Skip to content

🌱 Bump the gomod group across 2 directories with 8 updates #4866

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🌱 Bump the gomod group across 2 directories with 8 updates #4866

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2025

Bumps the gomod group with 6 updates in the / directory:

Package From To
github.com/go-git/go-git/v5 5.16.3 5.16.4
github.com/moby/buildkit 0.25.2 0.26.2
golang.org/x/text 0.30.0 0.31.0
github.com/google/osv-scanner/v2 2.2.4 2.3.0
gitlab.com/gitlab-org/api/client-go 0.159.0 1.3.0
cloud.google.com/go/storage 1.57.1 1.57.2

Bumps the gomod group with 2 updates in the /tools directory: github.com/golangci/golangci-lint/v2 and github.com/goreleaser/goreleaser/v2.

Updates github.com/go-git/go-git/v5 from 5.16.3 to 5.16.4

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.4

What's Changed

Full Changelog: go-git/go-git@v5.16.3...v5.16.4

Commits
  • de8ecc3 Merge pull request #1743 from go-git/renovate/releases/v5.x-go-github.com-go-...
  • 3e752f0 build: Update module github.com/go-git/go-git/v5 to v5.13.0 [SECURITY]
  • 3a31754 Merge pull request #1741 from go-git/renovate/releases/v5.x-go-github.com-clo...
  • acc28f1 build: Update module github.com/cloudflare/circl to v1.6.1 [SECURITY]
  • 95f3880 Merge pull request #1742 from go-git/renovate/releases/v5.x-go-golang.org-x-n...
  • 329f926 build: Update module golang.org/x/net to v0.38.0 [SECURITY]
  • 399e04b Merge pull request #1734 from pjbgf/fix-ci
  • 2025eae build: test, Fix build on Windows.
  • fb6806f Merge pull request #1732 from swills/find-hash-panic-fix-backport
  • 382530f plumbing: format/idxfile, prevent panic
  • See full diff in compare view

Updates github.com/moby/buildkit from 0.25.2 to 0.26.2

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.26.2

Welcome to the v0.26.2 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • CrazyMax
  • Tõnis Tiigi

Notable Changes

  • Fix possible error when uploading big files to S3 cache exporter #6373

Dependency Changes

This release has no dependency changes

Previous release can be found at v0.26.1

v0.26.1

Welcome to the v0.26.1 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

  • Tõnis Tiigi

Notable Changes

  • Fix excessive chunking when fetching blobs #6366

Dependency Changes

This release has no dependency changes

Previous release can be found at v0.26.0

v0.26.0

buildkit 0.26.0

Welcome to the v0.26.0 release of buildkit!

... (truncated)

Commits
  • be1f38e Merge pull request #6374 from crazy-max/0.26_picks_0.26.2
  • 8a34dcd cache(s3): request checksum calculation when required
  • 29fc55f Merge pull request #6367 from tonistiigi/v0.26-picks
  • 247e13c contentutil: avoid defaulting to ReadAt for fetch
  • a8e548f Merge pull request #4673 from bpascard/master
  • cc2d332 Merge pull request #6351 from thaJeztah/bump_tarsplit
  • 640f8bb Merge pull request #6349 from tonistiigi/dockerd-test-fixes
  • c3fd6a3 vendor: github.com/vbatts/tar-split v0.12.2
  • 2224254 test: test updates for dockerd
  • a2a940e Merge pull request #6345 from tonistiigi/cap-session-policy
  • Additional commits viewable in compare view

Updates golang.org/x/text from 0.30.0 to 0.31.0

Commits
  • e7ff6b3 go.mod: update golang.org/x dependencies
  • fbf012b all: use reflect.TypeFor instead of reflect.TypeOf
  • See full diff in compare view

Updates github.com/google/osv-scanner/v2 from 2.2.4 to 2.3.0

Release notes

Sourced from github.com/google/osv-scanner/v2's releases.

v2.3.0

This release migrates to the new osv.dev and osv-schema proto bindings for its internal data models (#2328). This is primarily an internal change and should not impact users.

Features:

Fixes:

New Contributors

Full Changelog: google/osv-scanner@v2.2.4...v2.3.0

Changelog

Sourced from github.com/google/osv-scanner/v2's changelog.

v2.3.0

This release migrates to the new osv.dev and osv-schema proto bindings for its internal data models (#2328). This is primarily an internal change and should not impact users.

Features:

Fixes:

Commits

Updates gitlab.com/gitlab-org/api/client-go from 0.159.0 to 1.3.0

Release notes

Sourced from gitlab.com/gitlab-org/api/client-go's releases.

v1.3.0

1.3.0

🚀 Features

  • feat(credentials): Add support for revoking group PATs, listing/deleting group SSH keys (!2594) by Heidi Berry

🔄 Other Changes

  • refactor: moved comments to interface (!2595) by Zubeen
  • refactor(users): moved comments to interface (!2596) by Zubeen
  • refactor: moved comments to interface (!2599) by Zubeen
  • Simplify more request functions, introducing NoEscape (!2592) by Timo Furrer

1.3.0 (2025-11-30)

Features

  • credentials: Add support for revoking group PATs, listing/deleting group SSH keys (3439f4f)

v1.2.0

1.2.0

🚀 Features

  • feat(credentials): Add support for listing all SaaS enterprise user personal access tokens (!2593) by Heidi Berry

🔄 Other Changes

1.2.0 (2025-11-27)

Features

  • credentials: Add support for listing all SaaS enterprise user personal access tokens (3697779)

v1.1.0

1.1.0

🚀 Features

  • feat(service_account): allow providing email when update a Service Account (!2589) by kilianpaquier

... (truncated)

Changelog

Sourced from gitlab.com/gitlab-org/api/client-go's changelog.

1.3.0

🚀 Features

  • feat(credentials): Add support for revoking group PATs, listing/deleting group SSH keys (!2594) by Heidi Berry

🔄 Other Changes

  • refactor: moved comments to interface (!2595) by Zubeen
  • refactor(users): moved comments to interface (!2596) by Zubeen
  • refactor: moved comments to interface (!2599) by Zubeen
  • Simplify more request functions, introducing NoEscape (!2592) by Timo Furrer

1.3.0 (2025-11-30)

Features

  • credentials: Add support for revoking group PATs, listing/deleting group SSH keys (3439f4f)

1.2.0

🚀 Features

  • feat(credentials): Add support for listing all SaaS enterprise user personal access tokens (!2593) by Heidi Berry

🔄 Other Changes

1.2.0 (2025-11-27)

Features

  • credentials: Add support for listing all SaaS enterprise user personal access tokens (3697779)

1.1.0

🚀 Features

  • feat(service_account): allow providing email when update a Service Account (!2589) by kilianpaquier

🔄 Other Changes

... (truncated)

Commits
  • 44a866e chore(release): 1.3.0 [skip ci]
  • bf6777f Merge branch 'add-more-creds' into 'main'
  • 3439f4f feat(credentials): Add support for revoking group PATs, listing/deleting grou...
  • a6c9dde Merge branch 'moveCommentsInterfaces1' into 'main'
  • 84a8f82 refactor: moved comments to interface
  • 407491e Merge branch 'moveCommentsInterfaces2' into 'main'
  • b2c52c2 refactor(users): moved comments to interface
  • 6c99ca8 Merge branch 'moveCommentInterfaces4' into 'main'
  • 7a1da57 refactor: moved comments to interface
  • 929dfea Merge branch 'simplify-requests' into 'main'
  • Additional commits viewable in compare view

Updates cloud.google.com/go/storage from 1.57.1 to 1.57.2

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage 1.57.2

1.57.2 (2025-11-14)

Features

Bug Fixes

Documentation

  • updates to docs and docs formatting (PiperOrigin-RevId: 828488192) (93ca68d5)
Commits
  • 54f5f63 chore: librarian release pull request: 20251114T145800Z (#13361)
  • 315f65b fix(spanner): decoding spanner rows using SelectAll should map values in corr...
  • d1224e8 test(spanner): additional tests for SelectAll() (#13360)
  • b9196cf feat: Add grpc.xds.resource_type label to xDS client metrics (#13358)
  • b0f1362 fix(storage): Handle redirect on takeover. (#13354)
  • 5574f5b chore: librarian update image pull request: 20251113T211851Z (#13355)
  • 3fef58b chore(internal/librariangen): bump gapic-generator-go to 0.55.1 (#13352)
  • e978a68 chore: update the go version in renovate.json (#13348)
  • 29b6c97 chore: librarian update image pull request: 20251112T170525Z (#13346)
  • 1f4da37 chore(internal/librariangen): bump gapic-generator-go to 0.55.0 (#13345)
  • Additional commits viewable in compare view

Updates github.com/golangci/golangci-lint/v2 from 2.6.1 to 2.6.2

Release notes

Sourced from github.com/golangci/golangci-lint/v2's releases.

v2.6.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • a237b8294c2776c7da0eddcc72eb3632223488c1 build(deps): bump github.com/maratori/testableexamples from 1.0.0 to 1.0.1 (#6182)
  • 7255b2cff8787ddd0b062d543a08c5afa7989c78 build(deps): bump github.com/maratori/testpackage from 1.1.1 to 1.1.2 (#6183)
  • f07ab6ad97df981f3e2ffb11bf1d54d39088cefd build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in /scripts/gen_github_action_config in the scripts group (#6185)
  • 79163b62ba480ed49e1f3bb4ef346ea1f912331b build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 (#6181)
  • 7bcb236705fdd83923d5dfe2487d9244cc6585c2 build(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 in the github-actions group (#6186)
  • a8a12dba5f526b14e31be424b0f1e6cc1e922269 fix: fmt command with symlinks (#6187)
  • c128d127c8593eaef27d541221c24e972b6df150 fix: use file depending on build configuration to invalidate cache (#6179)
Changelog

Sourced from github.com/golangci/golangci-lint/v2's changelog.

v2.6.2

Released on 2025-11-14

  1. Bug fixes
    • fmt command with symlinks
    • use file depending on build configuration to invalidate cache
  2. Linters bug fixes
    • testableexamples: from 1.0.0 to 1.0.1
    • testpackage: from 1.1.1 to 1.1.2
Commits
  • dc16cf4 chore: prepare release
  • a8a12db fix: fmt command with symlinks (#6187)
  • 7bcb236 build(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 in the gi...
  • f07ab6a build(deps): bump golang.org/x/oauth2 from 0.32.0 to 0.33.0 in /scripts/gen_g...
  • 7255b2c build(deps): bump github.com/maratori/testpackage from 1.1.1 to 1.1.2 (#6183)
  • a237b82 build(deps): bump github.com/maratori/testableexamples from 1.0.0 to 1.0.1 (#...
  • 79163b6 build(deps): bump golang.org/x/sync from 0.17.0 to 0.18.0 (#6181)
  • c128d12 fix: use file depending on build configuration to invalidate cache (#6179)
  • b92f577 docs: improve fix flag description (#6175)
  • fb3e4b2 docs: fix changelog
  • Additional commits viewable in compare view

Updates github.com/goreleaser/goreleaser/v2 from 2.12.7 to 2.13.0

Release notes

Sourced from github.com/goreleaser/goreleaser/v2's releases.

v2.13.0

Announcement

Read the official announcement: Announcing GoReleaser v2.13.

Changelog

New Features

  • 180a7e8691850b6e129544db741efbe66f963798: feat(aur): use ${pkgver} in the URL to prevent extra diffs (#6231) (@​caarlos0)
  • f99924b443b377fe83c54084ef8a542af95b61bd: feat: add Discourse announcer (#6199) (@​FelicianoTech)
  • 7d0a94c6d8dff44ec699098c51bbbd0912cc2cd4: feat: add GitHub App signed commit support (#6240) (@​Copilot)
  • 27480036b6dd63419e8f23b5a81faf422927008a: feat: make hooks in homebrew_casks templateable (#6222) (@​Copilot)
  • 0a525ea6e29f57e5f2a60e1bd11e6d6ba551e492: feat: make hooks in homebrew_casks templateable (#6222) (@​Copilot)
  • f6e37dd75759ad9924e7fc8fd282d0c4a4b78cde: feat: make signs.output and docker_signs.output templateable (#6220) (@​Copilot)
  • 5a3de94e874ef18472235c37879f3d7585164cb2: feat: make signs.output and docker_signs.output templateable (#6220) (@​Copilot)
  • 5479cdad18130f0032e3af6e0862a14a06bc99ec: feat: mcp publisher (#6234) (@​caarlos0)
  • a86fca99c52061650a6d92301476aecaf3ad77f3: feat: support ko loading base image from daemon (#6233) (@​scav)
  • 8a8bf4143d6554f6d47249caff1687e1d254d883: feat: update Go to 1.25.4 (#6239) (@​timofurrer)
  • d374725a5278018194aa4bebe25c7665d7e281cf: feat: update go to 1.25.3 (#6223) (@​caarlos0)
  • 42ac5641a9b90187b0d802463394008477e67519: feat: update go to 1.25.3 (#6223) (@​caarlos0)

Bug fixes

  • a5e267afe76077ca40b18fb4f5db502a3115a2dd: fix(announce): user agent should be goreleaser/v2 (@​caarlos0)
  • 12a3492f6e9b84d55cbfe28656e3ffceca1362fc: fix(aur): prerelease versions were not being properly handled (#6204) (@​caarlos0)
  • 47b3d403c88eeabea539738aa50a231fcd9e3983: fix(dockers/v2): add warning when docker buildx uses non-container driver (dockers_v2 only) (#6263) (@​Copilot)
  • 41daedd3e01358c7f3f33ca270fc83f72ed4064f: fix(dockers/v2): better handle error (@​caarlos0)
  • de9ae24137392d5e58ba1494e37e7f82f7a276d9: fix(dockers/v2): check docker driver on healthcheck (#6273) (@​caarlos0)
  • aaf5877eccb61607805aa64489f6513564cd0c07: fix(github): enterprise urls (#6261) (@​caarlos0)
  • 1099caad30826d547dbf9ea30b111233c88a3e58: fix(github): more details if sync and create ref fail (#6255) (@​caarlos0)
  • c3bfb5a5b75bd2225c5237b686853d3e85b81c28: fix(go): only add .h artifact if it exists (#6254) (@​caarlos0)
  • 0f0c1ce785549d1c53cdb9af2e58d527e58867f6: fix(mcp): move it all inside mcp.github (@​caarlos0)
  • ed61af369792b0c00a18ee057aaa2bd9660e38f5: fix(mcp): reduce tool bloat, resources, prompts (@​caarlos0)
  • 9d40b7657c95f0c3e9e96c09c90ce632fac0e755: fix: change some bits of the config to make it easier to keep in sync (@​caarlos0)
  • 567f0228ebf2e2370b3528b548cdd7c5f7383e6b: fix: dynamically use announcer names in errors (#6246) (@​FelicianoTech)
  • 7f5f40a5a0cbc8ab813bcdf920cdadcfbbe42a73: fix: lint issues (@​caarlos0)
  • 55e8dda1d6c1c2e16621c639ead8637008c4905d: fix: move stuff around in pkg/config (@​caarlos0)
  • 829182463a86f108f6c1c5426322c3b423ccd0f6: fix: properly mark fields deprecated in jsonschema (@​caarlos0)
  • e8408f0a52c401e3870664375c298b2e00825321: fix: small config improvements (@​caarlos0)
  • d95f49714f2d8f039e72a535f54aa3ad8cf3b1f0: fix: use v3 user-agent for Bluesky announcer (#6247) (@​FelicianoTech)
  • f7fc451c468bd31b658bd74a5f991481a659cc10: fix: warn mcp experimental (@​caarlos0)
  • 69dc9ae55c195b87eb87c64f69eb8a4c7994485e: refactor: move mcp out of main repo (#6232) (@​caarlos0)

Documentation updates

  • f9f452970ac11945e70cfd15c9bbb29e5c46ef30: docs(deps): bump mkdocs-material from 9.6.22 to 9.6.23 in /www in the docs group (#6242) (@​dependabot[bot])
  • 140b4fe80f6915d44245504cfe3f0dbb82d1079a: docs(deps): bump mkdocs-rss-plugin from 1.17.6 to 1.17.7 in /www in the docs group (#6266) (@​dependabot[bot])
  • a57ccc31f9343169a90377e16e7b40fb33881a2c: docs(deps): bump the docs group in /www with 2 updates (#6257) (@​dependabot[bot])
  • ae52ca27c0338c35e7fb73c2676a667cd72115df: docs(security): update incident response document (@​caarlos0)
  • 9e21891d0e8c09273f71051d65c1287d4102d703: docs: /mcp (@​caarlos0)
  • a324e1dbe10a65990f17235ac11fa15131a0c8c6: docs: auto update (@​caarlos0)
  • 61c03809e2c5e1afb8a75c571c14d8cf13c77f8d: docs: auto update (@​caarlos0)
  • 0d60b8cfb3a4e078bf476016d3eb332cac2da45f: docs: better experimental notice (@​caarlos0)
  • 5f266263db5e5245c1c105842db532d091624c18: docs: blog post about cosign v3 (@​caarlos0)
  • 180e3464593c3281706124eb3fea1a18bb1f4709: docs: fix element (@​caarlos0)

... (truncated)

Commits
  • 6e5e0aa chore: auto-update generated files
  • a8c402f docs: remove -unreleased
  • aaf5877 fix(github): enterprise urls (#6261)
  • 689b24d docs: update schema
  • 12a3492 fix(aur): prerelease versions were not being properly handled (#6204)
  • 2299f2c chore(deps): update 7 dependencies (#6275)
  • 50e3175 ci(deps): bump the actions group with 5 updates (#6277)
  • c188627 chore: auto-update generated files
  • ae52ca2 docs(security): update incident response document
  • 0f0c1ce fix(mcp): move it all inside mcp.github
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
gitlab.com/gitlab-org/api/client-go [>= 0.118.a, < 0.119]
gitlab.com/gitlab-org/api/client-go [>= 0.117.a, < 0.118]

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
🌱 Bump the gomod group across 2 directories with 8 updates
3290455 
Bumps the gomod group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.16.3` | `5.16.4` |
| [github.com/moby/buildkit](https://github.com/moby/buildkit) | `0.25.2` | `0.26.2` |
| [golang.org/x/text](https://github.com/golang/text) | `0.30.0` | `0.31.0` |
| [github.com/google/osv-scanner/v2](https://github.com/google/osv-scanner) | `2.2.4` | `2.3.0` |
| [gitlab.com/gitlab-org/api/client-go](https://gitlab.com/gitlab-org/api/client-go) | `0.159.0` | `1.3.0` |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.57.1` | `1.57.2` |

Bumps the gomod group with 2 updates in the /tools directory: [github.com/golangci/golangci-lint/v2](https://github.com/golangci/golangci-lint) and [github.com/goreleaser/goreleaser/v2](https://github.com/goreleaser/goreleaser).


Updates `github.com/go-git/go-git/v5` from 5.16.3 to 5.16.4
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.16.3...v5.16.4)

Updates `github.com/moby/buildkit` from 0.25.2 to 0.26.2
- [Release notes](https://github.com/moby/buildkit/releases)
- [Commits](moby/buildkit@v0.25.2...v0.26.2)

Updates `golang.org/x/text` from 0.30.0 to 0.31.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.30.0...v0.31.0)

Updates `github.com/google/osv-scanner/v2` from 2.2.4 to 2.3.0
- [Release notes](https://github.com/google/osv-scanner/releases)
- [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md)
- [Commits](google/osv-scanner@v2.2.4...v2.3.0)

Updates `gitlab.com/gitlab-org/api/client-go` from 0.159.0 to 1.3.0
- [Release notes](https://gitlab.com/gitlab-org/api/client-go/tags)
- [Changelog](https://gitlab.com/gitlab-org/api/client-go/blob/main/CHANGELOG.md)
- [Commits](https://gitlab.com/gitlab-org/api/client-go/compare/v0.159.0...v1.3.0)

Updates `cloud.google.com/go/storage` from 1.57.1 to 1.57.2
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@storage/v1.57.1...storage/v1.57.2)

Updates `github.com/golangci/golangci-lint/v2` from 2.6.1 to 2.6.2
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/main/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v2.6.1...v2.6.2)

Updates `github.com/goreleaser/goreleaser/v2` from 2.12.7 to 2.13.0
- [Release notes](https://github.com/goreleaser/goreleaser/releases)
- [Commits](goreleaser/goreleaser@v2.12.7...v2.13.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.16.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/moby/buildkit
  dependency-version: 0.26.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/text
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/google/osv-scanner/v2
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: gitlab.com/gitlab-org/api/client-go
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gomod
- dependency-name: cloud.google.com/go/storage
  dependency-version: 1.57.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/golangci/golangci-lint/v2
  dependency-version: 2.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/goreleaser/goreleaser/v2
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 1, 2025 10:58
@dependabot dependabot bot removed the request for review from a team December 1, 2025 10:58
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 1, 2025
@dependabot dependabot bot added the go Pull requests that update Go code label Dec 1, 2025
@dosubot dosubot bot added the size:L This PR changes 100-499 lines, ignoring generated files. label Dec 1, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@justaugustus justaugustus Awaiting requested review from justaugustus justaugustus is a code owner automatically assigned from ossf/scorecard-maintainers

@spencerschrock spencerschrock Awaiting requested review from spencerschrock spencerschrock is a code owner automatically assigned from ossf/scorecard-maintainers

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code size:L This PR changes 100-499 lines, ignoring generated files.

Projects

OpenSSF Scorecard
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant