[PR #93] build(deps): bump the prod-minor-updates group across 1 directory with 2 updates #1050

Open
opened 2026-06-21 21:11:20 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/fosrl/gerbil/pull/93
Author: @dependabot[bot]
Created: 6/8/2026
Status: 🔄 Open

Base: mainHead: dependabot/go_modules/prod-minor-updates-ae6daafbbe


📝 Commits (1)

  • f554bd1 build(deps): bump the prod-minor-updates group across 1 directory with 2 updates

📊 Changes

2 files changed (+12 additions, -12 deletions)

View changed files

📝 go.mod (+4 -4)
📝 go.sum (+8 -8)

📄 Description

Bumps the prod-minor-updates group with 1 update in the / directory: golang.org/x/crypto.

Updates golang.org/x/crypto from 0.52.0 to 0.53.0

Commits
  • 45460e0 go.mod: update golang.org/x dependencies
  • d37c95e pkcs12: limit PBKDF iteration count to prevent CPU exhaustion
  • e2ffffe ssh: reject incomplete gssapi-with-mic configurations
  • 60e158a ssh/test: isolate CLI tests from user SSH config and agent
  • 1b77d23 ssh/knownhosts: reject lines with multiple or unknown markers
  • 3872a2b ssh/knownhosts: verify declared key type matches decoded key
  • 9f72ecc ssh/knownhosts: treat only ASCII space and tab as whitespace
  • 8f405a4 ssh: validate ECDSA curve matches expected algorithm
  • bb41b3d ssh: improve DH GEX group selection using PreferredBits
  • e04e721 ssh/agent: validate ed25519 private key length in Add
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.20.0 to 0.21.0

Commits


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/gerbil/pull/93 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 6/8/2026 **Status:** 🔄 Open **Base:** `main` ← **Head:** `dependabot/go_modules/prod-minor-updates-ae6daafbbe` --- ### 📝 Commits (1) - [`f554bd1`](https://github.com/fosrl/gerbil/commit/f554bd10a096f4cc3c64e979a084c7c14cf16349) build(deps): bump the prod-minor-updates group across 1 directory with 2 updates ### 📊 Changes **2 files changed** (+12 additions, -12 deletions) <details> <summary>View changed files</summary> 📝 `go.mod` (+4 -4) 📝 `go.sum` (+8 -8) </details> ### 📄 Description Bumps the prod-minor-updates group with 1 update in the / directory: [golang.org/x/crypto](https://github.com/golang/crypto). Updates `golang.org/x/crypto` from 0.52.0 to 0.53.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/crypto/commit/45460e079737ecb64f30d79d3d6fc2914494fa66"><code>45460e0</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/crypto/commit/d37c95e27de65576f42440cdfbc261d810506841"><code>d37c95e</code></a> pkcs12: limit PBKDF iteration count to prevent CPU exhaustion</li> <li><a href="https://github.com/golang/crypto/commit/e2ffffe738fb46531cd8924bab497bdc77d9ecc8"><code>e2ffffe</code></a> ssh: reject incomplete gssapi-with-mic configurations</li> <li><a href="https://github.com/golang/crypto/commit/60e158ad30c226555794539d96f0f104f43395f7"><code>60e158a</code></a> ssh/test: isolate CLI tests from user SSH config and agent</li> <li><a href="https://github.com/golang/crypto/commit/1b77d23dc8afb26a494e331a3c637b6de88398d2"><code>1b77d23</code></a> ssh/knownhosts: reject lines with multiple or unknown markers</li> <li><a href="https://github.com/golang/crypto/commit/3872a2bc69f464352dea49c2856955ef7c5d5851"><code>3872a2b</code></a> ssh/knownhosts: verify declared key type matches decoded key</li> <li><a href="https://github.com/golang/crypto/commit/9f72eccdf6fa09a7c68448a7fdc333dd2deb7d9d"><code>9f72ecc</code></a> ssh/knownhosts: treat only ASCII space and tab as whitespace</li> <li><a href="https://github.com/golang/crypto/commit/8f405a4109d7ce87a44f89185bdc385914ce5c13"><code>8f405a4</code></a> ssh: validate ECDSA curve matches expected algorithm</li> <li><a href="https://github.com/golang/crypto/commit/bb41b3dbe630c21c78e3aeb0ebdd8d06a3a34fcf"><code>bb41b3d</code></a> ssh: improve DH GEX group selection using PreferredBits</li> <li><a href="https://github.com/golang/crypto/commit/e04e7219970912a40f80c4b13029416fdf960eeb"><code>e04e721</code></a> ssh/agent: validate ed25519 private key length in Add</li> <li>Additional commits viewable in <a href="https://github.com/golang/crypto/compare/v0.52.0...v0.53.0">compare view</a></li> </ul> </details> <br /> Updates `golang.org/x/sync` from 0.20.0 to 0.21.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/sync/commit/5071ed6a9f1617117556b66384f765c934de3698"><code>5071ed6</code></a> all: fix some comments to improve readability</li> <li>See full diff in <a href="https://github.com/golang/sync/compare/v0.20.0...v0.21.0">compare view</a></li> </ul> </details> <br /> --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-06-21 21:11:20 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gerbil#1050