Bump the go_modules group across 1 directory with 5 updates #3

dependabot · 2024-05-29T04:44:18Z

Bumps the go_modules group with 3 updates in the /dependency/retrieval directory: golang.org/x/crypto, github.com/cloudflare/circl and github.com/go-git/go-git/v5.

Updates golang.org/x/crypto from 0.17.0 to 0.23.0

Commits

905d78a go.mod: update golang.org/x dependencies
ebb717d ssh: validate key type in SSH_MSG_USERAUTH_PK_OK response
0da2a6a openpgp: fix function name in comment
5defcc1 sha3: fix Sum results for SHAKE functions on s390x
d042a39 go.mod: update golang.org/x dependencies
b92bf94 ssh: respect MaxAuthTries also for "none" auth attempts
6f79b5a ssh: add server side multi-step authentication
8d0d405 x/crypto/chacha20: cleanup chacha_ppc64le.s
b91329d all: remove redundant words in comments and fix some typos
7067223 go.mod: update golang.org/x dependencies
Additional commits viewable in compare view

Updates github.com/cloudflare/circl from 1.3.7 to 1.3.8

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.3.8

New

BLS Signatures on top of BLS12-381.

Adopt faster squaring in pairings.

BlindRSA compliant with RFC9474.

(Verifiable) Secret Sharing compatible with the Group interface (elliptic curves).

Notice

Update on cpabe/tkn20 ciphertexts, read more at https://github.com/cloudflare/circl/wiki/tkn20-Ciphertext-Format-(v1.3.8)

What's Changed

Implement Granger-Scott faster squaring in the cyclotomic subgroup. by @armfazh in cloudflare/circl#449

Updates avo and CIRCL's own dependency. by @armfazh in cloudflare/circl#474

Updating documentation for OPRF package. by @armfazh in cloudflare/circl#475

group: removes order method from group interface by @armfazh in cloudflare/circl#356

zk/dleq: Adding DLEQ proofs for Qn, the subgroup of squares in (Z/nZ)* by @armfazh in cloudflare/circl#451

Reduce x/crypto and x/sys versions to match Go 1.21 by @Lekensteyn in cloudflare/circl#476

Bump GitHub Actions versions and use Go 1.22 and 1.21 by @Lekensteyn in cloudflare/circl#477

Adding rule for constant values by @armfazh in cloudflare/circl#478

Add BLS signatures over BLS12-381 by @armfazh in cloudflare/circl#446

group: Implements Shamir and Feldman secret sharing. by @armfazh in cloudflare/circl#348

blindrsa: add support for all variants of RFC9474 by @armfazh in cloudflare/circl#479

Explicitly installs Go with version before CodeQL analysis. by @armfazh in cloudflare/circl#481

Bumps golangci-lint action by @armfazh in cloudflare/circl#485

ecc/bls12381: Ensures pairing operations don't overwrite their input by @armfazh in cloudflare/circl#494

Align to the purego build tag, removing noasm build tag by @mattyclarkson in cloudflare/circl#492

cpabe: Serializing ciphertext with 32-bit prefixes. by @armfazh in cloudflare/circl#490

New Contributors

@mattyclarkson made their first contribution in cloudflare/circl#492

Full Changelog: cloudflare/circl@v1.3.7...v1.3.8

Commits

4bb5601 Serializing ciphertext with 32-bit prefixes.
a4252c7 Test functions working with ciphertext.
64431bb Testing long plaintext.
fe2b663 Using SHAKE128 as a fixed prgn for golden files.
2c600ff Align to the purego build tag, removing noasm build tag
a4b7601 Ensure pairing functions don't overwrite the input.
b4f1578 Test that shows pairing functions overwrite its input.
bba8f1a Bumps golangci-lint action (#485)
dc430ec Explicitly installs Go with version before CodeQL analysis.
fd7a97f Rename test file extension.
Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.11.0 to 5.12.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.12.0

What's Changed

git: Worktree.AddWithOptions: add skipStatus option when providing a specific path by @moranCohen26 in go-git/go-git#994

git: Signer: fix usage of crypto.Signer interface by @wlynch in go-git/go-git#1029

git: Remote, fetch, adds the prune option. by @juliens in go-git/go-git#366

git: Add crypto.Signer option to CommitOptions. by @wlynch in go-git/go-git#996

git: Worktree checkout tag hash id (#959) by @aymanbagabas in go-git/go-git#966

git: Worktree, Don't panic on empty or root path when checking if it is valid by @tim775 in go-git/go-git#1042

git: Add commit validation for Reset by @pjbgf in go-git/go-git#1048

git: worktree_commit, Fix amend commit to apply changes. Fixes #1024 by @onee-only in go-git/go-git#1045

git: Implement Merge function with initial FastForwardMerge support by @pjbgf in go-git/go-git#1044

plumbing: object, Make first commit visible on logs filtered with filename. Fixes #191 by @onee-only in go-git/go-git#1036

plumbing: no panic in printStats function. Fixes #177 by @nodivbyzero in go-git/go-git#971

plumbing: object, Optimize logging with file. by @onee-only in go-git/go-git#1046

plumbing: object, check legitimacy in (*Tree).Encode by @niukuo in go-git/go-git#967

plumbing: format/gitattributes, close file in ReadAttributesFile by @prskr in go-git/go-git#1018

plumbing: check setAuth error. Fixes #185 by @nodivbyzero in go-git/go-git#969

plumbing: object, fix variable defaultUtf8CommitMessageEncoding name spell error by @Jerry-yz in go-git/go-git#987

utils: merkletrie, calculate filesystem node's hash lazily. by @candid82 in go-git/go-git#825

utils: update comment in node.go's Hash() by @codablock in go-git/go-git#992

_example: fix 404 link and added ssh-agent clone link by @grinish21 in go-git/go-git#1022

_example: checkout-branch example by @dlambda in go-git/go-git#446

_example: example for git clone using ssh-agent by @pjbgf in go-git/go-git#998

New Contributors

@candid82 made their first contribution in go-git/go-git#825

@codablock made their first contribution in go-git/go-git#992

@Jerry-yz made their first contribution in go-git/go-git#987

@wlynch made their first contribution in go-git/go-git#996

@moranCohen26 made their first contribution in go-git/go-git#994

@grinish21 made their first contribution in go-git/go-git#1022

@prskr made their first contribution in go-git/go-git#1018

@dlambda made their first contribution in go-git/go-git#446

@juliens made their first contribution in go-git/go-git#366

@onee-only made their first contribution in go-git/go-git#1036

@tim775 made their first contribution in go-git/go-git#1042

@niukuo made their first contribution in go-git/go-git#967

@avoidalone made their first contribution in go-git/go-git#1047

Full Changelog: go-git/go-git@v5.11.0...v5.12.0

Commits

302ddde Merge pull request #1060 from go-git/dependabot/go_modules/github.com/gliderl...
6bba34d build: bump github.com/gliderlabs/ssh from 0.3.6 to 0.3.7
feaeb36 Merge pull request #937 from matejrisek/feature/rename-short-fields
7959a42 Merge pull request #1052 from go-git/dependabot/go_modules/github.com/skeema/...
4c17ce7 build: bump github.com/skeema/knownhosts from 1.2.1 to 1.2.2
3f77e6f Merge pull request #1048 from pjbgf/fix-reset-validation
6af38e0 Merge pull request #1047 from avoidalone/master
e6c3e58 Merge pull request #1044 from pjbgf/ff-merge
04f7b23 *: fix some comments
f4f1a87 Merge pull request #971 from nodivbyzero/fix-177-diff-print-file-stats
Additional commits viewable in compare view

Updates golang.org/x/net from 0.19.0 to 0.22.0

Commits

7ee34a0 go.mod: update golang.org/x dependencies
c289c7a websocket: re-add documentation for DialConfig
9fb4a8c http2: send an error of FLOW_CONTROL_ERROR when exceed the maximum octets
3dfd003 websocket: add support for dialing with context
fa11427 quic: move package out of internal
591be7f quic: fix UDP on big-endian Linux, tests on various architectures
34cc446 quic: temporarily disable networking tests failing on various platforms
4bdc6df quic: expand package docs, and document Stream
22cbde9 quic: set ServerName in client connection TLSConfig
57e4cc7 quic: handle PATH_CHALLENGE and PATH_RESPONSE frames
Additional commits viewable in compare view

Updates golang.org/x/text from 0.14.0 to 0.15.0

Commits

8d533a0 encoding/charmap: update UCM spec file URL prefix
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the go_modules group with 3 updates in the /dependency/retrieval directory: [golang.org/x/crypto](https://github.com/golang/crypto), [github.com/cloudflare/circl](https://github.com/cloudflare/circl) and [github.com/go-git/go-git/v5](https://github.com/go-git/go-git). Updates `golang.org/x/crypto` from 0.17.0 to 0.23.0 - [Commits](golang/crypto@v0.17.0...v0.23.0) Updates `github.com/cloudflare/circl` from 1.3.7 to 1.3.8 - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](cloudflare/circl@v1.3.7...v1.3.8) Updates `github.com/go-git/go-git/v5` from 5.11.0 to 5.12.0 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.12.0) Updates `golang.org/x/net` from 0.19.0 to 0.22.0 - [Commits](golang/net@v0.19.0...v0.22.0) Updates `golang.org/x/text` from 0.14.0 to 0.15.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.14.0...v0.15.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production dependency-group: go_modules - dependency-name: github.com/cloudflare/circl dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/go-git/go-git/v5 dependency-type: indirect dependency-group: go_modules - dependency-name: golang.org/x/net dependency-type: indirect dependency-group: go_modules - dependency-name: golang.org/x/text dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label May 29, 2024

initializ-bot approved these changes May 29, 2024

View reviewed changes

initializ-bot merged commit 1b03349 into main May 29, 2024
7 of 9 checks passed

dependabot bot deleted the dependabot/go_modules/dependency/retrieval/go_modules-04e24d4443 branch May 29, 2024 04:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go_modules group across 1 directory with 5 updates #3

Bump the go_modules group across 1 directory with 5 updates #3

dependabot bot commented on behalf of github May 29, 2024

Bump the go_modules group across 1 directory with 5 updates #3

Bump the go_modules group across 1 directory with 5 updates #3

Conversation

dependabot bot commented on behalf of github May 29, 2024

CIRCL v1.3.8

New

Notice

What's Changed

New Contributors

v5.12.0

What's Changed

New Contributors