Skip to content

chore(deps): bump the go_modules group across 1 directory with 5 updates#102

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/test/src/go_modules-98ddd7d280
Open

chore(deps): bump the go_modules group across 1 directory with 5 updates#102
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/test/src/go_modules-98ddd7d280

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jul 18, 2025

Bumps the go_modules group with 4 updates in the /test/src directory: github.com/hashicorp/go-getter, golang.org/x/crypto, golang.org/x/oauth2 and google.golang.org/protobuf.

Updates github.com/hashicorp/go-getter from 1.6.1 to 1.7.5

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.5

What's Changed

New Contributors

Full Changelog: hashicorp/go-getter@v1.7.4...v1.7.5

v1.7.4

What's Changed

Full Changelog: hashicorp/go-getter@v1.7.3...v1.7.4

v1.7.3

What's Changed

New Contributors

Full Changelog: hashicorp/go-getter@v1.7.2...v1.7.3

v1.7.2

What's Changed

Full Changelog: hashicorp/go-getter@v1.7.1...v1.7.2

v1.7.1

No release notes provided.

v1.7.0

What's Changed

New Contributors

... (truncated)

Commits
  • 5a63fd9 Merge pull request #497 from hashicorp/fix-git-update
  • 5b7ec5f fetch tags on update and fix tests
  • 9906874 recreate git config during update to prevent config alteration
  • 268c11c escape user provide string to git (#483)
  • 975961f Merge pull request #433 from adrian-bl/netrc-fix
  • 0298a22 Merge pull request #459 from hashicorp/jbardin/setup-git-env
  • c70d9c9 don't change GIT_SSH_COMMAND if there's no keyfile
  • 3d5770f Merge pull request #458 from hashicorp/tsccr-auto-pinning/trusted/2023-09-18
  • 0688979 Result of tsccr-helper -log-level=info -pin-all-workflows .
  • e66f244 Merge pull request #454 from hashicorp/tsccr-auto-pinning/trusted/2023-09-11
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.0.0-20210921155107-089bfa567519 to 0.35.0

Commits

Updates golang.org/x/net from 0.9.0 to 0.21.0

Commits
  • 73d21fd go.mod: update golang.org/x dependencies
  • 643fd16 html: fix SOLIDUS '/' handling in attribute parsing
  • 73e4b50 dns/dnsmessage: allow name compression for SRV resource parsing
  • b2208d0 internal/quic/qlog: fix typo
  • 0d0b98c http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway
  • 07e05fd http2: remove suspicious uint32->v conversion in frame code
  • 26b646e quic: avoid deadlock in Endpoint.Close
  • cb5b10f go.mod: update golang.org/x dependencies
  • 689bbc7 quic: deflake TestStreamsCreateConcurrency
  • f12db26 internal/quic/cmd/interop: use wget --no-verbose in Dockerfile
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.7.0 to 0.27.0

Commits
  • 681b4d8 jws: split token into fixed number of parts
  • 3f78298 all: upgrade go directive to at least 1.23.0 [generated]
  • 109dabf endpoints: add links/provider for Discord
  • ac571fa oauth2: fix docs for Config.DeviceAuth
  • 314ee5b endpoints: add patreon endpoint
  • b9c813b google: add warning about externally-provided credentials
  • 49a531d all: make method and struct comments match the names
  • 22134a4 README: don't recommend go get
  • 3e64809 x/oauth2: add Token.ExpiresIn
  • 16a9973 jwt: rename example to avoid vet error
  • Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.30.0 to 1.33.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump the go_modules group across 1 directory with 5 updates
d4ec8f9 
Bumps the go_modules group with 4 updates in the /test/src directory: [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter), [golang.org/x/crypto](https://github.com/golang/crypto), [golang.org/x/oauth2](https://github.com/golang/oauth2) and google.golang.org/protobuf.


Updates `github.com/hashicorp/go-getter` from 1.6.1 to 1.7.5
- [Release notes](https://github.com/hashicorp/go-getter/releases)
- [Changelog](https://github.com/hashicorp/go-getter/blob/main/.goreleaser.yml)
- [Commits](hashicorp/go-getter@v1.6.1...v1.7.5)

Updates `golang.org/x/crypto` from 0.0.0-20210921155107-089bfa567519 to 0.35.0
- [Commits](https://github.com/golang/crypto/commits/v0.35.0)

Updates `golang.org/x/net` from 0.9.0 to 0.21.0
- [Commits](golang/net@v0.9.0...v0.21.0)

Updates `golang.org/x/oauth2` from 0.7.0 to 0.27.0
- [Commits](golang/oauth2@v0.7.0...v0.27.0)

Updates `google.golang.org/protobuf` from 1.30.0 to 1.33.0

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-getter
  dependency-version: 1.7.5
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.35.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.21.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.27.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: google.golang.org/protobuf
  dependency-version: 1.33.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 18, 2025
@dependabot dependabot Bot requested review from a team as code owners July 18, 2025 18:35
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 18, 2025
@dependabot dependabot Bot requested review from Gowiem and johncblandii July 18, 2025 18:35
@dependabot dependabot Bot mentioned this pull request Jul 18, 2025
Closed
@dependabot dependabot Bot requested a review from hans-d July 18, 2025 18:35
@dependabot dependabot Bot mentioned this pull request Jul 18, 2025
Closed
@dependabot dependabot Bot requested review from gberenice and nitrocode July 18, 2025 18:35
@dependabot dependabot Bot mentioned this pull request Jul 18, 2025
Closed
@dependabot dependabot Bot requested a review from kevcube July 18, 2025 18:35
@mergify mergify Bot added the auto-update This PR was automatically generated label Jul 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@johncblandii johncblandii Awaiting requested review from johncblandii johncblandii is a code owner automatically assigned from cloudposse/contributors

@Gowiem Gowiem Awaiting requested review from Gowiem Gowiem is a code owner automatically assigned from cloudposse/contributors

@hans-d hans-d Awaiting requested review from hans-d

@gberenice gberenice Awaiting requested review from gberenice

@nitrocode nitrocode Awaiting requested review from nitrocode

@kevcube kevcube Awaiting requested review from kevcube

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

auto-update This PR was automatically generated dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants