cozy-stack
cozy-stack copied to clipboard
cozy
fix(deps): update module golang.org/x/crypto to v0.35.0 [security]
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| golang.org/x/crypto | v0.31.0 -> v0.35.0 |
GitHub Vulnerability Alerts
CVE-2025-22869
SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.
Configuration
📅 Schedule: Branch creation - "" in timezone Europe/Paris, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
ℹ Artifact update notice
File name: go.mod
In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):
- 7 additional dependencies were updated
- The
godirective was updated for compatibility reasons
Details:
| Package | Change |
|---|---|
go |
1.21 -> 1.24.0 |
golang.org/x/net |
v0.33.0 -> v0.47.0 |
golang.org/x/sync |
v0.10.0 -> v0.18.0 |
golang.org/x/term |
v0.27.0 -> v0.37.0 |
golang.org/x/text |
v0.21.0 -> v0.31.0 |
golang.org/x/mod |
v0.17.0 -> v0.29.0 |
golang.org/x/sys |
v0.28.0 -> v0.38.0 |
golang.org/x/tools |
v0.21.1-0.20240508182429-e35e4ccd0d2d -> v0.38.0 |