Deps: security issues

[adaosantos]

Hi everyone, how are you doing?
I've noticed that many packages we're using are on old versions, but to update them we'll also need to upgrade the GO version, since many current packages are only compatible with GO version 1.23 or higher.
I'll open a pull request per package, trying to focus on the simpler ones first so we can get everything up to date.
It's worth remembering that many packages have numerous bug fixes and also security vulnerability patches.
Just in fxcore alone we have 3 documented security vulnerabilities.

Do you think it's worth opening an issue for each package?

[ekkinox]

Hello, thanks for raising this 👍

Using Yokai still leaves you owner of your go.mod, so you can upgrade deps in your applications, even if Yokai modules have older deps. It's what we do for our apps, we run on 1.24 with sub libs up to date.

We plan to make a pass soon on all modules, I'll keep you posted here once done.