Bump the go_modules group with 6 updates #7
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the go_modules group with 6 updates:
2.3.2
2.3.3
4.18.0
4.18.2
0.40.0
0.42.0
0.14.0
0.20.0
0.17.0
0.21.0
1.31.0
1.33.0
Updates
github.com/jackc/pgproto3/v2
from 2.3.2 to 2.3.3Commits
945c212
Backport fixes from pgx v5Updates
github.com/jackc/pgx/v4
from 4.18.0 to 4.18.2Changelog
Sourced from github.com/jackc/pgx/v4's changelog.
Commits
14690df
Update changelog779548e
Update required Go version to 1.1780e9662
Update github.com/jackc/pgconn to v1.14.30bf9ac3
Fix erroneous test casef94eb0e
Always wrap arguments in parentheses in the SQL sanitizer826a892
Fix SQL injection via line comment creation in simple protocol7d882f9
Fix *dbTx.Exec not checking if it is already closed1d07b8b
go mod tidy13468eb
Release v4.18.17fed69b
simplify duplicatepgx
registration guardUpdates
github.com/quic-go/quic-go
from 0.40.0 to 0.42.0Release notes
Sourced from github.com/quic-go/quic-go's releases.
... (truncated)
Commits
4a99b81
close connection when an abnormally large number of frames are queued (#4369)9971fed
use Transport.VerifySourceAddress to control the Retry Mechanism (#4362)497d3f5
http3: add a RoundTripOpt to check the server's SETTINGS frame (#4355)ca787d6
add an AddrVerified field to the ClientHelloInfo (#4360)f147639
update gomock to v0.4.0 (#4361)06b4214
remove unused ReceiveStream.CloseRemote method (#4357)5fd5d77
Merge pull request #4305 from quic-go/qlog-tracer30e01b9
use the transport tracer in integration tests55c05ac
qlog: log sent packets outside of a QUIC connectionaff90a6
qlog: log sent Version Negotiation packetsUpdates
golang.org/x/crypto
from 0.14.0 to 0.20.0Commits
0aab8d0
all: update go.mod x/net dependency5bead59
ocsp: don't use iota for externally defined constants1a86580
x/crypto/internal/poly1305: improve sum_ppc64le.s1c981e6
ssh/test: don't use DSA keys in integrations tests, update test RSA key62c9f17
x509roots/nss: manually exclude a confusingly constrained root405cb3b
go.mod: update golang.org/x dependencies913d3ae
x509roots/fallback: update bundledbb6ec1
ssh/test: skip tests on darwin that fail on the darwin-amd64-longtest LUCI bu...403f699
ssh/test: avoid leaking a net.UnixConn in server.TryDialWithAddr055043d
go.mod: update golang.org/x dependenciesUpdates
golang.org/x/net
from 0.17.0 to 0.21.0Commits
73d21fd
go.mod: update golang.org/x dependencies643fd16
html: fix SOLIDUS '/' handling in attribute parsing73e4b50
dns/dnsmessage: allow name compression for SRV resource parsingb2208d0
internal/quic/qlog: fix typo0d0b98c
http2: avoid goroutine starvation in TestServer_Push_RejectAfterGoAway07e05fd
http2: remove suspicious uint32->v conversion in frame code26b646e
quic: avoid deadlock in Endpoint.Closecb5b10f
go.mod: update golang.org/x dependencies689bbc7
quic: deflake TestStreamsCreateConcurrencyf12db26
internal/quic/cmd/interop: use wget --no-verbose in DockerfileUpdates
google.golang.org/protobuf
from 1.31.0 to 1.33.0Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditionsYou can disable automated security fix PRs for this repo from the Security Alerts page.