Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

github.com/go-git/go-git/v5

Ecosystem:
go
Package URL:
pkg:golang/github.com/go-git/go-git/v5
Total PRs:
2,716 Dependabot PRs
Latest PR:
about 7 hours ago
Unique Repositories:
1,117 repositories
Unique Repos (30 days):
95 repositories
Security Advisories
go-git: Maliciously crafted idx file can cause asymmetric memory consumption
GHSA-jhf3-xxhw-2wpp CVE-2026-34165 MODERATE published 2 months ago • updated 3 days ago
### Impact A vulnerability has been identified in which a maliciously crafted `.idx` file can cause asymmetric memory consumption, potentially exh...
go-git: Malformed Git object data may cause panics or resource exhaustion
GHSA-w5pp-99ch-qj29 MODERATE published 4 days ago • updated 3 days ago
### Impact Several denial-of-service issues were identified in `go-git` when parsing maliciously crafted Git repository data. An attacker may craf...
go-git: Credential leak via cross-host redirect in smart HTTP transport
GHSA-3xc5-wrhm-f963 CVE-2026-41506 MODERATE published about 2 months ago • updated 5 days ago
### Impact `go-git` may leak HTTP authentication credentials when following redirects during smart-HTTP clone and fetch operations. If a remote re...
go-git improperly verifies data integrity values for .idx and .pack files
GHSA-37cx-329c-33x3 CVE-2026-25934 MODERATE published 4 months ago • updated 13 days ago
### Impact A vulnerability was discovered in `go-git` whereby data integrity values for `.pack` and `.idx` files were not properly verified. This...
go-git missing validation decoding Index v4 files leads to panic
GHSA-gm2x-2g9h-ccm8 CVE-2026-33762 LOW published 2 months ago • updated 3 days ago
### Impact `go-git`’s index decoder for format version 4 fails to validate the path name prefix length before applying it to the previously decode...
View all 12 advisories
Recent PRs (filtered by: Open , Patch PRs )
RSS Feed Clear filter
chore(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1

kubernetes-sigs/prow #739

5.19.0 → 5.19.1 Patch PR
Open 2 days ago 5 comments
kubernetes-sigs
Bump the go_modules group across 2 directories with 1 update

pulumi/pulumi-meraki #563

5.19.0 → 5.19.1 Patch PR
Open 11 days ago 1 comment
pulumi
chore(deps): bump the dependencies group with 2 updates

k1LoW/git-wt #192

5.19.0 → 5.19.1 Patch PR
Open 11 days ago 1 comment
k1LoW
chore(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1

jovandeginste/workout-tracker #817

5.19.0 → 5.19.1 Patch PR
Open 14 days ago 3 comments
jovandeginste
Bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 in /internal/tools

open-telemetry/opentelemetry-collector #15319

5.19.0 → 5.19.1 Patch PR
Open 14 days ago 1 comment
open-telemetry
chore(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1

open-component-model/ocm #1965

5.19.0 → 5.19.1 Patch PR
Open 14 days ago 6 comments
open-component-model
build(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 in /cmd/firmware-action

9elements/firmware-action #883

5.19.0 → 5.19.1 Patch PR
Open 14 days ago 1 comment
9elements
deps: bump the minor-and-patch group across 1 directory with 2 updates

rootlyhq/rootly-edge-connector #21

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 1 comment
rootlyhq
Bump the all-go-mod-patch-and-minor group across 2 directories with 41 updates

aws/eks-anywhere #10744

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 3 comments
aws
Bump the all-go-mod-patch-and-minor group across 2 directories with 41 updates

aws/eks-anywhere #10730

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 3 comments
aws
chore(deps): bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2

Skarlso/crd-to-sample-yaml #343

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 1 comment
Skarlso
build(deps): Bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2 in the go-deps group

PossibleLlama/commit-check #104

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 1 comment
PossibleLlama
chore(deps)(deps): bump the patch-updates group with 2 updates

M0Rf30/yap #183

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 2 comments
M0Rf30
chore: bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2

thenativeweb/get-next-version #185

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 1 comment
thenativeweb
chore(deps): bump the all group with 3 updates

tta-lab/lenos #1

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 1 comment
tta-lab
chore(deps): bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2 in /backend

getarcaneapp/arcane #2214

5.17.1 → 5.17.2 Patch PR
Open about 2 months ago 2 comments
getarcaneapp
chore(deps): bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2

trly/quad-ops #73

5.17.1 → 5.17.2 Patch PR
Open 2 months ago 1 comment
trly
build(deps): bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2

eng618/eng #69

5.17.1 → 5.17.2 Patch PR
Open 2 months ago 1 comment
eng618
build(deps): bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2 in /cmd/firmware-action

9elements/firmware-action #870

5.17.1 → 5.17.2 Patch PR
Open 2 months ago 1 comment
9elements
Bump github.com/go-git/go-git/v5 from 5.17.1 to 5.17.2

tyhal/crie #990

5.17.1 → 5.17.2 Patch PR
Open 2 months ago 4 comments
tyhal
deps: bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1

relicta-tech/relicta #91

5.17.0 → 5.17.1 Patch PR
Open 2 months ago 2 comments
relicta-tech
build(deps): bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1

shipwright-io/build #2147

5.17.0 → 5.17.1 Patch PR
Open 2 months ago 1 comment
shipwright-io
Bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1 in the all group across 1 directory

kubernetes-sigs/zeitgeist #1443

5.17.0 → 5.17.1 Patch PR
Open 2 months ago 4 comments
kubernetes-sigs
Bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1 in the gomod group

carabiner-dev/bnd #114

5.17.0 → 5.17.1 Patch PR
Open 2 months ago 1 comment
carabiner-dev
build(deps): bump github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1 in the all group

kubernetes-sigs/bom #632

5.17.0 → 5.17.1 Patch PR
Open 2 months ago 2 comments
kubernetes-sigs
deps(go): bump the go-minor-patch group across 1 directory with 12 updates

openctemio/api #31

5.17.0 → 5.17.1 Patch PR
Open 2 months ago 2 comments
openctemio
Bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.5

Dustin4444/bashbrew #3

5.16.2 → 5.16.5 Patch PR
Open 3 months ago 1 comment
Dustin4444
build(deps): bump the oc-mirror-v2-security-updates group across 1 directory with 5 updates

openshift/oc-mirror #1359

5.16.2 → 5.16.5 Patch PR
Open 3 months ago 3 comments
openshift
Bump the go_modules group across 1 directory with 2 updates

internetblacksmith/createpr #13

5.16.4 → 5.16.5 Patch PR
Open 3 months ago 4 comments
internetblacksmith
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

VojtechPastyrik/vpd #37

5.16.4 → 5.16.5 Patch PR
Open 3 months ago 1 comment
VojtechPastyrik
chore(deps): bump the common group across 1 directory with 47 updates

xycloops123/trivy #391

5.16.2 → 5.16.5 Patch PR
Open 3 months ago 3 comments
xycloops123
Bump the all group across 1 directory with 10 updates

palnabarun/release #346

5.16.0 → 5.16.5 Patch PR
Open 3 months ago 1 comment
palnabarun
chore(deps): bump the go_modules group across 3 directories with 2 updates

GoogleCloudPlatform/cloud-foundation-toolkit #3360

5.16.4 → 5.16.5 Patch PR
Open 3 months ago 2 comments
GoogleCloudPlatform
chore(deps): bump the go-minor-patch group across 1 directory with 6 updates

kanzifucius/kindplane #17

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 1 comment
kanzifucius
:seedling: Bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 in /tools

ossf/scorecard #4939

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 2 comments
ossf
Bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.5 in the go_modules group across 1 directory

dipjyotimetia/JARVIS #29

5.16.2 → 5.16.5 Patch PR
Open 4 months ago 1 comment
dipjyotimetia
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.2 to 5.16.5 in the go_modules group across 1 directory

vmfunc/sif #76

5.16.2 → 5.16.5 Patch PR
Open 4 months ago 2 comments
vmfunc
build(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

DiegoBskt/cluster-assessment-operator #55

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 1 comment
DiegoBskt
build(deps): bump github.com/go-git/go-git/v5 from 5.16.3 to 5.16.5

Ensono/eirctl #78

5.16.3 → 5.16.5 Patch PR
Open 4 months ago 1 comment
Ensono
[chore](deps): Bump github.com/go-git/go-git/v5 from 5.16.3 to 5.16.5

agilira/argus-provider-git #3

5.16.3 → 5.16.5 Patch PR
Open 4 months ago 1 comment
agilira
[v1.3.x]: Bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

openstack-k8s-operators/osp-director-operator #1247

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 2 comments
openstack-k8s-operators
build(deps): bump the all group with 3 updates

kubernetes-sigs/bom #601

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 2 comments
kubernetes-sigs
deps(deps): bump github.com/go-git/go-git/v5 from 5.16.0 to 5.16.5

gone-io/gonectl #56

5.16.0 → 5.16.5 Patch PR
Open 4 months ago 1 comment
gone-io
build(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

kubernetes-sigs/downloadkubernetes #841

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 3 comments
kubernetes-sigs
Bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

meshery/meshery #17379

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 1 comment
meshery
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 in /backend in the go_modules group across 1 directory

getarcaneapp/arcane #1701

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 2 comments
getarcaneapp
build(deps): bump the go_modules group across 2 directories with 1 update

ryanmaclean/vibecode-webgui #1883

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 8 comments
ryanmaclean
deps: bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

stuffbucket/coop #23

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 1 comment
stuffbucket
chore(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

taikoxyz/taiko-mono #21307

5.16.4 → 5.16.5 Patch PR
Open 4 months ago 1 comment
taikoxyz
:seedling: Bump github.com/go-git/go-git/v5 from 5.16.3 to 5.16.5

ossf/scorecard-action #1635

5.16.3 → 5.16.5 Patch PR
Open 4 months ago 1 comment
ossf
Package Details
Name: github.com/go-git/go-git/v5
Ecosystem: go
PURL Type: golang
Package URL: pkg:golang/github.com/go-git/go-git/v5
JSON API: View JSON
Security Advisories

12

Active advisories
CRITICAL 2
HIGH 3
MODERATE 5
LOW 2
View All golang Advisories
Package Information
Description:

A highly extensible git implementation in pure Go. go-git aims to reach the completeness of libgit2 or jgit, nowadays covers the majority of the plumbing read operations and some of the main write operations, but lacks the main porcelain operations such as merges. It is highly extensible, we have been following the open/close principle in its design to facilitate extensions, mainly focusing the efforts on the persistence of the objects.

Repository: https://github.com/go-git/go-git
Homepage: https://github.com/go-git/go-git
Latest Release: v5.16.1
12 months ago
Dependent Repos: 13,417
Dependent Packages: 8,164
Ranking: Top 0.0657% by dependent repos Top 0.0353% by dependent pkgs
PR Status
Open 1,203 (44.3%)
Merged 308 (11.3%)
Closed 960 (35.3%)
PR Types
Minor 1,400 (51.5%)
Patch 1,071 (39.4%)