Skip to content

build(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0#602

Merged
mwbrooks merged 3 commits into
mainfrom
mwbrooks-bump-golang-x-crypto
Jun 24, 2026
Merged

build(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0#602
mwbrooks merged 3 commits into
mainfrom
mwbrooks-bump-golang-x-crypto

Conversation

@mwbrooks

@mwbrooks mwbrooks commented Jun 24, 2026
edited
Loading

Copy link
Copy Markdown
Member

Changelog

  • N/A

Summary

This pull request bumps the indirect golang.org/x/crypto dependency from v0.51.0 to v0.52.0 to clear 13 Snyk-reported vulnerabilities (5 High, 8 Medium) pulled in transitively through github.com/go-git/go-git/v5.

Preview

N/A — indirect dependency bump, no user-facing changes.

Testing

  • Run snyk test and confirm Tested 352 dependencies for known issues, no vulnerable paths found. (was 13 issues / 40 vulnerable paths before the bump)
  • Run make build and confirm the binary builds cleanly
  • Run make test and confirm the suite passes

Requirements

@codecov

codecov Bot commented Jun 24, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.65%. Comparing base (f0d20ad) to head (a0e7862).
⚠️ Report is 4 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #602      +/-   ##
==========================================
+ Coverage   71.64%   71.65%   +0.01%     
==========================================
  Files         226      226              
  Lines       19176    19176              
==========================================
+ Hits        13739    13741       +2     
  Misses       4222     4222              
+ Partials     1215     1213       -2

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@mwbrooks mwbrooks self-assigned this Jun 24, 2026
@mwbrooks mwbrooks added security Use on pull requests related to security semver:patch Use on pull requests to describe the release version increment labels Jun 24, 2026
@mwbrooks mwbrooks added this to the Next Release milestone Jun 24, 2026
@mwbrooks mwbrooks marked this pull request as ready for review June 24, 2026 17:13
@mwbrooks mwbrooks requested a review from a team as a code owner June 24, 2026 17:13
zimeg
zimeg approved these changes Jun 24, 2026
View reviewed changes

@zimeg zimeg left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mwbrooks Amazing find thanks for keeping us on the latest 🔏

I note a changelog section exists in the PR title but not labels and was wondering if this is something we want to surface next release notes?

@mwbrooks mwbrooks added changelog Use on updates to be included in the release notes and removed changelog Use on updates to be included in the release notes labels Jun 24, 2026
@mwbrooks

mwbrooks commented Jun 24, 2026

Copy link
Copy Markdown
Member Author

@zimeg Thanks for the quick review!

Good call. I removed the changelog entry and didn't add a label. I don't think we need it surfaced in the public changelog.

@mwbrooks mwbrooks enabled auto-merge (squash) June 24, 2026 19:00
@mwbrooks mwbrooks merged commit b67b5cc into main Jun 24, 2026
9 checks passed
@mwbrooks mwbrooks deleted the mwbrooks-bump-golang-x-crypto branch June 24, 2026 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zimeg zimeg zimeg approved these changes

Assignees

@mwbrooks mwbrooks

Labels

security Use on pull requests related to security semver:patch Use on pull requests to describe the release version increment

Projects

None yet

Milestone

Next Release

Development

Successfully merging this pull request may close these issues.

2 participants

@mwbrooks @zimeg