e4d07a95c639945\"\u003e\u003ccode\u003e8b7f5ba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1262\"\u003e#1262\u003c/a\u003e from go-git/dependabot/go_modules/github.com/elazarl...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/41d80a059a481d4c623bc8185c41ce82ed8ce985\"\u003e\u003ccode\u003e41d80a0\u003c/code\u003e\u003c/a\u003e build: bump github.com/elazarl/goproxy\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/499814044f111480b2a17a07c5a7a4c523ce5b87\"\u003e\u003ccode\u003e4998140\u003c/code\u003e\u003c/a\u003e git: worktree_commit, sanitize author and commiter name and email before crea...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/9049625b98bd05edb9f1d00e7ff5da763afc0745\"\u003e\u003ccode\u003e9049625\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1260\"\u003e#1260\u003c/a\u003e from go-git/dependabot/github_actions/github/codeql-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/dae48b4340d1cc6b562ade40b54049584075991f\"\u003e\u003ccode\u003edae48b4\u003c/code\u003e\u003c/a\u003e build: bump github/codeql-action from 3.27.9 to 3.28.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/7d6fbc2c2a05eb6327b298b816bc0c4f854820a6\"\u003e\u003ccode\u003e7d6fbc2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1220\"\u003e#1220\u003c/a\u003e from BeChris/accept_uppercase_hexa_in_pktline_length\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/62a77b7d343dc1ed08d1d691efa13d81788cbc29\"\u003e\u003ccode\u003e62a77b7\u003c/code\u003e\u003c/a\u003e plumbing: Fix invalid reference name error while cloning branches containing ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/5e11196652708f339737b31bf9639373610dd7d1\"\u003e\u003ccode\u003e5e11196\u003c/code\u003e\u003c/a\u003e plumbing: format/pktline, accept upercase hexadecimal value as pktline length...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/65f5e1ade083cfabacc2de4aaa68f7880e22b642\"\u003e\u003ccode\u003e65f5e1a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1256\"\u003e#1256\u003c/a\u003e from go-git/dependabot/go_modules/golang-org-232a611e2d\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-git/go-git/compare/v5.4.2...v5.13.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/golang/glog` from 1.0.0 to 1.2.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang/glog/releases\"\u003egithub.com/golang/glog's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.2.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFail if log file already exists by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/74\"\u003egolang/glog#74\u003c/a\u003e:\n\u003cul\u003e\n\u003cli\u003eglog: Don't try to create/rotate a given syncBuffer twice in the same second\u003c/li\u003e\n\u003cli\u003eglog: introduce createInDir function as in internal version\u003c/li\u003e\n\u003cli\u003eglog: have createInDir fail if the file already exists\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.3...v1.2.4\"\u003ehttps://github.com/golang/glog/compare/v1.2.3...v1.2.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: check that stderr is valid before using it by default by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/72\"\u003egolang/glog#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eglog: fix typo by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/73\"\u003egolang/glog#73\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.2...v1.2.3\"\u003ehttps://github.com/golang/glog/compare/v1.2.2...v1.2.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: avoid calling user.Current() on windows by \u003ca href=\"https://github.com/bentekkie\"\u003e\u003ccode\u003e@​bentekkie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/69\"\u003egolang/glog#69\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.1...v1.2.2\"\u003ehttps://github.com/golang/glog/compare/v1.2.1...v1.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: don't hold mutex when sync'ing by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/68\"\u003egolang/glog#68\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.2.0...v1.2.1\"\u003ehttps://github.com/golang/glog/compare/v1.2.0...v1.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: add context variants and logsink tests by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/66\"\u003egolang/glog#66\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.1.2...v1.2.0\"\u003ehttps://github.com/golang/glog/compare/v1.1.2...v1.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.2\u003c/h2\u003e\n\u003cp\u003eBugfix release.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eglog: populate symlinks -log_link directory by \u003ca href=\"https://github.com/chressie\"\u003e\u003ccode\u003e@​chressie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang/glog/pull/64\"\u003egolang/glog#64\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang/glog/compare/v1.1.1...v1.1.2\"\u003ehttps://github.com/golang/glog/compare/v1.1.1...v1.1.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003eBugfixes since the larger v1.1.0, which have been addressed.\u003c/p\u003e\n\u003ch2\u003ev1.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/a0e3c40a0ed0cecc58c84e7684d9ce55a54044ee\"\u003e\u003ccode\u003ea0e3c40\u003c/code\u003e\u003c/a\u003e glog: have createInDir fail if the file already exists\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/7139da234346c23dba05a8c588284c379b9c0bf8\"\u003e\u003ccode\u003e7139da2\u003c/code\u003e\u003c/a\u003e glog: introduce createInDir function as in internal version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/dd58629ba6ced28322bcb149ed86016fb1ec9a5b\"\u003e\u003ccode\u003edd58629\u003c/code\u003e\u003c/a\u003e glog: Don't try to create/rotate a given syncBuffer twice in the same second\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/04dbec0df8d03d5c187beaf5ce8e6c58e9fc82b5\"\u003e\u003ccode\u003e04dbec0\u003c/code\u003e\u003c/a\u003e glog: fix typo (\u003ca href=\"https://redirect.github.com/golang/glog/issues/73\"\u003e#73\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/459cf3b8151dcfd8aa971077774eaf0c804119e4\"\u003e\u003ccode\u003e459cf3b\u003c/code\u003e\u003c/a\u003e glog: check that stderr is valid before using it by default (\u003ca href=\"https://redirect.github.com/golang/glog/issues/72\"\u003e#72\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/97303146a4ffecf364d4300e07fca855d0062c43\"\u003e\u003ccode\u003e9730314\u003c/code\u003e\u003c/a\u003e glog: avoid calling user.Current() on windows (\u003ca href=\"https://redirect.github.com/golang/glog/issues/69\"\u003e#69\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/861d094757551d2f65d1003f0ec93bc92b254a5a\"\u003e\u003ccode\u003e861d094\u003c/code\u003e\u003c/a\u003e glog: don't hold mutex when sync'ing (\u003ca href=\"https://redirect.github.com/golang/glog/issues/68\"\u003e#68\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/b256bbe5d3f846c1d1ce73030c10973378e04cf0\"\u003e\u003ccode\u003eb256bbe\u003c/code\u003e\u003c/a\u003e glog: add context variants to most log functions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/bcf318487a966b61bca6189643b72648fa132e6e\"\u003e\u003ccode\u003ebcf3184\u003c/code\u003e\u003c/a\u003e glog/internal/logsink: add logsink tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/glog/commit/6b9d7f7df28d318a28dde3adb8a5e9ae9bf1abaf\"\u003e\u003ccode\u003e6b9d7f7\u003c/code\u003e\u003c/a\u003e glog: populate symlinks -log_link directory (\u003ca href=\"https://redirect.github.com/golang/glog/issues/64\"\u003e#64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/glog/compare/v1.0.0...v1.2.4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.6.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.0\u003c/h2\u003e\n\u003cp\u003e📢  This release of \u003cem\u003egorilla/csrf\u003c/em\u003e changes the default \u003ccode\u003eSameSite\u003c/code\u003e cookie attribute to address changes in the SameSite spec (see \u003ca href=\"https://redirect.github.com/golang/go/issues/36990\"\u003egolang/go#36990\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ePreviously\u003c/strong\u003e: The \u003ccode\u003eSameSiteDefaultMode\u003c/code\u003e in \u003cem\u003ecsrf\u003c/em\u003e (prior to v1.7.0) would set \u003ccode\u003eSameSite\u003c/code\u003e on the cookie, which is not valid in some browsers, notably older versions of Chrome/Android. These browsers would not set cookies with this \u0026quot;invalid\u0026quot; attribute.\n\u003cstrong\u003eNow\u003c/strong\u003e: The default mode is \u003ccode\u003eSameSite=Lax\u003c/code\u003e, which is \u003ca href=\"https://caniuse.com/#feat=same-site-cookie-attribute\"\u003esupported by Chrome v51, Firefox v60, Safari v13 and most recent browsers\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIf you're new to SameSite, read \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite\"\u003ethe MDN documentation\u003c/a\u003e for a great overview on why this attribute helps prevent cookies from being 'leaked' to third-party domains unintentionally.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSet SameSite=Lax by default (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/136\"\u003e#136\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't set a default samesite for backwards compatibility (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/132\"\u003e#132\u003c/a\u003e) \u003ca href=\"https://github.com/euank\"\u003e\u003ccode\u003e@​euank\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/hashicorp/go-retryablehttp` from 0.7.0 to 0.7.7\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md\"\u003egithub.com/hashicorp/go-retryablehttp's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.7.7 (May 30, 2024)\u003c/h2\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: avoid potentially leaking URL-embedded basic authentication credentials in logs (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/158\"\u003e#158\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.6 (May 9, 2024)\u003c/h2\u003e\n\u003cp\u003eENHANCEMENTS:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: support a \u003ccode\u003eRetryPrepare\u003c/code\u003e function for modifying the request before retrying (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/216\"\u003e#216\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclient: support HTTP-date values for \u003ccode\u003eRetry-After\u003c/code\u003e header value (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/138\"\u003e#138\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclient: avoid reading entire body when the body is a \u003ccode\u003e*bytes.Reader\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: fix a broken check for invalid server certificate in go 1.20+ (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/210\"\u003e#210\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.5 (Nov 8, 2023)\u003c/h2\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/207\"\u003e#207\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.4 (Jun 6, 2023)\u003c/h2\u003e\n\u003cp\u003eBUG FIXES:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eclient: fixing an issue where the Content-Type header wouldn't be sent with an empty payload when using HTTP/2 (\u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/194\"\u003e#194\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e0.7.3 (May 15, 2023)\u003c/h2\u003e\n\u003cp\u003eInitial release\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/1542b31176d3973a6ecbc06c05a2d0df89b59afb\"\u003e\u003ccode\u003e1542b31\u003c/code\u003e\u003c/a\u003e v0.7.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/defb9f441dcf67a2a56fae733482836ea83349ac\"\u003e\u003ccode\u003edefb9f4\u003c/code\u003e\u003c/a\u003e v0.7.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/a99f07beb3c5faaa0a283617e6eb6bcf25f5049a\"\u003e\u003ccode\u003ea99f07b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/158\"\u003e#158\u003c/a\u003e from dany74q/danny/redacted-url-in-logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/8a28c574da4098c0612fe1c7135f1f6de113d411\"\u003e\u003ccode\u003e8a28c57\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into danny/redacted-url-in-logs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/86e852df43aa0d94150c4629d74e5116d1ff3348\"\u003e\u003ccode\u003e86e852d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/227\"\u003e#227\u003c/a\u003e from hashicorp/dependabot/github_actions/actions/chec...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/47fe99e6460cddc5f433aad2b54dcf32281f8a53\"\u003e\u003ccode\u003e47fe99e\u003c/code\u003e\u003c/a\u003e Bump actions/checkout from 4.1.5 to 4.1.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/490fc06be0931548d3523a4245d15e9dc5d9214d\"\u003e\u003ccode\u003e490fc06\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/226\"\u003e#226\u003c/a\u003e from testwill/ioutil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/f3e9417dbfcd0dc2b4a02a1dfdeb75f1e636b692\"\u003e\u003ccode\u003ef3e9417\u003c/code\u003e\u003c/a\u003e chore: remove refs to deprecated io/ioutil\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/d969eaa9c97860482749df718a35b4a269361055\"\u003e\u003ccode\u003ed969eaa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/hashicorp/go-retryablehttp/issues/225\"\u003e#225\u003c/a\u003e from hashicorp/manicminer-patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hashicorp/go-retryablehttp/commit/2ad8ed4a1d9e632284f6937e91b2f9a1d30e8298\"\u003e\u003ccode\u003e2ad8ed4\u003c/code\u003e\u003c/a\u003e v0.7.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/hashicorp/go-retryablehttp/compare/v0.7.0...v0.7.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/tektoncd/pipeline` from 0.36.0 to 0.52.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tektoncd/pipeline/releases\"\u003egithub.com/tektoncd/pipeline's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTekton Pipeline release v0.52.1 \u0026quot;California Spangled Optimus\u0026quot;\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e-\u003ca href=\"https://github.com/tektoncd/pipeline/tree/v0.52.1/docs\"\u003eDocs @ v0.52.1\u003c/a\u003e\n-\u003ca href=\"https://github.com/tektoncd/pipeline/tree/v0.52.1/examples\"\u003eExamples @ v0.52.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eInstallation one-liner\u003c/h2\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003ekubectl apply -f https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003eAttestation\u003c/h2\u003e\n\u003cp\u003eThe Rekor UUID for this release is \u003ccode\u003e24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eObtain the attestation:\u003c/p\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003eREKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825\nrekor-cli get --uuid $REKOR_UUID --format json | jq -r .Attestation | jq .\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eVerify that all container images in the attestation are in the release file:\u003c/p\u003e\n\u003cpre lang=\"shell\"\u003e\u003ccode\u003eRELEASE_FILE=https://storage.googleapis.com/tekton-releases/pipeline/previous/v0.52.1/release.yaml\nREKOR_UUID=24296fb24b8ad77a97c22594268cc45d986246339ada304b7587b205b59cf5d59df2650d24b14825\n\u003ch1\u003eObtains the list of images with sha from the attestation\u003c/h1\u003e\n\u003cp\u003eREKOR_ATTESTATION_IMAGES=$(rekor-cli get --uuid \u0026quot;$REKOR_UUID\u0026quot; --format json | jq -r .Attestation | jq -r '.subject[]|.name + \u0026quot;:v0.52.1@sha256:\u0026quot; + .digest.sha256')\u003c/p\u003e\n\u003ch1\u003eDownload the release file\u003c/h1\u003e\n\u003cp\u003ecurl \u0026quot;$RELEASE_FILE\u0026quot; \u0026gt; release.yaml\u003c/p\u003e\n\u003ch1\u003eFor each image in the attestation, match it to the release file\u003c/h1\u003e\n\u003cp\u003efor image in $REKOR_ATTESTATION_IMAGES; do\nprintf $image; grep -q $image release.yaml \u0026amp;\u0026amp; echo \u0026quot; ===\u0026gt; ok\u0026quot; || echo \u0026quot; ===\u0026gt; no match\u0026quot;;\ndone\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e:bug: [release-v0.52.x] Regression: fix results with out of order tasks (\u003ca href=\"https://redirect.github.com/tektoncd/pipeline/issues/7174\"\u003e#7174\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFix regression where a different order of task definition may cause result resolution to break\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tektoncd/pipeline/blob/main/releases.md\"\u003egithub.com/tektoncd/pipeline's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eTekton Pipeline Releases\u003c/h1\u003e\n\u003ch2\u003eRelease Frequency\u003c/h2\u003e\n\u003cp\u003eTekton Pipelines follows the Tekton community [release policy][release-policy]\nas follows:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eVersions are numbered according to semantic versioning: \u003ccode\u003evX.Y.Z\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eA new release is produced on a monthly basis\u003c/li\u003e\n\u003cli\u003eFour releases a year are chosen for \u003ca href=\"https://github.com/tektoncd/community/blob/main/releases.md#support-policy\"\u003elong term support (LTS)\u003c/a\u003e.\nAll remaining releases are supported for approximately 1 month (until the next\nrelease is produced)\n\u003cul\u003e\n\u003cli\u003eLTS releases take place in January, April, July and October every year\u003c/li\u003e\n\u003cli\u003eThe first Tekton Pipelines LTS release will be \u003cstrong\u003ev0.41.0\u003c/strong\u003e in October 2022\u003c/li\u003e\n\u003cli\u003eReleases happen towards the middle of the month, between the 13th and the\n20th, depending on week-ends and readiness\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eTekton Pipelines produces nightly builds, publicly available on\n\u003ccode\u003egcr.io/tekton-nightly\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eTransition Process\u003c/h3\u003e\n\u003cp\u003eBefore release v0.41 Tekton Pipelines has worked on the basis of an undocumented\nsupport period of four months, which will be maintained for the releases between\nv0.37 and v0.40.\u003c/p\u003e\n\u003ch2\u003eRelease Process\u003c/h2\u003e\n\u003cp\u003eTekton Pipeline releases are made of YAML manifests and container images.\nManifests are published to cloud object-storage as well as\n[GitHub][tekton-pipeline-releases]. Container images are signed by\n[Sigstore][sigstore] via [Tekton Chains][tekton-chains]; signatures can be\nverified through the [public key][chains-public-key] hosted by the Tekton Chains\nproject.\u003c/p\u003e\n\u003cp\u003eFurther documentation available:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe Tekton Pipeline [release process][tekton-releases-docs]\u003c/li\u003e\n\u003cli\u003e[Installing Tekton][tekton-installation]\u003c/li\u003e\n\u003cli\u003eStandard for [release notes][release-notes-standards]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease\u003c/h2\u003e\n\u003ch3\u003ev1.3 (LTS)\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eLatest Release\u003c/strong\u003e: [v1.3.1][v1.3-1] (2025-08-05) ([docs][v1.3-1-docs], [examples][v1.3-1-examples])\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eInitial Release\u003c/strong\u003e: [v1.3.0][v1.3-0] (2025-08-04)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEnd of Life\u003c/strong\u003e: 2026-08-04\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePatch Releases\u003c/strong\u003e: [v1.3.01][v1.3-0] [v1.3.1][v1.3-1]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ev1.0 (LTS)\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/e7b5e5821a100d38a97eee50be60ce6580ec863e\"\u003e\u003ccode\u003ee7b5e58\u003c/code\u003e\u003c/a\u003e Regression: fix results with out of order tasks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/feb943c982a5c34d16f8967207f3f979715c21ab\"\u003e\u003ccode\u003efeb943c\u003c/code\u003e\u003c/a\u003e Bump github.com/jenkins-x/go-scm from 1.13.13 to 1.14.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/636419138567d24ccb4bc4d77bc76cbd006a698d\"\u003e\u003ccode\u003e6364191\u003c/code\u003e\u003c/a\u003e fix: clean results when taskrun retries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/503cc3db4e3de7a6a8c73bd3bc0e005438751c88\"\u003e\u003ccode\u003e503cc3d\u003c/code\u003e\u003c/a\u003e Bump google.golang.org/grpc from 1.56.2 to 1.58.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/3076240709fd4ceba13f24ee1eccbee3cb13ca92\"\u003e\u003ccode\u003e3076240\u003c/code\u003e\u003c/a\u003e fix 6093 task results not replaced with their values in childReferences\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/3835c75cde6c277d5e2dbef451827f11142ad52f\"\u003e\u003ccode\u003e3835c75\u003c/code\u003e\u003c/a\u003e Bump github.com/sigstore/sigstore from 1.7.1 to 1.7.3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/a41fafea951497796d734546730346f4d78dfb8b\"\u003e\u003ccode\u003ea41fafe\u003c/code\u003e\u003c/a\u003e Bump github.com/spiffe/spire-api-sdk from 1.7.1 to 1.7.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/44e17070941fb1e740cbb88b57701e9957a6cc9b\"\u003e\u003ccode\u003e44e1707\u003c/code\u003e\u003c/a\u003e Bump github.com/containerd/containerd from 1.7.3 to 1.7.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/d783556a1632924237f6e84a862a9199928a465d\"\u003e\u003ccode\u003ed783556\u003c/code\u003e\u003c/a\u003e Remove results annotations filtering\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tektoncd/pipeline/commit/f27f3333d2d456d2ad7d87e30d98180d5f7541ce\"\u003e\u003ccode\u003ef27f333\u003c/code\u003e\u003c/a\u003e Bump google.golang.org/protobuf from 1.30.0 to 1.31.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tektoncd/pipeline/compare/v0.36.0...v0.52.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.0.0-20220315160706-3147a52a75dd to 0.31.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/commits/v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.8.0 to 0.33.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/dfc720dfe0cfc125116068c20efcdcb5e4eab464\"\u003e\u003ccode\u003edfc720d\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/8e66b04771e35c4e4125e8c60334b34e2423effb\"\u003e\u003ccode\u003e8e66b04\u003c/code\u003e\u003c/a\u003e html: use strings.EqualFold instead of lowering ourselves\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/b935f7b5d723c82894e1a1fd936a94dd2d1eae46\"\u003e\u003ccode\u003eb935f7b\u003c/code\u003e\u003c/a\u003e html: avoid endless loop on error token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/9af49ef148d7d8b3e4cbbd9cc0cd37f2a520a4a3\"\u003e\u003ccode\u003e9af49ef\u003c/code\u003e\u003c/a\u003e route: remove unused sizeof* consts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/6705db9a4df8f2cf16aed83e773e7a0213788b7a\"\u003e\u003ccode\u003e6705db9\u003c/code\u003e\u003c/a\u003e quic: clean up crypto streams when dropping packet protection keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/4ef7588d2b3f83775099797baac43c34e2e23200\"\u003e\u003ccode\u003e4ef7588\u003c/code\u003e\u003c/a\u003e quic: handle ACK frame in packet which drops number space\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/552d8ac903a11a9fde71a88732f5b58b6b394178\"\u003e\u003ccode\u003e552d8ac\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;route: change from syscall to x/sys/unix\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/13a7c0108bd38aad013797cdb95e6bfca0bbcec6\"\u003e\u003ccode\u003e13a7c01\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;route: remove unused sizeof* consts on freebsd\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/285e1cf6650f407805ea8af9255624961b768479\"\u003e\u003ccode\u003e285e1cf\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/d0a1049b7e05d3d6f62570a8381a22301a97ae73\"\u003e\u003ccode\u003ed0a1049\u003c/code\u003e\u003c/a\u003e route: remove unused sizeof* consts on freebsd\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.8.0...v0.33.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/oauth2` from 0.0.0-20220608161450-d0670ef3b1eb to 0.11.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/oauth2/commits/v0.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google.golang.org/grpc` from 1.47.0 to 1.58.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/grpc/grpc-go/releases\"\u003egoogle.golang.org/grpc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 1.56.3\u003c/h2\u003e\n\u003ch1\u003eSecurity\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eserver: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)\u003c/p\u003e\n\u003cp\u003eIn addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.56.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003estatus: To fix a panic, \u003ccode\u003estatus.FromError\u003c/code\u003e now returns an error with \u003ccode\u003ecodes.Unknown\u003c/code\u003e when the error implements the \u003ccode\u003eGRPCStatus()\u003c/code\u003e method, and calling \u003ccode\u003eGRPCStatus()\u003c/code\u003e returns \u003ccode\u003enil\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6374\"\u003e#6374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.56.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eclient: handle empty address lists correctly in addrConn.updateAddrs\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.56.0\u003c/h2\u003e\n\u003ch1\u003eNew Features\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eclient: support channel idleness using \u003ccode\u003eWithIdleTimeout\u003c/code\u003e dial option (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6263\"\u003e#6263\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eThis feature is currently disabled by default, but will be enabled with a 30 minute default in the future.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eclient: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A62-pick-first.md\"\u003egRFC A62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6306\"\u003e#6306\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: Add support for Custom LB Policies (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A52-xds-custom-lb-policies.md\"\u003egRFC A52\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6224\"\u003e#6224\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: support pick_first Custom LB policy (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A62-pick-first.md\"\u003egRFC A62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6314\"\u003e#6314\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6317\"\u003e#6317\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eclient: add support for pickfirst address shuffling (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A62-pick-first.md\"\u003egRFC A62\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6311\"\u003e#6311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: Add support for String Matcher Header Matcher in RDS (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6313\"\u003e#6313\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds/outlierdetection: Add Channelz Logger to Outlier Detection LB (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6145\"\u003e#6145\u003c/a\u003e)\n\u003cul\u003e\n\u003cli\u003eSpecial Thanks: \u003ca href=\"https://github.com/s-matyukevich\"\u003e\u003ccode\u003e@​s-matyukevich\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003exds: enable RLS in xDS by default (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6343\"\u003e#6343\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eorca: add support for application_utilization field and missing range checks on several metrics setters\u003c/li\u003e\n\u003cli\u003ebalancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (\u003ca href=\"https://github.com/grpc/proposal/blob/master/A58-client-side-weighted-round-robin-lb-policy.md\"\u003egRFC A58\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6241\"\u003e#6241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eauthz: add conversion of json to RBAC Audit Logging config (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6192\"\u003e#6192\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eauthz: add support for stdout logger (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6230\"\u003e#6230\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6298\"\u003e#6298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eauthz: support customizable audit functionality for authorization policy (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6192\"\u003e#6192\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6230\"\u003e#6230\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6298\"\u003e#6298\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6158\"\u003e#6158\u003c/a\u003e \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6304\"\u003e#6304\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6225\"\u003e#6225\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eBug Fixes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eorca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6245\"\u003e#6245\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6361\"\u003e#6361\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6361\"\u003e#6361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eAPI Changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003eorca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6223\"\u003e#6223\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.55.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003estatus: To fix a panic, \u003ccode\u003estatus.FromError\u003c/code\u003e now returns an error with \u003ccode\u003ecodes.Unknown\u003c/code\u003e when the error implements the \u003ccode\u003eGRPCStatus()\u003c/code\u003e method, and calling \u003ccode\u003eGRPCStatus()\u003c/code\u003e returns \u003ccode\u003enil\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6374\"\u003e#6374\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eRelease 1.55.0\u003c/h2\u003e\n\u003ch1\u003eBehavior Changes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003exds: enable federation support by default (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6151\"\u003e#6151\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003estatus: \u003ccode\u003estatus.Code\u003c/code\u003e and \u003ccode\u003estatus.FromError\u003c/code\u003e handle wrapped errors (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6031\"\u003e#6031\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6150\"\u003e#6150\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/1055b481ed2204a29d233286b9b50c42b63f8825\"\u003e\u003ccode\u003e1055b48\u003c/code\u003e\u003c/a\u003e Update version.go to 1.56.3 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6713\"\u003e#6713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/5efd7bd73e11fea58d1c7f1c110902e78a286299\"\u003e\u003ccode\u003e5efd7bd\u003c/code\u003e\u003c/a\u003e server: prohibit more than MaxConcurrentStreams handlers from running at once...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/bd1f038e7234580c2694e433bec5cd97e7b7f662\"\u003e\u003ccode\u003ebd1f038\u003c/code\u003e\u003c/a\u003e Upgrade version.go to 1.56.3-dev (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6434\"\u003e#6434\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/faab8736bf73291f92b867d5dae31c927d53d508\"\u003e\u003ccode\u003efaab873\u003c/code\u003e\u003c/a\u003e Update version.go to v1.56.2 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6432\"\u003e#6432\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/6b0b291d79831b1c8caafceec268b82c92253f96\"\u003e\u003ccode\u003e6b0b291\u003c/code\u003e\u003c/a\u003e status: fix panic when servers return a wrapped error with status OK (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6374\"\u003e#6374\u003c/a\u003e) ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/ed56401aa514462d5371713b8ec5c889da33953c\"\u003e\u003ccode\u003eed56401\u003c/code\u003e\u003c/a\u003e [PSM interop] Don't fail target if sub-target already failed (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6390\"\u003e#6390\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6405\"\u003e#6405\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/cd6a794f0bdcf9a216e8f4d3c5717faf96d9fd78\"\u003e\u003ccode\u003ecd6a794\u003c/code\u003e\u003c/a\u003e Update version.go to v1.56.2-dev (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6387\"\u003e#6387\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/5b67e5ea449ef0686a0c0b6de48cd4cb63e3db2a\"\u003e\u003ccode\u003e5b67e5e\u003c/code\u003e\u003c/a\u003e Update version.go to v1.56.1 (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6386\"\u003e#6386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/d0f5150384a87f9fcac488a9c18727a55b7354c1\"\u003e\u003ccode\u003ed0f5150\u003c/code\u003e\u003c/a\u003e client: handle empty address lists correctly in addrConn.updateAddrs (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6354\"\u003e#6354\u003c/a\u003e) ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/grpc/grpc-go/commit/997c1ea101cc5d496d2b148388f1df49632a9171\"\u003e\u003ccode\u003e997c1ea\u003c/code\u003e\u003c/a\u003e Change version to 1.56.1-dev (\u003ca href=\"https://redirect.github.com/grpc/grpc-go/issues/6345\"\u003e#6345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/grpc/grpc-go/compare/v1.47.0...v1.56.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google.golang.org/protobuf` from 1.28.0 to 1.31.0\n\nUpdates `k8s.io/kubernetes` from 1.25.3 to 1.32.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/kubernetes/kubernetes/releases\"\u003ek8s.io/kubernetes's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eKubernetes v1.32.7\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.6\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.5\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.4\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.3\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003ethe CHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.1\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003ethe CHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href=\"https://groups.google.com/forum/#!forum/kubernetes-announce\"\u003ekubernetes-announce@\u003c/a\u003e. Additional binary downloads are linked in the \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003eCHANGELOG\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href=\"https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.32.md\"\u003ethe CHANGELOG\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eKubernetes v1.32.0-rc.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/158eee9fac884b429a92465edd0d88a43f81de34\"\u003e\u003ccode\u003e158eee9\u003c/code\u003e\u003c/a\u003e Release commit for Kubernetes v1.32.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/79edb7e03dc1744b483053f74ecc56e38961b289\"\u003e\u003ccode\u003e79edb7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132281\"\u003e#132281\u003c/a\u003e\u003ccode\u003eneolit123/automated-cherry-pick-of-#130782\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/39ec379044d251babf124f1150db63e957132cdc\"\u003e\u003ccode\u003e39ec379\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/131578\"\u003e#131578\u003c/a\u003e\u003ccode\u003endbaker1/automated-cherry-pick-of-#131251\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/bcb9d4ce05b5eadeccefd54ca9953b0875b39272\"\u003e\u003ccode\u003ebcb9d4c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132727\"\u003e#132727\u003c/a\u003e\u003ccode\u003emimowo/automated-cherry-pick-of-#132614\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/f5f9e1b3cc09cda2621073c27c07098181a96525\"\u003e\u003ccode\u003ef5f9e1b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132861\"\u003e#132861\u003c/a\u003e\u003ccode\u003emimowo/automated-cherry-pick-of-#132502\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/bb2ad5a64465e839d2bc0cee0bf88fa4d7666188\"\u003e\u003ccode\u003ebb2ad5a\u003c/code\u003e\u003c/a\u003e Use per-policy marker names for VAP integration tests.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/5b6a01c2c6afe1e6b2288b5826115def2d36992c\"\u003e\u003ccode\u003e5b6a01c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/kubernetes/kubernetes/issues/132159\"\u003e#132159\u003c/a\u003e\u003ccode\u003elinxiulei/automated-cherry-pick-of-#132109\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/339ead430761b4032f7c8368f00e548f4c430ac4\"\u003e\u003ccode\u003e339ead4\u003c/code\u003e\u003c/a\u003e Review remarks\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/4c58a9d19d05fd48f2ec3e3e6533bbc0ab58c1fe\"\u003e\u003ccode\u003e4c58a9d\u003c/code\u003e\u003c/a\u003e Fix validation for Job with suspend=true,completions=0 to set Complete condition\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kubernetes/kubernetes/commit/c14c5722a2e8f357dac32be1e1018925b05158e0\"\u003e\u003ccode\u003ec14c572\u003c/code\u003e\u003c/a\u003e Update CHANGELOG/CHANGELOG-1.32.md for v1.32.6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/kubernetes/kubernetes/compare/v1.25.3...v1.32.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/golang-jwt/jwt` from 3.2.1+incompatible to 3.2.2+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang-jwt/jwt/releases\"\u003egithub.com/golang-jwt/jwt's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eStarting from this release, we are adopting the policy to support the most 2 recent versions of Go currently available. By the time of this release, this is Go 1.15 and 1.16 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/28\"\u003e#28\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed a potential issue that could occur when the presence of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003eiat\u003c/code\u003e or \u003ccode\u003enbf\u003c/code\u003e was not required for verification and contained invalid contents, i.e. non-numeric/date. Thanks for \u003ca href=\"https://github.com/thaJeztah\"\u003e\u003ccode\u003e@​thaJeztah\u003c/code\u003e\u003c/a\u003e for making us aware of that and \u003ca href=\"https://github.com/giorgos-f3\"\u003e\u003ccode\u003e@​giorgos-f3\u003c/code\u003e\u003c/a\u003e for originally reporting it to the formtech fork (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/40\"\u003e#40\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded support for EdDSA / ED25519 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/36\"\u003e#36\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eOptimized allocations (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/33\"\u003e#33\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md\"\u003egithub.com/golang-jwt/jwt's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ccode\u003ejwt-go\u003c/code\u003e Version History\u003c/h1\u003e\n\u003cp\u003eThe following version history is kept for historic purposes. To retrieve the current changes of each version, please refer to the change-log of the specific release versions on \u003ca href=\"https://github.com/golang-jwt/jwt/releases\"\u003ehttps://github.com/golang-jwt/jwt/releases\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIntroduces support for Go modules. The \u003ccode\u003ev4\u003c/code\u003e version will be backwards compatible with \u003ccode\u003ev3.x.y\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eStarting from this release, we are adopting the policy to support the most 2 recent versions of Go currently available. By the time of this release, this is Go 1.15 and 1.16 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/28\"\u003e#28\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eFixed a potential issue that could occur when the verification of \u003ccode\u003eexp\u003c/code\u003e, \u003ccode\u003eiat\u003c/code\u003e or \u003ccode\u003enbf\u003c/code\u003e was not required and contained invalid contents, i.e. non-numeric/date. Thanks for \u003ca href=\"https://github.com/thaJeztah\"\u003e\u003ccode\u003e@​thaJeztah\u003c/code\u003e\u003c/a\u003e for making us aware of that and \u003ca href=\"https://github.com/giorgos-f3\"\u003e\u003ccode\u003e@​giorgos-f3\u003c/code\u003e\u003c/a\u003e for originally reporting it to the formtech fork (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/40\"\u003e#40\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eAdded support for EdDSA / ED25519 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/36\"\u003e#36\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eOptimized allocations (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/33\"\u003e#33\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eImport Path Change\u003c/strong\u003e: See MIGRATION_GUIDE.md for tips on updating your code\n\u003cul\u003e\n\u003cli\u003eChanged the import path from \u003ccode\u003egithub.com/dgrijalva/jwt-go\u003c/code\u003e to \u003ccode\u003egithub.com/golang-jwt/jwt\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFixed type confusing issue between \u003ccode\u003estring\u003c/code\u003e and \u003ccode\u003e[]string\u003c/code\u003e in \u003ccode\u003eVerifyAudience\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/12\"\u003e#12\u003c/a\u003e). This fixes CVE-2020-26160\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e3.2.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eAdded method \u003ccode\u003eParseUnverified\u003c/code\u003e to allow users to split up the tasks of parsing and validation\u003c/li\u003e\n\u003cli\u003eHMAC signing method returns \u003ccode\u003eErrInvalidKeyType\u003c/code\u003e instead of \u003ccode\u003eErrInvalidKey\u003c/code\u003e where appropriate\u003c/li\u003e\n\u003cli\u003eAdded options to \u003ccode\u003erequest.ParseFromRequest\u003c/code\u003e, which allows for an arbitrary list of modifiers to parsing behavior. Initial set include \u003ccode\u003eWithClaims\u003c/code\u003e and \u003ccode\u003eWithParser\u003c/code\u003e. Existing usage of this function will continue to work as before.\u003c/li\u003e\n\u003cli\u003eDeprecated \u003ccode\u003eParseFromRequestWithClaims\u003c/code\u003e to simplify API in the future.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e3.1.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003eImprovements to \u003ccode\u003ejwt\u003c/code\u003e command line tool\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eSkipClaimsValidation\u003c/code\u003e option to \u003ccode\u003eParser\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation updates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch4\u003e3.0.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eCompatibility Breaking Changes\u003c/strong\u003e: See MIGRATION_GUIDE.md for tips on updating your code\n\u003cul\u003e\n\u003cli\u003eDropped support for \u003ccode\u003e[]byte\u003c/code\u003e keys when using RSA signing methods.  This convenience feature could contribute to security vulnerabilities involving mismatched key types with signing methods.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eParseFromRequest\u003c/code\u003e has been moved to \u003ccode\u003erequest\u003c/code\u003e subpackage and usage has changed\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eClaims\u003c/code\u003e property on \u003ccode\u003eToken\u003c/code\u003e is now type \u003ccode\u003eClaims\u003c/code\u003e instead of \u003ccode\u003emap[string]interface{}\u003c/code\u003e.  The default value is type \u003ccode\u003eMapClaims\u003c/code\u003e, which is an alias to \u003ccode\u003emap[string]interface{}\u003c/code\u003e.  This makes it possible to use a custom type when decoding claims.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eOther Additions and Changes\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003eClaims\u003c/code\u003e interface type to allow users to decode the claims into a custom type\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eParseWithClaims\u003c/code\u003e, which takes a third argument of type \u003ccode\u003eClaims\u003c/code\u003e.  Use this function instead of \u003ccode\u003eParse\u003c/code\u003e if you have a custom type you'd like to decode into.\u003c/li\u003e\n\u003cli\u003eDramatically improved the functionality and flexibility of \u003ccode\u003eParseFromRequest\u003c/code\u003e, which is now in the \u003ccode\u003erequest\u003c/code\u003e subpackage\u003c/li\u003e\n\u003cli\u003eAdded \u003ccode\u003eParseFromRequestWithClaims\u003c/code\u003e which is the \u003ccode\u003eFromRequest\u003c/code\u003e equivalent of \u003ccode\u003eParseWithClaims\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eAdded new interface type \u003ccode\u003eExtractor\u003c/code\u003e, which is used for extracting JWT strings from http requests.  Used with \u003ccode\u003eParseFromRequest\u003c/code\u003e and \u003ccode\u003eParseFromRequestWithClaims\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded several new, more specific, validation errors to error type bitmask\u003c/li\u003e\n\u003cli\u003eMoved examples from README to executable example files\u003c/li\u003e\n\u003cli\u003eSigning method registry is now thread safe\u003c/li\u003e\n\u003cli\u003eAdded new property to \u003ccode\u003eValidationError\u003c/code\u003e, which contains the raw error returned by calls made by parse/verify (such as those returned by keyfunc or json parser)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/4bbdd8ac624fc7a9ef7aec841c43d99b5fe65a29\"\u003e\u003ccode\u003e4bbdd8a\u003c/code\u003e\u003c/a\u003e Prepare release 3.2.2 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/42\"\u003e#42\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/8e9d9ebf6f4a43a4ae610493f1cc0c05f5630350\"\u003e\u003ccode\u003e8e9d9eb\u003c/code\u003e\u003c/a\u003e Fix security vulnerability (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/40\"\u003e#40\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/324836737fe659697dc72a99569d7049b2f9b9d9\"\u003e\u003ccode\u003e3248367\u003c/code\u003e\u003c/a\u003e add ed25519 support (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/36\"\u003e#36\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/860640e8862db5e9e96147c826d1aaca518fa27b\"\u003e\u003ccode\u003e860640e\u003c/code\u003e\u003c/a\u003e Allocation optimization (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/33\"\u003e#33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/3008b2bdeacbf196c7f52b174d9ab0c9d9276110\"\u003e\u003ccode\u003e3008b2b\u003c/code\u003e\u003c/a\u003e remove support for Go \u0026lt;= 1.14 (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/28\"\u003e#28\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang-jwt/jwt/compare/v3.2.1...v3.2.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/det...\n\n_Description has been truncated_","html_url":"https://github.com/etamong/test-infra/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/etamong%2Ftest-infra/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-26T10:09:17.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"2774592918","node_id":"PR_kwDOK-QMD86lYO2W","number":349,"state":"open","title":"build(deps): bump the backend group across 1 directory with 23 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-26T10:09:17.000Z","updated_at":"2025-08-26T10:09:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"backend","update_count":23,"packages":[{"name":"github.com/Masterminds/semver/v3","old_version":"3.3.1","new_version":"3.4.0","repository_url":"https://github.com/Masterminds/semver"},{"name":"github.com/aquasecurity/trivy","old_version":"0.58.1","new_version":"0.65.0","repository_url":"https://github.com/aquasecurity/trivy"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/operator-framework/api","old_version":"0.29.0","new_version":"0.33.0","repository_url":"https://github.com/operator-framework/api"},{"name":"github.com/pquerna/otp","old_version":"1.4.0","new_version":"1.5.0","repository_url":"https://github.com/pquerna/otp"},{"name":"github.com/rs/zerolog","old_version":"1.33.0","new_version":"1.34.0","repository_url":"https://github.com/rs/zerolog"},{"name":"github.com/stretchr/testify","old_version":"1.10.0","new_version":"1.11.0","repository_url":"https://github.com/stretchr/testify"},{"name":"sigs.k8s.io/krew","old_version":"0.4.4","new_version":"0.4.5","repository_url":"https://github.com/kubernetes-sigs/krew"}],"path":null,"ecosystem":"go"},"body":"Bumps the backend group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) | `3.3.1` | `3.4.0` |\n| [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) | `0.58.1` | `0.65.0` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.2` | `1.7.3` |\n| [github.com/operator-framework/api](https://github.com/operator-framework/api) | `0.29.0` | `0.33.0` |\n| [github.com/pquerna/otp](https://github.com/pquerna/otp) | `1.4.0` | `1.5.0` |\n| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.33.0` | `1.34.0` |\n| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.10.0` | `1.11.0` |\n| [sigs.k8s.io/krew](https://github.com/kubernetes-sigs/krew) | `0.4.4` | `0.4.5` |\n\n\nUpdates `github.com/Masterminds/semver/v3` from 3.3.1 to 3.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/releases\"\u003egithub.com/Masterminds/semver/v3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cp\u003eThere are a few changes in this release to highlight:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003e\u003ccode\u003eConstraints\u003c/code\u003e now has a property \u003ccode\u003eIncludePrerelease\u003c/code\u003e. When set to true the \u003ccode\u003eCheck\u003c/code\u003e and \u003ccode\u003eValidate\u003c/code\u003e methods will include prereleases.\u003c/li\u003e\n\u003cli\u003eWhen an AND group has one constraint with a prerelease but more than one constraint then prereleases will be included. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2\u003c/code\u003e. In the past this would not have included prereleases because each constraint needed to have a prerelease. Now, only one constraint needs to have a prerelease. This is considered a long standing bug fix. Note, this does not carry across OR groups. For example, \u003ccode\u003e\u0026gt;1.0.0-beta.1 \u0026lt; 2 || \u0026gt; 3\u003c/code\u003e. In this case, prereleases will not be included when evaluating against \u003ccode\u003e\u0026gt;3\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eNewVersion\u003c/code\u003e coercion with leading \u0026quot;0\u0026quot;'s is restored. This can be disabled by setting the package level property \u003ccode\u003eCoerceNewVersion\u003c/code\u003e to \u003ccode\u003efalse\u003c/code\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix the CodeQL link by \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore detailed errors when failed to parse with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/262\"\u003eMasterminds/semver#262\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating go version tested with by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/263\"\u003eMasterminds/semver#263\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRestore the ability to have leading 0's with NewVersion by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/266\"\u003eMasterminds/semver#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle pre-releases on all in an and group by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/267\"\u003eMasterminds/semver#267\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd property to include prereleases by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/268\"\u003eMasterminds/semver#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating the error message handling by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/269\"\u003eMasterminds/semver#269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate the release notes and readme for new version by \u003ca href=\"https://github.com/mattfarina\"\u003e\u003ccode\u003e@​mattfarina\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/270\"\u003eMasterminds/semver#270\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/Masterminds/semver/pull/257\"\u003eMasterminds/semver#257\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ehttps://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/Masterminds/semver/blob/master/CHANGELOG.md\"\u003egithub.com/Masterminds/semver/v3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.4.0 (2025-06-27)\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e: Added property to Constraints to include prereleases for Check and Validate\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/263\"\u003e#263\u003c/a\u003e: Updated Go testing for 1.24, 1.23, and 1.22\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e: Updated the error message handling for message case and wrapping errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e: Restore the ability to have leading 0's when parsing with NewVersion.\nOpt-out of this by setting CoerceNewVersion to false.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/257\"\u003e#257\u003c/a\u003e: Fixed the CodeQL link (thanks \u003ca href=\"https://github.com/dmitris\"\u003e\u003ccode\u003e@​dmitris\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/262\"\u003e#262\u003c/a\u003e: Restored detailed errors when failed to parse with NewVersion. Opt-out\nof this by setting DetailedNewVersionErrors to false for faster performance.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e: Handle pre-releases for an \u0026quot;and\u0026quot; group if one constraint includes them\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/61fc460d28283a91c53be65c2e0f20b494ac8ad9\"\u003e\u003ccode\u003e61fc460\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/270\"\u003e#270\u003c/a\u003e from mattfarina/relnotes-3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/69a63e729f6254d980ff39c4ac89b5990f2be449\"\u003e\u003ccode\u003e69a63e7\u003c/code\u003e\u003c/a\u003e Update the release notes and readme for new version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/dc05094bcba909be3d0c14364bb14b5e9142dad4\"\u003e\u003ccode\u003edc05094\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/269\"\u003e#269\u003c/a\u003e from mattfarina/lowercase-error-strings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/a2cd9c2c2e49a0a0af115a08be31d410eacdf9e4\"\u003e\u003ccode\u003ea2cd9c2\u003c/code\u003e\u003c/a\u003e Updating the error message handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/9760c473b7cc395e48276f7f2d0c33ae824e123a\"\u003e\u003ccode\u003e9760c47\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/268\"\u003e#268\u003c/a\u003e from mattfarina/include-prerelease\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/c3747513c320448dfaf6f75c6a06a14a6221896f\"\u003e\u003ccode\u003ec374751\u003c/code\u003e\u003c/a\u003e Add property to include prereleases\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/057c901b9979a2a6b8e06adfbf96349a641ba2e1\"\u003e\u003ccode\u003e057c901\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/267\"\u003e#267\u003c/a\u003e from mattfarina/fix-259\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/abab1c2f5fcf52a1483bfc4be892a0ad42afd09a\"\u003e\u003ccode\u003eabab1c2\u003c/code\u003e\u003c/a\u003e Handle pre-releases on all in an and group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/ebda872fa10e6cc730c5973bbdb512b9511eb65e\"\u003e\u003ccode\u003eebda872\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/Masterminds/semver/issues/266\"\u003e#266\u003c/a\u003e from mattfarina/restore-calver\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Masterminds/semver/commit/4ed619ef3b4f63d7c94b2e19725c2719054de3bd\"\u003e\u003ccode\u003e4ed619e\u003c/code\u003e\u003c/a\u003e Restore the ability to have leading 0's with NewVersion\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/Masterminds/semver/compare/v3.3.1...v3.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/aquasecurity/trivy` from 0.58.1 to 0.65.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/releases\"\u003egithub.com/aquasecurity/trivy's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.65.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9287\"\u003e👉 Trivy v.65.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.65.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.65.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0650-2025-07-30\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.64.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e86ee3c1176d4707536914dfa65ac8eca452e14cd release: v0.64.1 [release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9122\"\u003e#9122\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e4e1272283a643bfca2d7231d286006219715fada fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9127\"\u003e#9127\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e9a7d38432cf00f00970259e5ac3edd060e00ccff fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9124\"\u003e#9124\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e53adfba3c25664b01e3a36fdec334b39b53c07f1 fix(rootio): check full version to detect \u003ccode\u003eroot.io\u003c/code\u003e packages [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9120\"\u003e#9120\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e8cf1bf9f6f86936ee7dcd29e0d1cd1ec106e28f6 fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9119\"\u003e#9119\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev0.64.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/9105\"\u003e👉 Trivy v.64.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.64.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.64.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0640-2025-06-30\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.63.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/discussions/8945\"\u003e👉 Trivy v.63.0 release notes (click here)\u003c/a\u003e\u003c/h1\u003e\n\u003ch2\u003e⬇️ Download Trivy\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=macos\u0026amp;arch=arm64\"\u003eMacOS Apple Silicon\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=macos\u0026amp;arch=amd64\"\u003eMacOS Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=linux\u0026amp;arch=amd64\"\u003eLinux Intel\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=tar.gz\u0026amp;version=0.63.0\u0026amp;os=linux\u0026amp;arch=arm64\"\u003eLinux ARM\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.trivy.dev/trivy?type=zip\u0026amp;version=0.63.0\u0026amp;os=windows\u0026amp;arch=amd64\"\u003eWindows Intel\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0630-2025-05-29\"\u003eFull changelog\u003c/a\u003e\u003c/h3\u003e\n\u003ch2\u003ev0.62.1\u003c/h2\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ec75ed2156c8fa801d6998016f46f6b953e8a9556 release: v0.62.1 [release/v0.62] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/8825\"\u003e#8825\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md\"\u003egithub.com/aquasecurity/trivy's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.64.0...v0.65.0\"\u003e0.65.0\u003c/a\u003e (2025-07-30)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd graceful shutdown with signal handling (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9242\"\u003e#9242\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/2c05882f45071928c14d8212ef6c4f0f7048245d\"\u003e2c05882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd HTTP request/response tracing support (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9125\"\u003e#9125\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/aa5b32a19f4d61d0df72c11fd314c5a0b7284202\"\u003eaa5b32a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ealma:\u003c/strong\u003e add AlmaLinux 10 support (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9207\"\u003e#9207\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/861d51e99a45ee448f86fe195dedcaefb811c919\"\u003e861d51e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eflag:\u003c/strong\u003e add schema validation for \u003ccode\u003e--server\u003c/code\u003e flag (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9270\"\u003e#9270\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/ed4640ec27f2575a50d7e6d516c9e2e45a59bb7f\"\u003eed4640e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eimage:\u003c/strong\u003e add Docker context resolution (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9166\"\u003e#9166\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/99cd4e776c0c6cc689126e53fa86ee6333ba6277\"\u003e99cd4e7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elicense:\u003c/strong\u003e observe pkg types option in license scanner (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9091\"\u003e#9091\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/d44af8cfa21a145d14ca6e5e1ed4742d892f2dc5\"\u003ed44af8c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e add private ip google access attribute to subnetwork (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9199\"\u003e#9199\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/263845cfc1419401f24adc8bc6316f3ea0caacad\"\u003e263845c\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e added logging and versioning to the gcp storage bucket (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9226\"\u003e#9226\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/110f80ea29951863997dd5a1c48fe14eb81e230b\"\u003e110f80e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erepo:\u003c/strong\u003e add git repository metadata to reports (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9252\"\u003e#9252\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f4b2cf10e917d58c0840f789e083bd3f268a8af1\"\u003ef4b2cf1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ereport:\u003c/strong\u003e add CVSS vectors in sarif report (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9157\"\u003e#9157\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/60723e6cfce82ede2863cf545a189c581246f4e9\"\u003e60723e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e add SHA-512 hash support for CycloneDX SBOM (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9126\"\u003e#9126\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/12d6706961423acb12430c8b3d986b4aa4671d04\"\u003e12d6706\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ealma:\u003c/strong\u003e parse epochs from rpmqa file (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9101\"\u003e#9101\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/82db2fcc8034c911cc7a67f5a82d2f081d9c1fdf\"\u003e82db2fc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ealso check \u003ccode\u003efilepath\u003c/code\u003e when removing duplicate packages (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9142\"\u003e#9142\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/4d10a815dde53f5e128366f1dd0837a1dc29c17b\"\u003e4d10a81\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eaws:\u003c/strong\u003e update amazon linux 2 EOL date (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9176\"\u003e#9176\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/0ecfed6ea75cfe33e0f436a9015ac72a679e754e\"\u003e0ecfed6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e Add more non-sensitive flags to telemetry (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9110\"\u003e#9110\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/7041a39bdcf21c5b3114137d9a931f529eac2566\"\u003e7041a39\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e ensure correct command is picked by telemetry (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9260\"\u003e#9260\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4ad00f301a5fd7326060a567871c6f4a9711696\"\u003eb4ad00f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ecli:\u003c/strong\u003e panic: attempt to get os.Args[1] when len(os.Args) \u0026lt; 2 (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9206\"\u003e#9206\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/adfa879e4e8ab88f211222a13d2b89013ae9a853\"\u003eadfa879\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elicense:\u003c/strong\u003e add missed \u003ccode\u003eGFDL-NIV-1.1\u003c/code\u003e and \u003ccode\u003eGFDL-NIV-1.2\u003c/code\u003e into Trivy mapping (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9116\"\u003e#9116\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/a692f296d15f7241ba5ff082e4e69926b1c728a8\"\u003ea692f29\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003elicense:\u003c/strong\u003e handle WITH operator for \u003ccode\u003eLaxSplitLicenses\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9232\"\u003e#9232\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4193d0d31a167aafdcd9d9ccd89f3f124eef7ee\"\u003eb4193d0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003emigrate from \u003ccode\u003e*.list\u003c/code\u003e to \u003ccode\u003e*.md5sums\u003c/code\u003e files for \u003ccode\u003edpkg\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9131\"\u003e#9131\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f224de3e39b08672212ec0f94660c36bef77bc30\"\u003ef224de3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e correctly adapt azure storage account (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9138\"\u003e#9138\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/51aa0222604829706193eb2ff3a6886742bb42b4\"\u003e51aa022\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e correctly parse empty port ranges in google_compute_firewall (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9237\"\u003e#9237\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/77bab7b6d25c712e2db7dc53956985c2721728e9\"\u003e77bab7b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e fix log bucket in schema (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9235\"\u003e#9235\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/7ebc129ab726f3133d940708837b7edda2621105\"\u003e7ebc129\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003emisconf:\u003c/strong\u003e skip rewriting expr if attr is nil (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9113\"\u003e#9113\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/42ccd3df9a7c838a99facb8248e1a68eaf47a999\"\u003e42ccd3d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003enodejs:\u003c/strong\u003e don't use prerelease logic for compare npm constraints  (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9208\"\u003e#9208\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/fe96436b99bae3bbfc7498d2ad222d4acccdfcf1\"\u003efe96436\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprevent graceful shutdown message on normal exit (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9244\"\u003e#9244\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/6095984d5340633740204a7a40f002a5643802b9\"\u003e6095984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erootio:\u003c/strong\u003e check full version to detect \u003ccode\u003eroot.io\u003c/code\u003e packages (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9117\"\u003e#9117\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/c2ddd44d98594a2066cb5b5acbb9ad2aaad8fd96\"\u003ec2ddd44\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003erootio:\u003c/strong\u003e fix severity selection (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9181\"\u003e#9181\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/6fafbeb60609a020b47266743250ea847234cbbd\"\u003e6fafbeb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e merge in-graph and out-of-graph OS packages in scan results (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9194\"\u003e#9194\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/aa944cc6da43e2035f74e9d842f487c0d2f993f4\"\u003eaa944cc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esbom:\u003c/strong\u003e use correct field for licenses in CycloneDX reports (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9057\"\u003e#9057\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/143da88dd82dfbe204f4c2afe46af3b01701675d\"\u003e143da88\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecret:\u003c/strong\u003e add UTF-8 validation in secret scanner to prevent protobuf marshalling errors (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9253\"\u003e#9253\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/54832a77b50e2da3a3ceacbb6ce1b13e45605cde\"\u003e54832a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esecret:\u003c/strong\u003e fix line numbers for multiple-line secrets (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9104\"\u003e#9104\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/e57974649e4a3a275b9cf02db191b3f6bf10340f\"\u003ee579746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eserver:\u003c/strong\u003e add HTTP transport setup to server mode (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9217\"\u003e#9217\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1163b044c7e91a81bba3a862cc4a38e90182f0b4\"\u003e1163b04\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupporting .egg-info/METADATA in python.Packaging analyzer (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9151\"\u003e#9151\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/e306e2dc5275c0e75f056c8c7ee9ff9261c78e7f\"\u003ee306e2d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eterraform:\u003c/strong\u003e \u003ccode\u003efor_each\u003c/code\u003e on a map returns a resource for every key (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9156\"\u003e#9156\u003c/a\u003e) (\u003ca href=\"https://github.com/aquasecurity/trivy/commit/153318f65f7e5059bcc064bd2cd651cc720791a9\"\u003e153318f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.63.0...v0.64.0\"\u003e0.64.0\u003c/a\u003e (2025-06-30)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b2b15459bac0efef73531c73b45e80d40ddd0fec\"\u003e\u003ccode\u003eb2b1545\u003c/code\u003e\u003c/a\u003e release: v0.65.0 [main] (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9108\"\u003e#9108\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4ad00f301a5fd7326060a567871c6f4a9711696\"\u003e\u003ccode\u003eb4ad00f\u003c/code\u003e\u003c/a\u003e fix(cli): ensure correct command is picked by telemetry (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9260\"\u003e#9260\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/ed4640ec27f2575a50d7e6d516c9e2e45a59bb7f\"\u003e\u003ccode\u003eed4640e\u003c/code\u003e\u003c/a\u003e feat(flag): add schema validation for \u003ccode\u003e--server\u003c/code\u003e flag (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9270\"\u003e#9270\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/1a0c038fa567f4b04b610dc3d994222a77ae8efc\"\u003e\u003ccode\u003e1a0c038\u003c/code\u003e\u003c/a\u003e chore(deps): bump github.com/docker/docker from 28.3.2+incompatible to 28.3.3...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/011cefc325ba25c0cd70c80356f7d48dc4d19588\"\u003e\u003ccode\u003e011cefc\u003c/code\u003e\u003c/a\u003e ci: skip undefined labels in discussion triage action (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9175\"\u003e#9175\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/f4b2cf10e917d58c0840f789e083bd3f268a8af1\"\u003e\u003ccode\u003ef4b2cf1\u003c/code\u003e\u003c/a\u003e feat(repo): add git repository metadata to reports (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9252\"\u003e#9252\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/b4193d0d31a167aafdcd9d9ccd89f3f124eef7ee\"\u003e\u003ccode\u003eb4193d0\u003c/code\u003e\u003c/a\u003e fix(license): handle WITH operator for \u003ccode\u003eLaxSplitLicenses\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9232\"\u003e#9232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/d2d0ec2b6d71a8228fd707eee1b7e0f0aa3ab0d1\"\u003e\u003ccode\u003ed2d0ec2\u003c/code\u003e\u003c/a\u003e chore: add modernize tool integration for code modernization (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9251\"\u003e#9251\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/54832a77b50e2da3a3ceacbb6ce1b13e45605cde\"\u003e\u003ccode\u003e54832a7\u003c/code\u003e\u003c/a\u003e fix(secret): add UTF-8 validation in secret scanner to prevent protobuf marsh...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy/commit/8f5b56005a4e8752976524750089dc9ea2c91e40\"\u003e\u003ccode\u003e8f5b560\u003c/code\u003e\u003c/a\u003e chore: implement process-safe temp file cleanup (\u003ca href=\"https://redirect.github.com/aquasecurity/trivy/issues/9241\"\u003e#9241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aquasecurity/trivy/compare/v0.58.1...v0.65.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/coreos/go-oidc` from 2.2.1+incompatible to 2.3.0+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/coreos/go-oidc/releases\"\u003egithub.com/coreos/go-oidc's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport signed jwt userinfo response by \u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e*: s/Json/JSON/g to appease lint by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/255\"\u003ecoreos/go-oidc#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003euserinfo - handling charset in Content-Type header by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/261\"\u003ecoreos/go-oidc#261\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange Go Version Used in .travis.yml to v1.14 by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIDTokenVerifier: fix typo word in Verify function's comment by \u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/266\"\u003ecoreos/go-oidc#266\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ealso run travis tests under 1.15 by \u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esupport AWS Cognito, which is not completely OIDC compliant  by \u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded power support by \u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix up v2 CI by \u003ca href=\"https://github.com/ericchiang\"\u003e\u003ccode\u003e@​ericchiang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/448\"\u003ecoreos/go-oidc#448\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to maintained go-jose library by \u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/holowinski\"\u003e\u003ccode\u003e@​holowinski\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/254\"\u003ecoreos/go-oidc#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dickynovanto1103\"\u003e\u003ccode\u003e@​dickynovanto1103\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/268\"\u003ecoreos/go-oidc#268\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mikedanese\"\u003e\u003ccode\u003e@​mikedanese\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/275\"\u003ecoreos/go-oidc#275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DallanQ\"\u003e\u003ccode\u003e@​DallanQ\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/257\"\u003ecoreos/go-oidc#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dthadi3\"\u003e\u003ccode\u003e@​dthadi3\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/277\"\u003ecoreos/go-oidc#277\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/liggitt\"\u003e\u003ccode\u003e@​liggitt\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/coreos/go-oidc/pull/447\"\u003ecoreos/go-oidc#447\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ehttps://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/b7e896c40598f5307b3b5a163b6ad02ae97ec1a5\"\u003e\u003ccode\u003eb7e896c\u003c/code\u003e\u003c/a\u003e Switch to maintained gopkg.in/go-jose/go-jose.v2 library\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a57141768115b09a2f823a17726d25c998a7fc9d\"\u003e\u003ccode\u003ea571417\u003c/code\u003e\u003c/a\u003e fix up v2 CI\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/e05c4c73b4b5f159727021bf2921c214f61b2688\"\u003e\u003ccode\u003ee05c4c7\u003c/code\u003e\u003c/a\u003e Added power support (\u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/277\"\u003e#277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/0a5cd3377ca67c9a7b81961f8fb286bf59891370\"\u003e\u003ccode\u003e0a5cd33\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/257\"\u003e#257\u003c/a\u003e from OurRootsOrg/v2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/8e61fd8dcfb5e3af82a8a808b7d85f1044548d29\"\u003e\u003ccode\u003e8e61fd8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/275\"\u003e#275\u003c/a\u003e from mikedanese/bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/a4badd1273bf233eccb3fe596b27ba8054fa9bb4\"\u003e\u003ccode\u003ea4badd1\u003c/code\u003e\u003c/a\u003e also run travis tests under 1.15\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/50700f92176680a141cb7ccb894de3b09a30b709\"\u003e\u003ccode\u003e50700f9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/266\"\u003e#266\u003c/a\u003e from dickynovanto1103/fix-typo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/86d950ac3f3c4a8ef9ca3197a5a0187c5b2e60d7\"\u003e\u003ccode\u003e86d950a\u003c/code\u003e\u003c/a\u003e IDTokenVerifier: fix typo word: \u003ccode\u003epreforms\u003c/code\u003e to \u003ccode\u003eperforms\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/638d1d6486cae85e18718a1c2a71259ae05f4855\"\u003e\u003ccode\u003e638d1d6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/coreos/go-oidc/issues/268\"\u003e#268\u003c/a\u003e from dickynovanto1103/fix-ci\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreos/go-oidc/commit/2b28d0cc38907454ddd8644363eb1e893ac07b69\"\u003e\u003ccode\u003e2b28d0c\u003c/code\u003e\u003c/a\u003e add support for AWS Cognito, which returns email_verified as a string instead...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/coreos/go-oidc/compare/v2.2.1...v2.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-chi/chi/v5` from 5.2.0 to 5.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-chi/chi/releases\"\u003egithub.com/go-chi/chi/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.2.1\u003c/h2\u003e\n\u003ch2\u003e⚠️  Chi supports Go 1.20+\u003c/h2\u003e\n\u003cp\u003eStarting this release, we will now support the four most recent major versions of Go. See \u003ca href=\"https://redirect.github.com/go-chi/chi/issues/963\"\u003ego-chi/chi#963\u003c/a\u003e for related discussion.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport the four most recent major versions of Go by \u003ca href=\"https://github.com/VojtechVitek\"\u003e\u003ccode\u003e@​VojtechVitek\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-chi/chi/pull/969\"\u003ego-chi/chi#969\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.0...v5.2.1\"\u003ehttps://github.com/go-chi/chi/compare/v5.2.0...v5.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-chi/chi/commit/71307f9b7e4e9527638bc951c42b782cd1560331\"\u003e\u003ccode\u003e71307f9\u003c/code\u003e\u003c/a\u003e Support the four most recent major versions of Go (\u003ca href=\"https://redirect.github.com/go-chi/chi/issues/969\"\u003e#969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/go-chi/chi/compare/v5.2.0...v5.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-git/go-git/v5` from 5.13.1 to 5.16.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-git/go-git/releases\"\u003egithub.com/go-git/go-git/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.16.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1567\"\u003ego-git/go-git#1567\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.1...v5.16.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eutils: merkletrie, Fix diff on sparse-checkout index. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1406\"\u003e#1406\u003c/a\u003e to releases/v5.x by \u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/kane8n\"\u003e\u003ccode\u003e@​kane8n\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1561\"\u003ego-git/go-git#1561\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\"\u003ehttps://github.com/go-git/go-git/compare/v5.16.0...v5.16.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.16.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[v5] plumbing: support mTLS for HTTPS protocol by \u003ca href=\"https://github.com/hiddeco\"\u003e\u003ccode\u003e@​hiddeco\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1510\"\u003ego-git/go-git#1510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1515\"\u003ego-git/go-git#1515\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.15.0...v5.16.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.15.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: add cert auth support to \u003ccode\u003ereleases/v5.x\u003c/code\u003e by \u003ca href=\"https://github.com/Javier-varez\"\u003e\u003ccode\u003e@​Javier-varez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1482\"\u003ego-git/go-git#1482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5: Bump dependencies by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1505\"\u003ego-git/go-git#1505\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.14.0...v5.15.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.14.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ev5: Bump Go and dependencies to mitigate \u003ca href=\"https://pkg.go.dev/vuln/GO-2025-3487\"\u003eGO-2025-3487\u003c/a\u003e by \u003ca href=\"https://github.com/pjbgf\"\u003e\u003ccode\u003e@​pjbgf\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1436\"\u003ego-git/go-git#1436\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e:warning: Note that this version requires Go 1.23, due to the bump to \u003ccode\u003egolang.org/x/crypto@v0.35.0\u003c/code\u003e which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\"\u003ehttps://github.com/go-git/go-git/compare/v5.13.2...v5.14.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.13.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eplumbing: use the correct user agent string. Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/883\"\u003e#883\u003c/a\u003e by \u003ca href=\"https://github.com/uragirii\"\u003e\u003ccode\u003e@​uragirii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1364\"\u003ego-git/go-git#1364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1365\"\u003ego-git/go-git#1365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump the golang-org group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1367\"\u003ego-git/go-git#1367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1368\"\u003ego-git/go-git#1368\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1378\"\u003ego-git/go-git#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github/codeql-action from 3.28.0 to 3.28.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1376\"\u003ego-git/go-git#1376\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1377\"\u003ego-git/go-git#1377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003egit: worktree, fix restoring dot slash files (backported to v5). Fixes \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1176\"\u003e#1176\u003c/a\u003e by \u003ca href=\"https://github.com/BeChris\"\u003e\u003ccode\u003e@​BeChris\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-git/go-git/pull/1361\"\u003ego-git/go-git#1361\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/ed8216c4a2c3fdb7e4e31ce242bf7847356623c9\"\u003e\u003ccode\u003eed8216c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1567\"\u003e#1567\u003c/a\u003e from kane8n/backport-to-v5-patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/4f35ebab20f1034df1df943044903e7044e6cdf4\"\u003e\u003ccode\u003e4f35eba\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1484\"\u003e#1484\u003c/a\u003e from patricsss/patricsss/fix-1455\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/fd1a83688236df0299d5cd677f04dccad073500c\"\u003e\u003ccode\u003efd1a836\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1561\"\u003e#1561\u003c/a\u003e from kane8n/backport-to-v5-fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/c3c841090facce33faa2c80ca475ee673442b4a5\"\u003e\u003ccode\u003ec3c8410\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1492\"\u003e#1492\u003c/a\u003e from onee-only/fix-sparse-checkout-status\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/6d4a5c61232251b48ae4238d39830ccc894ef4d8\"\u003e\u003ccode\u003e6d4a5c6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1515\"\u003e#1515\u003c/a\u003e from pjbgf/regre\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/beedd6bc1892182daa36dd45013ff28857320f58\"\u003e\u003ccode\u003ebeedd6b\u003c/code\u003e\u003c/a\u003e plumbing: transport, Reintroduce SetHostKeyCallback. Fix \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1514\"\u003e#1514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/763ce2e08aa1398c7e9e153ae3346891c80dc467\"\u003e\u003ccode\u003e763ce2e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-git/go-git/issues/1510\"\u003e#1510\u003c/a\u003e from hiddeco/mtls-support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/5320e1b6b4578aa7272de1fa535051b9b86fbbfb\"\u003e\u003ccode\u003e5320e1b\u003c/code\u003e\u003c/a\u003e plumbing: surface transport configuration errors\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/9bbc93b719b15a5e0955ed9c2f6aa008f13f7e86\"\u003e\u003ccode\u003e9bbc93b\u003c/code\u003e\u003c/a\u003e plumbing: fix unintended pointer mutation in test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-git/go-git/commit/f3783f4abf49642326f67683f22d468db87a8822\"\u003e\u003ccode\u003ef3783f4\u003c/code\u003e\u003c/a\u003e plumbing: support mTLS for HTTPS protocol\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-git/go-git/compare/v5.13.1...v5.16.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/google/go-containerregistry` from 0.20.2 to 0.20.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/go-containerregistry/releases\"\u003egithub.com/google/go-containerregistry's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.20.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEnsure that tag name is not empty if name contains colon by \u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump some deps by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2110\"\u003egoogle/go-containerregistry#2110\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/SaschaSchwarze0\"\u003e\u003ccode\u003e@​SaschaSchwarze0\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2094\"\u003egoogle/go-containerregistry#2094\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.4...v0.20.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.4 - Not usable as a go module\u003c/h2\u003e\n\u003cp\u003e🚨 This release was published to the Go module proxy and then re-tagged with a different commit. This means it's not usable as a Go module (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2107\"\u003egoogle/go-containerregistry#2107\u003c/a\u003e) -- please us v0.20.5 instead.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump docker/docker to v28.0.0+incompatible by \u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMigrate linter to v2 by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version + bump deps by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2093\"\u003egoogle/go-containerregistry#2093\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eimplement TextMarshaler/JSONMarshaler more consistently by \u003ca href=\"https://github.com/imjasonh\"\u003e\u003ccode\u003e@​imjasonh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2097\"\u003egoogle/go-containerregistry#2097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CodeQL permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2103\"\u003egoogle/go-containerregistry#2103\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate goreleaser permissions by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2104\"\u003egoogle/go-containerregistry#2104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate provenance action in release by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2105\"\u003egoogle/go-containerregistry#2105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate validator action by \u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2106\"\u003egoogle/go-containerregistry#2106\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/luhring\"\u003e\u003ccode\u003e@​luhring\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2071\"\u003egoogle/go-containerregistry#2071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Subserial\"\u003e\u003ccode\u003e@​Subserial\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2096\"\u003egoogle/go-containerregistry#2096\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\"\u003ehttps://github.com/google/go-containerregistry/compare/v0.20.3...v0.20.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev0.20.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eremote/transport: Make bearer transport go-routine-safe by \u003ca href=\"https://github.com/2opremio\"\u003e\u003ccode\u003e@​2opremio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/1806\"\u003egoogle/go-containerregistry#1806\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose compare package by \u003ca href=\"https://github.com/jonjohnsonjr\"\u003e\u003ccode\u003e@​jonjohnsonjr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/go-containerregistry/pull/2001\"\u003egoogle/go-containerregistry#2001\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/59a4b85930392a30c39462519adc8a2026d47181\"\u003e\u003ccode\u003e59a4b85\u003c/code\u003e\u003c/a\u003e Bump some deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2110\"\u003e#2110\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/5b1039536cfa10ed0d467dd13f279665bfd48ad9\"\u003e\u003ccode\u003e5b10395\u003c/code\u003e\u003c/a\u003e Ensure that tag name is not empty if name contains colon (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2094\"\u003e#2094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/4eb8c4d84ef07af279d5dcc0b210d9eaa7bc79e3\"\u003e\u003ccode\u003e4eb8c4d\u003c/code\u003e\u003c/a\u003e Update validator action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2106\"\u003e#2106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/78d4a6e980c634a90ecd5729a0a5c8235923724e\"\u003e\u003ccode\u003e78d4a6e\u003c/code\u003e\u003c/a\u003e Update provenance action (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2105\"\u003e#2105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/33840ffc70721fcc49e2f2a54c4b9fa5cf358edf\"\u003e\u003ccode\u003e33840ff\u003c/code\u003e\u003c/a\u003e Update goreleaser permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2104\"\u003e#2104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/8d47c3776e7873544e5f0ac3fe8787f27b95d63e\"\u003e\u003ccode\u003e8d47c37\u003c/code\u003e\u003c/a\u003e Update CodeQL permissions (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2103\"\u003e#2103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/a61de150b11db9e2005bdc0ae5958aadbd5931c1\"\u003e\u003ccode\u003ea61de15\u003c/code\u003e\u003c/a\u003e implement TextMarshaler/JSONMarshaler more consistently (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2097\"\u003e#2097\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/1d5b256a397177b0df69c259893bd93e6fc38bbe\"\u003e\u003ccode\u003e1d5b256\u003c/code\u003e\u003c/a\u003e bump go version + bump deps (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2093\"\u003e#2093\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/ccaa0d6a53fde4b8b205ef3f0c3474c65079b740\"\u003e\u003ccode\u003eccaa0d6\u003c/code\u003e\u003c/a\u003e Migrate linter to v2 (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2096\"\u003e#2096\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry/commit/098045d5e61ff426a61a0eecc19ad0c433cd35a9\"\u003e\u003ccode\u003e098045d\u003c/code\u003e\u003c/a\u003e build(deps): bump docker/docker to v28.0.0+incompatible (\u003ca href=\"https://redirect.github.com/google/go-containerregistry/issues/2071\"\u003e#2071\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/go-containerregistry/compare/v0.20.2...v0.20.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/open-policy-agent/opa` from 0.70.0 to 1.6.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/releases\"\u003egithub.com/open-policy-agent/opa's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.6.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImprovements to the OPA website and documentation\u003c/li\u003e\n\u003cli\u003eAllowing keywords in Rego references\u003c/li\u003e\n\u003cli\u003eParallel test execution\u003c/li\u003e\n\u003cli\u003eFaster built-in function execution\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eModernized OPA Website (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7037\"\u003e#7037\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eWe're continuing to modernize the OPA website with a new design and improved user experience.\u003c/p\u003e\n\u003cp\u003eSome highlights:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference#built-in-functions\"\u003eBuiltins\u003c/a\u003e: You can now search them on the docs page!\u003c/li\u003e\n\u003cli\u003eSidebar redesign: Making it easier to find what you're looking for in our docs\u003c/li\u003e\n\u003cli\u003eFeedback forms: Closing the feedback loop between docs authors and readers -- Please let us know if you dislike, or like, a docs page.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs#1-download-opa\"\u003eDownloads page\u003c/a\u003e: Find your OS' installation instructions on a less cluttered page!\u003c/li\u003e\n\u003cli\u003eAnd much more\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sky3n3t\"\u003e\u003ccode\u003e@​sky3n3t\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eAllowing keywords in Rego references (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7709\"\u003e#7709\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003ePreviously, Rego references could not contain terms that conflict with Rego keywords such as \u003ccode\u003epackage\u003c/code\u003e, \u003ccode\u003eif\u003c/code\u003e, \u003ccode\u003eelse\u003c/code\u003e, \u003ccode\u003enot\u003c/code\u003e, etc.\nin certain constructs:\u003c/p\u003e\n\u003cpre lang=\"rego\"\u003e\u003ccode\u003epackage example\n\u003cp\u003eallow if {\ninput.package.source         # not allowed (before v1.6.0)\ninput[\u0026quot;package\u0026quot;].destination # allowed\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe constraints for valid Rego references have been relaxed to allow keywords.\nThe above example is now valid and will no longer cause a compilation error.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/johanfylling\"\u003e\u003ccode\u003e@​johanfylling\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eParallel Test Execution (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7442\"\u003e#7442\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eBy default, OPA will now run tests in parallel (defaulting to one parallel execution thread per available CPU core), significantly speeding up test execution time for large test suites.\nThe performance boost is closely tied to the number of tests in your project and your selected parallelism level. For larger projects and default settings, 2-3x performance gains have been measured on a MacBook Pro.\u003c/p\u003e\n\u003cp\u003eParallelism can be disabled to run tests sequentially by setting the \u003ccode\u003e--parallel\u003c/code\u003e flag to \u003ccode\u003e1\u003c/code\u003e. E.g. \u003ccode\u003eopa test . --parallel=1\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md\"\u003egithub.com/open-policy-agent/opa's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.6.0\u003c/h2\u003e\n\u003cp\u003eThis release contains a mix of new features, performance improvements, and bugfixes. Notably:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eImprovements to the OPA website and documentation\u003c/li\u003e\n\u003cli\u003eAllowing keywords in Rego references\u003c/li\u003e\n\u003cli\u003eParallel test execution\u003c/li\u003e\n\u003cli\u003eFaster built-in function execution\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eModernized OPA Website (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7037\"\u003e#7037\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eWe're continuing to modernize the OPA website with a new design and improved user experience.\u003c/p\u003e\n\u003cp\u003eSome highlights:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs/policy-reference#built-in-functions\"\u003eBuiltins\u003c/a\u003e: You can now search them on the docs page!\u003c/li\u003e\n\u003cli\u003eSidebar redesign: Making it easier to find what you're looking for in our docs\u003c/li\u003e\n\u003cli\u003eFeedback forms: Closing the feedback loop between docs authors and readers -- Please let us know if you dislike, or like, a docs page.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://www.openpolicyagent.org/docs#1-download-opa\"\u003eDownloads page\u003c/a\u003e: Find your OS' installation instructions on a less cluttered page!\u003c/li\u003e\n\u003cli\u003eAnd much more\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sky3n3t\"\u003e\u003ccode\u003e@​sky3n3t\u003c/code\u003e\u003c/a\u003e and \u003ca href=\"https://github.com/charlieegan3\"\u003e\u003ccode\u003e@​charlieegan3\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eAllowing keywords in Rego references (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/pull/7709\"\u003e#7709\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003ePreviously, Rego references could not contain terms that conflict with Rego keywords such as \u003ccode\u003epackage\u003c/code\u003e, \u003ccode\u003eif\u003c/code\u003e, \u003ccode\u003eelse\u003c/code\u003e, \u003ccode\u003enot\u003c/code\u003e, etc.\nin certain constructs:\u003c/p\u003e\n\u003cpre lang=\"rego\"\u003e\u003ccode\u003epackage example\n\u003cp\u003eallow if {\ninput.package.source         # not allowed (before v1.6.0)\ninput[\u0026quot;package\u0026quot;].destination # allowed\n}\n\u003c/code\u003e\u003c/pre\u003e\u003c/p\u003e\n\u003cp\u003eThe constraints for valid Rego references have been relaxed to allow keywords.\nThe above example is now valid and will no longer cause a compilation error.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/johanfylling\"\u003e\u003ccode\u003e@​johanfylling\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eParallel Test Execution (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7442\"\u003e#7442\u003c/a\u003e)\u003c/h3\u003e\n\u003cp\u003eBy default, OPA will now run tests in parallel (defaulting to one parallel execution thread per available CPU core), significantly speeding up test execution time for large test suites.\nThe performance boost is closely tied to the number of tests in your project and your selected parallelism level. For larger projects and default settings, 2-3x performance gains have been measured on a MacBook Pro.\u003c/p\u003e\n\u003cp\u003eParallelism can be disabled to run tests sequentially by setting the \u003ccode\u003e--parallel\u003c/code\u003e flag to \u003ccode\u003e1\u003c/code\u003e. E.g. \u003ccode\u003eopa test . --parallel=1\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eAuthored by \u003ca href=\"https://github.com/sspaink\"\u003e\u003ccode\u003e@​sspaink\u003c/code\u003e\u003c/a\u003e reported by \u003ca href=\"https://github.com/anderseknert\"\u003e\u003ccode\u003e@​anderseknert\u003c/code\u003e\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/710b5a62789fbe8ad231b2fc0090c664f1ac93ba\"\u003e\u003ccode\u003e710b5a6\u003c/code\u003e\u003c/a\u003e Prepare v1.6.0 release (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7732\"\u003e#7732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d3e83fbd773514a7bf1cba728371457714189579\"\u003e\u003ccode\u003ed3e83fb\u003c/code\u003e\u003c/a\u003e website: add titles back to the sidebar\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/fc51c9ca0bc541bd835beed518d04c949e660837\"\u003e\u003ccode\u003efc51c9c\u003c/code\u003e\u003c/a\u003e docs: Revise sidebar order and layout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/13b9e521e9c1bf38870eeb610630ba7335ac86db\"\u003e\u003ccode\u003e13b9e52\u003c/code\u003e\u003c/a\u003e ast: Ensure surplus leading zeros always error (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7726\"\u003e#7726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/9750787ae4527392e8c46f83c3ff4f5184fe8051\"\u003e\u003ccode\u003e9750787\u003c/code\u003e\u003c/a\u003e perf: Only pass built-in context to calls depending on it (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7728\"\u003e#7728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/2b4722e90da8837436d2d9e6b9702267d94a1c7b\"\u003e\u003ccode\u003e2b4722e\u003c/code\u003e\u003c/a\u003e docs: Redirect old admission control link (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7730\"\u003e#7730\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/3a560fa2475f9e143b106bf7019178ba3d93dd77\"\u003e\u003ccode\u003e3a560fa\u003c/code\u003e\u003c/a\u003e docs: Update sidebar (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7723\"\u003e#7723\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/d917e3a4a8fe44e7ff40a937c9f8b0dc6ca6801c\"\u003e\u003ccode\u003ed917e3a\u003c/code\u003e\u003c/a\u003e plugin/decision: check if event is too large after compression (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7521\"\u003e#7521\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/817b6635a80f8c8e9607ea36360a5b78c6f48e5d\"\u003e\u003ccode\u003e817b663\u003c/code\u003e\u003c/a\u003e ast,format: Allowing keywords in Rego references (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7709\"\u003e#7709\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-policy-agent/opa/commit/1679d797980c2ff6b21647ec6f5280b61034045b\"\u003e\u003ccode\u003e1679d79\u003c/code\u003e\u003c/a\u003e docs: Move code example data inside the PlaygroundComponent (\u003ca href=\"https://redirect.github.com/open-policy-agent/opa/issues/7724\"\u003e#7724\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-policy-agent/opa/compare/v0.70.0...v1.6.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/opencontainers/image-spec` from 1.1.0 to 1.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opencontainers/image-spec/releases\"\u003egithub.com/opencontainers/image-spec's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.1.1\u003c/h2\u003e\n\u003cp\u003eVote Passed  \u003ccode\u003e[+5 -0 nv1]\u003c/code\u003e  - \u003ca href=\"https://groups.google.com/a/opencontainers.org/g/dev/c/T-olx0jdT18\"\u003ehttps://groups.google.com/a/opencontainers.org/g/dev/c/T-olx0jdT18\u003c/a\u003e\n\u003cstrong\u003eRelease PR\u003c/strong\u003e : \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/pull/1247\"\u003eopencontainers/image-spec#1247\u003c/a\u003e\n\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/opencontainers/image-spec/compare/v1.1.0...v1.1.1\"\u003ehttps://github.com/opencontainers/image-spec/compare/v1.1.0...v1.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/147f9c13cedb47a0c4d9a11a222961073d585877\"\u003e\u003ccode\u003e147f9c1\u003c/code\u003e\u003c/a\u003e Release v1.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/fbb4662eb53b80bd38f7597406cf1211317768f0\"\u003e\u003ccode\u003efbb4662\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1238\"\u003e#1238\u003c/a\u003e from mkenigs/wording-nit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/81e457e1db4ee2f924f357264bbe5c0daa029fcd\"\u003e\u003ccode\u003e81e457e\u003c/code\u003e\u003c/a\u003e Fix grammar nit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/92353b0bee778725c617e7d57317b568a7796bd0\"\u003e\u003ccode\u003e92353b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1225\"\u003e#1225\u003c/a\u003e from sudo-bmitch/pr-doc-go-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/1a0b9f98c1c11718d80223fbf089d2aa37077c84\"\u003e\u003ccode\u003e1a0b9f9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1230\"\u003e#1230\u003c/a\u003e from sudo-bmitch/pr-layout-extensibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/f2726353bb5752468e8458583cbd4084815f9c72\"\u003e\u003ccode\u003ef272635\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1228\"\u003e#1228\u003c/a\u003e from sudo-bmitch/pr-mixed-digest-algo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/e0462ab8067a57f91114dc2bab4dacebce1c3f26\"\u003e\u003ccode\u003ee0462ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1229\"\u003e#1229\u003c/a\u003e from tianon/setup-go\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/cf536e39757294783fa346666fb2b2bb0d50cb58\"\u003e\u003ccode\u003ecf536e3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/opencontainers/image-spec/issues/1227\"\u003e#1227\u003c/a\u003e from sudo-bmitch/pr-rm-project-doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/60acaacb8003bff5882298333a4a017d6aedcd6a\"\u003e\u003ccode\u003e60acaac\u003c/code\u003e\u003c/a\u003e Document extensibility of the image layout\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/opencontainers/image-spec/commit/4dcf9627be8cc874a43b2fa5ede5549136b37fb2\"\u003e\u003ccode\u003e4dcf962\u003c/code\u003e\u003c/a\u003e Document Go version policy\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/opencontainers/image-spec/compare/v1.1.0...v1.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/operator-framework/api` from 0.29.0 to 0.33.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/operator-framework/api/releases\"\u003egithub.com/operator-framework/api's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.33.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump sigs.k8s.io/yaml from 1.4.0 to 1.5.0 in the k8s-dependencies group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/operator-framework/api/pull/436\"\u003eoperator-framework/api#436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github.com/google/cel-go from 0.25.0 to 0.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/operator-framework/api/pull/437\"\u003eoperator-framework/api#437\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enormalize unit test targets across repos.  add skip/target test args by \u003ca href=\"https://github.com/grokspawn\"\u003e\u003ccode\u003e@​grokspawn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/operator-framework/api/pull/438\"\u003eoperator-framework/api#438\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump go version to fix \u003ca href=\"https://pkg.go.dev/vuln/GO-2025-3751\"\u003ehttps...\n\n_Description has been truncated_","html_url":"https://github.com/Rose2161/hub/pull/349","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Rose2161%2Fhub/issues/349","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/349/packages"}},{"old_version":"1.7.0","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-24T03:18:26.000Z","version_change":"1.7.0 → 1.7.3","issue":{"uuid":"2769517599","node_id":"PR_kwDOPjLc186lE3wf","number":6,"state":"open","title":"chore(deps): bump github.com/gorilla/csrf from 1.7.0 to 1.7.3","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-24T03:18:26.000Z","updated_at":"2025-08-24T03:18:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.0","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.0 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.0...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.0\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Reality2byte/eth2-beaconchain-explorer/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Reality2byte/eth2-beaconchain-explorer/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Reality2byte%2Feth2-beaconchain-explorer/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"1.6.2","new_version":"1.7.3","update_type":"minor","path":null,"pr_created_at":"2025-08-20T08:48:50.000Z","version_change":"1.6.2 → 1.7.3","issue":{"uuid":"2758937155","node_id":"PR_kwDOPhBrr86kcgpD","number":1,"state":"closed","title":"Bump the go_modules group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-20T08:49:35.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-20T08:48:50.000Z","updated_at":"2025-08-20T08:49:35.000Z","time_to_close":45,"merged_at":"2025-08-20T08:49:35.000Z","merged_by":"encode9241","closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":2,"packages":[{"name":"github.com/gorilla/csrf","old_version":"1.6.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"golang.org/x/crypto","old_version":"0.0.0-20200128174031-69ecbb4d6d5d","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 2 updates in the / directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf) and [golang.org/x/crypto](https://github.com/golang/crypto).\n\nUpdates `github.com/gorilla/csrf` from 1.6.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev1.7.0\u003c/h2\u003e\n\u003cp\u003e📢  This release of \u003cem\u003egorilla/csrf\u003c/em\u003e changes the default \u003ccode\u003eSameSite\u003c/code\u003e cookie attribute to address changes in the SameSite spec (see \u003ca href=\"https://redirect.github.com/golang/go/issues/36990\"\u003egolang/go#36990\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ePreviously\u003c/strong\u003e: The \u003ccode\u003eSameSiteDefaultMode\u003c/code\u003e in \u003cem\u003ecsrf\u003c/em\u003e (prior to v1.7.0) would set \u003ccode\u003eSameSite\u003c/code\u003e on the cookie, which is not valid in some browsers, notably older versions of Chrome/Android. These browsers would not set cookies with this \u0026quot;invalid\u0026quot; attribute.\n\u003cstrong\u003eNow\u003c/strong\u003e: The default mode is \u003ccode\u003eSameSite=Lax\u003c/code\u003e, which is \u003ca href=\"https://caniuse.com/#feat=same-site-cookie-attribute\"\u003esupported by Chrome v51, Firefox v60, Safari v13 and most recent browsers\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eIf you're new to SameSite, read \u003ca href=\"https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite\"\u003ethe MDN documentation\u003c/a\u003e for a great overview on why this attribute helps prevent cookies from being 'leaked' to third-party domains unintentionally.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSet SameSite=Lax by default (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/136\"\u003e#136\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDon't set a default samesite for backwards compatibility (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/132\"\u003e#132\u003c/a\u003e) \u003ca href=\"https://github.com/euank\"\u003e\u003ccode\u003e@​euank\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.6.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.0.0-20200128174031-69ecbb4d6d5d to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/commits/v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/encode9241/gophish/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/encode9241/gophish/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/encode9241%2Fgophish/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-17T23:10:38.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"2751596484","node_id":"PR_kwDOKhgMc86kAgfE","number":1,"state":"open","title":"Bump the go_modules group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-17T23:10:38.000Z","updated_at":"2025-08-17T23:10:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":4,"packages":[{"name":"filippo.io/age","old_version":"1.1.1","new_version":"1.2.1","repository_url":"https://github.com/FiloSottile/age"},{"name":"golang.org/x/crypto","old_version":"0.32.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.33.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 4 updates in the / directory: [filippo.io/age](https://github.com/FiloSottile/age), [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net) and [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\n\nUpdates `filippo.io/age` from 1.1.1 to 1.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/FiloSottile/age/releases\"\u003efilippo.io/age's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eage v1.2.1: security fix\u003c/h2\u003e\n\u003cp\u003eThis release fixes a security vulnerability that could allow an attacker to execute an arbitrary binary under certain conditions.\u003c/p\u003e\n\u003cp\u003eSee GHSA-32gq-x56h-299c.\u003c/p\u003e\n\u003cp\u003ePlugin names may now only contain alphanumeric characters or the four special characters \u003ccode\u003e+-._\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eThanks to ⬡-49016 for reporting this issue.\u003c/p\u003e\n\u003ch2\u003eage v1.2.0\u003c/h2\u003e\n\u003cp\u003eA small release to build the release binaries with a more recent Go toolchain, and to fix a couple CLI edge cases (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/491\"\u003eFiloSottile/age#491\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/555\"\u003eFiloSottile/age#555\u003c/a\u003e).\u003c/p\u003e\n\u003cp\u003eThe Go module now exposes a plugin package that provides an age plugin client. That is, Recipient and Identity implementations that invoke a plugin binary, allowing the use of age plugins in Go programs.\u003c/p\u003e\n\u003cp\u003eFinally, Recipients can now return a set of \u0026quot;labels\u0026quot; by implementing RecipientWithLabels. This allows replicating the special behavior of the scrypt Recipient in third-party Recipients, or applying policy useful for authenticated or post-quantum Recipients.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e// RecipientWithLabels can be optionally implemented by a Recipient, in which\n// case Encrypt will use WrapWithLabels instead of Wrap.\n//\n// Encrypt will succeed only if the labels returned by all the recipients\n// (assuming the empty set for those that don't implement RecipientWithLabels)\n// are the same.\n//\n// This can be used to ensure a recipient is only used with other recipients\n// with equivalent properties (for example by setting a \u0026quot;postquantum\u0026quot; label) or\n// to ensure a recipient is always used alone (by returning a random label, for\n// example to preserve its authentication properties).\ntype RecipientWithLabels interface {\n\tWrapWithLabels(fileKey []byte) (s []*Stanza, labels []string, err error)\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/482cf6fc9babd3ab06f6606762aac10447222201\"\u003e\u003ccode\u003e482cf6f\u003c/code\u003e\u003c/a\u003e plugin: restrict characters in plugin names\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/cda3988cc76a139426281a1d812914b71435bd18\"\u003e\u003ccode\u003ecda3988\u003c/code\u003e\u003c/a\u003e all: fix staticcheck warnings (\u003ca href=\"https://redirect.github.com/FiloSottile/age/issues/589\"\u003e#589\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/176e245b3cb3ada322c21eef0bce166dc5a5e4c7\"\u003e\u003ccode\u003e176e245\u003c/code\u003e\u003c/a\u003e README: rotate Sigsum keys\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/faefdc3c81efa89fd41998b77c62234ca56be10b\"\u003e\u003ccode\u003efaefdc3\u003c/code\u003e\u003c/a\u003e README: document Sigsum proofs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bbe6ce5eeb1bb70cfc705d0961c943f0dd637ffd\"\u003e\u003ccode\u003ebbe6ce5\u003c/code\u003e\u003c/a\u003e .github/workflows: update artifacts Actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/1e1badabf74064ee800d19817a725f4803fa4e94\"\u003e\u003ccode\u003e1e1bada\u003c/code\u003e\u003c/a\u003e .github/workflows: go-version stable, not latest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/2293a9afef6984915cb28d2a7264b145604d61e9\"\u003e\u003ccode\u003e2293a9a\u003c/code\u003e\u003c/a\u003e .github/workflows: use latest Go for bootstrap\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/01fe9cd84aa5380cd09b8761af919e5d0a1386ad\"\u003e\u003ccode\u003e01fe9cd\u003c/code\u003e\u003c/a\u003e README: add pkgx installation instructions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/bd0511b415355bf84a3861c77d47d9337ab367b1\"\u003e\u003ccode\u003ebd0511b\u003c/code\u003e\u003c/a\u003e cmd/age: detect output/input file reuse when possible\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/FiloSottile/age/commit/febaaded8756511fd12b7aea122e44be80c35862\"\u003e\u003ccode\u003efebaade\u003c/code\u003e\u003c/a\u003e cmd/age: create file for empty decryptions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/FiloSottile/age/compare/v1.1.1...v1.2.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.32.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/9290511cd23ab9813a307b7f2615325e3ca98902\"\u003e\u003ccode\u003e9290511\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/fa5273e461966728f91f33da62c0cf511a404c2a\"\u003e\u003ccode\u003efa5273e\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/a8ea4be81f0769fd5857e087083cbb6d3cb9f196\"\u003e\u003ccode\u003ea8ea4be\u003c/code\u003e\u003c/a\u003e ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/71d3a4cfdb0360795ce5f2d7041e01823fd22eb6\"\u003e\u003ccode\u003e71d3a4c\u003c/code\u003e\u003c/a\u003e acme: support challenges that require the ACME client to send a non-empty JSO...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.32.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.33.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.33.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/oilcrest/sliver/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/oilcrest/sliver/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/oilcrest%2Fsliver/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","update_type":null,"path":null,"pr_created_at":"2025-08-14T15:09:24.000Z","version_change":"1.7.3-0.20250123201450-9dd6af1f6d30 → 1.7.3","issue":{"uuid":"2746476003","node_id":"PR_kwDOMZsG2M6js-Xj","number":7,"state":"closed","title":"build(deps): bump the go_modules group across 5 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-14T15:49:43.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-14T15:09:24.000Z","updated_at":"2025-08-14T15:49:43.000Z","time_to_close":2419,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"go_modules","update_count":7,"packages":[{"name":"golang.org/x/crypto","old_version":"0.35.0","new_version":"0.41.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/oauth2","old_version":"0.26.0","new_version":"0.27.0","repository_url":"https://github.com/golang/oauth2"},{"name":"github.com/go-viper/mapstructure/v2","old_version":"2.0.0-alpha.1","new_version":"2.3.0","repository_url":"https://github.com/go-viper/mapstructure"},{"name":"github.com/cloudflare/circl","old_version":"1.3.7","new_version":"1.6.1","repository_url":"https://github.com/cloudflare/circl"},{"name":"github.com/docker/docker","old_version":"27.4.1+incompatible","new_version":"28.0.0+incompatible","repository_url":"https://github.com/docker/docker"},{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.35.0` | `0.41.0` |\n| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.26.0` | `0.27.0` |\n| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.0.0-alpha.1` | `2.3.0` |\n| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.7` | `1.6.1` |\n| [github.com/docker/docker](https://github.com/docker/docker) | `27.4.1+incompatible` | `28.0.0+incompatible` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.3-0.20250123201450-9dd6af1f6d30` | `1.7.3` |\n\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp.arm64/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/breakglass directory: [golang.org/x/crypto](https://github.com/golang/crypto).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\n\nUpdates `golang.org/x/crypto` from 0.35.0 to 0.41.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/ef5341b70697ceb55f904384bd982587224e8b0c\"\u003e\u003ccode\u003eef5341b\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b999374650442ee37e9bbd97d6a11ad7ed999b98\"\u003e\u003ccode\u003eb999374\u003c/code\u003e\u003c/a\u003e acme: fix pebble subprocess output data race\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/c247dead11de7671a21a6c5169555e2aa5313caa\"\u003e\u003ccode\u003ec247dea\u003c/code\u003e\u003c/a\u003e x509roots/fallback: store bundle certs directly in DER\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1fda73153feef7b246f24005838c387e354e5e3b\"\u003e\u003ccode\u003e1fda731\u003c/code\u003e\u003c/a\u003e acme: increase pebble test waitForServer attempts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1b4c3d2e8c8be172c6af8f2f72778e69e74d2e78\"\u003e\u003ccode\u003e1b4c3d2\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b903b535d3ef82fab12a9cc0fa50fccc396ced55\"\u003e\u003ccode\u003eb903b53\u003c/code\u003e\u003c/a\u003e acme: capture pebble test subprocess stdout/stderr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/459a9db11b9c43bb1d61722bfd371751d6de05c9\"\u003e\u003ccode\u003e459a9db\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/74e709ad8a8068445173aa5f3e8d7c89caf510c3\"\u003e\u003ccode\u003e74e709a\u003c/code\u003e\u003c/a\u003e ssh: add AlgorithmNegotiationError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b3790b8d914304c8187dc2c86800101c329d77cd\"\u003e\u003ccode\u003eb3790b8\u003c/code\u003e\u003c/a\u003e acme: fix TLSALPN01ChallengeCert for IP address identifiers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1dc4269656dd23b2c4e71c51b8af6bc2b63eecb7\"\u003e\u003ccode\u003e1dc4269\u003c/code\u003e\u003c/a\u003e acme: add Pebble integration testing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/crypto/compare/v0.35.0...v0.41.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.36.0 to 0.42.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/oauth2` from 0.26.0 to 0.27.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3\"\u003e\u003ccode\u003e681b4d8\u003c/code\u003e\u003c/a\u003e jws: split token into fixed number of parts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/3f78298beea38fb76a3fbca33e3056f4b7eb5502\"\u003e\u003ccode\u003e3f78298\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/109dabf9017129171d1807e485ca5633ecd095ac\"\u003e\u003ccode\u003e109dabf\u003c/code\u003e\u003c/a\u003e endpoints: add links/provider for Discord\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/ac571fa341c2a2b979d2b2c8341fd24767ef5d47\"\u003e\u003ccode\u003eac571fa\u003c/code\u003e\u003c/a\u003e oauth2: fix docs for Config.DeviceAuth\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/oauth2/commit/314ee5b92bf23c4973aa8e61eba3ff458e80eef2\"\u003e\u003ccode\u003e314ee5b\u003c/code\u003e\u003c/a\u003e endpoints: add patreon endpoint\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/oauth2/compare/v0.26.0...v0.27.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-viper/mapstructure/v2` from 2.0.0-alpha.1 to 2.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-viper/mapstructure/releases\"\u003egithub.com/go-viper/mapstructure/v2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.1.7 to 4.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/46\"\u003ego-viper/mapstructure#46\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/47\"\u003ego-viper/mapstructure#47\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[enhancement] Add check for \u003ccode\u003ereflect.Value\u003c/code\u003e in \u003ccode\u003eComposeDecodeHookFunc\u003c/code\u003e by \u003ca href=\"https://github.com/mahadzaryab1\"\u003e\u003ccode\u003e@​mahadzaryab1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/52\"\u003ego-viper/mapstructure#52\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/51\"\u003ego-viper/mapstructure#51\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.0 to 4.2.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/50\"\u003ego-viper/mapstructure#50\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/55\"\u003ego-viper/mapstructure#55\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.2.0 to 5.3.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/58\"\u003ego-viper/mapstructure#58\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add Go 1.24 to the test matrix by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/74\"\u003ego-viper/mapstructure#74\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/72\"\u003ego-viper/mapstructure#72\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump golangci/golangci-lint-action from 6.5.0 to 6.5.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/76\"\u003ego-viper/mapstructure#76\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.3.0 to 5.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/78\"\u003ego-viper/mapstructure#78\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add decode hook for netip.Prefix by \u003ca href=\"https://github.com/tklauser\"\u003e\u003ccode\u003e@​tklauser\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/85\"\u003ego-viper/mapstructure#85\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/86\"\u003ego-viper/mapstructure#86\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/87\"\u003ego-viper/mapstructure#87\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/93\"\u003ego-viper/mapstructure#93\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.15 to 3.28.17 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/92\"\u003ego-viper/mapstructure#92\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.19 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/97\"\u003ego-viper/mapstructure#97\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/96\"\u003ego-viper/mapstructure#96\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/90\"\u003ego-viper/mapstructure#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd omitzero tag. by \u003ca href=\"https://github.com/Crystalix007\"\u003e\u003ccode\u003e@​Crystalix007\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/98\"\u003ego-viper/mapstructure#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse error structs instead of duplicated strings by \u003ca href=\"https://github.com/m1k1o\"\u003e\u003ccode\u003e@​m1k1o\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/102\"\u003ego-viper/mapstructure#102\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.19 to 3.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/101\"\u003ego-viper/mapstructure#101\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add common error interface by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/105\"\u003ego-viper/mapstructure#105\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate linter by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/106\"\u003ego-viper/mapstructure#106\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeature allow unset pointer by \u003ca href=\"https://github.com/rostislaved\"\u003e\u003ccode\u003e@​rostislaved\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/80\"\u003ego-viper/mapstructure#80\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tklauser\"\u003e\u003ccode\u003e@​tklauser\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/85\"\u003ego-viper/mapstructure#85\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/90\"\u003ego-viper/mapstructure#90\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Crystalix007\"\u003e\u003ccode\u003e@​Crystalix007\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/98\"\u003ego-viper/mapstructure#98\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rostislaved\"\u003e\u003ccode\u003e@​rostislaved\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/80\"\u003ego-viper/mapstructure#80\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0\"\u003ehttps://github.com/go-viper/mapstructure/compare/v2.2.1...v2.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePass appropriate empty Value to hooks by \u003ca href=\"https://github.com/yurishkuro\"\u003e\u003ccode\u003e@​yurishkuro\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/45\"\u003ego-viper/mapstructure#45\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yurishkuro\"\u003e\u003ccode\u003e@​yurishkuro\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/45\"\u003ego-viper/mapstructure#45\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.2.0...v2.2.1\"\u003ehttps://github.com/go-viper/mapstructure/compare/v2.2.0...v2.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat(decoder-configs): add flag to force decoding nil input in decoder config by \u003ca href=\"https://github.com/mahadzaryab1\"\u003e\u003ccode\u003e@​mahadzaryab1\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/42\"\u003ego-viper/mapstructure#42\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd decode hooks for *url.URL by \u003ca href=\"https://github.com/einzigartigerName\"\u003e\u003ccode\u003e@​einzigartigerName\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/41\"\u003ego-viper/mapstructure#41\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/8c61ec1924fcfa522f9fc6b4618c672db61d1a38\"\u003e\u003ccode\u003e8c61ec1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/80\"\u003e#80\u003c/a\u003e from rostislaved/feature-allow-unset-pointer\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/df765f469ad16a1996fd0f0ae6a32b20535b966a\"\u003e\u003ccode\u003edf765f4\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/106\"\u003e#106\u003c/a\u003e from go-viper/update-linter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/5f34b05aa12639380ef7c2af69eb6f8fd629dbd0\"\u003e\u003ccode\u003e5f34b05\u003c/code\u003e\u003c/a\u003e update linter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/36de1e1d74f55681536097ff8467a8ce952ef183\"\u003e\u003ccode\u003e36de1e1\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/105\"\u003e#105\u003c/a\u003e from go-viper/error-refactor\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/6a283a390ee7bc0f9331f58199db234902e0739f\"\u003e\u003ccode\u003e6a283a3\u003c/code\u003e\u003c/a\u003e chore: update error type doc\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/599cb73236404c044abcf278a45c3928d7480dd0\"\u003e\u003ccode\u003e599cb73\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/101\"\u003e#101\u003c/a\u003e from go-viper/dependabot/github_actions/github/codeql...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/ed3f92181528ff776a0324107b8b55026e93766a\"\u003e\u003ccode\u003eed3f921\u003c/code\u003e\u003c/a\u003e feat: remove value from error messages\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/a3f8b227dcdae324c070d389152837f0aa635f4b\"\u003e\u003ccode\u003ea3f8b22\u003c/code\u003e\u003c/a\u003e revert: error message change\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/9661f6d07c319da00ae0508d99df5f3f0c3953bd\"\u003e\u003ccode\u003e9661f6d\u003c/code\u003e\u003c/a\u003e feat: add common error interface\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/f12f6c76fe743c8e4cc6465c6a9f16fcd8cede57\"\u003e\u003ccode\u003ef12f6c7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/102\"\u003e#102\u003c/a\u003e from m1k1o/prettify-errors2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.0.0-alpha.1...v2.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/cloudflare/circl` from 1.3.7 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cloudflare/circl/releases\"\u003egithub.com/cloudflare/circl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eCIRCL v1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes some point checks on the FourQ curve.\u003c/li\u003e\n\u003cli\u003eHybrid KEM fails on low-order points.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem/hybrid: ensure X25519 hybrids fails with low order points by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/541\"\u003ecloudflare/circl#541\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e.github: Use native ARM64 builders instead of QEMU by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/542\"\u003ecloudflare/circl#542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes several errors on twisted Edwards curves. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/545\"\u003ecloudflare/circl#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.6.1 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/546\"\u003ecloudflare/circl#546\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eCIRCL v1.6.0\u003c/h2\u003e\n\u003ch3\u003eNew!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/vdaf/prio3\"\u003ePrio3\u003c/a\u003e Verifiable Distributed Aggregation Function (\u003ca href=\"https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/\"\u003edraft-irtf-cfrg-vdaf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/kem/xwing\"\u003eX-Wing\u003c/a\u003e: general-purpose hybrid post-quantum KEM (\u003ca href=\"https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/\"\u003edraft-connolly-cfrg-xwing-kem\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd OIDs to ML-DSA by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/519\"\u003ecloudflare/circl#519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdds Prio3 a set of verifiable distributed aggregation functions. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/522\"\u003ecloudflare/circl#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun semgrep cronjob only in upstream repository. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/526\"\u003ecloudflare/circl#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eX-Wing PQ/T hybrid by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/471\"\u003ecloudflare/circl#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eckem: move crypto/elliptic to crypto/ecdh by \u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehpke: Update HPKE code to use ecdh stdlib package. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/530\"\u003ecloudflare/circl#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprio3: Adds polynomial multiplication using NTT by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/532\"\u003ecloudflare/circl#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Prio3 in readme. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/527\"\u003ecloudflare/circl#527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eCIRCL v1.5.0\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNew:\u003c/strong\u003e ML-DSA, Module-Lattice-based Digital Signature Algorithm.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem: add X25519MLKEM768 TLS hybrid KEM by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/510\"\u003ecloudflare/circl#510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate semgrep.yml by \u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erepo: Some fixes reported by CodeQL by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/515\"\u003ecloudflare/circl#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ML-DSA (FIPS204) by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/480\"\u003ecloudflare/circl#480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esign/mldsa: Add test for ML-DSA signature verification. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/517\"\u003ecloudflare/circl#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.5.0 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/518\"\u003ecloudflare/circl#518\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56\"\u003e\u003ccode\u003ec6d33e3\u003c/code\u003e\u003c/a\u003e Release v1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/0c3868ef6fc8ce864bc4104863186afdd2947f14\"\u003e\u003ccode\u003e0c3868e\u003c/code\u003e\u003c/a\u003e curve4q: Shared must fail with low order points.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/9fd570dd508eef941d3f42fb94413a899b96d52e\"\u003e\u003ccode\u003e9fd570d\u003c/code\u003e\u003c/a\u003e curve4q: Test showing DH does not fails on identity point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c988ceba827fe09896e770c152646dded447903d\"\u003e\u003ccode\u003ec988ceb\u003c/code\u003e\u003c/a\u003e fourq: Correctly unmarshalling point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/ef2611dcde7f6d25e31082412bbb30f2a870d133\"\u003e\u003ccode\u003eef2611d\u003c/code\u003e\u003c/a\u003e fourq: Test showing point unmarshal fails.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/05eba44d1a35f979c5f3ac914bcc50c1122e8ced\"\u003e\u003ccode\u003e05eba44\u003c/code\u003e\u003c/a\u003e fourq: Handle the case of Z=0 for IsOnCurve and IsEqual.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/eef08780cc3cb9befa20014e65f731391103be6b\"\u003e\u003ccode\u003eeef0878\u003c/code\u003e\u003c/a\u003e fourq: Test showing isEqual and IsOnCurve fail.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/2298474ef688938e4a81ca14990b9a11a8677e2a\"\u003e\u003ccode\u003e2298474\u003c/code\u003e\u003c/a\u003e goldilocks; Handling points with z=0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/5a940a111507232035d0b753fbf3068c52d6b8ac\"\u003e\u003ccode\u003e5a940a1\u003c/code\u003e\u003c/a\u003e goldilocks: Test for IsEqual must fail with Z=0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/48c3b6a2746a18db4d8b675ab296980514359340\"\u003e\u003ccode\u003e48c3b6a\u003c/code\u003e\u003c/a\u003e ed25519: Fix isEqual to handle points with Z=0.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.3.7...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/docker/docker` from 27.4.1+incompatible to 28.0.0+incompatible\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/docker/releases\"\u003egithub.com/docker/docker's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev28.0.0\u003c/h2\u003e\n\u003ch1\u003e28.0.0\u003c/h1\u003e\n\u003cp\u003eFor a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.0.0\"\u003edocker/cli, 28.0.0 milestone\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A28.0.0\"\u003emoby/moby, 28.0.0 milestone\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDeprecated and removed features, see \u003ca href=\"https://github.com/docker/cli/blob/v28.0.0/docs/deprecated.md\"\u003eDeprecated Features\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eChanges to the Engine API, see \u003ca href=\"https://github.com/moby/moby/blob/v28.0.0/docs/api/version-history.md\"\u003eAPI version history\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ability to mount an image inside a container via \u003ccode\u003e--mount type=image\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48798\"\u003emoby/moby#48798\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eYou can also specify \u003ccode\u003e--mount type=image,image-subpath=[subpath],...\u003c/code\u003e option to mount a specific path from the image. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5755\"\u003edocker/cli#5755\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edocker images --tree\u003c/code\u003e now shows metadata badges. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5744\"\u003edocker/cli#5744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edocker load\u003c/code\u003e, \u003ccode\u003edocker save\u003c/code\u003e, and \u003ccode\u003edocker history\u003c/code\u003e now support a \u003ccode\u003e--platform\u003c/code\u003e flag allowing you to choose a specific platform for single-platform operations on multi-platform images. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5331\"\u003edocker/cli#5331\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003eOOMScoreAdj\u003c/code\u003e to \u003ccode\u003edocker service create\u003c/code\u003e and \u003ccode\u003edocker stack\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5145\"\u003edocker/cli#5145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003edocker buildx prune\u003c/code\u003e now supports \u003ccode\u003ereserved-space\u003c/code\u003e, \u003ccode\u003emax-used-space\u003c/code\u003e, \u003ccode\u003emin-free-space\u003c/code\u003e and \u003ccode\u003ekeep-bytes\u003c/code\u003e filters. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48720\"\u003emoby/moby#48720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWindows: Add support for running containerd as a child process of the daemon, instead of using a system-installed containerd. \u003ca href=\"https://redirect.github.com/moby/moby/pull/47955\"\u003emoby/moby#47955\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNetworking\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003edocker-proxy\u003c/code\u003e binary has been updated, older versions will not work with the updated \u003ccode\u003edockerd\u003c/code\u003e. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48132\"\u003emoby/moby#48132\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eClose a window in which the userland proxy (\u003ccode\u003edocker-proxy\u003c/code\u003e) could accept TCP connections, that would then fail after \u003ccode\u003eiptables\u003c/code\u003e NAT rules were set up.\u003c/li\u003e\n\u003cli\u003eThe executable \u003ccode\u003erootlesskit-docker-proxy\u003c/code\u003e is no longer used, it has been removed from the build and distribution.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eDNS nameservers read from the host's \u003ccode\u003e/etc/resolv.conf\u003c/code\u003e are now always accessed from the host's network namespace. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48290\"\u003emoby/moby#48290\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eWhen the host's \u003ccode\u003e/etc/resolv.conf\u003c/code\u003e contains no nameservers and there are no \u003ccode\u003e--dns\u003c/code\u003e overrides, Google's DNS servers are no longer used, apart from by the default bridge network and in build containers.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eContainer interfaces in bridge and macvlan networks now use randomly generated MAC addresses. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48808\"\u003emoby/moby#48808\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eGratuitous ARP / Neighbour Advertisement messages will be sent when the interfaces are started so that, when IP addresses are reused, they're associated with the newly generated MAC address.\u003c/li\u003e\n\u003cli\u003eIPv6 addresses in the default bridge network are now IPAM-assigned, rather than being derived from the MAC address.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eThe deprecated OCI \u003ccode\u003eprestart\u003c/code\u003e hook is now only used by build containers. For other containers, network interfaces are added to the network namespace after task creation is complete, before the container task is started. \u003ca href=\"https://redirect.github.com/moby/moby/pull/47406\"\u003emoby/moby#47406\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a new \u003ccode\u003egw-priority\u003c/code\u003e option to \u003ccode\u003edocker run\u003c/code\u003e, \u003ccode\u003edocker container create\u003c/code\u003e, and \u003ccode\u003edocker network connect\u003c/code\u003e. This option will be used by the Engine to determine which network provides the default gateway for a container. On \u003ccode\u003edocker run\u003c/code\u003e, this option is only available through the extended \u003ccode\u003e--network\u003c/code\u003e syntax. \u003ca href=\"https://redirect.github.com/docker/cli/pull/5664\"\u003edocker/cli#5664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a new netlabel \u003ccode\u003ecom.docker.network.endpoint.ifname\u003c/code\u003e to customize the interface name used when connecting a container to a network. It's supported by all built-in network drivers on Linux. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49155\"\u003emoby/moby#49155\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eWhen a container is created with multiple networks specified, there's no guarantee on the order networks will be connected to the container. So, if a custom interface name uses the same prefix as the auto-generated names, for example \u003ccode\u003eeth\u003c/code\u003e, the container might fail to start.\u003c/li\u003e\n\u003cli\u003eThe recommended practice is to use a different prefix, for example \u003ccode\u003een0\u003c/code\u003e, or a numerical suffix high enough to never collide, for example \u003ccode\u003eeth100\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThis label can be specified on \u003ccode\u003edocker network connect\u003c/code\u003e via the \u003ccode\u003e--driver-opt\u003c/code\u003e flag, for example \u003ccode\u003edocker network connect --driver-opt=com.docker.network.endpoint.ifname=foobar …\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eOr via the long-form \u003ccode\u003e--network\u003c/code\u003e flag on \u003ccode\u003edocker run\u003c/code\u003e, for example \u003ccode\u003edocker run --network=name=bridge,driver-opt=com.docker.network.endpoint.ifname=foobar …\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eIf a custom network driver reports capability \u003ccode\u003eGwAllocChecker\u003c/code\u003e then, before a network is created, it will get a \u003ccode\u003eGwAllocCheckerRequest\u003c/code\u003e with the network's options. The custom driver may then reply that no gateway IP address should be allocated. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49372\"\u003emoby/moby#49372\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ePort publishing in bridge networks\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003edockerd\u003c/code\u003e now requires \u003ccode\u003eipset\u003c/code\u003e support in the Linux kernel. \u003ca href=\"https://redirect.github.com/moby/moby/pull/48596\"\u003emoby/moby#48596\u003c/a\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003eiptables\u003c/code\u003e and \u003ccode\u003eip6tables\u003c/code\u003e rules used to implement port publishing and network isolation have been extensively modified. This enables some of the following functional changes, and is a first step in refactoring to enable native \u003ccode\u003enftables\u003c/code\u003e support in a future release. \u003ca href=\"https://redirect.github.com/moby/moby/issues/48815\"\u003emoby/moby#48815\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf it becomes necessary to downgrade to an earlier version of the daemon, some manual cleanup of the new rules will be necessary. The simplest and surest approach is to reboot the host, or use \u003ccode\u003eiptables -F\u003c/code\u003e and \u003ccode\u003eip6tables -F\u003c/code\u003e to flush all existing \u003ccode\u003eiptables\u003c/code\u003e rules from the \u003ccode\u003efilter\u003c/code\u003e table before starting the older version of the daemon. When that is not possible, run the following commands as root:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eiptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eiptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -j DOCKER\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eIf you were previously running with the iptables filter-FORWARD policy set to \u003ccode\u003eACCEPT\u003c/code\u003e and need to restore access to unpublished ports, also delete per-bridge-network rules from the \u003ccode\u003eDOCKER\u003c/code\u003e chains. For example, \u003ccode\u003eiptables -D DOCKER ! -i docker0 -o docker0 -j DROP\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFix a security issue that was allowing remote hosts to connect directly to a container on its published ports. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49325\"\u003emoby/moby#49325\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix a security issue that was allowing neighbor hosts to connect to ports mapped on a loopback address. \u003ca href=\"https://redirect.github.com/moby/moby/pull/49325\"\u003emoby/moby#49325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/af898abe44662d9554fb15ee4d4a7307f1b8e315\"\u003e\u003ccode\u003eaf898ab\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49495\"\u003e#49495\u003c/a\u003e from vvoland/update-buildkit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/d67f035d31bab71be3ae7dcaacba41f5a98aad11\"\u003e\u003ccode\u003ed67f035\u003c/code\u003e\u003c/a\u003e vendor: github.com/moby/buildkit v0.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/00ab386b5a2ebcf85b6a03b800f593c3a140c6a8\"\u003e\u003ccode\u003e00ab386\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49491\"\u003e#49491\u003c/a\u003e from vvoland/update-buildkit\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/1fde8c46159cb41f584c01551f83cc21ecf924d9\"\u003e\u003ccode\u003e1fde8c4\u003c/code\u003e\u003c/a\u003e builder-next: fix cdi manager\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/cde9f0752e9c9f63b459e0247ff7df0b35488af3\"\u003e\u003ccode\u003ecde9f07\u003c/code\u003e\u003c/a\u003e vendor: github.com/moby/buildkit v0.20.0-rc3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/89e1429b65f194b25fe2e31088a4c4e69a651a47\"\u003e\u003ccode\u003e89e1429\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49490\"\u003e#49490\u003c/a\u003e from thaJeztah/dockerfile_linting\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/b2b55903d0bb54e11bfe22204c1e0b73627943eb\"\u003e\u003ccode\u003eb2b5590\u003c/code\u003e\u003c/a\u003e Dockerfile: fix linting warnings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/62bc5979908f152a8929ce44927cbdd929bf53ea\"\u003e\u003ccode\u003e62bc597\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49480\"\u003e#49480\u003c/a\u003e from thaJeztah/docs_api_1.48\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/670cd81423932b3e9103f0893c5d5e63a079ae58\"\u003e\u003ccode\u003e670cd81\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/docker/issues/49485\"\u003e#49485\u003c/a\u003e from vvoland/c8d-list-panic\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/moby/moby/commit/a3628f3f8e806ede250e2c95f6757070c9fb56e4\"\u003e\u003ccode\u003ea3628f3\u003c/code\u003e\u003c/a\u003e docs/api: add documentation for API v1.48\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/docker/compare/v27.4.1...v28.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.17.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/ef5341b70697ceb55f904384bd982587224e8b0c\"\u003e\u003ccode\u003eef5341b\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b999374650442ee37e9bbd97d6a11ad7ed999b98\"\u003e\u003ccode\u003eb999374\u003c/code\u003e\u003c/a\u003e acme: fix pebble subprocess output data race\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/c247dead11de7671a21a6c5169555e2aa5313caa\"\u003e\u003ccode\u003ec247dea\u003c/code\u003e\u003c/a\u003e x509roots/fallback: store bundle certs directly in DER\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1fda73153feef7b246f24005838c387e354e5e3b\"\u003e\u003ccode\u003e1fda731\u003c/code\u003e\u003c/a\u003e acme: increase pebble test waitForServer attempts\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1b4c3d2e8c8be172c6af8f2f72778e69e74d2e78\"\u003e\u003ccode\u003e1b4c3d2\u003c/code\u003e\u003c/a\u003e x509roots/fallback: update bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b903b535d3ef82fab12a9cc0fa50fccc396ced55\"\u003e\u003ccode\u003eb903b53\u003c/code\u003e\u003c/a\u003e acme: capture pebble test subprocess stdout/stderr\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/459a9db11b9c43bb1d61722bfd371751d6de05c9\"\u003e\u003ccode\u003e459a9db\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/74e709ad8a8068445173aa5f3e8d7c89caf510c3\"\u003e\u003ccode\u003e74e709a\u003c/code\u003e\u003c/a\u003e ssh: add AlgorithmNegotiationError\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b3790b8d914304c8187dc2c86800101c329d77cd\"\u003e\u003ccode\u003eb3790b8\u003c/code\u003e\u003c/a\u003e acme: fix TLSALPN01ChallengeCert for IP address identifiers\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/1dc4269656dd23b2c4e71c51b8af6bc2b63eecb7\"\u003e\u003ccode\u003e1dc4269\u003c/code\u003e\u003c/a\u003e acme: add Pebble integration testing\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/crypto/compare/v0.35.0...v0.41.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.23.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/offsoc/tailscale/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/offsoc/tailscale/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/offsoc%2Ftailscale/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-14T00:04:25.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"2744421314","node_id":"PR_kwDOPBY0Xs6jlIvC","number":2,"state":"open","title":"chore(deps): bump the go_modules group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-14T00:04:25.000Z","updated_at":"2025-08-14T00:04:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"go_modules","update_count":2,"packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"helm.sh/helm/v3","old_version":"3.18.2","new_version":"3.18.5","repository_url":"https://github.com/helm/helm"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 2 updates in the /src directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf) and [helm.sh/helm/v3](https://github.com/helm/helm).\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `helm.sh/helm/v3` from 3.18.2 to 3.18.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/helm/helm/releases\"\u003ehelm.sh/helm/v3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eHelm v3.18.5 is a security release. Users are encouraged to upgrade for the best experience.\u003c/p\u003e\n\u003cp\u003eThe community keeps growing, and we'd love to see you there!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eJoin the discussion in \u003ca href=\"https://kubernetes.slack.com\"\u003eKubernetes Slack\u003c/a\u003e:\n\u003cul\u003e\n\u003cli\u003efor questions and just to hang out\u003c/li\u003e\n\u003cli\u003efor discussing PRs, code, and bugs\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eHang out at the Public Developer Call: Thursday, 9:30 Pacific via \u003ca href=\"https://zoom.us/j/696660622\"\u003eZoom\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTest, debug, and contribute charts: \u003ca href=\"https://artifacthub.io/packages/search?kind=0\"\u003eArtifactHub/packages\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity Advisories\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/security/advisories/GHSA-9h84-qmv7-982p\"\u003eHelm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/security/advisories/GHSA-f9f8-9pmf-xv68\"\u003eIncorrect YAML Content Leads To Panic\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eInstallation and Upgrading\u003c/h2\u003e\n\u003cp\u003eDownload Helm v3.18.5. The common platform binaries are here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-amd64.tar.gz\"\u003eMacOS amd64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-amd64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 3200c32cf19bf69b446e97c0060af39f018d2e441e418ad174ba39052f63fb15)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-arm64.tar.gz\"\u003eMacOS arm64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-darwin-arm64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 32ce3f4910d5a96c1170f3f8f230d4c8b8bc007e5d47b085b8416cfe559d7925)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-amd64.tar.gz\"\u003eLinux amd64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-amd64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 9879bf9c471cdecbbee5ee17cf1de1849b0ffd12871ea01f17ede6861d7134f5)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm.tar.gz\"\u003eLinux arm\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 4be47fa77476bfd6416a44853e28983e7c8594156259813ecf35d004044fb17d)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm64.tar.gz\"\u003eLinux arm64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-arm64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / d25d2c1b1c5a9844755ab5c66e6df4d6b31c25e6d92dd2ce66c137a63ddf9f2c)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-386.tar.gz\"\u003eLinux i386\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-386.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 1ee980e47bb37f388abdce3a7e8da64a9b372352c4cb645bda5ddd401973bee3)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-ppc64le.tar.gz\"\u003eLinux ppc64le\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-ppc64le.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / 9d300e0efced9b244aedcc9d11c49647deb4c5afc8d2298c988498dc530bc932)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-s390x.tar.gz\"\u003eLinux s390x\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-s390x.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / c779bb4dea8026294378a9ad6447095fb8f56671a8c49437344dd342de2a3156)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-riscv64.tar.gz\"\u003eLinux riscv64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-linux-riscv64.tar.gz.sha256sum\"\u003echecksum\u003c/a\u003e / f79d06dc5e966c341fc8ad1a0d5e032f7d681e62c4a51a4d22badec4b9857144)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-amd64.zip\"\u003eWindows amd64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-amd64.zip.sha256sum\"\u003echecksum\u003c/a\u003e / 464bfd7792d6c682778fc1d5e5bcc9ac5ce83457fe3c4b7a3d0af4dc3ef03eb1)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-arm64.zip\"\u003eWindows arm64\u003c/a\u003e (\u003ca href=\"https://get.helm.sh/helm-v3.18.5-windows-arm64.zip.sha256sum\"\u003echecksum\u003c/a\u003e / 82411e3ee4e349d30221ddf6c26397bb0a41666939b338ccf39f4cd2ec4e4410)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe \u003ca href=\"https://helm.sh/docs/intro/quickstart/\"\u003eQuickstart Guide\u003c/a\u003e will get you going from there. For \u003cstrong\u003eupgrade instructions\u003c/strong\u003e or detailed installation notes, check the \u003ca href=\"https://helm.sh/docs/intro/install/\"\u003einstall guide\u003c/a\u003e. You can also use a \u003ca href=\"https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3\"\u003escript to install\u003c/a\u003e on any system with \u003ccode\u003ebash\u003c/code\u003e.\u003c/p\u003e\n\u003ch2\u003eWhat's Next\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e3.18.6 will contain only bug fixes.\u003c/li\u003e\n\u003cli\u003e3.19.5 is the next feature release. This release will focus on ...\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix Chart.yaml handling 7799b483f52ceb665264a4056da3d2569d60f910 (Matt Farina)\u003c/li\u003e\n\u003cli\u003eHandle messy index files dd8502f7b4fd5824a696c99909babd0fbed77e9e (Matt Farina)\u003c/li\u003e\n\u003cli\u003ejson schema fix cb8595bc650e2ec7459427d2b0430599431a3dbe (Robert Sirchia)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eHelm v3.18.4 is a security release. Users are encouraged to upgrade for the best experience.\u003c/p\u003e\n\u003cp\u003eThe community keeps growing, and we'd love to see you there!\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eJoin the discussion in \u003ca href=\"https://kubernetes.slack.com\"\u003eKubernetes Slack\u003c/a\u003e:\n\u003cul\u003e\n\u003cli\u003efor questions and just to hang out\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/b78692c18f0fb38fe5ba4571a674de067a4c53a5\"\u003e\u003ccode\u003eb78692c\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/ec5f59e2db56533d042a124f5bae54dd87b558e6\"\u003e\u003ccode\u003eec5f59e\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/7799b483f52ceb665264a4056da3d2569d60f910\"\u003e\u003ccode\u003e7799b48\u003c/code\u003e\u003c/a\u003e fix Chart.yaml handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/dd8502f7b4fd5824a696c99909babd0fbed77e9e\"\u003e\u003ccode\u003edd8502f\u003c/code\u003e\u003c/a\u003e Handle messy index files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/cb8595bc650e2ec7459427d2b0430599431a3dbe\"\u003e\u003ccode\u003ecb8595b\u003c/code\u003e\u003c/a\u003e json schema fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/d80839cf37d860c8aa9a0503fe463278f26cd5e2\"\u003e\u003ccode\u003ed80839c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/helm/helm/issues/31037\"\u003e#31037\u003c/a\u003e from mattfarina/disable-goimports-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/f20a4ad1d5c953ca0fb3d3b30aa9aa796d472ef1\"\u003e\u003ccode\u003ef20a4ad\u003c/code\u003e\u003c/a\u003e Disabling linter due to unknown issue\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/c48c500247cac5e0bd782bdc540b79b57092b2a8\"\u003e\u003ccode\u003ec48c500\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/563b0947b995c48354319aa054830db61f793a08\"\u003e\u003ccode\u003e563b094\u003c/code\u003e\u003c/a\u003e build(deps): bump the k8s-io group with 7 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/helm/helm/commit/00de613324df4dd930e6d231d9aae7f9dee29c76\"\u003e\u003ccode\u003e00de613\u003c/code\u003e\u003c/a\u003e Updating link handling\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/helm/helm/compare/v3.18.2...v3.18.5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Lynquatiq/harbor/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Lynquatiq/harbor/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Lynquatiq%2Fharbor/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.7.0","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-12T06:35:06.000Z","version_change":"1.7.0 → 1.7.3","issue":{"uuid":"2737852467","node_id":"PR_kwDOE17YVc6jMFAz","number":3,"state":"open","title":"Bump github.com/gorilla/csrf from 1.7.0 to 1.7.3","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-12T06:35:06.000Z","updated_at":"2025-08-12T06:35:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.0","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.0 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eRelease v1.7.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove pkg/errors dependency by \u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e[GPT-96] Update go version \u0026amp; add verification/testing tools by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdated licence by \u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/167\"\u003egorilla/csrf#167\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate issues.yml by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/168\"\u003egorilla/csrf#168\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eissues/158/examples for working api with javascript frontend by \u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdating github action workflows by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/169\"\u003egorilla/csrf#169\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdating gorilla/securecookie to v1.1.2 by \u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/170\"\u003egorilla/csrf#170\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/husio\"\u003e\u003ccode\u003e@​husio\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/161\"\u003egorilla/csrf#161\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/coreydaley\"\u003e\u003ccode\u003e@​coreydaley\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/164\"\u003egorilla/csrf#164\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/apoorvajagtap\"\u003e\u003ccode\u003e@​apoorvajagtap\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/166\"\u003egorilla/csrf#166\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/francoposa\"\u003e\u003ccode\u003e@​francoposa\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/gorilla/csrf/pull/162\"\u003egorilla/csrf#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.1...v1.7.2\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003ev1.7.1 is a minor maintenance release. It improves documentation, and fixes a bug (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e) that caused missing tokens to not provide a clear error message back to the client.\u003c/p\u003e\n\u003ch2\u003eCHANGELOG\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ebugfix: Not providing any token in requests results in wrong error message (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a note about secrecy of CSRF token in the README.md (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/154\"\u003e#154\u003c/a\u003e) \u003ca href=\"https://github.com/maxximino\"\u003e\u003ccode\u003e@​maxximino\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd note about csrf.Path option (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/147\"\u003e#147\u003c/a\u003e) \u003ca href=\"https://github.com/karelbilek\"\u003e\u003ccode\u003e@​karelbilek\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild: use build matrix; drop Go \u0026lt;= 1.10 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/142\"\u003e#142\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: change TrustedOrigin to TrustedOrigins in README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/140\"\u003e#140\u003c/a\u003e) \u003ca href=\"https://github.com/mittonface\"\u003e\u003ccode\u003e@​mittonface\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add TOC to README (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/137\"\u003e#137\u003c/a\u003e) \u003ca href=\"https://github.com/elithrar\"\u003e\u003ccode\u003e@​elithrar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a009743572494ccbc9d159005bdc58b86a44ddba\"\u003e\u003ccode\u003ea009743\u003c/code\u003e\u003c/a\u003e Updating gorilla/securecookie to v1.1.2 (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/170\"\u003e#170\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/94b5a9efbc27ce51c4ac1b1287c964e8f13013ca\"\u003e\u003ccode\u003e94b5a9e\u003c/code\u003e\u003c/a\u003e updating github action workflows (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/169\"\u003e#169\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/c1f4eb3aba6fe4cd0d1ef0ed5ca556876b14c29f\"\u003e\u003ccode\u003ec1f4eb3\u003c/code\u003e\u003c/a\u003e issues/158/examples for working api with javascript frontend (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/162\"\u003e#162\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/73c96a512fc353d11f3da50cffde1e454884f405\"\u003e\u003ccode\u003e73c96a5\u003c/code\u003e\u003c/a\u003e Update issues.yml (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/168\"\u003e#168\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/a71a12f7d30580b6da2183b0f398527be93c0ca9\"\u003e\u003ccode\u003ea71a12f\u003c/code\u003e\u003c/a\u003e updated licence (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/167\"\u003e#167\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/15d47eceb8d5861882e276508d7cbb5b0082b980\"\u003e\u003ccode\u003e15d47ec\u003c/code\u003e\u003c/a\u003e [GPT-96] Update go version \u0026amp; add verification/testing tools (\u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/166\"\u003e#166\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/32c27b0316d75a24e55ab36d059d0309238b9ee1\"\u003e\u003ccode\u003e32c27b0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/gorilla/csrf/issues/164\"\u003e#164\u003c/a\u003e from gorilla/coreydaley-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/04cc5dba5dd0af4341b9b406f05dc569c5e0ab40\"\u003e\u003ccode\u003e04cc5db\u003c/code\u003e\u003c/a\u003e Update README.md\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/93379db1992f1b2fbdd4ba1b55a1bf0414b0535e\"\u003e\u003ccode\u003e93379db\u003c/code\u003e\u003c/a\u003e archive mode\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.0...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.0\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/vijay8059/GoWebApp/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/vijay8059/GoWebApp/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vijay8059%2FGoWebApp/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","update_type":null,"path":null,"pr_created_at":"2025-08-05T18:01:20.000Z","version_change":"1.7.3-0.20250123201450-9dd6af1f6d30 → 1.7.3","issue":{"uuid":"2722003266","node_id":"PR_kwDON7p0Kc6iPnlC","number":13,"state":"closed","title":"Bump the go_modules group across 5 directories with 4 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-05T18:23:19.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-05T18:01:20.000Z","updated_at":"2025-08-05T18:23:19.000Z","time_to_close":1319,"merged_at":"2025-08-05T18:23:19.000Z","merged_by":"Cringely","closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":4,"packages":[{"name":"golang.org/x/crypto","old_version":"0.33.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.35.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/cloudflare/circl","old_version":"1.3.7","new_version":"1.6.1","repository_url":"https://github.com/cloudflare/circl"},{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"golang.org/x/net","old_version":"0.23.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"golang.org/x/net","old_version":"0.23.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"golang.org/x/crypto","old_version":"0.17.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.23.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 4 updates in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/net](https://github.com/golang/net), [github.com/cloudflare/circl](https://github.com/cloudflare/circl) and [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp.arm64/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/breakglass directory: [golang.org/x/crypto](https://github.com/golang/crypto).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\n\nUpdates `golang.org/x/crypto` from 0.33.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.35.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/cloudflare/circl` from 1.3.7 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cloudflare/circl/releases\"\u003egithub.com/cloudflare/circl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eCIRCL v1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes some point checks on the FourQ curve.\u003c/li\u003e\n\u003cli\u003eHybrid KEM fails on low-order points.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem/hybrid: ensure X25519 hybrids fails with low order points by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/541\"\u003ecloudflare/circl#541\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e.github: Use native ARM64 builders instead of QEMU by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/542\"\u003ecloudflare/circl#542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes several errors on twisted Edwards curves. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/545\"\u003ecloudflare/circl#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.6.1 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/546\"\u003ecloudflare/circl#546\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eCIRCL v1.6.0\u003c/h2\u003e\n\u003ch3\u003eNew!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/vdaf/prio3\"\u003ePrio3\u003c/a\u003e Verifiable Distributed Aggregation Function (\u003ca href=\"https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/\"\u003edraft-irtf-cfrg-vdaf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/kem/xwing\"\u003eX-Wing\u003c/a\u003e: general-purpose hybrid post-quantum KEM (\u003ca href=\"https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/\"\u003edraft-connolly-cfrg-xwing-kem\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd OIDs to ML-DSA by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/519\"\u003ecloudflare/circl#519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdds Prio3 a set of verifiable distributed aggregation functions. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/522\"\u003ecloudflare/circl#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun semgrep cronjob only in upstream repository. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/526\"\u003ecloudflare/circl#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eX-Wing PQ/T hybrid by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/471\"\u003ecloudflare/circl#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eckem: move crypto/elliptic to crypto/ecdh by \u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehpke: Update HPKE code to use ecdh stdlib package. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/530\"\u003ecloudflare/circl#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprio3: Adds polynomial multiplication using NTT by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/532\"\u003ecloudflare/circl#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Prio3 in readme. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/527\"\u003ecloudflare/circl#527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eCIRCL v1.5.0\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNew:\u003c/strong\u003e ML-DSA, Module-Lattice-based Digital Signature Algorithm.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem: add X25519MLKEM768 TLS hybrid KEM by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/510\"\u003ecloudflare/circl#510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate semgrep.yml by \u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erepo: Some fixes reported by CodeQL by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/515\"\u003ecloudflare/circl#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ML-DSA (FIPS204) by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/480\"\u003ecloudflare/circl#480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esign/mldsa: Add test for ML-DSA signature verification. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/517\"\u003ecloudflare/circl#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.5.0 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/518\"\u003ecloudflare/circl#518\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56\"\u003e\u003ccode\u003ec6d33e3\u003c/code\u003e\u003c/a\u003e Release v1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/0c3868ef6fc8ce864bc4104863186afdd2947f14\"\u003e\u003ccode\u003e0c3868e\u003c/code\u003e\u003c/a\u003e curve4q: Shared must fail with low order points.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/9fd570dd508eef941d3f42fb94413a899b96d52e\"\u003e\u003ccode\u003e9fd570d\u003c/code\u003e\u003c/a\u003e curve4q: Test showing DH does not fails on identity point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c988ceba827fe09896e770c152646dded447903d\"\u003e\u003ccode\u003ec988ceb\u003c/code\u003e\u003c/a\u003e fourq: Correctly unmarshalling point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/ef2611dcde7f6d25e31082412bbb30f2a870d133\"\u003e\u003ccode\u003eef2611d\u003c/code\u003e\u003c/a\u003e fourq: Test showing point unmarshal fails.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/05eba44d1a35f979c5f3ac914bcc50c1122e8ced\"\u003e\u003ccode\u003e05eba44\u003c/code\u003e\u003c/a\u003e fourq: Handle the case of Z=0 for IsOnCurve and IsEqual.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/eef08780cc3cb9befa20014e65f731391103be6b\"\u003e\u003ccode\u003eeef0878\u003c/code\u003e\u003c/a\u003e fourq: Test showing isEqual and IsOnCurve fail.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/2298474ef688938e4a81ca14990b9a11a8677e2a\"\u003e\u003ccode\u003e2298474\u003c/code\u003e\u003c/a\u003e goldilocks; Handling points with z=0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/5a940a111507232035d0b753fbf3068c52d6b8ac\"\u003e\u003ccode\u003e5a940a1\u003c/code\u003e\u003c/a\u003e goldilocks: Test for IsEqual must fail with Z=0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/48c3b6a2746a18db4d8b675ab296980514359340\"\u003e\u003ccode\u003e48c3b6a\u003c/code\u003e\u003c/a\u003e ed25519: Fix isEqual to handle points with Z=0.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.3.7...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.17.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Cringely/docker-alpine-nfs-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Cringely/docker-alpine-nfs-server/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cringely%2Fdocker-alpine-nfs-server/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","update_type":null,"path":null,"pr_created_at":"2025-08-05T18:00:34.000Z","version_change":"1.7.3-0.20250123201450-9dd6af1f6d30 → 1.7.3","issue":{"uuid":"2722001267","node_id":"PR_kwDON7p0Kc6iPnFz","number":12,"state":"open","title":"Bump the go_modules group across 5 directories with 5 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-08-05T18:00:34.000Z","updated_at":"2025-08-05T18:00:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"go_modules","update_count":5,"packages":[{"name":"golang.org/x/crypto","old_version":"0.33.0","new_version":"0.35.0","repository_url":"https://github.com/golang/crypto"},{"name":"golang.org/x/net","old_version":"0.35.0","new_version":"0.38.0","repository_url":"https://github.com/golang/net"},{"name":"github.com/go-viper/mapstructure/v2","old_version":"2.3.0","new_version":"2.4.0","repository_url":"https://github.com/go-viper/mapstructure"},{"name":"github.com/cloudflare/circl","old_version":"1.3.7","new_version":"1.6.1","repository_url":"https://github.com/cloudflare/circl"},{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 5 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.33.0` | `0.35.0` |\n| [golang.org/x/net](https://github.com/golang/net) | `0.35.0` | `0.38.0` |\n| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.3.0` | `2.4.0` |\n| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | `1.3.7` | `1.6.1` |\n| [github.com/gorilla/csrf](https://github.com/gorilla/csrf) | `1.7.3-0.20250123201450-9dd6af1f6d30` | `1.7.3` |\n\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp.arm64/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/natlabapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/breakglass directory: [golang.org/x/crypto](https://github.com/golang/crypto).\nBumps the go_modules group with 1 update in the /gokrazy/tsapp/builddir/github.com/gokrazy/gokrazy/cmd/dhcp directory: [golang.org/x/net](https://github.com/golang/net).\n\nUpdates `golang.org/x/crypto` from 0.33.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.35.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-viper/mapstructure/v2` from 2.3.0 to 2.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-viper/mapstructure/releases\"\u003egithub.com/go-viper/mapstructure/v2's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: replace interface{} with any by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/115\"\u003ego-viper/mapstructure#115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.0 to 3.29.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/114\"\u003ego-viper/mapstructure#114\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eGeneric tests by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/118\"\u003ego-viper/mapstructure#118\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix godoc reference link in README.md by \u003ca href=\"https://github.com/peczenyj\"\u003e\u003ccode\u003e@​peczenyj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/107\"\u003ego-viper/mapstructure#107\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add StringToTimeLocationHookFunc to convert strings to *time.Location by \u003ca href=\"https://github.com/ErfanMomeniii\"\u003e\u003ccode\u003e@​ErfanMomeniii\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/117\"\u003ego-viper/mapstructure#117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add back previous StringToSlice as a weak function by \u003ca href=\"https://github.com/sagikazarmark\"\u003e\u003ccode\u003e@​sagikazarmark\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/119\"\u003ego-viper/mapstructure#119\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ErfanMomeniii\"\u003e\u003ccode\u003e@​ErfanMomeniii\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/pull/117\"\u003ego-viper/mapstructure#117\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0\"\u003ehttps://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/b9794a5f0e73d425210d6614ed833067029155f5\"\u003e\u003ccode\u003eb9794a5\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/119\"\u003e#119\u003c/a\u003e from go-viper/string-to-weak-slice\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/17cdcb0741054e2a33938adf6bd1f2a5c0aa8f30\"\u003e\u003ccode\u003e17cdcb0\u003c/code\u003e\u003c/a\u003e feat: add back previous StringToSlice as a weak function\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/3caca3614c3ab2c5b5d359c44fdcd72058887b19\"\u003e\u003ccode\u003e3caca36\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/117\"\u003e#117\u003c/a\u003e from ErfanMomeniii/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/9a861bc115f2b54ed4e494662f29c172d9ef046a\"\u003e\u003ccode\u003e9a861bc\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/107\"\u003e#107\u003c/a\u003e from peczenyj/patch-2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/86ed5b59da0615fb8c3a413f401cdf0231f1234c\"\u003e\u003ccode\u003e86ed5b5\u003c/code\u003e\u003c/a\u003e refactor: update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/ace5b4e8b3dec99468ffa9498e42fb09d177b0a6\"\u003e\u003ccode\u003eace5b4e\u003c/code\u003e\u003c/a\u003e chore: add interface any linter\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/1a4f1aef38bfa8549762aaf42c7c18a5d268e76e\"\u003e\u003ccode\u003e1a4f1ae\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/go-viper/mapstructure/issues/118\"\u003e#118\u003c/a\u003e from go-viper/generic-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/a2689090ed4348033c36724d866faf1f911a9f63\"\u003e\u003ccode\u003ea268909\u003c/code\u003e\u003c/a\u003e fix: lint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/17f1fd44eb7606b109c9bb017c0a1c6d3e93b5cd\"\u003e\u003ccode\u003e17f1fd4\u003c/code\u003e\u003c/a\u003e test: add more comments\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-viper/mapstructure/commit/b48c8566836bf291bfee2b217d51fc36e8e61f6f\"\u003e\u003ccode\u003eb48c856\u003c/code\u003e\u003c/a\u003e test: expand tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/go-viper/mapstructure/compare/v2.3.0...v2.4.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/cloudflare/circl` from 1.3.7 to 1.6.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/cloudflare/circl/releases\"\u003egithub.com/cloudflare/circl's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eCIRCL v1.6.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixes some point checks on the FourQ curve.\u003c/li\u003e\n\u003cli\u003eHybrid KEM fails on low-order points.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem/hybrid: ensure X25519 hybrids fails with low order points by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/541\"\u003ecloudflare/circl#541\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e.github: Use native ARM64 builders instead of QEMU by \u003ca href=\"https://github.com/Lekensteyn\"\u003e\u003ccode\u003e@​Lekensteyn\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/542\"\u003ecloudflare/circl#542\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixes several errors on twisted Edwards curves. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/545\"\u003ecloudflare/circl#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.6.1 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/546\"\u003ecloudflare/circl#546\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\"\u003ehttps://github.com/cloudflare/circl/compare/v1.6.0...v1.6.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eCIRCL v1.6.0\u003c/h2\u003e\n\u003ch3\u003eNew!\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/vdaf/prio3\"\u003ePrio3\u003c/a\u003e Verifiable Distributed Aggregation Function (\u003ca href=\"https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/\"\u003edraft-irtf-cfrg-vdaf\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/blob/main/kem/xwing\"\u003eX-Wing\u003c/a\u003e: general-purpose hybrid post-quantum KEM (\u003ca href=\"https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/\"\u003edraft-connolly-cfrg-xwing-kem\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd OIDs to ML-DSA by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/519\"\u003ecloudflare/circl#519\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdds Prio3 a set of verifiable distributed aggregation functions. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/522\"\u003ecloudflare/circl#522\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRun semgrep cronjob only in upstream repository. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/526\"\u003ecloudflare/circl#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eX-Wing PQ/T hybrid by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/471\"\u003ecloudflare/circl#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eckem: move crypto/elliptic to crypto/ecdh by \u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ehpke: Update HPKE code to use ecdh stdlib package. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/530\"\u003ecloudflare/circl#530\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprio3: Adds polynomial multiplication using NTT by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/532\"\u003ecloudflare/circl#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Prio3 in readme. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/527\"\u003ecloudflare/circl#527\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MingLLuo\"\u003e\u003ccode\u003e@​MingLLuo\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/529\"\u003ecloudflare/circl#529\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.5.0...v1.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch1\u003eCIRCL v1.5.0\u003c/h1\u003e\n\u003cp\u003e\u003cstrong\u003eNew:\u003c/strong\u003e ML-DSA, Module-Lattice-based Digital Signature Algorithm.\u003c/p\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ekem: add X25519MLKEM768 TLS hybrid KEM by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/510\"\u003ecloudflare/circl#510\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCreate semgrep.yml by \u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erepo: Some fixes reported by CodeQL by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/515\"\u003ecloudflare/circl#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd ML-DSA (FIPS204) by \u003ca href=\"https://github.com/bwesterb\"\u003e\u003ccode\u003e@​bwesterb\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/480\"\u003ecloudflare/circl#480\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esign/mldsa: Add test for ML-DSA signature verification. by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/517\"\u003ecloudflare/circl#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease v1.5.0 by \u003ca href=\"https://github.com/armfazh\"\u003e\u003ccode\u003e@​armfazh\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/518\"\u003ecloudflare/circl#518\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/hrushikeshdeshpande\"\u003e\u003ccode\u003e@​hrushikeshdeshpande\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/cloudflare/circl/pull/514\"\u003ecloudflare/circl#514\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\"\u003ehttps://github.com/cloudflare/circl/compare/v1.4.0...v1.5.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c6d33e35234ebf5c4319d12ae7d77d7d17053e56\"\u003e\u003ccode\u003ec6d33e3\u003c/code\u003e\u003c/a\u003e Release v1.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/0c3868ef6fc8ce864bc4104863186afdd2947f14\"\u003e\u003ccode\u003e0c3868e\u003c/code\u003e\u003c/a\u003e curve4q: Shared must fail with low order points.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/9fd570dd508eef941d3f42fb94413a899b96d52e\"\u003e\u003ccode\u003e9fd570d\u003c/code\u003e\u003c/a\u003e curve4q: Test showing DH does not fails on identity point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/c988ceba827fe09896e770c152646dded447903d\"\u003e\u003ccode\u003ec988ceb\u003c/code\u003e\u003c/a\u003e fourq: Correctly unmarshalling point.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/ef2611dcde7f6d25e31082412bbb30f2a870d133\"\u003e\u003ccode\u003eef2611d\u003c/code\u003e\u003c/a\u003e fourq: Test showing point unmarshal fails.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/05eba44d1a35f979c5f3ac914bcc50c1122e8ced\"\u003e\u003ccode\u003e05eba44\u003c/code\u003e\u003c/a\u003e fourq: Handle the case of Z=0 for IsOnCurve and IsEqual.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/eef08780cc3cb9befa20014e65f731391103be6b\"\u003e\u003ccode\u003eeef0878\u003c/code\u003e\u003c/a\u003e fourq: Test showing isEqual and IsOnCurve fail.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/2298474ef688938e4a81ca14990b9a11a8677e2a\"\u003e\u003ccode\u003e2298474\u003c/code\u003e\u003c/a\u003e goldilocks; Handling points with z=0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/5a940a111507232035d0b753fbf3068c52d6b8ac\"\u003e\u003ccode\u003e5a940a1\u003c/code\u003e\u003c/a\u003e goldilocks: Test for IsEqual must fail with Z=0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/cloudflare/circl/commit/48c3b6a2746a18db4d8b675ab296980514359340\"\u003e\u003ccode\u003e48c3b6a\u003c/code\u003e\u003c/a\u003e ed25519: Fix isEqual to handle points with Z=0.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/cloudflare/circl/compare/v1.3.7...v1.6.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/crypto` from 0.17.0 to 0.35.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22\"\u003e\u003ccode\u003e7292932\u003c/code\u003e\u003c/a\u003e ssh: limit the size of the internal packet queue while waiting for KEX\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/f66f74b0a406b5f6909183531ace593857f1646c\"\u003e\u003ccode\u003ef66f74b\u003c/code\u003e\u003c/a\u003e acme/autocert: check host policy before probing the cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/b0784b7bfbe0b2c9a59afc1248ed3cb4b6652e85\"\u003e\u003ccode\u003eb0784b7\u003c/code\u003e\u003c/a\u003e x509roots/fallback: drop obsolete build constraint\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/911360c8a4f464342b9fe7c23632be57fca87b20\"\u003e\u003ccode\u003e911360c\u003c/code\u003e\u003c/a\u003e all: bump golang.org/x/crypto dependencies of asm generators\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/89ff08d67c4d79f9ac619aaf1f7388888798651f\"\u003e\u003ccode\u003e89ff08d\u003c/code\u003e\u003c/a\u003e all: upgrade go directive to at least 1.23.0 [generated]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/crypto/commit/e47973b1c1089f6c67ab89261f7aa067b3d611d2\"\u003e\u003ccode\u003ee47973b\u003c/code\u003e\u003c/a\u003e all: update certs for go1.24\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang/crypto/compare/v0.33.0...v0.35.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golang.org/x/net` from 0.23.0 to 0.38.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/e1fcd82abba34df74614020343be8eb1fe85f0d9\"\u003e\u003ccode\u003ee1fcd82\u003c/code\u003e\u003c/a\u003e html: properly handle trailing solidus in unquoted attribute value in foreign...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/ebed060e8f30f20235f74808c22125fd86b15edd\"\u003e\u003ccode\u003eebed060\u003c/code\u003e\u003c/a\u003e internal/http3: fix build of tests with GOEXPERIMENT=nosynctest\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/1f1fa29e0a46fffe18c43a9da8daa5a0b180dfa9\"\u003e\u003ccode\u003e1f1fa29\u003c/code\u003e\u003c/a\u003e publicsuffix: regenerate table\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/12150816f701c912a32a376754ab28dd3878833a\"\u003e\u003ccode\u003e1215081\u003c/code\u003e\u003c/a\u003e http2: improve error when server sends HTTP/1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/312450e473eae9f9e6173ad895c80bc5ea2f79ad\"\u003e\u003ccode\u003e312450e\u003c/code\u003e\u003c/a\u003e html: ensure \u0026lt;search\u0026gt; tag closes \u0026lt;p\u0026gt; and update tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/09731f9bf919b00b344c763894cd1920b3d96d90\"\u003e\u003ccode\u003e09731f9\u003c/code\u003e\u003c/a\u003e http2: improve handling of lost PING in Server\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/55989e24b972a90ab99308fdc7ea1fb58a96fef1\"\u003e\u003ccode\u003e55989e2\u003c/code\u003e\u003c/a\u003e http2/h2c: use ResponseController for hijacking connections\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/2914f46773171f4fa13e276df1135bafef677801\"\u003e\u003ccode\u003e2914f46\u003c/code\u003e\u003c/a\u003e websocket: re-recommend gorilla/websocket\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/99b3ae0643f9a2f9d820fcbba5f9e4c83b23bd48\"\u003e\u003ccode\u003e99b3ae0\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang/net/commit/85d1d54551b68719346cb9fec24b911da4e452a1\"\u003e\u003ccode\u003e85d1d54\u003c/code\u003e\u003c/a\u003e go.mod: update golang.org/x dependencies\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golang/net/compare/v0.35.0...v0.38.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Cringely/docker-alpine-nfs-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Cringely/docker-alpine-nfs-server/pull/12","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Cringely%2Fdocker-alpine-nfs-server/issues/12","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/12/packages"}},{"old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","update_type":null,"path":"the go_modules group","pr_created_at":"2025-08-05T04:15:36.000Z","version_change":"1.7.3-0.20250123201450-9dd6af1f6d30 → 1.7.3","issue":{"uuid":"2719808396","node_id":"PR_kwDOLRx7CM6iHPuM","number":40,"state":"closed","title":"Bump github.com/gorilla/csrf from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3 in the go_modules group","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2025-08-05T22:10:21.000Z","author_association":"NONE","state_reason":null,"created_at":"2025-08-05T04:15:36.000Z","updated_at":"2025-08-05T22:10:21.000Z","time_to_close":64485,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":"the go_modules group","ecosystem":"go"},"body":"Bumps the go_modules group with 1 update: [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\n\nUpdates `github.com/gorilla/csrf` from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.3-0.20250123201450-9dd6af1f6d30\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Shellgate/s-ui/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/Shellgate/s-ui/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Shellgate%2Fs-ui/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"}},{"old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","update_type":null,"path":null,"pr_created_at":"2025-08-05T02:44:50.000Z","version_change":"1.7.3-0.20250123201450-9dd6af1f6d30 → 1.7.3","issue":{"uuid":"2719678256","node_id":"PR_kwDOLRj6tc6iGv8w","number":703,"state":"closed","title":"Bump github.com/gorilla/csrf from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-08-05T11:07:32.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-05T02:44:50.000Z","updated_at":"2025-08-05T11:07:32.000Z","time_to_close":30162,"merged_at":"2025-08-05T11:07:32.000Z","merged_by":"alireza0","closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.3-0.20250123201450-9dd6af1f6d30","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":null,"ecosystem":"go"},"body":"Bumps [github.com/gorilla/csrf](https://github.com/gorilla/csrf) from 1.7.3-0.20250123201450-9dd6af1f6d30 to 1.7.3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/commits/v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.3-0.20250123201450-9dd6af1f6d30\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/alireza0/s-ui/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/alireza0/s-ui/pull/703","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/alireza0%2Fs-ui/issues/703","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/703/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":"the go_modules group across 1 directory","pr_created_at":"2025-08-03T22:43:05.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"2716359725","node_id":"PR_kwDOD8vdAM6h6Fwt","number":1290,"state":"closed","title":"build(deps): bump github.com/gorilla/csrf from 1.7.2 to 1.7.3 in the go_modules group across 1 directory","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-08-21T23:37:37.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-03T22:43:05.000Z","updated_at":"2025-08-21T23:37:37.000Z","time_to_close":1558472,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"}],"path":"the go_modules group across 1 directory","ecosystem":"go"},"body":"Bumps the go_modules group with 1 update in the / directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf).\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/gorilla/csrf\u0026package-manager=go_modules\u0026previous-version=1.7.2\u0026new-version=1.7.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ashirt-ops/ashirt-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ashirt-ops/ashirt-server/pull/1290","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashirt-ops%2Fashirt-server/issues/1290","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1290/packages"}},{"old_version":"1.7.2","new_version":"1.7.3","update_type":"patch","path":null,"pr_created_at":"2025-08-03T21:31:22.000Z","version_change":"1.7.2 → 1.7.3","issue":{"uuid":"2716321381","node_id":"PR_kwDOD8vdAM6h58Zl","number":1288,"state":"closed","title":"build(deps): bump the go_modules group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","go"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2025-08-03T22:43:05.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-03T21:31:22.000Z","updated_at":"2025-08-03T22:43:05.000Z","time_to_close":4303,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"go_modules","update_count":3,"packages":[{"name":"github.com/gorilla/csrf","old_version":"1.7.2","new_version":"1.7.3","repository_url":"https://github.com/gorilla/csrf"},{"name":"github.com/go-jose/go-jose/v4","old_version":"4.1.1","new_version":"4.1.2","repository_url":"https://github.com/go-jose/go-jose"},{"name":"github.com/golang-jwt/jwt/v5","old_version":"5.2.3","new_version":"5.3.0","repository_url":"https://github.com/golang-jwt/jwt"}],"path":null,"ecosystem":"go"},"body":"Bumps the go_modules group with 3 updates in the / directory: [github.com/gorilla/csrf](https://github.com/gorilla/csrf), [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) and [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt).\n\nUpdates `github.com/gorilla/csrf` from 1.7.2 to 1.7.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/gorilla/csrf/releases\"\u003egithub.com/gorilla/csrf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.7.3\u003c/h2\u003e\n\u003cp\u003eThis Release fixes the following:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2025-24358\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ehttps://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb\"\u003e\u003ccode\u003e9dd6af1\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/gorilla/csrf/compare/v1.7.2...v1.7.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/go-jose/go-jose/v4` from 4.1.1 to 4.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/go-jose/go-jose/releases\"\u003egithub.com/go-jose/go-jose/v4's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003ego-jose v4.1.2 improves some documentation, errors, and removes the only 3rd-party dependency.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate go-jose documentation by \u003ca href=\"https://github.com/mcpherrinm\"\u003e\u003ccode\u003e@​mcpherrinm\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/198\"\u003ego-jose/go-jose#198\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove dependency on testify by \u003ca href=\"https://github.com/wardviaene\"\u003e\u003ccode\u003e@​wardviaene\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/197\"\u003ego-jose/go-jose#197\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove error message for invalid private keys by \u003ca href=\"https://github.com/ProjectMutilation\"\u003e\u003ccode\u003e@​ProjectMutilation\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/195\"\u003ego-jose/go-jose#195\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJWK unsupported error when unmarshalling by \u003ca href=\"https://github.com/fprojetto\"\u003e\u003ccode\u003e@​fprojetto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/191\"\u003ego-jose/go-jose#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd JSONWebKey type to makeJWERecipient by \u003ca href=\"https://github.com/alvarolivie\"\u003e\u003ccode\u003e@​alvarolivie\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/200\"\u003ego-jose/go-jose#200\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etestutils/assert: remove True, Nil, NotNil by \u003ca href=\"https://github.com/jsha\"\u003e\u003ccode\u003e@​jsha\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/202\"\u003ego-jose/go-jose#202\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/wardviaene\"\u003e\u003ccode\u003e@​wardviaene\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/197\"\u003ego-jose/go-jose#197\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fprojetto\"\u003e\u003ccode\u003e@​fprojetto\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/191\"\u003ego-jose/go-jose#191\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/alvarolivie\"\u003e\u003ccode\u003e@​alvarolivie\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/go-jose/go-jose/pull/200\"\u003ego-jose/go-jose#200\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/go-jose/go-jose/compare/v4.1.1...v4.1.2\"\u003ehttps://github.com/go-jose/go-jose/compare/v4.1.1...v4.1.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/a1565a41aa008ae6545e0f50a636d254de5b4596\"\u003e\u003ccode\u003ea1565a4\u003c/code\u003e\u003c/a\u003e testutils/assert: remove True, Nil, NotNil (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/202\"\u003e#202\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/3a80e136a96e747bf44049414eadc02828df4d33\"\u003e\u003ccode\u003e3a80e13\u003c/code\u003e\u003c/a\u003e jwe: accept non-pointer JSONWebKey in Recipient (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/200\"\u003e#200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/e2cde041d199a8c559bcbc6572e2fc72cf055089\"\u003e\u003ccode\u003ee2cde04\u003c/code\u003e\u003c/a\u003e jwk: JSONWebKey.UnmarshalJSON can return ErrUnsupportedKeyType (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/191\"\u003e#191\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/6a171721f2bf99351950aa451aff9f9817eff116\"\u003e\u003ccode\u003e6a17172\u003c/code\u003e\u003c/a\u003e jwk: list all missing fields on error (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/195\"\u003e#195\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/10dbdce82afc0c28be2a712be0ad3d9e1c43e789\"\u003e\u003ccode\u003e10dbdce\u003c/code\u003e\u003c/a\u003e Remove dependency on testify (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/197\"\u003e#197\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/go-jose/go-jose/commit/6acb8e6fe8c9fa9761b842e153c4b5e8afe9a92d\"\u003e\u003ccode\u003e6acb8e6\u003c/code\u003e\u003c/a\u003e Update go-jose documentation (\u003ca href=\"https://redirect.github.com/go-jose/go-jose/issues/198\"\u003e#198\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/go-jose/go-jose/compare/v4.1.1...v4.1.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github.com/golang-jwt/jwt/v5` from 5.2.3 to 5.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golang-jwt/jwt/releases\"\u003egithub.com/golang-jwt/jwt/v5's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.3.0\u003c/h2\u003e\n\u003cp\u003eThis release is almost identical to to \u003ccode\u003ev5.2.3\u003c/code\u003e but now correctly indicates Go 1.21 as minimum requirement.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCreate CODEOWNERS by \u003ca href=\"https://github.com/oxisto\"\u003e\u003ccode\u003e@​oxisto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/449\"\u003egolang-jwt/jwt#449\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump Go version to indicate correct minimum requirement by \u003ca href=\"https://github.com/oxisto\"\u003e\u003ccode\u003e@​oxisto\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golang-jwt/jwt/pull/452\"\u003egolang-jwt/jwt#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golang-jwt/jwt/compare/v5.2.3...v5.3.0\"\u003ehttps://github.com/golang-jwt/jwt/compare/v5.2.3...v5.3.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/e9547a11aa603c52a31e315cdcaa71d0f25b921a\"\u003e\u003ccode\u003ee9547a1\u003c/code\u003e\u003c/a\u003e Bump Go version to indicate correct minimum requirement (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/452\"\u003e#452\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golang-jwt/jwt/commit/3839817bf313f2cfe58853dcbe542ffd06300831\"\u003e\u003ccode\u003e3839817\u003c/code\u003e\u003c/a\u003e Create CODEOWNERS (\u003ca href=\"https://redirect.github.com/golang-jwt/jwt/issues/449\"\u003e#449\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/golang-jwt/jwt/compare/v5.2.3...v5.3.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/ashirt-ops/ashirt-server/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/ashirt-ops/ashirt-server/pull/1288","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ashirt-ops%2Fashirt-server/issues/1288","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1288/packages"}}]}