Skip to content

chore(deps): bump the go_modules group across 2 directories with 2 updates#41

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go_modules-13dd353548
Open

chore(deps): bump the go_modules group across 2 directories with 2 updates#41
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go_modules-13dd353548

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Contributor

Bumps the go_modules group with 1 update in the / directory: github.com/xuri/excelize/v2.
Bumps the go_modules group with 1 update in the /test directory: github.com/xuri/excelize/v2.

Updates github.com/xuri/excelize/v2 from 2.10.1 to 2.11.0

Release notes

Sourced from github.com/xuri/excelize/v2's releases.

v2.11.0

We are pleased to announce the release of version 2.11.0. Featured are a handful of new areas of functionality and numerous bug fixes.

A summary of changes is available in the Release Notes. A full list of changes is available in the changelog.

Release Notes

The most notable changes in this release are:

Breaking Change

  • Upgraded requirement: Go language version is 1.25.0 or later, due to upgrading dependency package golang.org/x/net
  • Breaking changes for the AddChart, AddChartSheet and AddShape functions
    • Change Title field data type of Chart from []RichTextRun to ChartTitle
    • Change Line field data type of Shape from ShapeLine to LineOptions
    • Renamed data type ChartDashType to LineDashType
    • Renamed data type ChartLineType to LineType
    • Renamed data type ChartLine to LineOptions

Security

  • Check row number when reading worksheet to prevent unbounded memory allocation (CVE-2026-54063), related security advisories GHSA-h69g-9hx6-f3v4
  • Prevent attacker-controlled allocations by validating against worksheet row number overflow maximum limitation (CVE-2026-59161), related security advisories GHSA-q5j5-6p94-4gwc
  • Prevent panic on getting cell value with invalid shared string table index (CVE-2026-59162), related security advisories GHSA-fx5j-qcqg-grpf

Notable Features

  • Added new ChartTitle data type
  • Added new PivotTableShowValuesAs data type
  • Added new PivotTableShowValuesAsType enumeration
  • Added 3 new exported error variables: ErrPivotTableShowValuesAsBaseField, ErrPivotTableShowValuesAsBaseItem and ErrUnsupportedPivotTableShowValuesAsType
  • Added new field ShowValuesAs in PivotTableField data type
  • Added new field SelectedItems in PivotTableOptions and SlicerOptions data types
  • Added new function AutoFitColWidth to support auto fit columns width, related issue #92
  • The SetSheetName function allow sheet rename for invalid source names, related issue #548
  • The CalcCellValue function supports tilde wildcard criteria
  • The CalcCellValue function supports implicit intersection and fixes regex criteria anchoring
  • The CalcCellValue function supports 3D references across sheet ranges, related issue #2303
  • The CalcCellValue function supports returning formula calculation result with raw cell value, related issue #2316
  • The AddPivotTable function supports checking whether the same data field appears in pivot table column, rows and filter fields, to prevent generating a corrupted workbook
  • The AddPivotTable and GetPivotTables functions support setting and getting show values as of pivot table data fields, related issue #2340
  • The AddPivotTable, AddSlicer, GetPivotTables and GetSlicers functions support setting and getting selected items for pivot table and pivot table slicer, related issue #2154
  • The AddChart and AddChartSheet functions support setting chart title with formula
  • The AddChart and AddChartSheet functions support setting chart title and chart axis title's layout
  • The AddChart and AddChartSheet functions support setting line format for chart title and chart axis title
  • The AddShape function supports setting line format of shapes
  • The NewStyle function supports auto foreground and background color when creating solid fill style when no custom color value is specified

Compatibility Improvements

... (truncated)

Commits
  • 90ff348 This closes #2344, fixes CalcCellValue function returning incorrect calculati...
  • 09f0656 This fixes #548, allow sheet rename for invalid source names (#2345)
  • 93f0b3c This fixes GHSA-q5j5-6p94-4gwc and GHSA-fx5j-qcqg-grpf (#2331)
  • 1213a8b This related with #2340, implement unsupported pivot table show values as types
  • b7e098e This related with #2340, fix invalid pivot table show values as base field index
  • 4ae56a6 This closes #2340, initialized support set and get show value as of pivot tab...
  • 2e6a05b Update dependencies module to fix vulnerabilities
  • c88ce10 This closes #2337, clear shared formula when overwriting with a normal formul...
  • eb84319 This compact sparse worksheet rows in linear time, Go 1.21 and later required...
  • 875b959 Check row number when reading worksheet for improve security
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.51.0 to 0.53.0

Commits
  • 45460e0 go.mod: update golang.org/x dependencies
  • d37c95e pkcs12: limit PBKDF iteration count to prevent CPU exhaustion
  • e2ffffe ssh: reject incomplete gssapi-with-mic configurations
  • 60e158a ssh/test: isolate CLI tests from user SSH config and agent
  • 1b77d23 ssh/knownhosts: reject lines with multiple or unknown markers
  • 3872a2b ssh/knownhosts: verify declared key type matches decoded key
  • 9f72ecc ssh/knownhosts: treat only ASCII space and tab as whitespace
  • 8f405a4 ssh: validate ECDSA curve matches expected algorithm
  • bb41b3d ssh: improve DH GEX group selection using PreferredBits
  • e04e721 ssh/agent: validate ed25519 private key length in Add
  • Additional commits viewable in compare view

Updates github.com/xuri/excelize/v2 from 2.10.1 to 2.11.0

Release notes

Sourced from github.com/xuri/excelize/v2's releases.

v2.11.0

We are pleased to announce the release of version 2.11.0. Featured are a handful of new areas of functionality and numerous bug fixes.

A summary of changes is available in the Release Notes. A full list of changes is available in the changelog.

Release Notes

The most notable changes in this release are:

Breaking Change

  • Upgraded requirement: Go language version is 1.25.0 or later, due to upgrading dependency package golang.org/x/net
  • Breaking changes for the AddChart, AddChartSheet and AddShape functions
    • Change Title field data type of Chart from []RichTextRun to ChartTitle
    • Change Line field data type of Shape from ShapeLine to LineOptions
    • Renamed data type ChartDashType to LineDashType
    • Renamed data type ChartLineType to LineType
    • Renamed data type ChartLine to LineOptions

Security

  • Check row number when reading worksheet to prevent unbounded memory allocation (CVE-2026-54063), related security advisories GHSA-h69g-9hx6-f3v4
  • Prevent attacker-controlled allocations by validating against worksheet row number overflow maximum limitation (CVE-2026-59161), related security advisories GHSA-q5j5-6p94-4gwc
  • Prevent panic on getting cell value with invalid shared string table index (CVE-2026-59162), related security advisories GHSA-fx5j-qcqg-grpf

Notable Features

  • Added new ChartTitle data type
  • Added new PivotTableShowValuesAs data type
  • Added new PivotTableShowValuesAsType enumeration
  • Added 3 new exported error variables: ErrPivotTableShowValuesAsBaseField, ErrPivotTableShowValuesAsBaseItem and ErrUnsupportedPivotTableShowValuesAsType
  • Added new field ShowValuesAs in PivotTableField data type
  • Added new field SelectedItems in PivotTableOptions and SlicerOptions data types
  • Added new function AutoFitColWidth to support auto fit columns width, related issue #92
  • The SetSheetName function allow sheet rename for invalid source names, related issue #548
  • The CalcCellValue function supports tilde wildcard criteria
  • The CalcCellValue function supports implicit intersection and fixes regex criteria anchoring
  • The CalcCellValue function supports 3D references across sheet ranges, related issue #2303
  • The CalcCellValue function supports returning formula calculation result with raw cell value, related issue #2316
  • The AddPivotTable function supports checking whether the same data field appears in pivot table column, rows and filter fields, to prevent generating a corrupted workbook
  • The AddPivotTable and GetPivotTables functions support setting and getting show values as of pivot table data fields, related issue #2340
  • The AddPivotTable, AddSlicer, GetPivotTables and GetSlicers functions support setting and getting selected items for pivot table and pivot table slicer, related issue #2154
  • The AddChart and AddChartSheet functions support setting chart title with formula
  • The AddChart and AddChartSheet functions support setting chart title and chart axis title's layout
  • The AddChart and AddChartSheet functions support setting line format for chart title and chart axis title
  • The AddShape function supports setting line format of shapes
  • The NewStyle function supports auto foreground and background color when creating solid fill style when no custom color value is specified

Compatibility Improvements

... (truncated)

Commits
  • 90ff348 This closes #2344, fixes CalcCellValue function returning incorrect calculati...
  • 09f0656 This fixes #548, allow sheet rename for invalid source names (#2345)
  • 93f0b3c This fixes GHSA-q5j5-6p94-4gwc and GHSA-fx5j-qcqg-grpf (#2331)
  • 1213a8b This related with #2340, implement unsupported pivot table show values as types
  • b7e098e This related with #2340, fix invalid pivot table show values as base field index
  • 4ae56a6 This closes #2340, initialized support set and get show value as of pivot tab...
  • 2e6a05b Update dependencies module to fix vulnerabilities
  • c88ce10 This closes #2337, clear shared formula when overwriting with a normal formul...
  • eb84319 This compact sparse worksheet rows in linear time, Go 1.21 and later required...
  • 875b959 Check row number when reading worksheet for improve security
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

…dates

Bumps the go_modules group with 1 update in the / directory: [github.com/xuri/excelize/v2](https://github.com/xuri/excelize).
Bumps the go_modules group with 1 update in the /test directory: [github.com/xuri/excelize/v2](https://github.com/xuri/excelize).


Updates `github.com/xuri/excelize/v2` from 2.10.1 to 2.11.0
- [Release notes](https://github.com/xuri/excelize/releases)
- [Commits](qax-os/excelize@v2.10.1...v2.11.0)

Updates `golang.org/x/crypto` from 0.51.0 to 0.53.0
- [Commits](golang/crypto@v0.51.0...v0.53.0)

Updates `github.com/xuri/excelize/v2` from 2.10.1 to 2.11.0
- [Release notes](https://github.com/xuri/excelize/releases)
- [Commits](qax-os/excelize@v2.10.1...v2.11.0)

---
updated-dependencies:
- dependency-name: github.com/xuri/excelize/v2
  dependency-version: 2.11.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.53.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/xuri/excelize/v2
  dependency-version: 2.11.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants