Skip to content

build(deps): bump the all-dependencies group across 1 directory with 7 updates#84

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-dependencies-07f8843a31
Open

build(deps): bump the all-dependencies group across 1 directory with 7 updates#84
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-dependencies-07f8843a31

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps the all-dependencies group with 4 updates in the / directory: github.com/ipfs/boxo, github.com/ipfs/go-cid, github.com/mattn/go-sqlite3 and go.sia.tech/renterd/v2.

Updates github.com/ipfs/boxo from 0.35.2 to 0.38.0

Release notes

Sourced from github.com/ipfs/boxo's releases.

v0.38.0

[!NOTE] This release was brought to you by the Shipyard team.

What's Changed

Added

  • ipns: NewRecord accepts WithMetadata(map[string]any) option for storing custom scalar key-value pairs (string, []byte, int64, int, bool) in the signed DAG-CBOR data of IPNS records. Metadata can be read back via Record.Metadata (returns typed MetadataValue with Kind() discriminator) and iterated with Record.MetadataEntries. Reserved IPNS field names, empty keys, and unsupported value types are rejected. #1085
  • dag/walker: new package for memory-efficient DAG traversal with deduplication. VisitedTracker interface with BloomTracker (scalable bloom filter chain, ~4 bytes/CID vs ~75 bytes for a map) and MapTracker (exact, for tests). WalkDAG provides iterative DFS traversal with integrated dedup, supporting dag-pb, dag-cbor, raw, and other registered codecs. ~2x faster than the legacy go-ipld-prime selector-based traversal. WalkEntityRoots emits only entity roots (files, directories, HAMT shards) instead of every block, skipping internal file chunks. #1124
  • pinner: NewUniquePinnedProvider and NewPinnedEntityRootsProvider log and skip corrupted pin entries instead of aborting the provide cycle, allowing remaining pins to still be provided. #1124
  • routing/http/client: WithProviderInfoFunc option resolves provider addresses at provide-time instead of client construction time. This only impacts legacy HTTP-only custom routing setups that depend on IPIP-526 and were sending unresolved 0.0.0.0 addresses in provider records instead of actual interface addresses. #1115
  • chunker: added Register function to allow custom chunkers to be registered for use with FromString.
  • mfs: added Directory.Mode() and Directory.ModTime() getters to match the existing File.Mode() and File.ModTime() API. #1131

Changed

  • provider: NewPrioritizedProvider now continues to the next stream when one fails instead of stopping all streams. NewConcatProvider added for pre-deduplicated streams. #1124
  • chunker: FromString now rejects malformed size- strings with extra parameters (e.g. size-123-extra was previously silently accepted).
  • gateway: compliance with gateway-conformance v0.13
  • upgrade to go-libp2p v0.48.0
  • 🛠 mfs: replaced RootOption with a unified Option functional options pattern (e.g. WithCidBuilder, WithChunker, WithMaxLinks). NewRoot, NewEmptyRoot, MkdirWithOpts, and NewEmptyDirectory now accept ...Option. Mkdir takes a MkdirOpts struct (narrowed to Mkparents and Flush flags) followed by ...Option for directory configuration. #1125

Removed

  • gateway: removed dead DoH resolver for .crypto TLD (Unstoppable Domains) #772
  • cmd/boxo-migrate: removed code for go-ipfs migration -- no longer needed.
  • cmd/deprecator: removed code to deprecare relocated ipfs packages -- no longer needed.

Fixed

  • bitswap/server: incoming identity CIDs in wantlist messages are now silently ignored instead of killing the connection to the remote peer. Some IPFS implementations naively send identity CIDs, and disconnecting them for it caused unnecessary churn. #1117
  • bitswap/network: ExtractHTTPAddress now infers default ports for portless HTTP multiaddrs (e.g. /dns/host/https without /tcp/443). #1123
  • mfs: FileDescriptor operations are serialized with a mutex, preventing data races on the underlying DagModifier when FUSE mounts or Kubo RPC commands dispatch concurrent Read, Write, Seek, Truncate, Flush, or Close calls. Flush after Close returns ErrClosed. #1131 #1133
  • mfs: preserve CidBuilder and SizeEstimationMode across setNodeData(), Mkdir() and NewRoot(). #1125
  • mfs: closing a file descriptor after its directory entry was removed (e.g. FUSE RELEASE racing with RENAME) no longer re-adds the stale entry to the parent directory. #1134
  • mfs: SetMode and SetModTime no longer drop file content links when updating UnixFS metadata. #1134

Full Changelog: ipfs/boxo@v0.37.0...v0.38.0

v0.37.0

[!NOTE] This release was brought to you by the Shipyard team.

What's Changed

... (truncated)

Changelog

Sourced from github.com/ipfs/boxo's changelog.

[v0.38.0]

Added

  • ipns: NewRecord accepts WithMetadata(map[string]any) option for storing custom scalar key-value pairs (string, []byte, int64, int, bool) in the signed DAG-CBOR data of IPNS records. Metadata can be read back via Record.Metadata (returns typed MetadataValue with Kind() discriminator) and iterated with Record.MetadataEntries. Reserved IPNS field names, empty keys, and unsupported value types are rejected. #1085
  • dag/walker: new package for memory-efficient DAG traversal with deduplication. VisitedTracker interface with BloomTracker (scalable bloom filter chain, ~4 bytes/CID vs ~75 bytes for a map) and MapTracker (exact, for tests). WalkDAG provides iterative DFS traversal with integrated dedup, supporting dag-pb, dag-cbor, raw, and other registered codecs. ~2x faster than the legacy go-ipld-prime selector-based traversal. WalkEntityRoots emits only entity roots (files, directories, HAMT shards) instead of every block, skipping internal file chunks. #1124
  • pinner: NewUniquePinnedProvider and NewPinnedEntityRootsProvider log and skip corrupted pin entries instead of aborting the provide cycle, allowing remaining pins to still be provided. #1124
  • routing/http/client: WithProviderInfoFunc option resolves provider addresses at provide-time instead of client construction time. This only impacts legacy HTTP-only custom routing setups that depend on IPIP-526 and were sending unresolved 0.0.0.0 addresses in provider records instead of actual interface addresses. #1115
  • chunker: added Register function to allow custom chunkers to be registered for use with FromString.
  • mfs: added Directory.Mode() and Directory.ModTime() getters to match the existing File.Mode() and File.ModTime() API. #1131

Changed

  • provider: NewPrioritizedProvider now continues to the next stream when one fails instead of stopping all streams. NewConcatProvider added for pre-deduplicated streams. #1124
  • chunker: FromString now rejects malformed size- strings with extra parameters (e.g. size-123-extra was previously silently accepted).
  • gateway: compliance with gateway-conformance v0.13
  • upgrade to go-libp2p v0.48.0
  • 🛠 mfs: replaced RootOption with a unified Option functional options pattern (e.g. WithCidBuilder, WithChunker, WithMaxLinks). NewRoot, NewEmptyRoot, MkdirWithOpts, and NewEmptyDirectory now accept ...Option. Mkdir takes a MkdirOpts struct (narrowed to Mkparents and Flush flags) followed by ...Option for directory configuration. #1125

Removed

  • gateway: removed dead DoH resolver for .crypto TLD (Unstoppable Domains) #772
  • cmd/boxo-migrate: removed code for go-ipfs migration -- no longer needed.
  • cmd/deprecator: removed code to deprecare relocated ipfs packages -- no longer needed.

Fixed

  • bitswap/server: incoming identity CIDs in wantlist messages are now silently ignored instead of killing the connection to the remote peer. Some IPFS implementations naively send identity CIDs, and disconnecting them for it caused unnecessary churn. #1117
  • bitswap/network: ExtractHTTPAddress now infers default ports for portless HTTP multiaddrs (e.g. /dns/host/https without /tcp/443). #1123
  • mfs: FileDescriptor operations are serialized with a mutex, preventing data races on the underlying DagModifier when FUSE mounts or Kubo RPC commands dispatch concurrent Read, Write, Seek, Truncate, Flush, or Close calls. Flush after Close returns ErrClosed. #1131 #1133
  • mfs: preserve CidBuilder and SizeEstimationMode across setNodeData(), Mkdir() and NewRoot(). #1125
  • mfs: closing a file descriptor after its directory entry was removed (e.g. FUSE RELEASE racing with RENAME) no longer re-adds the stale entry to the parent directory. #1134
  • mfs: SetMode and SetModTime no longer drop file content links when updating UnixFS metadata. #1134

[v0.37.0]

Added

  • ipld/unixfs/io: added SizeEstimationMode for configurable HAMT sharding threshold decisions. Supports legacy link-based estimation (SizeEstimationLinks), accurate block-based estimation (SizeEstimationBlock), or disabling size-based thresholds (SizeEstimationDisabled). #1088, IPIP-499
  • ipld/unixfs/io: added UnixFSProfile with UnixFS_v0_2015 and UnixFS_v1_2025 presets for CID-deterministic file and directory DAG construction. #1088, IPIP-499
  • files: NewSerialFileWithOptions now supports controlling whether symlinks are preserved or dereferenced before being added to IPFS. See SerialFileOptions.DereferenceSymlinks. #1088, IPIP-499

Changed

  • 🛠 chunker, ipld/unixfs/importer/helpers: block size limits raised from 1MiB to 2MiB to match the bitswap spec. Max chunker size is 2MiB - 256 bytes to leave room for protobuf framing when --raw-leaves=false. IPIP-499 profiles use lower chunk sizes (256KiB and 1MiB) and are not affected.
  • 🛠 chunker: DefaultBlockSize changed from const to var to allow runtime configuration via global profiles. #1088, IPIP-499
  • gateway: 🛠 ✨ IPIP-523 ?format= URL query parameter now takes precedence over Accept HTTP header, ensuring deterministic HTTP cache behavior and allowing browsers to use ?format= even when they send Accept headers with specific content types. #1074
  • gateway: 🛠 ✨ IPIP-524 codec conversions (e.g., dag-pb to dag-json, dag-json to dag-cbor) are no longer performed by default. Requesting a format that differs from the block's codec now returns HTTP 406 Not Acceptable with a hint to fetch raw blocks (?format=raw) and convert client-side. Set Config.AllowCodecConversion to true to restore the old behavior. #1077
  • gateway: compliance with gateway-conformance v0.10.0 (since v0.8: relaxed DAG-CBOR HTML preview cache headers, relaxed CAR 200/404 for missing paths, IPIP-523 format query precedence, IPIP-524 codec mismatch returns 406)

... (truncated)

Commits
  • a696a54 Merge pull request #1137 from ipfs/release-v0.38.0
  • 7845b42 update version
  • cc616a2 Release v0.38.0
  • bc4103e feat(ipns): Support adding custom metadata to IPNS record (#1085)
  • b5b87a7 feat(dag/walker): opt-in BloomTracker to avoid duplicated walks (#1124)
  • c0f7759 chore(deps): update go-multibase to v0.3.0 (#1135)
  • 6df865c fix(mfs): prevent flushUp from re-adding unlinked entries (#1134)
  • dd67224 fix(mfs): serialize all FileDescriptor operations (#1133)
  • a9db646 fix(mfs): prevent panic on concurrent flush and close (#1131)
  • 98dabcc fix(mfs): preserve CidBuilder object in setNodeData(), Mkdir() and NewRoot() ...
  • Additional commits viewable in compare view

Updates github.com/ipfs/go-cid from 0.6.0 to 0.6.1

Release notes

Sourced from github.com/ipfs/go-cid's releases.

v0.6.1

What's Changed

Full Changelog: ipfs/go-cid@v0.6.0...v0.6.1

Commits

Updates github.com/ipfs/go-datastore from 0.9.0 to 0.9.1

Release notes

Sourced from github.com/ipfs/go-datastore's releases.

v0.9.1

What's Changed

Full Changelog: ipfs/go-datastore@v0.9.0...v0.9.1

Commits

Updates github.com/libp2p/go-libp2p from 0.46.0 to 0.48.0

Release notes

Sourced from github.com/libp2p/go-libp2p's releases.

v0.48.0

A relatively minor update. Most changes were related to internal cleanup and getting the transport interop tests running again.

🔦 Highlights

  • When listening on 0.0.0.0, BasicHost.AllAddrs returns all the interface addrs of the machine. In v0.47 we'd unwittingly introduced this change, but on discussion decided to commit to it as returning all the addresses was correct. In the absence of this behaviour, there's no way for a user to get all the addrs the libp2p host is listening on. See libp2p/go-libp2p#3460 for the discussion about this. #3468
  • Fix Deterministic WebTransport Key Generation for Go 1.26 #3320
  • Fix mocknet: make stream deadline methods noop instead of returning error

What's Changed

New Contributors

Full Changelog: libp2p/go-libp2p@v0.47.0...v0.48.0

v0.47.0

A relatively small release. The main changes are dependency updates and a couple of bug fixes. #3435 changes autonatv2 reachability logic, which should be a net win for most users.

Breaking Changes

  • A WebTransport Client in this version cannot dial older (pre v0.47.0) go-libp2p WebTransport servers. The reverse works. This is partly due to a handshake change in the latest draft RFC for WebTransport. WebTransport remains experimental while the RFC is in draft, but we expect no more breaking changes.
  • AllAddrs() Actually returns all interface addresses when listening on 0.0.0.0. See libp2p/go-libp2p#3460 for more context. This changes an earlier intentional decision from libp2p/go-libp2p#911.

What's Changed

New Contributors

Full Changelog: libp2p/go-libp2p@v0.46.0...v0.47.0

Commits
  • 062200b Release v0.48.0
  • 061805d lint yaml file
  • be060d7 Ignore known incompatibility with webtransport versions in interop test
  • 418cf8f refactor(webtransport): Use keygen package for deterministic ecdsa key
  • 93a9158 ci: remove go-version parameter to default to go.mod version
  • 8bb624d Bump transport interop Go toolchain
  • 7d0752e basichost: advertise all interface addrs for unspecified listen addrs (#3468)
  • 67f4f58 fix(mocknet): make stream deadline methods noop instead of returning error (...
  • 7198ad3 webrtc: upgrade pion deps (#3469)
  • e16f35e refactor: apply go fix modernizers from Go 1.26 (#3463)
  • Additional commits viewable in compare view

Updates github.com/libp2p/go-libp2p-kad-dht from 0.37.0 to 0.38.0

Release notes

Sourced from github.com/libp2p/go-libp2p-kad-dht's releases.

v0.38.0

What's Changed

Full Changelog: libp2p/go-libp2p-kad-dht@v0.37.1...v0.38.0

v0.37.1

What's Changed

Full Changelog: libp2p/go-libp2p-kad-dht@v0.37.0...v0.37.1

Commits
  • 0d9f9f6 Release v0.38.0 (#1236)
  • 5cbddc6 update go-datastore to v0.9.1 (#1235)
  • c013eac chore(deps): bump github.com/pion/dtls/v3 from 3.1.0 to 3.1.1 (#1234)
  • a9412b2 chore(deps): bump github.com/pion/dtls/v3 from 3.0.6 to 3.1.0 (#1232)
  • 4ea2e7d fix(provider/keystore): protect keystore size during reset (#1227)
  • bdbaca7 update dependencies and minimum go version (#1230)
  • a3ccf46 refactor: apply go fix modernizers from Go 1.26 (#1231)
  • c59fde6 chore: go-libdht org transfer (#1229)
  • e9e1b98 fix(provider): close datastore results (#1226)
  • dfdf80a chore: add issue templates with need/triage label
  • Additional commits viewable in compare view

Updates github.com/mattn/go-sqlite3 from 1.14.33 to 1.14.42

Commits
  • 5df13a0 Merge pull request #1387 from mattn/codex/stmt-cache
  • e302e5c document that _stmt_cache_size is per connection
  • 867dcbf move reset/clear into putCachedStmt and always finalize on failure
  • 0e58fa4 simplify prepareWithCache to call prepare instead of duplicating logic
  • e9f47da do not bail out on finalize error in closeCachedStmtsLocked
  • 325cb8d remove redundant stmtCacheSize check in putCachedStmt
  • 061c2a5 check stmtCacheSize before acquiring mutex in takeCachedStmt
  • efa9b1c add opt-in statement cache
  • 8d12439 Merge pull request #1386 from mattn/perf/reduce-cgo-overhead
  • 89f4bbe fix build with SQLITE_ENABLE_UNLOCK_NOTIFY
  • Additional commits viewable in compare view

Updates go.sia.tech/renterd/v2 from 2.7.1 to 2.9.0

Release notes

Sourced from go.sia.tech/renterd/v2's releases.

v2.9.0

Features

  • Update Go to 1.26.0.

Fixes

  • Ensure all store methods are retry-safe
  • Update coreutils from v0.21.0 to v0.21.1

v2.9.0-beta.1

Features

  • Update Go to 1.26.0.

Fixes

  • Ensure all store methods are retry-safe
  • Update coreutils from v0.21.0 to v0.21.1

v2.8.1

Fixes

  • Fixed instant sync in SQLite causing crashes.

v2.8.0

Features

Add support for instant syncing

New users can sync instantly using renterd --instant. When instant syncing, the renterd node initializes using a Utreexo-based checkpoint and can immediately validate blocks from that point forward without replaying the whole chain state. The state is extremely compact and committed in block headers, making this initialization both quick and secure.

Learn more

The wallet is required to only have v2 history to use instant syncing.

Fixes

  • Reduce memory pressure when fetching contract roots for pruning.
  • Update core dependency to v0.19.0 and coreutils dependency v0.20.0.

v2.8.0-beta.2

Features

Add support for instant syncing

New users can sync instantly using renterd --instant. When instant syncing, the renterd node initializes using a Utreexo-based checkpoint and can immediately validate blocks from that point forward without replaying the whole chain state. The state is extremely compact and committed in block headers, making this initialization both quick and secure.

Learn more

... (truncated)

Changelog

Sourced from go.sia.tech/renterd/v2's changelog.

2.9.0 (2026-03-02)

Features

  • Update Go to 1.26.0.

Fixes

  • Ensure all store methods are retry-safe
  • Update coreutils from v0.21.0 to v0.21.1

2.8.1 (2026-02-06)

Fixes

  • Fixed instant sync in SQLite causing crashes.

2.8.0 (2026-02-03)

Features

Add support for instant syncing

New users can sync instantly using renterd --instant. When instant syncing, the renterd node initializes using a Utreexo-based checkpoint and can immediately validate blocks from that point forward without replaying the whole chain state. The state is extremely compact and committed in block headers, making this initialization both quick and secure.

Learn more

The wallet is required to only have v2 history to use instant syncing.

Fixes

  • Reduce memory pressure when fetching contract roots for pruning.
  • Update core dependency to v0.19.0 and coreutils dependency v0.20.0.
Commits
  • c8bc75a chore(deps): bump go.sia.tech/web/renterd in the all-dependencies group
  • 22bf4f2 ci: remove openapi-publish workflow
  • 812f92f fix test using zero account
  • e9e59cd deps: update coreutils to v0.21.1
  • e16b55c ci: remove Jape Analyzer step
  • 25a0634 build: update Dockerfile to Go 1.26
  • 12f75fe build: update to Go 1.26
  • 0c982b6 add changeset for Go 1.26 update
  • e75ff8d ci: update Go test matrix to 1.25/1.26
  • e15f4ec chore(deps): bump the all-dependencies group with 4 updates
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the all-dependencies group across 1 directory with …
f5b9242 
…7 updates

Bumps the all-dependencies group with 4 updates in the / directory: [github.com/ipfs/boxo](https://github.com/ipfs/boxo), [github.com/ipfs/go-cid](https://github.com/ipfs/go-cid), [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) and [go.sia.tech/renterd/v2](https://github.com/SiaFoundation/renterd).


Updates `github.com/ipfs/boxo` from 0.35.2 to 0.38.0
- [Release notes](https://github.com/ipfs/boxo/releases)
- [Changelog](https://github.com/ipfs/boxo/blob/main/CHANGELOG.md)
- [Commits](ipfs/boxo@v0.35.2...v0.38.0)

Updates `github.com/ipfs/go-cid` from 0.6.0 to 0.6.1
- [Release notes](https://github.com/ipfs/go-cid/releases)
- [Commits](ipfs/go-cid@v0.6.0...v0.6.1)

Updates `github.com/ipfs/go-datastore` from 0.9.0 to 0.9.1
- [Release notes](https://github.com/ipfs/go-datastore/releases)
- [Commits](ipfs/go-datastore@v0.9.0...v0.9.1)

Updates `github.com/libp2p/go-libp2p` from 0.46.0 to 0.48.0
- [Release notes](https://github.com/libp2p/go-libp2p/releases)
- [Changelog](https://github.com/libp2p/go-libp2p/blob/master/CHANGELOG.md)
- [Commits](libp2p/go-libp2p@v0.46.0...v0.48.0)

Updates `github.com/libp2p/go-libp2p-kad-dht` from 0.37.0 to 0.38.0
- [Release notes](https://github.com/libp2p/go-libp2p-kad-dht/releases)
- [Commits](libp2p/go-libp2p-kad-dht@v0.37.0...v0.38.0)

Updates `github.com/mattn/go-sqlite3` from 1.14.33 to 1.14.42
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.33...v1.14.42)

Updates `go.sia.tech/renterd/v2` from 2.7.1 to 2.9.0
- [Release notes](https://github.com/SiaFoundation/renterd/releases)
- [Changelog](https://github.com/SiaFoundation/renterd/blob/master/CHANGELOG.md)
- [Commits](SiaFoundation/renterd@v2.7.1...v2.9.0)

---
updated-dependencies:
- dependency-name: github.com/ipfs/boxo
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/ipfs/go-cid
  dependency-version: 0.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: github.com/ipfs/go-datastore
  dependency-version: 0.9.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: github.com/libp2p/go-libp2p
  dependency-version: 0.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/libp2p/go-libp2p-kad-dht
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.42
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: go.sia.tech/renterd/v2
  dependency-version: 2.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 13, 2026
@socket-security
Copy link
Copy Markdown

socket-security bot commented Apr 13, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Updatedgo.sia.tech/​renterd/​v2@​v2.7.1 ⏵ v2.9.073 +1100100100100
Updatedgithub.com/​ipfs/​boxo@​v0.35.2 ⏵ v0.38.074 +1100100100100
Updatedgithub.com/​libp2p/​go-libp2p@​v0.46.0 ⏵ v0.48.074 +110010075100
Updatedgithub.com/​mattn/​go-sqlite3@​v1.14.33 ⏵ v1.14.4297 +110010075100
Updatedgithub.com/​ipfs/​go-datastore@​v0.9.0 ⏵ v0.9.199 +1100100100100
Updatedgithub.com/​ipfs/​go-cid@​v0.6.0 ⏵ v0.6.1100100100100100
Updatedgithub.com/​libp2p/​go-libp2p-kad-dht@​v0.37.0 ⏵ v0.38.0100100100100100

View full report

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants