Skip to content

fix(deps): update osv-scanner minor#2868

Open
renovate-bot wants to merge 1 commit into
google:mainfrom
renovate-bot:renovate/osv-scanner-minor
Open

fix(deps): update osv-scanner minor#2868
renovate-bot wants to merge 1 commit into
google:mainfrom
renovate-bot:renovate/osv-scanner-minor

Conversation

@renovate-bot

@renovate-bot renovate-bot commented Jun 7, 2026

Copy link
Copy Markdown
Collaborator

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
charm.land/glamour/v2 v2.0.0v2.0.1 age confidence require patch
charm.land/lipgloss/v2 v2.0.3v2.0.4 age confidence require patch
deps.dev/api/v3 v3.0.0-20260422013440-90c27f84dd6fv3.0.0-20260617025149-7d3577045631 age confidence require patch
deps.dev/api/v3alpha 90c27f87d35770 age confidence require digest
github.com/jedib0t/go-pretty/v6 v6.7.10v6.8.1 age confidence require minor
github.com/urfave/cli/v3 v3.9.0v3.10.0 age confidence require minor v3.10.1
go.yaml.in/yaml/v4 v4.0.0-rc.4v4.0.0-rc.6 age confidence require patch
golang.org/x/sync v0.20.0v0.21.0 age confidence require minor
golang.org/x/term v0.43.0v0.44.0 age confidence require minor

Release Notes

charmbracelet/glamour (charm.land/glamour/v2)

v2.0.1

Compare Source

Changelog

Bug fixes
Other work

The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on Twitter, The Fediverse, or on Discord.

charmbracelet/lipgloss (charm.land/lipgloss/v2)

v2.0.4

Compare Source

Mini Crash Patch

Hi! This is a small patch to fix a writer-related panic. Thanks for using Lip Gloss!

Changelog

Fixed
Docs
Chore

The Charm logo

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

jedib0t/go-pretty (github.com/jedib0t/go-pretty/v6)

v6.8.1

Compare Source

What's Changed

A hardening pass across the table, list, progress, and text packages,
fixing security issues, crash/race bugs, and performance problems in the
render hot paths, with benchmarks added to back the optimizations.

Security
  • table/list (HTML): escape the title, caption, and CSS class names in
    RenderHTML() to prevent HTML/attribute injection.
  • table (CSV): make RenderCSV() output RFC 4180 compliant, and add an
    opt-in Style().CSV.FieldProtection option that neutralizes spreadsheet
    formula-injection fields (=, +, -, @, tab, CR).
  • text: sanitize hyperlink URLs and bound the escape-sequence parser
    buffer so adversarial input can't grow it without limit.
Correctness
  • progress: fix a render panic on tiny tracker lengths, data races on
    tracker/indicator state, and a leaked time.Ticker in the terminal-size
    watcher.
  • table: guard auto-index rendering against empty maxColumnLengths.
  • text: prevent a panic in VAlign.Apply on negative maxLines.
Performance
  • table: compile regex filters once per render; pre-size render builders.
  • list: hoist repeated width math out of the render loops.
  • text: speed up Align.Apply and StringWidthWithoutEscSequences.
  • progress: build PacManChomp frames with a strings.Builder.
Tooling
  • Moved root-level benchmarks into their packages and wired up make bench;
    added benchmarks for the table/text/list/progress render hot paths and tests
    covering the retained-done-tracker render paths.

Full Changelog: jedib0t/go-pretty@v6.8.0...v6.8.1

v6.8.0

Compare Source

What's Changed

New Contributors

Full Changelog: jedib0t/go-pretty@v6.7.10...v6.8.0

urfave/cli (github.com/urfave/cli/v3)

v3.10.0

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.9.1...v3.10.0

v3.9.1

Compare Source

What's Changed

Full Changelog: urfave/cli@v3.9.0...v3.9.1

yaml/go-yaml (go.yaml.in/yaml/v4)

v4.0.0-rc.6

Compare Source

v4.0.0-rc.5

Compare Source


Configuration

📅 Schedule: (in timezone Australia/Sydney)

  • Branch creation
    • "before 6am on monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@forking-renovate forking-renovate Bot added the dependencies Pull requests that update a dependency file label Jun 7, 2026
@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch from 9541ffa to 9030424 Compare June 8, 2026 19:46
@renovate-bot renovate-bot changed the title fix(deps): update osv-scanner minor to afe0bdd fix(deps): update osv-scanner minor Jun 8, 2026
@renovate-bot renovate-bot changed the title fix(deps): update osv-scanner minor fix(deps): update osv-scanner minor to v6.8.0 Jun 11, 2026
@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch from 9030424 to 305e70c Compare June 11, 2026 01:15
@renovate-bot renovate-bot changed the title fix(deps): update osv-scanner minor to v6.8.0 fix(deps): update osv-scanner minor Jun 11, 2026
@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch 3 times, most recently from cc67bb7 to 075b810 Compare June 15, 2026 20:11
@forking-renovate

Copy link
Copy Markdown

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 1 additional dependency was updated

Details:

Package Change
golang.org/x/sys v0.45.0 -> v0.46.0

@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch 2 times, most recently from 7224e93 to e44b9ef Compare June 17, 2026 17:48
@codecov-commenter

codecov-commenter commented Jun 17, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 79.26%. Comparing base (bee2bd0) to head (8c692c9).

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #2868   +/-   ##
=======================================
  Coverage   79.26%   79.26%           
=======================================
  Files         122      122           
  Lines        8279     8279           
=======================================
  Hits         6562     6562           
  Misses       1335     1335           
  Partials      382      382           

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch 5 times, most recently from 83dc9bb to 6e9a17a Compare June 24, 2026 06:11
@renovate-bot renovate-bot force-pushed the renovate/osv-scanner-minor branch from 6e9a17a to c019ccd Compare June 24, 2026 13:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants