chore(deps): update module golang.org/x/net to v0.45.0 [security] (release-0.29)

[redhat-renovate-bot]

This PR contains the following updates:

Package	Type	Update	Change
golang.org/x/net	indirect	minor	v0.33.0 -> v0.45.0

---

HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

CVE-2025-22870 / GHSA-qxp5-gwg8-xv66 / GO-2025-3503

More information

Details

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

Severity

• CVSS Score: 4.4 / 10 (Medium)
• Vector String: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-22870
• https://go-review.googlesource.com/q/project:net
• https://go.dev/cl/654697
• https://go.dev/issue/71984
• https://pkg.go.dev/vuln/GO-2025-3503
• https://security.netapp.com/advisory/ntap-20250509-0007
• http://www.openwall.com/lists/oss-security/2025/03/07/2

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net

CVE-2025-22870 / GHSA-qxp5-gwg8-xv66 / GO-2025-3503

More information

Details

Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly match and not be proxied.

Severity

Unknown

References

• https://go.dev/cl/654697
• https://go.dev/issue/71984

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

golang.org/x/net vulnerable to Cross-site Scripting

CVE-2025-22872 / GHSA-vvgc-356p-c3xw / GO-2025-3595

More information

Details

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).

Severity

• CVSS Score: 5.3 / 10 (Medium)
• Vector String: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

References

• https://nvd.nist.gov/vuln/detail/CVE-2025-22872
• https://go.dev/cl/662715
• https://go.dev/issue/73070
• https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA
• https://pkg.go.dev/vuln/GO-2025-3595
• https://security.netapp.com/advisory/ntap-20250516-0007

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Incorrect Neutralization of Input During Web Page Generation in x/net in golang.org/x/net

CVE-2025-22872 / GHSA-vvgc-356p-c3xw / GO-2025-3595

More information

Details

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content following such tags as being placed in the wrong scope during DOM construction, but only when tags are in foreign content (e.g. , , etc contexts).

Severity

Unknown

References

• https://go.dev/cl/662715
• https://go.dev/issue/73070
• https://groups.google.com/g/golang-announce/c/ezSKR9vqbqA

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

Quadratic parsing complexity in golang.org/x/net/html

CVE-2025-47911 / GHSA-w4gw-w5jq-g9jh / GO-2026-4440

More information

Details

The html.Parse function in golang.org/x/net/html has quadratic parsing complexity when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

Severity

Unknown

References

• https://go.dev/cl/709876
• https://github.com/golang/vulndb/issues/4440
• https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

Infinite parsing loop in golang.org/x/net

CVE-2025-58190 / GO-2026-4441

More information

Details

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to denial of service (DoS) if an attacker provides specially crafted HTML content.

Severity

Unknown

References

• https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c
• https://github.com/golang/vulndb/issues/4441
• https://go.dev/cl/709875

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[redhat-renovate-bot]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 4 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
golang.org/x/crypto	v0.31.0 -> v0.42.0
golang.org/x/sys	v0.28.0 -> v0.36.0
golang.org/x/term	v0.27.0 -> v0.35.0
golang.org/x/text	v0.21.0 -> v0.29.0
go	1.18 -> 1.24.0

[kubevirt-bot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: redhat-renovate-bot
Once this PR has been reviewed and has the lgtm label, please assign phoracek for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kubevirt-bot]

@redhat-renovate-bot: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name	Commit	Details	Required	Rerun command
pull-e2e-ovs-cni	40086b8	link	true	/test pull-e2e-ovs-cni-0.29

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request primarily focuses on enhancing the security and stability of the project by updating the golang.org/x/net module and several other golang.org/x dependencies to their latest versions. These updates address critical vulnerabilities and introduce various internal improvements and refactorings across the x/net and x/sys packages, ensuring better compliance with HTTP/2 standards and more robust HTML parsing. Additionally, the project's Go version has been upgraded to 1.24.0, aligning with modern language features and performance optimizations.

Highlights

• Security Updates: Updated golang.org/x/net to v0.45.0 to address multiple security vulnerabilities, including HTTP Proxy bypass (CVE-2025-22870), incorrect neutralization of input during web page generation (CVE-2025-22872), and infinite/quadratic parsing loops in x/net/html (CVE-2025-58190, CVE-2025-47911).
• Dependency Bumps: Updated several golang.org/x modules to their latest versions, including golang.org/x/crypto to v0.42.0, golang.org/x/sys to v0.36.0, golang.org/x/term to v0.35.0, and golang.org/x/text to v0.29.0.
• Go Version Update: The Go language version in go.mod has been updated from 1.18 to 1.24.0.
• HTTP/2 Refactoring and Improvements: Significant internal refactoring in golang.org/x/net/http2 to centralize common HTTP request encoding/parsing logic into a new internal/httpcommon package, simplify timer management, and introduce RFC 9218 priority scheduling.
• HTML Parser Enhancements: Improved HTML parsing logic in golang.org/x/net/html to correctly handle self-closing tags with unquoted attributes and prevent denial-of-service via deep element nesting.

Changelog

• go.mod
  • Updated golang.org/x/crypto from v0.31.0 to v0.42.0.
  • Updated golang.org/x/net from v0.33.0 to v0.45.0.
  • Updated golang.org/x/sys from v0.28.0 to v0.36.0.
  • Updated golang.org/x/term from v0.27.0 to v0.35.0.
  • Updated golang.org/x/text from v0.21.0 to v0.29.0.
  • Updated the Go language version from 1.18 to 1.24.0.
• go.sum
  • Updated checksums for github.com/google/go-cmp.
  • Updated checksums for golang.org/x/crypto.
  • Updated checksums for golang.org/x/net.
  • Updated checksums for golang.org/x/sys.
  • Updated checksums for golang.org/x/term.
  • Updated checksums for golang.org/x/text.
• vendor/golang.org/x/net/context/context.go
  • Updated comments to reflect standard library context usage and best practices.
  • Replaced custom Context and CancelFunc types with aliases to the standard library's context package types.
• vendor/golang.org/x/net/context/go17.go
  • Removed file, consolidating context implementation.
• vendor/golang.org/x/net/context/go19.go
  • Removed file, consolidating context implementation.
• vendor/golang.org/x/net/context/pre_go17.go
  • Removed file, consolidating context implementation.
• vendor/golang.org/x/net/context/pre_go19.go
  • Removed file, consolidating context implementation.
• vendor/golang.org/x/net/html/atom/table.go
  • Updated various HTML atom values, reflecting internal changes or additions.
• vendor/golang.org/x/net/html/escape.go
  • Changed a panic message from "unrecognized escape character" to "html: unrecognized escape character" for clarity.
• vendor/golang.org/x/net/html/parse.go
  • Modified panic messages in indexOfElementInScope and clearStackToContext to provide more context.
  • Introduced insertOpenElement function with a stack depth check to prevent infinite parsing loops (DoS vulnerability).
  • Updated afterHeadIM to use insertOpenElement.
  • Added a.Search to the list of block-level elements handled in inBodyIM.
  • Updated section reference in comments from 12.2.6.4.14 to 13.2.6.4.14.
  • Refactored inRowIM logic to use elementInScope and clearStackToContext for better table parsing.
  • Modified parseForeignContent to improve handling of self-closing tags and foreign content parsing.
  • Added panic recovery to the parse function to return an error instead of crashing on parsing issues.
  • Added a comment indicating that Parse will reject HTML nested deeper than 512 elements.
• vendor/golang.org/x/net/html/render.go
  • Corrected a typo in a comment from "beging" to "being".
• vendor/golang.org/x/net/html/token.go
  • Modified readStartTag to correctly identify self-closing tags, preventing misinterpretation of tags with unquoted attribute values ending in a solidus.
• vendor/golang.org/x/net/http2/config.go
  • Added StrictMaxConcurrentRequests field to http2Config struct.
  • Refactored configFromServer and configFromTransport to use a new common fillNetHTTPConfig function.
  • Added invalidHTTP1LookingFrameHeader function for improved error reporting.
  • Moved fillNetHTTPServerConfig and fillNetHTTPTransportConfig logic into the new fillNetHTTPConfig function.
• vendor/golang.org/x/net/http2/config_go124.go
  • Removed file, consolidating Go version-specific config logic.
• vendor/golang.org/x/net/http2/config_go125.go
  • Added new file to define http2ConfigStrictMaxConcurrentRequests for Go versions before 1.26.
• vendor/golang.org/x/net/http2/config_go126.go
  • Added new file to define http2ConfigStrictMaxConcurrentRequests for Go 1.26 and later.
• vendor/golang.org/x/net/http2/config_pre_go124.go
  • Removed file, consolidating Go version-specific config logic.
• vendor/golang.org/x/net/http2/frame.go
  • Changed frameName map to frameNames array for potentially faster lookups.
  • Added invalidHTTP1LookingFrameHeader to detect HTTP/1.1-looking frame headers for better error messages.
  • Improved error messages for ErrFrameTooLarge and io.ReadFull by including a note about HTTP/1.1-looking headers.
  • Added urgency and incremental fields to PriorityParam and related comments for RFC 9218 prioritization.
• vendor/golang.org/x/net/http2/gotrack.go
  • Added disableDebugGoroutines atomic boolean to allow disabling goroutine debugging during tests without race detector complaints.
• vendor/golang.org/x/net/http2/http2.go
  • Removed unused context import.
  • Changed default value of disableExtendedConnectProtocol to true and modified environment variable check.
  • Removed inTests global variable.
  • Simplified bufferedWriter and writeWithByteTimeout by removing synctestGroupInterface dependency.
  • Removed validPseudoPath and synctestGroupInterface type definitions.
• vendor/golang.org/x/net/http2/server.go
  • Removed Server.group field and associated methods (markNewGoroutine, now, newTimer, afterFunc).
  • Updated shutdownTimer, idleTimer, readIdleTimer, readDeadline, and writeDeadline types from timer interface to *time.Timer.
  • Moved errChanPool from global to serverInternalState and added getErrChan/putErrChan methods for per-server pooling.
  • Ensured ServeConn opts parameter is not nil.
  • Updated canonicalHeader to use httpcommon.CachedCanonicalHeader.
  • Removed calls to sc.srv.markNewGoroutine() as synctestGroupInterface was removed.
  • Updated newWriterAndRequest and newWriterAndRequestNoBody to use httpcommon.ServerRequestParam and httpcommon.NewServerRequest for request parsing and validation.
• vendor/golang.org/x/net/http2/timer.go
  • Removed file, consolidating timer management.
• vendor/golang.org/x/net/http2/transport.go
  • Removed sort import.
  • Removed transportTestHooks.group and related methods (markNewGoroutine, now, timeSince, newTimer, afterFunc, contextWithTimeout).
  • Updated idleTimer type from timer interface to *time.Timer.
  • Added closedOnIdle field to ClientConn to track idle closures.
  • Added strictMaxConcurrentStreams field to ClientConn.
  • Updated roundTrip to use time.NewTimer instead of t.newTimer.
  • Added errClientConnForceClosed error.
  • Updated newClientConn to use time.Now() and time.AfterFunc directly.
  • Removed commaSeparatedTrailers, checkConnHeaders, encodeHeaders, shouldSendReqContentLength functions.
  • Replaced request header encoding logic with calls to httpcommon.EncodeHeaders.
  • Updated canonicalHeader calls to httpcommon.CanonicalHeader.
  • Updated errRequestHeaderListSize to use httpcommon.ErrRequestHeaderListSize.
  • Removed traceHasWroteHeaderField and traceWroteHeaderField functions.
  • Modified readLoop cleanup logic to handle closedOnIdle and seenSettings for extended CONNECT requests.
• vendor/golang.org/x/net/http2/write.go
  • Updated encodeHeaders to use httpcommon.LowerHeader for header name canonicalization.
• vendor/golang.org/x/net/http2/writesched.go
  • Added priority field to OpenStreamOptions struct.
• vendor/golang.org/x/net/http2/writesched_priority.go
  • Renamed to writesched_priority_rfc7540.go.
  • Updated constant priorityDefaultWeight to priorityDefaultWeightRFC7540.
  • Updated struct names from priorityWriteScheduler to priorityWriteSchedulerRFC7540 and priorityNode to priorityNodeRFC7540.
  • Updated state enum names to priorityNodeStateRFC7540.
• vendor/golang.org/x/net/http2/writesched_priority_rfc9128.go
  • Added new file implementing RFC 9218 priority write scheduler (priorityWriteSchedulerRFC9218).
• vendor/golang.org/x/net/http2/writesched_roundrobin.go
  • Corrected a typo in a comment from "priorizes" to "prioritizes".
• vendor/golang.org/x/net/internal/httpcommon/ascii.go
  • Added new file containing asciiEqualFold, lower, isASCIIPrint, and asciiToLower utility functions for ASCII string manipulation.
• vendor/golang.org/x/net/internal/httpcommon/headermap.go
  • Renamed from vendor/golang.org/x/net/http2/headermap.go and updated package name to httpcommon.
  • Changed http.CanonicalHeaderKey to textproto.CanonicalMIMEHeaderKey.
  • Added LowerHeader, CanonicalHeader, and CachedCanonicalHeader functions.
• vendor/golang.org/x/net/internal/httpcommon/request.go
  • Added new file containing common HTTP request handling logic.
  • Introduced Request struct (subset of http.Request), EncodeHeadersParam, EncodeHeadersResult.
  • Implemented EncodeHeaders function for common HTTP/2 and HTTP/3 header encoding and validation.
  • Implemented IsRequestGzip function for determining gzip encoding.
  • Implemented checkConnHeaders for validating connection-level headers.
  • Implemented commaSeparatedTrailers for handling trailer headers.
  • Implemented validPseudoPath for validating pseudo-path headers.
  • Implemented validateHeaders for general header validation.
  • Implemented shouldSendReqContentLength for content-length header logic.
  • Introduced ServerRequestParam and ServerRequestResult with NewServerRequest for server-side request parsing and validation.
• vendor/golang.org/x/sys/plan9/pwd_go15_plan9.go
  • Removed file, consolidating Plan 9 pwd functions.
• vendor/golang.org/x/sys/plan9/pwd_plan9.go
  • Updated fixwd, Getwd, and Chdir to use syscall package functions directly.
• vendor/golang.org/x/sys/unix/affinity_linux.go
  • Updated CPUSet.Zero method to use the clear built-in function for efficiency.
• vendor/golang.org/x/sys/unix/auxv.go
  • Added new file to provide Auxv function for accessing the ELF auxiliary vector on Linux-like systems.
• vendor/golang.org/x/sys/unix/auxv_unsupported.go
  • Added new file to provide Auxv function for unsupported platforms.
• vendor/golang.org/x/sys/unix/mkerrors.sh
  • Added new #define directives for ETHTOOL_FAMILY_NAME and ETHTOOL_FAMILY_VERSION.
• vendor/golang.org/x/sys/unix/syscall_darwin.go
  • Added Readv, Preadv, Writev, and Pwritev functions for scatter/gather I/O.
  • Included race detection logic for readv and writev operations.
• vendor/golang.org/x/sys/unix/syscall_dragonfly.go
  • Added Dup3 function for duplicating file descriptors with flags.
• vendor/golang.org/x/sys/unix/syscall_linux.go
  • Updated loops in SockaddrUnix, SockaddrL2, SockaddrCAN, SockaddrCANJ1939, SockaddrIUCV to use range for iteration.
  • Updated anyToSockaddr to use range for iteration.
  • Used min function in readvRacedetect and writevRacedetect.
  • Updated isGroupMember to use slices.Contains for checking group membership.
• vendor/golang.org/x/sys/unix/syscall_solaris.go
  • Updated Listen syscall to use libsocket.__xnet_listen.
  • Added Ucred struct and associated helper functions (GetPeerUcred, UcredGet, Geteuid, Getruid, Getsuid, Getegid, Getrgid, Getsgid, Getpid) for managing user credentials.
• vendor/golang.org/x/sys/unix/zerrors_linux.go
  • Updated various constants including AUDIT_INTEGRITY_USERSPACE, AUDIT_LANDLOCK_ACCESS, AUDIT_LANDLOCK_DOMAIN, BPF_F_PREORDER, BPF_LOAD_ACQ, BPF_STORE_REL, DM_VERSION_EXTRA, DM_VERSION_MINOR, ETHTOOL_FAMILY_NAME, ETHTOOL_FAMILY_VERSION, FAN_ERRNO_BITS, FAN_ERRNO_MASK, FAN_ERRNO_SHIFT, FAN_EVENT_INFO_TYPE_MNT, FAN_EVENT_INFO_TYPE_RANGE, FAN_MARK_MNTNS, FAN_MNT_ATTACH, FAN_MNT_DETACH, FAN_PRE_ACCESS, FAN_REPORT_FD_ERROR, FAN_REPORT_MNT, FSCRYPT_ADD_KEY_FLAG_HW_WRAPPED, F_CREATED_QUERY, F_DUPFD_QUERY, IPPROTO_SMC, IPV6_VERSION, IPV6_VERSION_MASK, LANDLOCK_CREATE_RULESET_ERRATA, LANDLOCK_RESTRICT_SELF_LOG_NEW_EXEC_ON, LANDLOCK_RESTRICT_SELF_LOG_SAME_EXEC_OFF, LANDLOCK_RESTRICT_SELF_LOG_SUBDOMAINS_OFF, MAP_DROPPABLE, MSG_SOCK_DEVMEM, NFC_ATS_MAXSIZE, NFT_BITWISE_BOOL, PR_FUTEX_HASH, PR_FUTEX_HASH_GET_IMMUTABLE, PR_FUTEX_HASH_GET_SLOTS, PR_FUTEX_HASH_SET_SLOTS, PR_GET_SHADOW_STACK_STATUS, PR_LOCK_SHADOW_STACK_STATUS, PR_PMLEN_MASK, PR_PMLEN_SHIFT, PR_SET_SHADOW_STACK_STATUS, PR_SHADOW_STACK_ENABLE, PR_SHADOW_STACK_PUSH, PR_SHADOW_STACK_WRITE, PR_TIMER_CREATE_RESTORE_IDS, PR_TIMER_CREATE_RESTORE_IDS_GET, PR_TIMER_CREATE_RESTORE_IDS_OFF, PR_TIMER_CREATE_RESTORE_IDS_ON, PTRACE_SET_SYSCALL_INFO, RTA_MAX, RTM_DELANYCAST, RTM_DELMULTICAST, RTM_NEWANYCAST, RTM_NEWMULTICAST, RTM_NEWVLAN, RTPROT_OVN, RWF_DONTCACHE, RWF_SUPPORTED, STATX_DIO_READ_ALIGN, TASKSTATS_VERSION, UBI_IOCECNFO, WGALLOWEDIP_A_MAX, XDP_TXMD_FLAGS_LAUNCH_TIME.
• vendor/golang.org/x/sys/unix/zerrors_linux_386.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, GCS_MAGIC, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
  • Updated various constants including DM_MPATH_PROBE_PATHS, IPV6_FLOWINFO_MASK, IPV6_FLOWLABEL_MASK, SCM_TS_OPT_ID, SO_PASSRIGHTS, SO_RCVPRIORITY.
• vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
  • Added readv, preadv, writev, pwritev syscall wrappers.
• vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
  • Added trampoline addresses for readv, preadv, writev, pwritev.
• vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
  • Added readv, preadv, writev, pwritev syscall wrappers.
• vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
  • Added trampoline addresses for readv, preadv, writev, pwritev.
• vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
  • Updated Listen syscall linkage.
  • Added getpeerucred, ucredGet, ucredGeteuid, ucredGetegid, ucredGetruid, ucredGetrgid, ucredGetsuid, ucredGetsgid, ucredGetpid, ucredFree syscall linkages.
• vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
  • Added new syscall numbers for SYS_SETXATTRAT, SYS_GETXATTRAT, SYS_LISTXATTRAT, SYS_REMOVEXATTRAT, SYS_OPEN_TREE_ATTR.
• vendor/golang.org/x/sys/unix/ztypes_linux.go
  • Updated Statx_t struct with Dio_read_offset_align and Atomic_write_unit_max_opt fields.
  • Updated FscryptAddKeyArg struct with Flags field.
  • Added IFAL_LABEL and IFAL_ADDRESS constants.
  • Added SizeofIfAddrlblmsg constant.
  • Added IfAddrlblmsg struct.
  • Updated various NFT_PAYLOAD and NFT_CT constants.
  • Updated SOF_TIMESTAMPING_LAST and SOF_TIMESTAMPING_MASK constants.
  • Added various TCA and RTNLGRP constants.
  • Added TCP_V4_FLOW, UDP_V4_FLOW, TCP_V6_FLOW, UDP_V6_FLOW, ESP_V4_FLOW, ESP_V6_FLOW, IP_USER_FLOW, IPV6_USER_FLOW, IPV6_FLOW, ETHER_FLOW constants.
  • Updated various NL80211_ATTR, NL80211_BAND_ATTR, NL80211_BSS, NL80211_CMD, NL80211_EXT_FEATURE, NL80211_FREQUENCY_ATTR, NL80211_IFTYPE, NL80211_KCK_EXT_LEN, NL80211_MAX_SUPP, NL80211_MBSSID_CONFIG_ATTR, NL80211_MNTR_FLAG, NL80211_RATE_INFO, NL80211_RRF, NL80211_STA_FLAG, NL80211_WIPHY_RADIO_ATTR, NL80211_WIPHY_RADIO_FREQ_ATTR, NL80211_WOWLAN_TRIG constants.
  • Added RTM_NEWNVLAN constant.
• vendor/golang.org/x/sys/unix/ztypes_linux_386.go
  • Updated Taskstats struct with additional _ padding and Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
  • Updated Stat_t struct with additional _ padding.
  • Updated Taskstats struct with additional _ padding and Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
  • Updated Taskstats struct with additional _ padding and Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
  • Updated Taskstats struct with additional _ padding and Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
  • Updated Stat_t struct with additional _ padding.
  • Updated Taskstats struct with additional _ padding and Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
  • Updated Taskstats struct with Cpu_delay_max, Cpu_delay_min, Blkio_delay_max, Blkio_delay_min, Swapin_delay_max, Swapin_delay_min, Freepages_delay_max, Freepages_delay_min, Thrashing_delay_max, Thrashing_delay_min, Compact_delay_max, Compact_delay_min, Wpcopy_delay_max, Wpcopy_delay_min, Irq_delay_max, Irq_delay_min fields.
• vendor/golang.org/x/sys/windows/dll_windows.go
  • Updated comments for LoadDLL and NewLazyDLL to recommend NewLazySystemDLL for safe system DLL loading.
  • Removed unused errString type.
• vendor/golang.org/x/sys/windows/security_windows.go
  • Modified SECURITY_DESCRIPTOR.ToAbsolute to improve memory allocation and pointer handling for ACL and SID structures, including explicit verification of pointers after Windows API calls.
• vendor/golang.org/x/sys/windows/syscall_windows.go
  • Added WSADuplicateSocket syscall binding.
  • Modified NTUnicodeString.Slice to correctly calculate slice length based on bytes, ensuring it's always even.
• vendor/golang.org/x/sys/windows/types_windows.go
  • Added IP_MTU_DISCOVER and IPV6_MTU_DISCOVER constants.
  • Added IP_PMTUDISC_NOT_SET, IP_PMTUDISC_DO, IP_PMTUDISC_DONT, IP_PMTUDISC_PROBE, IP_PMTUDISC_MAX constants.
  • Added WSACMSGHDR, IN_PKTINFO, IN6_PKTINFO structs.
  • Added FileZeroDataInformation struct.
  • Added numerous Virtual Key codes constants.
  • Added Mouse button constants.
  • Added Control key state constants.
  • Added Mouse event record event flags.
  • Added Input Record Event Types constants.
• vendor/golang.org/x/term/term_windows.go
  • Modified makeRaw function to remove windows.ENABLE_PROCESSED_OUTPUT flag from console mode settings, aligning with typical raw mode behavior.
• vendor/golang.org/x/term/terminal.go
  • Introduced History interface for managing command history.
  • Updated Terminal struct to use the History interface for command history, with stRingBuffer as the default implementation.
  • Added historyAt and historyAdd helper methods to safely interact with the History interface.
  • Modified handleKey to correctly process keyLF (line feed) as a line terminator, similar to keyEnter.
  • Disabled AutoCompleteCallback during ReadPassword calls.
  • Updated readLine to handle keyEnter and keyLF sequences for line termination and history addition.
  • Refactored stRingBuffer to implement the new History interface, including Len and At methods.
• vendor/golang.org/x/text/language/parse.go
  • Corrected the return value of the Parse method to always return nil for the error if parsing was successful, even if the tag was changed.
• vendor/modules.txt
  • Updated versions for golang.org/x/crypto, golang.org/x/net, golang.org/x/sys, golang.org/x/term, golang.org/x/text.
  • Added golang.org/x/net/internal/httpcommon.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates golang.org/x/net and other transitive dependencies to address several security vulnerabilities. The changes are extensive as they are pulled from upstream repositories. A key change to note is the update of the Go version in go.mod from 1.18 to 1.24.0, which is required by the new dependency versions. I've added a comment regarding this to ensure it's a conscious decision to upgrade the project's required Go version.

[gemini-code-assist]

The Go version is being updated from 1.18 to 1.24.0. This is a significant change that is not mentioned in the PR title or description. This is necessary as the new version of golang.org/x/net (v0.45.0) requires Go 1.21+. While the change is required, it's important to be aware of the potential impact on the project's build environment and for developers. It might be good to reflect this significant change in the PR's description.