Skip to content

build(deps): bump the go-dependencies group across 1 directory with 5 updates#1795

Merged
rcaril merged 2 commits into
mainfrom
dependabot/go_modules/go-dependencies-cd331b6f53
May 13, 2026
Merged

build(deps): bump the go-dependencies group across 1 directory with 5 updates#1795
rcaril merged 2 commits into
mainfrom
dependabot/go_modules/go-dependencies-cd331b6f53

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 13, 2026
edited
Loading

Bumps the go-dependencies group with 4 updates in the / directory: github.com/bodgit/sevenzip, github.com/minio/minlz, github.com/nwaples/rardecode/v2 and golang.org/x/net.

Updates github.com/bodgit/sevenzip from 1.6.1 to 1.6.2

Release notes

Sourced from github.com/bodgit/sevenzip's releases.

v1.6.2

1.6.2 (2026-04-28)

Bug Fixes

  • Add ARM64 filter support (#395) (8648ac7)
  • deps: update go4.org digest to a507140 (#422) (367448a)
  • deps: update module github.com/andybalholm/brotli to v1.2.1 (#425) (63d4609)
  • deps: update module github.com/klauspost/compress to v1.18.5 (#426) (c01c118)
  • deps: update module github.com/pierrec/lz4/v4 to v4.1.26 (#427) (189b20d)
  • deps: update module github.com/spf13/afero to v1.15.0 (#431) (960c916)
  • deps: update module golang.org/x/sync to v0.20.0 (#432) (aa1e391)
  • deps: update module golang.org/x/text to v0.36.0 (#433) (dbed104)
  • Handle streams with no files (#401) (fe03793)
  • Prevent panics discovered by fuzzing (#402) (740fcf9)
Changelog

Sourced from github.com/bodgit/sevenzip's changelog.

1.6.2 (2026-04-28)

Bug Fixes

  • Add ARM64 filter support (#395) (8648ac7)
  • deps: update go4.org digest to a507140 (#422) (367448a)
  • deps: update module github.com/andybalholm/brotli to v1.2.1 (#425) (63d4609)
  • deps: update module github.com/klauspost/compress to v1.18.5 (#426) (c01c118)
  • deps: update module github.com/pierrec/lz4/v4 to v4.1.26 (#427) (189b20d)
  • deps: update module github.com/spf13/afero to v1.15.0 (#431) (960c916)
  • deps: update module golang.org/x/sync to v0.20.0 (#432) (aa1e391)
  • deps: update module golang.org/x/text to v0.36.0 (#433) (dbed104)
  • Handle streams with no files (#401) (fe03793)
  • Prevent panics discovered by fuzzing (#402) (740fcf9)
Commits
  • d6c1f14 chore(main): release 1.6.2 (#420)
  • 740fcf9 fix: Prevent panics discovered by fuzzing (#402)
  • 10f0674 chore(deps): update github/codeql-action action to v4.35.2 (#439)
  • 7abcd56 chore(deps): update marocchino/sticky-pull-request-comment action to v3 (#436)
  • 00b55e9 chore(deps): update actions/upload-artifact action to v7 (#435)
  • 60169dd chore(deps): update pre-commit hook pre-commit/pre-commit-hooks to v6 (#438)
  • 2625d26 chore(deps): update actions/checkout action to v6 (#434)
  • 8344328 chore(deps): update pre-commit hook commitizen-tools/commitizen to v4 (#437)
  • 849dc25 chore(deps): update pre-commit hook golangci/golangci-lint to v2.11.4 (#429)
  • 37a8e9d chore(deps): update pre-commit hook gitleaks/gitleaks to v8.30.1 (#428)
  • Additional commits viewable in compare view

Updates github.com/minio/minlz from 1.0.1 to 1.1.1

Release notes

Sourced from github.com/minio/minlz's releases.

v1.1.1

What's Changed

Full Changelog: minio/minlz@v1.1.0...v1.1.1

v1.1.0

What's Changed

Full Changelog: minio/minlz@V1.0.1...v1.1.0

Commits
  • 49a054a Re-enable level 1 repeats on amd64 (#37)
  • 5e4aa43 Bump the github-actions group with 2 updates (#36)
  • 4599c83 Bump the github-actions group with 3 updates (#34)
  • c63f0af Add block visualizer (#32)
  • 5a44d11 Add faster compression mode for speed extremely sensitive applications (#30)
  • de1ccac Bump the github-actions group with 3 updates (#33)
  • 845e64f perf: Add arm64 decompression assembly (#29)
  • 8430409 Add -follow to decompression (#27)
  • 49f019e Add nicer looking block debug print (#26)
  • 336ffce Bump the github-actions group with 2 updates (#28)
  • Additional commits viewable in compare view

Updates github.com/nwaples/rardecode/v2 from 2.2.0 to 2.2.2

Commits
  • 922d3b0 allow reading v5 unencrypted file headers with an incorrect file body encypti...
  • f501ac8 fix infinite loop in findSig
  • f7e277c reimplement io.WriterTo for Reader
  • See full diff in compare view

Updates go4.org from 0.0.0-20230225012048-214862532bf5 to 0.0.0-20260112195520-a5071408f32f

Commits

Updates golang.org/x/net from 0.53.0 to 0.54.0

Commits
  • b138e06 go.mod: update golang.org/x dependencies
  • 689f70a quic: fix wrong final size being used for RESET_STREAM frame
  • 208f306 http3: increase handshake timeout
  • 49810da http2: enable net/http wrapping when go >= 1.27
  • 5e11a5a quic: fix data race in streamForFrame
  • 8c63081 http2: use empty Transport rather than DefaultTransport in http2wrap
  • fc7b466 http2: add http2wrap test
  • 15c2cb1 http2: avoid overflowing 32-bit int when http2wrap enabled
  • 6465188 http2: add wrapped Server
  • 72f419a http2: add wrapped ClientConn
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
golang.org/x/net [>= 0.38.a, < 0.39]

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 13, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 13, 2026 17:22
@dependabot dependabot Bot requested a review from jedisct1 May 13, 2026 17:22
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 13, 2026
@rcaril
Copy link
Copy Markdown
Member

rcaril commented May 13, 2026

@dependabot recreate

@dependabot
build(deps): bump the go-dependencies group across 1 directory with 5…
d30b816 
… updates

Bumps the go-dependencies group with 4 updates in the / directory: [github.com/bodgit/sevenzip](https://github.com/bodgit/sevenzip), [github.com/minio/minlz](https://github.com/minio/minlz), [github.com/nwaples/rardecode/v2](https://github.com/nwaples/rardecode) and [golang.org/x/net](https://github.com/golang/net).


Updates `github.com/bodgit/sevenzip` from 1.6.1 to 1.6.2
- [Release notes](https://github.com/bodgit/sevenzip/releases)
- [Changelog](https://github.com/bodgit/sevenzip/blob/main/CHANGELOG.md)
- [Commits](bodgit/sevenzip@v1.6.1...v1.6.2)

Updates `github.com/minio/minlz` from 1.0.1 to 1.1.1
- [Release notes](https://github.com/minio/minlz/releases)
- [Commits](minio/minlz@V1.0.1...v1.1.1)

Updates `github.com/nwaples/rardecode/v2` from 2.2.0 to 2.2.2
- [Commits](nwaples/rardecode@v2.2.0...v2.2.2)

Updates `go4.org` from 0.0.0-20230225012048-214862532bf5 to 0.0.0-20260112195520-a5071408f32f
- [Commits](https://github.com/go4org/go4/commits)

Updates `golang.org/x/net` from 0.53.0 to 0.54.0
- [Commits](golang/net@v0.53.0...v0.54.0)

---
updated-dependencies:
- dependency-name: github.com/bodgit/sevenzip
  dependency-version: 1.6.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: github.com/minio/minlz
  dependency-version: 1.1.1
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/nwaples/rardecode/v2
  dependency-version: 2.2.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: go4.org
  dependency-version: 0.0.0-20260112195520-a5071408f32f
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: golang.org/x/net
  dependency-version: 0.54.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump the go-dependencies group with 5 updates build(deps): bump the go-dependencies group across 1 directory with 5 updates May 13, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-cd331b6f53 branch from 10c44b1 to d30b816 Compare May 13, 2026 17:43
@rcaril rcaril enabled auto-merge (squash) May 13, 2026 17:45
@rcaril rcaril merged commit 8ec2b56 into main May 13, 2026
13 checks passed
@rcaril rcaril deleted the dependabot/go_modules/go-dependencies-cd331b6f53 branch May 13, 2026 17:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rcaril rcaril rcaril approved these changes

@jedisct1 jedisct1 Awaiting requested review from jedisct1 jedisct1 is a code owner automatically assigned from fastly/developer-tools

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rcaril