Skip to content

build(deps): bump the production-dependencies group across 1 directory with 4 updates#182

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/production-dependencies-286db018d8
Open

build(deps): bump the production-dependencies group across 1 directory with 4 updates#182
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/production-dependencies-286db018d8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 30, 2026
edited
Loading

Bumps the production-dependencies group with 4 updates in the / directory: github.com/gin-contrib/sessions, github.com/gin-contrib/static, golang.org/x/crypto and golang.org/x/image.

Updates github.com/gin-contrib/sessions from 1.0.4 to 1.1.0

Release notes

Sourced from github.com/gin-contrib/sessions's releases.

v1.1.0

Changelog

Features

  • 4327f7e8487a71ad4226339c04064a734d15e3fe: feat: different stores for many sessions #144 (#282) (@​found-cake)
  • 10bdc64d5892849e4c86286beafa61a88b909f75: feat: filesystem store backend (#251) (@​geschke)

Enhancements

  • f9dd0cecced22b01fbf84d723696d38492698e0e: chore: upgrade Go version and refresh golang.org/x dependencies (@​appleboy)
  • 0d74439a0cbfa936e769f7ceb03eecf957a23d19: chore: remove bearer.yml workflow (@​appleboy)
  • 1fe585d9cb9545e5275cb6f086dc7b2115773cc3: chore(deps): bump actions/checkout from 4 to 6 (@​appleboy)
  • eeb086e6e994940ae3b39ac544504a6eff7df1ef: chore: drop Go 1.23 support, require Go 1.24+ (@​appleboy)
  • 4fce2996763f58f174b9af806ca2df84707007d1: chore(ci): update golangci-lint to v2.6 (@​appleboy)
  • 77e1bcbfa223e96ae203b4d7ed98a11bb335a3c2: chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0 (@​appleboy)
  • 31810180113fbe08e740dd2dcff3553d85859465: chore(deps): upgrade gin to v1.12.0 and update CI Go versions (@​appleboy)
  • 9a54dc33bfa63091a42b560a7cdb3093dc303b90: chore(deps): upgrade golang.org/x/text to v0.35.0 (@​appleboy)

Build process updates

  • 536c215582de615dd5c092b681af2871a1c4603c: ci: integrate Trivy vulnerability scanning into CI workflow (@​appleboy)
  • b2b49a92d7e219fb25ceda38855b90289831dc2c: ci: update CI workflows for latest Go versions and config consistency (@​appleboy)
  • f0b99861e0de754b4d20a32b701d30f4c994837b: ci: integrate automated Trivy security scanning workflow (@​appleboy)
  • fe9f72ae1fd559dd20898addfc71a39ac43a744a: ci(workflow): bump goreleaser/goreleaser-action from v6 to v7 (@​appleboy)

Others

  • 9a1aed78fd53bb98e7657fc8a32d20ef4fb5e390: style: modernize build tag syntax to use //go:build constraints (@​appleboy)
  • c2fb15f830abb6ae87a7a96d940ea62aac88bf9f: Add Go 1.26 to GitHub Actions test matrix (@​appleboy)
  • 7b3e83d04a7e17ef72db9e157189efca73605af9: Update golangci-lint version to v2.9 (@​appleboy)
  • 94278a601f92ed586d93d946432ac3a2aeedb255: Upgrade GitHub Actions versions (@​appleboy)
Commits
  • 9a54dc3 chore(deps): upgrade golang.org/x/text to v0.35.0
  • fe9f72a ci(workflow): bump goreleaser/goreleaser-action from v6 to v7
  • 3181018 chore(deps): upgrade gin to v1.12.0 and update CI Go versions
  • 77e1bcb chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0
  • 94278a6 Upgrade GitHub Actions versions
  • 7b3e83d Update golangci-lint version to v2.9
  • c2fb15f Add Go 1.26 to GitHub Actions test matrix
  • 9a1aed7 style: modernize build tag syntax to use //go:build constraints
  • 4fce299 chore(ci): update golangci-lint to v2.6
  • eeb086e chore: drop Go 1.23 support, require Go 1.24+
  • Additional commits viewable in compare view

Updates github.com/gin-contrib/static from 1.1.5 to 1.1.6

Release notes

Sourced from github.com/gin-contrib/static's releases.

v1.1.6

Changelog

Features

  • e98eb0a72abb677a34183af876f0f7866955e1d1: feat: improve error handling and update project documentation (@​appleboy)

Bug fixes

  • ae4e617113260c561453924bc4c5d885be26c235: fix: refactor and benchmark Exists method for accuracy and performance (@​appleboy)

Enhancements

  • d64beb4c2a57a708ef95669bb5507a0f268b93a5: chore: update Go version and refresh module dependencies (@​appleboy)
  • 58a0a98f9072da8a7b149fc5b49ee453b6e7103a: chore: remove bearer.yml workflow (@​appleboy)
  • 6c9a8cd103043d819fe383b805e870ece2e9e9de: chore(deps): bump actions/checkout from 4 to 6 (@​appleboy)
  • e47b1d732f3e2509bf47060fba570b494089e1df: chore: drop Go 1.23 support, require Go 1.24+ (@​appleboy)
  • 64df63361396f44afc1cc5af6bbe9ce664c67d25: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
  • c5d9801fa10753e5610cb8ea3322ed5f8480b313: chore(ci): update golangci-lint to v2.6 (@​appleboy)
  • 74185f39cccc5ba9f6c66424d67444d45134e6af: chore(deps): bump actions/cache from 4 to 5 (@​appleboy)
  • 7594abd1593a753c135102cba36874837ee9d39c: chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0 (@​appleboy)
  • 7a84ffdc0f00ae8491151709f72a04b5dff1a01b: chore(deps): upgrade gin to v1.12.0 and update CI Go versions (@​appleboy)
  • a0596e2bd15e6c6de6621eed2b7a591239152d0f: chore(deps): upgrade golang.org/x/text to v0.35.0 (@​appleboy)

Refactor

  • a84464fc586a5f08fd7a6e163c5c8d889585e936: refactor: improve clarity and robustness of embedded data handling (@​appleboy)

Build process updates

  • e6ceb98b1d2a4f1175b3d53f63954a051ad07854: ci: test against Go 1.25 in CI workflow (@​appleboy)
  • 51806e2ffc88d254927ba2f3502fcb4307f1ebcf: ci: integrate automated Go benchmarking into CI workflow (@​appleboy)
  • dccc72caae0ba01a9b5e276691177d5450224613: ci: integrate Trivy security scanning and reporting via GitHub Actions (@​appleboy)
  • 205ab270eab3f943ff02249aea681535952d30ca: ci(workflow): bump goreleaser/goreleaser-action from v6 to v7 (@​appleboy)

Others

  • bf66547e499b66af836c05f31ce3b1f848e9a20d: test: enhance test coverage and documentation clarity (@​appleboy)
  • ad28727686d214fd0c97b5c51da5d7045d7831b1: Add Go 1.26 to GitHub Actions test matrix (@​appleboy)
  • 6f1a96365eebc655a905efab6b63609663f95970: Update golangci-lint version to v2.9 (@​appleboy)
  • efeca8101c3c78bd95170376be537295ea5ea15c: Upgrade GitHub Actions versions (@​appleboy)
Commits
  • a0596e2 chore(deps): upgrade golang.org/x/text to v0.35.0
  • 205ab27 ci(workflow): bump goreleaser/goreleaser-action from v6 to v7
  • 7a84ffd chore(deps): upgrade gin to v1.12.0 and update CI Go versions
  • 7594abd chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0
  • efeca81 Upgrade GitHub Actions versions
  • 6f1a963 Update golangci-lint version to v2.9
  • ad28727 Add Go 1.26 to GitHub Actions test matrix
  • 74185f3 chore(deps): bump actions/cache from 4 to 5
  • a84464f refactor: improve clarity and robustness of embedded data handling
  • c5d9801 chore(ci): update golangci-lint to v2.6
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.48.0 to 0.49.0

Commits
  • 982eaa6 go.mod: update golang.org/x dependencies
  • 159944f ssh,acme: clean up tautological/impossible nil conditions
  • a408498 acme: only require prompt if server has terms of service
  • cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
  • 2f26647 x509roots/fallback: update bundle
  • See full diff in compare view

Updates golang.org/x/image from 0.37.0 to 0.38.0

Commits
  • 23ae9ed tiff: cap buffer growth to prevent OOM from malicious IFD offset
  • e589e60 webp: allow VP8L + VP8X(with alpha)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the production-dependencies group across 1 director…
044b757 
…y with 4 updates

Bumps the production-dependencies group with 4 updates in the / directory: [github.com/gin-contrib/sessions](https://github.com/gin-contrib/sessions), [github.com/gin-contrib/static](https://github.com/gin-contrib/static), [golang.org/x/crypto](https://github.com/golang/crypto) and [golang.org/x/image](https://github.com/golang/image).


Updates `github.com/gin-contrib/sessions` from 1.0.4 to 1.1.0
- [Release notes](https://github.com/gin-contrib/sessions/releases)
- [Commits](gin-contrib/sessions@v1.0.4...v1.1.0)

Updates `github.com/gin-contrib/static` from 1.1.5 to 1.1.6
- [Release notes](https://github.com/gin-contrib/static/releases)
- [Commits](gin-contrib/static@v1.1.5...v1.1.6)

Updates `golang.org/x/crypto` from 0.48.0 to 0.49.0
- [Commits](golang/crypto@v0.48.0...v0.49.0)

Updates `golang.org/x/image` from 0.37.0 to 0.38.0
- [Commits](golang/image@v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: github.com/gin-contrib/sessions
  dependency-version: 1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/gin-contrib/static
  dependency-version: 1.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: golang.org/x/crypto
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: golang.org/x/image
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 30, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants