[PR #356] [MERGED] chore(deps): bump the prod-patch-updates group across 1 directory with 2 updates #5385

Closed
opened 2026-06-07 18:31:45 -05:00 by GiteaMirror · 0 comments
Owner

📋 Pull Request Information

Original PR: https://github.com/fosrl/newt/pull/356
Author: @dependabot[bot]
Created: 5/15/2026
Status: Merged
Merged: 6/4/2026
Merged by: @oschwartz10612

Base: mainHead: dependabot/go_modules/prod-patch-updates-d9ad24fc58


📝 Commits (2)

  • 69ed082 chore(deps): bump the prod-patch-updates group across 1 directory with 2 updates
  • 88c1c2e chore(nix): fix hash for updated go dependencies

📊 Changes

3 files changed (+7 additions, -7 deletions)

View changed files

📝 flake.nix (+1 -1)
📝 go.mod (+2 -2)
📝 go.sum (+4 -4)

📄 Description

Bumps the prod-patch-updates group with 2 updates in the / directory: google.golang.org/grpc and software.sslmate.com/src/go-pkcs12.

Updates google.golang.org/grpc from 1.81.0 to 1.81.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.81.1

Security

  • xds/rbac: Fix a potential authorization bypass caused by incorrectly falling through URI/DNS SANs to Subject Distinguished Name (DN) when matching the authenticated principal name. With this fix, only the first non-empty identity source will be used, as per gRFC A41. (#9111)

Bug Fixes

  • otel: Segregate client and server RPC information used for metrics and traces, to avoid one overwriting the other. (#9081)
Commits

Updates software.sslmate.com/src/go-pkcs12 from 0.7.0 to 0.7.1


🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/fosrl/newt/pull/356 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 5/15/2026 **Status:** ✅ Merged **Merged:** 6/4/2026 **Merged by:** [@oschwartz10612](https://github.com/oschwartz10612) **Base:** `main` ← **Head:** `dependabot/go_modules/prod-patch-updates-d9ad24fc58` --- ### 📝 Commits (2) - [`69ed082`](https://github.com/fosrl/newt/commit/69ed08222fcb0d65ef96e136cbbc6ae7ee50605d) chore(deps): bump the prod-patch-updates group across 1 directory with 2 updates - [`88c1c2e`](https://github.com/fosrl/newt/commit/88c1c2e0b50ef411080dbba6aef7de8640ab2adc) chore(nix): fix hash for updated go dependencies ### 📊 Changes **3 files changed** (+7 additions, -7 deletions) <details> <summary>View changed files</summary> 📝 `flake.nix` (+1 -1) 📝 `go.mod` (+2 -2) 📝 `go.sum` (+4 -4) </details> ### 📄 Description Bumps the prod-patch-updates group with 2 updates in the / directory: [google.golang.org/grpc](https://github.com/grpc/grpc-go) and software.sslmate.com/src/go-pkcs12. Updates `google.golang.org/grpc` from 1.81.0 to 1.81.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.81.1</h2> <h1>Security</h1> <ul> <li>xds/rbac: Fix a potential authorization bypass caused by incorrectly falling through URI/DNS SANs to Subject Distinguished Name (DN) when matching the authenticated principal name. With this fix, only the first non-empty identity source will be used, as per <a href="https://github.com/grpc/proposal/blob/master/A41-xds-rbac.md">gRFC A41</a>. (<a href="https://redirect.github.com/grpc/grpc-go/issues/9111">#9111</a>) <ul> <li>Special Thanks: <a href="https://github.com/al4an444"><code>@​al4an444</code></a></li> </ul> </li> </ul> <h1>Bug Fixes</h1> <ul> <li>otel: Segregate client and server RPC information used for metrics and traces, to avoid one overwriting the other. (<a href="https://redirect.github.com/grpc/grpc-go/issues/9081">#9081</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/caf0772c2bcb8bc15d43eb53448e921f34f0b7e8"><code>caf0772</code></a> Change version from 1.81.1-dev to 1.81.1 (<a href="https://redirect.github.com/grpc/grpc-go/issues/9122">#9122</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/6ccbeebf058ede71e43a5ac28fada2a736573215"><code>6ccbeeb</code></a> Cherry-pick <a href="https://redirect.github.com/grpc/grpc-go/issues/9111">#9111</a> into v1.81.x (<a href="https://redirect.github.com/grpc/grpc-go/issues/9121">#9121</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/b33c29e41b438e371c8504de9bdf64a80098cc29"><code>b33c29e</code></a> Cherry-pick <a href="https://redirect.github.com/grpc/grpc-go/issues/9081">#9081</a> into v1.81.x (<a href="https://redirect.github.com/grpc/grpc-go/issues/9102">#9102</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/c45fae6d06a5c192b7b96418a2bc26a96b856834"><code>c45fae6</code></a> Change version to 1.81.1-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/9063">#9063</a>)</li> <li>See full diff in <a href="https://github.com/grpc/grpc-go/compare/v1.81.0...v1.81.1">compare view</a></li> </ul> </details> <br /> Updates `software.sslmate.com/src/go-pkcs12` from 0.7.0 to 0.7.1 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
GiteaMirror added the pull-request label 2026-06-07 18:31:45 -05:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/newt#5385