Skip to content

Bump dependencies using scripts/bump-deps.sh#1900

Merged
sondavidb merged 1 commit into
mainfrom
create-pull-request/patch
Mar 24, 2026
Merged

Bump dependencies using scripts/bump-deps.sh#1900
sondavidb merged 1 commit into
mainfrom
create-pull-request/patch

Conversation

@github-actions
Copy link
Copy Markdown

@github-actions github-actions Bot commented Mar 17, 2026

This PR created by create-pull-request must be closed and reopened manually to trigger automated checks.

@github-actions github-actions Bot force-pushed the create-pull-request/patch branch from 08072dc to 5a1e437 Compare March 17, 2026 10:15
@github-actions github-actions Bot requested a review from a team as a code owner March 17, 2026 10:15
@github-actions github-actions Bot added the dependencies Pull requests that update a dependency file label Mar 17, 2026
@sondavidb sondavidb closed this Mar 17, 2026
@sondavidb sondavidb reopened this Mar 17, 2026
@github-actions
Copy link
Copy Markdown
Author

github-actions Bot commented Mar 17, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 3 package(s) with unknown licenses.
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 82712c4.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

cmd/go.mod

PackageVersionLicenseIssue Type
github.com/klauspost/compress1.18.5NullUnknown License

go.mod

PackageVersionLicenseIssue Type
github.com/klauspost/compress1.18.5NullUnknown License
github.com/montanaflynn/stats0.8.2NullUnknown License
Allowed Licenses: Apache-2.0, BSD-2-Clause, BSD-2-Clause-FreeBSD, BSD-3-Clause, LicenseRef-scancode-google-patent-license-golang, MIT, ISC, Python-2.0, PostgreSQL, X11, Zlib
Excluded from license check: pkg:golang/github.com/hashicorp/go-retryablehttp, pkg:golang/github.com/hashicorp/errwrap, pkg:golang/github.com/hashicorp/go-cleanhttp, pkg:golang/github.com/hashicorp/go-multierror

OpenSSF Scorecard

PackageVersionScoreDetails
gomod/github.com/klauspost/compress 1.18.5 UnknownUnknown
gomod/golang.org/x/net 0.51.0 UnknownUnknown
gomod/golang.org/x/term 0.41.0 UnknownUnknown
gomod/golang.org/x/text 0.35.0 UnknownUnknown
gomod/github.com/klauspost/compress 1.18.5 UnknownUnknown
gomod/github.com/montanaflynn/stats 0.8.2 UnknownUnknown
gomod/golang.org/x/crypto 0.49.0 UnknownUnknown
gomod/golang.org/x/net 0.51.0 UnknownUnknown
gomod/golang.org/x/term 0.41.0 UnknownUnknown
gomod/golang.org/x/text 0.35.0 UnknownUnknown

Scanned Files

  • cmd/go.mod
  • go.mod

sondavidb
sondavidb previously approved these changes Mar 17, 2026
View reviewed changes
@github-actions
Bump dependencies using scripts/bump-deps.sh
82712c4 
Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@github-actions github-actions Bot force-pushed the create-pull-request/patch branch from 5a1e437 to 82712c4 Compare March 24, 2026 10:16
@sondavidb sondavidb closed this Mar 24, 2026
@sondavidb sondavidb reopened this Mar 24, 2026
@sondavidb sondavidb merged commit 04d9092 into main Mar 24, 2026
30 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Swapnanil-Gupta Swapnanil-Gupta Swapnanil-Gupta approved these changes

@sondavidb sondavidb sondavidb approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Swapnanil-Gupta @sondavidb