Bump the smallweb-deps group across 1 directory with 11 updates #137

dependabot · 2025-12-22T04:15:58Z

Bumps the smallweb-deps group with 10 updates in the / directory:

Package	From	To
github.com/cli/go-gh/v2	`2.12.1`	`2.13.0`
github.com/knadh/koanf/providers/file	`1.2.0`	`1.2.1`
github.com/knadh/koanf/v2	`2.2.2`	`2.3.0`
github.com/spf13/cobra	`1.9.1`	`1.10.2`
golang.org/x/term	`0.33.0`	`0.38.0`
github.com/caddyserver/certmagic	`0.23.0`	`0.25.0`
github.com/getsops/sops/v3	`3.10.2`	`3.11.0`
github.com/pkg/sftp	`1.13.9`	`1.13.10`
github.com/samber/slog-http	`1.7.0`	`1.9.0`
go.uber.org/zap	`1.27.0`	`1.27.1`

Updates github.com/cli/go-gh/v2 from 2.12.1 to 2.13.0

Release notes

Sourced from github.com/cli/go-gh/v2's releases.

v2.13.0

What's Changed

✨ Features

Expose replace sprig function by @iamazeem in cli/go-gh#196

🐛 Fixes

Update Go version to 1.25.0 by @BagToad in cli/go-gh#201

fix: handle HTTP status 205 properly by @nobe4 in cli/go-gh#163

📚 Docs & Chores

docs(pkg/api): explain HandleHTTPError does not close response body by @babakks in cli/go-gh#202

Dependencies

Upgrade Golangci-lint to v2.6 by @babakks in cli/go-gh#200

New Contributors

@nobe4 made their first contribution in cli/go-gh#163

@babakks made their first contribution in cli/go-gh#200

Full Changelog: cli/go-gh@v2.12.2...v2.13.0

v2.12.2

What's Changed

Bump golang.org/x/net from 0.36.0 to 0.38.0 by @dependabot[bot] in cli/go-gh#190

Full Changelog: cli/go-gh@v2.12.1...v2.12.2

Commits

a0a6e89 Merge pull request #201 from cli/kw/bump-go-1.25.0
1585603 Merge pull request #202 from cli/babakks/explain-resp-body-close
ec8f5ca docs(pkg/api): explain HandleHTTPError does not close resp body
5a975a9 Update Go version to 1.25.0
41e1e0d Merge pull request #200 from cli/babakks/upgrade-golangci-lint
f6d1f60 chore: upgrade to Golangci-lint v2.6
b7798dc docs: fix incorrect godoc usages
32287ae refactor: lift break condition into the loop
ff8ebd0 chore: disable QF1008 from staticcheck rules
c6bd235 chore: remove redundant/deprecated // +build tags
Additional commits viewable in compare view

Updates github.com/knadh/koanf/providers/file from 1.2.0 to 1.2.1

Release notes

Sourced from github.com/knadh/koanf/providers/file's releases.

v1.2.1

changelog for v1.2.0 -> v1.2.1

29cce50 Merge pull request #101 from e-nikolov/fix-pflag-map-types

0202243 posflag: add support for pflag map types

Commits

29cce50 Merge pull request #101 from e-nikolov/fix-pflag-map-types
0202243 posflag: add support for pflag map types
See full diff in compare view

Updates github.com/knadh/koanf/v2 from 2.2.2 to 2.3.0

Release notes

Sourced from github.com/knadh/koanf/v2's releases.

v2.3.0

What's Changed

feat: add provider for kiln by @Thunderbottom in knadh/koanf#369

Fix rendering of header and add it to the table of contents by @remyzandwijk in knadh/koanf#373

Bump github.com/go-viper/mapstructure/v2 from 2.0.0-alpha.1 to 2.4.0 in /examples by @dependabot[bot] in knadh/koanf#375

feat: add HUML parser support by @rhnvrm in knadh/koanf#374

Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0 in /tests by @dependabot[bot] in knadh/koanf#376

Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0 in /providers/cliflagv3 by @dependabot[bot] in knadh/koanf#378

Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /providers/cliflagv2 by @dependabot[bot] in knadh/koanf#380

Add thread safety to resolve race conditions in Issues #305 and #335 by @rhnvrm in knadh/koanf#377

fix: bump mapstructure version by @rostislaved in knadh/koanf#381

New Contributors

@remyzandwijk made their first contribution in knadh/koanf#373

@rostislaved made their first contribution in knadh/koanf#381

Full Changelog: knadh/koanf@v2.2.2...v2.3.0

Commits

20c4cba fix: bump mapstructure version (#381)
4e55089 Add thread safety to resolve race conditions in Issues #305 and #335 (#377)
cc80f4f Bump github.com/go-viper/mapstructure/v2 in /providers/cliflagv2 (#380)
188bcf9 Bump github.com/go-viper/mapstructure/v2 in /providers/cliflagv3 (#378)
1044871 Bump github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0 in /tests (#376)
97b6d9b Add HUML parser support (#374)
5ab1280 Bump github.com/go-viper/mapstructure/v2 in /examples (#375)
d66cde5 Fix rendering of header and add it to the table of contents (#373)
fc52a4f Update kiln example deps.
a0019d0 Update providers/kiln deps.
Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.9.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

Fix linter and allow CI to pass by @marckhouzam in spf13/cobra#2327

fix: actions/setup-go v6 by @jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

Add documentation for repeated flags functionality by @rvergis in spf13/cobra#2316

🍂 Refactors

refactor: replace several vars with consts by @htoyoda18 in spf13/cobra#2328

refactor: change minUsagePadding from var to const by @ssam18 in spf13/cobra#2325

🤗 New Contributors

@rvergis made their first contribution in spf13/cobra#2316

@htoyoda18 made their first contribution in spf13/cobra#2328

@ssam18 made their first contribution in spf13/cobra#2325

@dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

v1.10.1

🐛 Fix

chore: upgrade pflags v1.0.9 by @jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

Bump pflag to 1.0.8 by @tomasaschan in spf13/cobra#2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`

or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

... (truncated)

Commits

88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
346d408 fix: actions/setup-go v6 (#2337)
fc81d20 refactor: change minUsagePadding from var to const (#2325)
117698a refactor: replace several vars with consts (#2328)
e2dd29d Add documentation for repeated flags functionality (#2316)
0629892 Fix linter (#2327)
7da941c chore: Bump pflag to v1.0.9 (#2305)
51d6751 Bump pflag to 1.0.8 (#2303)
3f3b818 Update README.md with new logo
dcaf42e Add Periscope to the list of projects using Cobra (#2299)
Additional commits viewable in compare view

Updates golang.org/x/term from 0.33.0 to 0.38.0

Commits

3863673 go.mod: update golang.org/x dependencies
1231d54 go.mod: update golang.org/x dependencies
3475bc8 term: fix some comments
3a0828a go.mod: update golang.org/x dependencies
1a11b45 go.mod: update golang.org/x dependencies
d862cd5 all: upgrade go directive to at least 1.24.0 [generated]
a35244d go.mod: update golang.org/x dependencies
4f53e0c term: allow multi-line bracketed paste to not create single line with verbati...
27f29d8 term: remove duplicate flag and add comment on windows
See full diff in compare view

Updates github.com/caddyserver/certmagic from 0.23.0 to 0.25.0

Release notes

Sourced from github.com/caddyserver/certmagic's releases.

v0.25.0

Adds support for disabling distributed solving, but still allows distributed solving of the http-01 challenge as long as the right ACME account is used.

What's Changed

Implement precise lock lease renewal for storage backends that support lease renewal. by @zoltan-frm in caddyserver/certmagic#347

New Contributors

@zoltan-frm made their first contribution in caddyserver/certmagic#347

Full Changelog: caddyserver/certmagic@v0.24.0...v0.25.0

v0.24.0

What's Changed

Bump golang.org/x/net from 0.37.0 to 0.38.0 by @dependabot[bot] in caddyserver/certmagic#342

refactor: replace the file storage logger with the default logger by @jinrenjie in caddyserver/certmagic#311

acmeissuer: LE now supports IP certs by @mohammed90 in caddyserver/certmagic#345

Move cfg nil check from RenewManagedCertificates to getConfig by @joga84 in caddyserver/certmagic#348

New Contributors

@jinrenjie made their first contribution in caddyserver/certmagic#311

@joga84 made their first contribution in caddyserver/certmagic#348

Full Changelog: caddyserver/certmagic@v0.23.0...v0.24.0

Commits

5a448ab Ability to disable distributed solvers
7084df0 Precise lock lease renewal for storages that support it (#347)
621b7e9 Move cfg nil check from RenewManagedCertificates to getConfig (#348)
17fb245 readme: Update draft-ari link to RFC 9773
3cab966 acmeissuer: LE now supports IP certs (#345)
e592554 A way to add a manual cert to the cache, replacing others immediately
ae678af Don't evict manually-loaded certs
476582b Replace the file storage logger with the default logger (#311)
41f81ce Demote stapling logs when no OCSP server specified (close #327)
e51e7ae go.mod: Upgrade to libdns v1.0.0
Additional commits viewable in compare view

Updates github.com/getsops/sops/v3 from 3.10.2 to 3.11.0

Release notes

Sourced from github.com/getsops/sops/v3's releases.

v3.11.0

Installation

To install sops, download one of the pre-built binaries provided for your platform from the artifacts attached to this release.

For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/getsops/sops/releases/download/v3.11.0/sops-v3.11.0.linux.amd64
Move the binary in to your PATH
mv sops-v3.11.0.linux.amd64 /usr/local/bin/sops
Make the binary executable
chmod +x /usr/local/bin/sops
Verify checksums file signature

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/getsops/sops/releases/download/v3.11.0/sops-v3.11.0.checksums.txt
curl -LO https://github.com/getsops/sops/releases/download/v3.11.0/sops-v3.11.0.checksums.pem
curl -LO https://github.com/getsops/sops/releases/download/v3.11.0/sops-v3.11.0.checksums.sig
Verify the checksums file
cosign verify-blob sops-v3.11.0.checksums.txt 
--certificate sops-v3.11.0.checksums.pem 
--signature sops-v3.11.0.checksums.sig 
--certificate-identity-regexp=https://github.com/getsops 
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature:
# Verify the binary using the checksums file
sha256sum -c sops-v3.11.0.checksums.txt --ignore-missing
Verify artifact provenance

The SLSA provenance of the binaries, packages, and SBOMs can be found within the artifacts associated with this release. It is presented through an in-toto link metadata file named sops-v3.11.0.intoto.jsonl. To verify the provenance of an artifact, you can utilize the slsa-verifier tool:
</tr></table> 

... (truncated)

Changelog

Sourced from github.com/getsops/sops/v3's changelog.

3.11.0

Security fixes:

Ensure temporary file for editing is only read-writable by owner. This was already the case for the directory containing the file (#1903).

Ignore encryption selection options for binary store, and warn when they are used. In previous versions, these could have prevented the data to be encrypted (#1927).

Do not print sensitive values in error messages when trying to encrypt complex values in DotEnv and exec-env (#1959).

Features:

Allow to set values from file with sops set --value-file (#1876, #1940).

Allow to set values from stdin with sops set --value-stdin (#1894).

Add subcommands to create shell completion scripts (#1892).

Allow to provide keys as YAML lists instead of comma-separated strings (#1880).

Allow to configure --enable-local-keyservice and --keyservice through environment variables (#1930).

Allow to omit AZKV key version in .sops.yaml (#1919, #1947).

Allow non-complex non-string values in DotEnv and sops exec-env (#1933).

Improvements:

Dependency updates (#1845, #1850, #1854, #1856, #1861, #1867, #1870, #1871, #1872, #1878, #1882, #1884, #1888, #1893, #1908, #1912, #1917, #1920, #1923, #1956, #1958).

Docs improvements (#1844, #1863, #1881, #1885, #1897, #1895, #1909, #1928, #1944, #1946).

Collect age identity loading errors and only report if decryption failed (#1898).

Improve age identity loading so that age identities are loaded from all locations (#1931).

When encrypting, parse .sops.yaml creation rule keys once (#1939).

Replace deprecated Go dependency gopkg.in/yaml.v3 with go.yaml.in/yaml/v3 (#1934).

Improve float and time.Time formatting when converting to strings

... (truncated)

Commits

1687363 Merge pull request #1960 from felixfontein/release-3.11.0
4209fbe Bump version to 3.11.0.
c53a1fc Add changelog for 3.11.0.
4129207 Merge pull request #1959 from felixfontein/complex-value
4bd0a14 Address review comments.
3dda744 Move dotenv.IsComplexValue to stores.
d893aa1 Do not put sensitive value into error message when the key can be printed as ...
2ade87b Merge pull request #1947 from felixfontein/azkv-version
03ff3df Apply review suggestions.
61cc3f7 AZKV: Also allow to omit version for AZKV keys specified in key groups.
Additional commits viewable in compare view

Updates github.com/pkg/sftp from 1.13.9 to 1.13.10

Release notes

Sourced from github.com/pkg/sftp's releases.

v1.13.10 - maintenance release

We’ve made a bunch of little fixes here and there, and I imagine the tests alone could benefit from a proper release to various systems automations.

What's Changed

Update crypto version to v0.35.0 sftp#625 by @kbutz in pkg/sftp#626

go.mod: set the minimum version to 1.23.0 as x/crypto by @drakkan in pkg/sftp#628

run go mod tidy by @drakkan in pkg/sftp#629

Fix SSH subsystemrequest usage by @puellanivis in pkg/sftp#632

Updating go packages by @Farokhcpu in pkg/sftp#635

add security policy by @drakkan in pkg/sftp#637

Fix typos in InMemHandler comments by @KleeKitz in pkg/sftp#640

Don't use LICENSE as a self-test sample file by @jas4711 in pkg/sftp#638

Accept '-' in usernames for ls self-test by @jas4711 in pkg/sftp#639

New Contributors

@kbutz made their first contribution in pkg/sftp#626

@Farokhcpu made their first contribution in pkg/sftp#635

@KleeKitz made their first contribution in pkg/sftp#640

@jas4711 made their first contribution in pkg/sftp#638

Full Changelog: pkg/sftp@v1.13.9...v1.13.10

Commits

939b203 Merge pull request #639 from jas4711/test-username-regexp
ab738a1 Merge pull request #638 from jas4711/use-sample-file
6b96da1 Merge pull request #640 from KleeKitz/patch-1
0af9d9e Fix typos in InMemHandler comments
935fe8e Improve regexp for valid usernames in ls self-test
36e0a6f Don't use LICENSE as a self-test sample file
ad5b1e7 Update SECURITY.md
ff15937 Merge pull request #637 from drakkan/security
1871076 add security policy
ac1008f Merge pull request #635 from Farokhcpu/updating-go-packages
Additional commits viewable in compare view

Updates github.com/samber/slog-http from 1.7.0 to 1.9.0

Release notes

Sourced from github.com/samber/slog-http's releases.

v1.9.0

feat: add variadic parameters to AddCustomAttributes and AddContextAttributes

v1.8.2

fix: fix out of bounds slice

v1.8.1

What's Changed

Huma sse support by @dianlight in samber/slog-http#8

Full Changelog: samber/slog-http@v1.8.0...v1.8.1

v1.8.0

What's Changed

Add support for SSE connections by @dianlight in samber/slog-http#7

New Contributors

@dianlight made their first contribution in samber/slog-http#7

Full Changelog: samber/slog-http@v1.7.0...v1.8.0

Commits

e0e498e bump v1.9.0
c945fd6 feat: variadic slog.Attr arg list to Add*Attributes functions (#11)
9d29b35 fix: fix out of bounds slice
328e75e Huma sse support (#8)
f6a1a47 Add support for SSE connections (#7)
c549f1f Update README.md
34f5ebe Update README.md
a7a5d98 Update README.md
See full diff in compare view

Updates go.uber.org/zap from 1.27.0 to 1.27.1

Release notes

Sourced from go.uber.org/zap's releases.

v1.27.1

Enhancements:

#1501[]: prevent Object from panicking on nils

#1511[]: Fix a race condition in WithLazy.

Thanks to @rabbbit, @alshopov, @jquirke, @arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Changelog

Sourced from go.uber.org/zap's changelog.

1.27.1 (19 Nov 2025)

Enhancements:

#1501[]: prevent Object from panicking on nils

#1511[]: Fix a race condition in WithLazy.

Thanks to @rabbbit, @alshopov, @jquirke, @arukiidou for their contributions to this release.

#1501: uber-go/zap#1501 #1511: uber-go/zap#1511

Commits

7b755a3 release 1.27.1 (#1521)
d6b395b Update lazy logger not to materialize unless it's being written to (#1519)
4b9cea0 ci: Test with Go 1.24, Go 1.25 (#1508)
7c80d7b Fix race condition in WithLazy implementation (#1426) (#1511)
07077a6 Prevent zap.Object from panicing on nils (#1501)
a6afd05 Fix lint check name (#1502)
6d48253 chore: fix typo (#1482)
32f2ec1 Fix the field test for bool type (#1480)
fe16eb5 Upgrade grpc in zapgrc test package & bump go version (#1478)
5f00c34 test(AtomicLevel): demonstrate Handler is not vulnerable to XSS (#1477)
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.40.0 to 0.42.0

Commits

5307a0c go.mod: update golang.org/x dependencies
9d77937 acme: include order problem in OrderError
8f580de ssh: remove Go 1.24 build tag for ML-KEM kex
a4d1237 ssh/knownhosts: improve IPv6 support in Normalize
b8d8dae curve25519: include potential fips140=only error in panic message
f5a2eab ssh: use curve25519.X25519 instead of curve25519.ScalarMult
44ecf3a all: upgrade go directive to at least 1.24.0 [generated]
ef5341b go.mod: update golang.org/x dependencies
b999374 acme: fix pebble subprocess output data race
c247dea x509roots/fallback: store bundle certs directly in DER
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the smallweb-deps group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/cli/go-gh/v2](https://github.com/cli/go-gh) | `2.12.1` | `2.13.0` | | [github.com/knadh/koanf/providers/file](https://github.com/knadh/koanf) | `1.2.0` | `1.2.1` | | [github.com/knadh/koanf/v2](https://github.com/knadh/koanf) | `2.2.2` | `2.3.0` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.9.1` | `1.10.2` | | [golang.org/x/term](https://github.com/golang/term) | `0.33.0` | `0.38.0` | | [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) | `0.23.0` | `0.25.0` | | [github.com/getsops/sops/v3](https://github.com/getsops/sops) | `3.10.2` | `3.11.0` | | [github.com/pkg/sftp](https://github.com/pkg/sftp) | `1.13.9` | `1.13.10` | | [github.com/samber/slog-http](https://github.com/samber/slog-http) | `1.7.0` | `1.9.0` | | [go.uber.org/zap](https://github.com/uber-go/zap) | `1.27.0` | `1.27.1` | Updates `github.com/cli/go-gh/v2` from 2.12.1 to 2.13.0 - [Release notes](https://github.com/cli/go-gh/releases) - [Commits](cli/go-gh@v2.12.1...v2.13.0) Updates `github.com/knadh/koanf/providers/file` from 1.2.0 to 1.2.1 - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@v1.2.0...v1.2.1) Updates `github.com/knadh/koanf/v2` from 2.2.2 to 2.3.0 - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@v2.2.2...v2.3.0) Updates `github.com/spf13/cobra` from 1.9.1 to 1.10.2 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.9.1...v1.10.2) Updates `golang.org/x/term` from 0.33.0 to 0.38.0 - [Commits](golang/term@v0.33.0...v0.38.0) Updates `github.com/caddyserver/certmagic` from 0.23.0 to 0.25.0 - [Release notes](https://github.com/caddyserver/certmagic/releases) - [Commits](caddyserver/certmagic@v0.23.0...v0.25.0) Updates `github.com/getsops/sops/v3` from 3.10.2 to 3.11.0 - [Release notes](https://github.com/getsops/sops/releases) - [Changelog](https://github.com/getsops/sops/blob/main/CHANGELOG.md) - [Commits](getsops/sops@v3.10.2...v3.11.0) Updates `github.com/pkg/sftp` from 1.13.9 to 1.13.10 - [Release notes](https://github.com/pkg/sftp/releases) - [Commits](pkg/sftp@v1.13.9...v1.13.10) Updates `github.com/samber/slog-http` from 1.7.0 to 1.9.0 - [Release notes](https://github.com/samber/slog-http/releases) - [Commits](samber/slog-http@v1.7.0...v1.9.0) Updates `go.uber.org/zap` from 1.27.0 to 1.27.1 - [Release notes](https://github.com/uber-go/zap/releases) - [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md) - [Commits](uber-go/zap@v1.27.0...v1.27.1) Updates `golang.org/x/crypto` from 0.40.0 to 0.42.0 - [Commits](golang/crypto@v0.40.0...v0.42.0) --- updated-dependencies: - dependency-name: github.com/cli/go-gh/v2 dependency-version: 2.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: github.com/knadh/koanf/providers/file dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: smallweb-deps - dependency-name: github.com/knadh/koanf/v2 dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: github.com/spf13/cobra dependency-version: 1.10.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: golang.org/x/term dependency-version: 0.38.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: github.com/caddyserver/certmagic dependency-version: 0.25.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: github.com/getsops/sops/v3 dependency-version: 3.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: github.com/pkg/sftp dependency-version: 1.13.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: smallweb-deps - dependency-name: github.com/samber/slog-http dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps - dependency-name: go.uber.org/zap dependency-version: 1.27.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: smallweb-deps - dependency-name: golang.org/x/crypto dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: smallweb-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Dec 22, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump the smallweb-deps group across 1 directory with 11 updates #137

Bump the smallweb-deps group across 1 directory with 11 updates #137

Uh oh!

dependabot bot commented on behalf of github Dec 22, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Bump the smallweb-deps group across 1 directory with 11 updates #137

Are you sure you want to change the base?

Bump the smallweb-deps group across 1 directory with 11 updates #137

Uh oh!

Conversation

dependabot bot commented on behalf of github Dec 22, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v2.13.0

What's Changed

✨ Features

🐛 Fixes

📚 Docs & Chores

Dependencies

New Contributors

v2.12.2

What's Changed

v1.2.1

v2.3.0

What's Changed

New Contributors

v1.10.2

🔧 Dependencies

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

v1.10.1

🐛 Fix

v1.10.0

What's Changed

🚨 Attention!

v0.25.0

What's Changed

New Contributors

v0.24.0

What's Changed

New Contributors

v3.11.0

Installation

Verify checksums file signature

Verify binary integrity

Verify artifact provenance

3.11.0

v1.13.10 - maintenance release

What's Changed

New Contributors

v1.9.0

v1.8.2

v1.8.1

What's Changed

v1.8.0

What's Changed

New Contributors

v1.27.1

1.27.1 (19 Nov 2025)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Dec 22, 2025 •

edited

Loading