Bump the go_modules group across 3 directories with 10 updates by dependabot[bot] · Pull Request #112 · shardeum/shardeum-evm

dependabot · 2026-03-01T21:37:31Z

Bumps the go_modules group with 8 updates in the / directory:

Package	From	To
github.com/cometbft/cometbft	`0.38.19`	`0.38.21`
golang.org/x/crypto	`0.41.0`	`0.45.0`
filippo.io/edwards25519	`1.1.0`	`1.1.1`
github.com/consensys/gnark-crypto	`0.18.0`	`0.18.1`
github.com/go-viper/mapstructure/v2	`2.2.1`	`2.4.0`
github.com/hashicorp/go-getter	`1.7.8`	`1.7.9`
github.com/ulikunitz/xz	`0.5.11`	`0.5.14`
go.opentelemetry.io/otel/sdk	`1.36.0`	`1.40.0`

Bumps the go_modules group with 8 updates in the /shardeumd directory:

Package	From	To
github.com/cometbft/cometbft	`0.38.19`	`0.38.21`
golang.org/x/crypto	`0.41.0`	`0.45.0`
filippo.io/edwards25519	`1.1.0`	`1.1.1`
github.com/consensys/gnark-crypto	`0.18.0`	`0.18.1`
github.com/go-viper/mapstructure/v2	`2.2.1`	`2.4.0`
github.com/hashicorp/go-getter	`1.7.8`	`1.7.9`
github.com/ulikunitz/xz	`0.5.11`	`0.5.14`
go.opentelemetry.io/otel/sdk	`1.36.0`	`1.40.0`

Bumps the go_modules group with 6 updates in the /tests/systemtests directory:

Package	From	To
golang.org/x/crypto	`0.39.0`	`0.45.0`
filippo.io/edwards25519	`1.1.0`	`1.1.1`
github.com/consensys/gnark-crypto	`0.14.0`	`0.18.1`
github.com/dvsekhvalnov/jose2go	`1.6.0`	`1.7.0`
github.com/go-viper/mapstructure/v2	`2.3.0`	`2.4.0`
github.com/ethereum/go-ethereum	`1.15.5`	`1.17.0`

Updates github.com/cometbft/cometbft from 0.38.19 to 0.38.21

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.21

What's Changed

chore(statesync): add max snapshot chunks configuration (v0.38.x) by @mattac21 in cometbft/cometbft#5548

test: add unit tests for TotalVotingPowerSafe (backport #5570) by @mergify[bot] in cometbft/cometbft#5581

Full Changelog: cometbft/cometbft@v0.38.20...v0.38.21

v0.38.20

What's Changed

Create NOTICE (backport #5495) by @mergify[bot] in cometbft/cometbft#5496

chore: add voting power validation (v0.38.x) by @technicallyty in cometbft/cometbft#5520

Full Changelog: cometbft/cometbft@v0.38.19...v0.38.20

Commits

c56d64e Merge commit from fork
01d5ea5 test: add unit tests for TotalVotingPowerSafe (backport #5570) (#5581)
bd517d2 test: remove unnecessary loop variable capture
7c43155 test: add coverage for TotalVotingPowerSafe
eeb4a59 fix test cases in validation
161f7ac fix tests
a4e41a1 fix linter errors
26dc17f Add ValidateBlock tests for median time
c36a8ed fix verbs
dcf7e3b add test and fix a test
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.45.0

Commits

4e0068c go.mod: update golang.org/x dependencies
e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
f91f7a7 ssh/agent: prevent panic on malformed constraint
2df4153 acme/autocert: let automatic renewal work with short lifetime certs
bcf6a84 acme: pass context to request
b4f2b62 ssh: fix error message on unsupported cipher
79ec3a5 ssh: allow to bind to a hostname in remote forwarding
122a78f go.mod: update golang.org/x dependencies
c0531f9 all: eliminate vet diagnostics
0997000 all: fix some comments
Additional commits viewable in compare view

Updates filippo.io/edwards25519 from 1.1.0 to 1.1.1

Commits

d1c650a extra: initialize receiver in MultiScalarMult
See full diff in compare view

Updates github.com/consensys/gnark-crypto from 0.18.0 to 0.18.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.18.1] - 2025-10-28

Docs

add CHANGELOG for 0.18.1

Perf

limit memory allocation during Vector deserialization (#759)

Commits

fb04e95 docs: add CHANGELOG for 0.18.1
0a4d04a perf: limit memory allocation during Vector deserialization (#759)
See full diff in compare view

Updates github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0

Release notes

Sourced from github.com/go-viper/mapstructure/v2's releases.

v2.4.0

What's Changed

refactor: replace interface{} with any by @sagikazarmark in go-viper/mapstructure#115

build(deps): bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in go-viper/mapstructure#114

Generic tests by @sagikazarmark in go-viper/mapstructure#118

Fix godoc reference link in README.md by @peczenyj in go-viper/mapstructure#107

feat: add StringToTimeLocationHookFunc to convert strings to *time.Location by @ErfanMomeniii in go-viper/mapstructure#117

feat: add back previous StringToSlice as a weak function by @sagikazarmark in go-viper/mapstructure#119

New Contributors

@ErfanMomeniii made their first contribution in go-viper/mapstructure#117

Full Changelog: go-viper/mapstructure@v2.3.0...v2.4.0

v2.3.0

What's Changed

build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in go-viper/mapstructure#46

build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @dependabot in go-viper/mapstructure#47

[enhancement] Add check for reflect.Value in ComposeDecodeHookFunc by @mahadzaryab1 in go-viper/mapstructure#52

build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in go-viper/mapstructure#51

build(deps): bump actions/checkout from 4.2.0 to 4.2.2 by @dependabot in go-viper/mapstructure#50

build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by @dependabot in go-viper/mapstructure#55

build(deps): bump actions/setup-go from 5.2.0 to 5.3.0 by @dependabot in go-viper/mapstructure#58

ci: add Go 1.24 to the test matrix by @sagikazarmark in go-viper/mapstructure#74

build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.5.0 by @dependabot in go-viper/mapstructure#72

build(deps): bump golangci/golangci-lint-action from 6.5.0 to 6.5.1 by @dependabot in go-viper/mapstructure#76

build(deps): bump actions/setup-go from 5.3.0 to 5.4.0 by @dependabot in go-viper/mapstructure#78

feat: add decode hook for netip.Prefix by @tklauser in go-viper/mapstructure#85

Updates by @sagikazarmark in go-viper/mapstructure#86

build(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by @dependabot in go-viper/mapstructure#87

build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot in go-viper/mapstructure#93

build(deps): bump github/codeql-action from 3.28.15 to 3.28.17 by @dependabot in go-viper/mapstructure#92

build(deps): bump github/codeql-action from 3.28.17 to 3.28.19 by @dependabot in go-viper/mapstructure#97

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot in go-viper/mapstructure#96

Update README.md by @peczenyj in go-viper/mapstructure#90

Add omitzero tag. by @Crystalix007 in go-viper/mapstructure#98

Use error structs instead of duplicated strings by @m1k1o in go-viper/mapstructure#102

build(deps): bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot in go-viper/mapstructure#101

feat: add common error interface by @sagikazarmark in go-viper/mapstructure#105

update linter by @sagikazarmark in go-viper/mapstructure#106

Feature allow unset pointer by @rostislaved in go-viper/mapstructure#80

New Contributors

@tklauser made their first contribution in go-viper/mapstructure#85

@peczenyj made their first contribution in go-viper/mapstructure#90

@Crystalix007 made their first contribution in go-viper/mapstructure#98

@rostislaved made their first contribution in go-viper/mapstructure#80

Full Changelog: go-viper/mapstructure@v2.2.1...v2.3.0

Commits

b9794a5 Merge pull request #119 from go-viper/string-to-weak-slice
17cdcb0 feat: add back previous StringToSlice as a weak function
3caca36 Merge pull request #117 from ErfanMomeniii/main
9a861bc Merge pull request #107 from peczenyj/patch-2
86ed5b5 refactor: update
ace5b4e chore: add interface any linter
1a4f1ae Merge pull request #118 from go-viper/generic-tests
a268909 fix: lint
17f1fd4 test: add more comments
b48c856 test: expand tests
Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.7.8 to 1.7.9

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.9

What's Changed

Speed up XZ decompression by 5x with bufio wrapper by @vsarunas in hashicorp/go-getter#520

Fix CI Workflow by @mohanmanikanta2299 in hashicorp/go-getter#522

test: Remove use of "mitchellh/go-testing-interface" for stdlib by @jrasell in hashicorp/go-getter#523

fix: url redact of multiple sshkey by @dduzgun-security in hashicorp/go-getter#528

Publish arm binaries by @sethvargo in hashicorp/go-getter#525

fix errcheck lint errors and run it as part of pr checks by @abhijeetviswa in hashicorp/go-getter#530

fix additional lint errors and increase linter scope by @abhijeetviswa in hashicorp/go-getter#531

IND-3728 enabling dependabot by @KaushikiAnand in hashicorp/go-getter#529

fix: go-getter subdir paths by @dduzgun-security in hashicorp/go-getter#540

New Contributors

@vsarunas made their first contribution in hashicorp/go-getter#520

@jrasell made their first contribution in hashicorp/go-getter#523

@sethvargo made their first contribution in hashicorp/go-getter#525

@abhijeetviswa made their first contribution in hashicorp/go-getter#530

@KaushikiAnand made their first contribution in hashicorp/go-getter#529

Full Changelog: hashicorp/go-getter@v1.7.8...v1.7.9

Commits

e702211 Merge pull request #532 from hashicorp/dependabot/github_actions/actions-8948...
df0a14f [chore] : Bump the actions group with 8 updates
87541b2 fix: go-getter subdir paths (#540)
3713030 [Compliance] - PR Template Changes Required
af2dd3c Merge pull request #529 from hashicorp/dependabot-intge
bf52629 updating dependabot.yml
1f63e10 changelog added, updated dependabot.yaml
45af459 fix additional lint errors and increase linter scope
c8c6aba fix errcheck lint errors and run it as part of pr checks
9b76f98 copywrite header added
Additional commits viewable in compare view

Updates github.com/ulikunitz/xz from 0.5.11 to 0.5.14

Commits

7184815 Preparation of release v0.5.14
88ddf1d Address Security Issue GHSA-jc7w-c686-c4v9
c8314b8 Add new package xio with WriteCloserStack
4f11dce Update README.md and SECURITY.md to address security questions
f56ebbf TODO.md: fix a typo
See full diff in compare view

Updates go.opentelemetry.io/otel/sdk from 1.36.0 to 1.40.0

Changelog

Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.40.0/0.62.0/0.16.0] 2026-02-02

Added

Add AlwaysRecord sampler in go.opentelemetry.io/otel/sdk/trace. (#7724)

Add Enabled method to all synchronous instrument interfaces (Float64Counter, Float64UpDownCounter, Float64Histogram, Float64Gauge, Int64Counter, Int64UpDownCounter, Int64Histogram, Int64Gauge,) in go.opentelemetry.io/otel/metric. This stabilizes the synchronous instrument enabled feature, allowing users to check if an instrument will process measurements before performing computationally expensive operations. (#7763)

Add go.opentelemetry.io/otel/semconv/v1.39.0 package. The package contains semantic conventions from the v1.39.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.38.0. (#7783, #7789)

Changed

Improve the concurrent performance of HistogramReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar by 4x. (#7443)

Improve the concurrent performance of FixedSizeReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar. (#7447)

Improve performance of concurrent histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7474)

Improve performance of concurrent synchronous gauge measurements in go.opentelemetry.io/otel/sdk/metric. (#7478)

Add experimental observability metrics in go.opentelemetry.io/otel/exporters/stdout/stdoutmetric. (#7492)

Exporter in go.opentelemetry.io/otel/exporters/prometheus ignores metrics with the scope go.opentelemetry.io/contrib/bridges/prometheus. This prevents scrape failures when the Prometheus exporter is misconfigured to get data from the Prometheus bridge. (#7688)

Improve performance of concurrent exponential histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7702)

The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)

The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)

Fixed

Fix bad log message when key-value pairs are dropped because of key duplication in go.opentelemetry.io/otel/sdk/log. (#7662)

Fix DroppedAttributes on Record in go.opentelemetry.io/otel/sdk/log to not count the non-attribute key-value pairs dropped because of key duplication. (#7662)

Fix SetAttributes on Record in go.opentelemetry.io/otel/sdk/log to not log that attributes are dropped when they are actually not dropped. (#7662)

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to correctly handle HTTP/2 GOAWAY frame. (#7794)

WithHostID detector in go.opentelemetry.io/otel/sdk/resource to use full path for ioreg command on Darwin (macOS). (#7818)

Deprecated

Deprecate go.opentelemetry.io/otel/exporters/zipkin. For more information, see the OTel blog post deprecating the Zipkin exporter. (#7670)

[1.39.0/0.61.0/0.15.0/0.0.14] 2025-12-05

Added

Greatly reduce the cost of recording metrics in go.opentelemetry.io/otel/sdk/metric using hashing for map keys. (#7175)

Add WithInstrumentationAttributeSet option to go.opentelemetry.io/otel/log, go.opentelemetry.io/otel/metric, and go.opentelemetry.io/otel/trace packages. This provides a concurrent-safe and performant alternative to WithInstrumentationAttributes by accepting a pre-constructed attribute.Set. (#7287)

Add experimental observability for the Prometheus exporter in go.opentelemetry.io/otel/exporters/prometheus. Check the go.opentelemetry.io/otel/exporters/prometheus/internal/x package documentation for more information. (#7345)

Add experimental observability metrics in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (#7353)

Add temporality selector functions DeltaTemporalitySelector, CumulativeTemporalitySelector, LowMemoryTemporalitySelector to go.opentelemetry.io/otel/sdk/metric. (#7434)

Add experimental observability metrics for simple log processor in go.opentelemetry.io/otel/sdk/log. (#7548)

Add experimental observability metrics in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#7459)

... (truncated)

Commits

a3a5317 Release v1.40.0 (#7859)
77785da chore(deps): update github/codeql-action action to v4.32.1 (#7858)
56fa1c2 chore(deps): update module github.com/clipperhouse/uax29/v2 to v2.5.0 (#7857)
298cbed Upgrade semconv use to v1.39.0 (#7854)
3264bf1 refactor: modernize code (#7850)
fd5d030 chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
8d3b4cb chore(deps): update actions/cache action to v5.0.3 (#7847)
91f7cad chore(deps): update github.com/timakin/bodyclose digest to 73d1f95 (#7845)
fdad1eb chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
c46d3ba chore(deps): update golang.org/x/telemetry digest to fcf36f6 (#7843)
Additional commits viewable in compare view

Updates github.com/cometbft/cometbft from 0.38.19 to 0.38.21

Release notes

Sourced from github.com/cometbft/cometbft's releases.

v0.38.21

What's Changed

chore(statesync): add max snapshot chunks configuration (v0.38.x) by @mattac21 in cometbft/cometbft#5548

test: add unit tests for TotalVotingPowerSafe (backport #5570) by @mergify[bot] in cometbft/cometbft#5581

Full Changelog: cometbft/cometbft@v0.38.20...v0.38.21

v0.38.20

What's Changed

Create NOTICE (backport #5495) by @mergify[bot] in cometbft/cometbft#5496

chore: add voting power validation (v0.38.x) by @technicallyty in cometbft/cometbft#5520

Full Changelog: cometbft/cometbft@v0.38.19...v0.38.20

Commits

c56d64e Merge commit from fork
01d5ea5 test: add unit tests for TotalVotingPowerSafe (backport #5570) (#5581)
bd517d2 test: remove unnecessary loop variable capture
7c43155 test: add coverage for TotalVotingPowerSafe
eeb4a59 fix test cases in validation
161f7ac fix tests
a4e41a1 fix linter errors
26dc17f Add ValidateBlock tests for median time
c36a8ed fix verbs
dcf7e3b add test and fix a test
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.45.0

Commits

4e0068c go.mod: update golang.org/x dependencies
e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
f91f7a7 ssh/agent: prevent panic on malformed constraint
2df4153 acme/autocert: let automatic renewal work with short lifetime certs
bcf6a84 acme: pass context to request
b4f2b62 ssh: fix error message on unsupported cipher
79ec3a5 ssh: allow to bind to a hostname in remote forwarding
122a78f go.mod: update golang.org/x dependencies
c0531f9 all: eliminate vet diagnostics
0997000 all: fix some comments
Additional commits viewable in compare view

Updates filippo.io/edwards25519 from 1.1.0 to 1.1.1

Commits

d1c650a extra: initialize receiver in MultiScalarMult
See full diff in compare view

Updates github.com/consensys/gnark-crypto from 0.18.0 to 0.18.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.18.1] - 2025-10-28

Docs

add CHANGELOG for 0.18.1

Perf

limit memory allocation during Vector deserialization (#759)

Commits

fb04e95 docs: add CHANGELOG for 0.18.1
0a4d04a perf: limit memory allocation during Vector deserialization (#759)
See full diff in compare view

Updates github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0

Release notes

Sourced from github.com/go-viper/mapstructure/v2's releases.

v2.4.0

What's Changed

refactor: replace interface{} with any by @sagikazarmark in go-viper/mapstructure#115

build(deps): bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in go-viper/mapstructure#114

Generic tests by @sagikazarmark in go-viper/mapstructure#118

Fix godoc reference link in README.md by @peczenyj in go-viper/mapstructure#107

feat: add StringToTimeLocationHookFunc to convert strings to *time.Location by @ErfanMomeniii in go-viper/mapstructure#117

feat: add back previous StringToSlice as a weak function by @sagikazarmark in go-viper/mapstructure#119

New Contributors

@ErfanMomeniii made their first contribution in go-viper/mapstructure#117

Full Changelog: go-viper/mapstructure@v2.3.0...v2.4.0

v2.3.0

What's Changed

build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in go-viper/mapstructure#46

build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @dependabot in go-viper/mapstructure#47

[enhancement] Add check for reflect.Value in ComposeDecodeHookFunc by @mahadzaryab1 in go-viper/mapstructure#52

build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in go-viper/mapstructure#51

build(deps): bump actions/checkout from 4.2.0 to 4.2.2 by @dependabot in go-viper/mapstructure#50

build(deps): bump actions/setup-go from 5.1.0 to 5.2.0 by @dependabot in go-viper/mapstructure#55

build(deps): bump actions/setup-go from 5.2.0 to 5.3.0 by @dependabot in go-viper/mapstructure#58

ci: add Go 1.24 to the test matrix by @sagikazarmark in go-viper/mapstructure#74

build(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.5.0 by @dependabot in go-viper/mapstructure#72

build(deps): bump golangci/golangci-lint-action from 6.5.0 to 6.5.1 by @dependabot in go-viper/mapstructure#76

build(deps): bump actions/setup-go from 5.3.0 to 5.4.0 by @dependabot in go-viper/mapstructure#78

feat: add decode hook for netip.Prefix by @tklauser in go-viper/mapstructure#85

Updates by @sagikazarmark in go-viper/mapstructure#86

build(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by @dependabot in go-viper/mapstructure#87

build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by @dependabot in go-viper/mapstructure#93

build(deps): bump github/codeql-action from 3.28.15 to 3.28.17 by @dependabot in go-viper/mapstructure#92

build(deps): bump github/codeql-action from 3.28.17 to 3.28.19 by @dependabot in go-viper/mapstructure#97

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot in go-viper/mapstructure#96

Update README.md by @peczenyj in go-viper/mapstructure#90

Add omitzero tag. by @Crystalix007 in go-viper/mapstructure#98

Use error structs instead of duplicated strings by @m1k1o in go-viper/mapstructure#102

build(deps): bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot in go-viper/mapstructure#101

feat: add common error interface by @sagikazarmark in go-viper/mapstructure#105

update linter by @sagikazarmark in go-viper/mapstructure#106

Feature allow unset pointer by @rostislaved in go-viper/mapstructure#80

New Contributors

@tklauser made their first contribution in go-viper/mapstructure#85

@peczenyj made their first contribution in go-viper/mapstructure#90

@Crystalix007 made their first contribution in go-viper/mapstructure#98

@rostislaved made their first contribution in go-viper/mapstructure#80

Full Changelog: go-viper/mapstructure@v2.2.1...v2.3.0

Commits

b9794a5 Merge pull request #119 from go-viper/string-to-weak-slice
17cdcb0 feat: add back previous StringToSlice as a weak function
3caca36 Merge pull request #117 from ErfanMomeniii/main
9a861bc Merge pull request #107 from peczenyj/patch-2
86ed5b5 refactor: update
ace5b4e chore: add interface any linter
1a4f1ae Merge pull request #118 from go-viper/generic-tests
a268909 fix: lint
17f1fd4 test: add more comments
b48c856 test: expand tests
Additional commits viewable in compare view

Updates github.com/hashicorp/go-getter from 1.7.8 to 1.7.9

Release notes

Sourced from github.com/hashicorp/go-getter's releases.

v1.7.9

What's Changed

Speed up XZ decompression by 5x with bufio wrapper by @vsarunas in hashicorp/go-getter#520

Fix CI Workflow by @mohanmanikanta2299 in hashicorp/go-getter#522

test: Remove use of "mitchellh/go-testing-interface" for stdlib by @jrasell in hashicorp/go-getter#523

fix: url redact of multiple sshkey by @dduzgun-security in hashicorp/go-getter#528

Publish arm binaries by @sethvargo in hashicorp/go-getter#525

fix errcheck lint errors and run it as part of pr checks by @abhijeetviswa in hashicorp/go-getter#530

fix additional lint errors and increase linter scope by @abhijeetviswa in hashicorp/go-getter#531

IND-3728 enabling dependabot by @KaushikiAnand in hashicorp/go-getter#529

fix: go-getter subdir paths by @dduzgun-security in hashicorp/go-getter#540

New Contributors

@vsarunas made their first contribution in hashicorp/go-getter#520

@jrasell made their first contribution in hashicorp/go-getter#523

@sethvargo made their first contribution in hashicorp/go-getter#525

@abhijeetviswa made their first contribution in hashicorp/go-getter#530

@KaushikiAnand made their first contribution in hashicorp/go-getter#529

Full Changelog: hashicorp/go-getter@v1.7.8...v1.7.9

Commits

e702211 Merge pull request #532 from hashicorp/dependabot/github_actions/actions-8948...
df0a14f [chore] : Bump the actions group with 8 updates
87541b2 fix: go-getter subdir paths (#540)
3713030 [Compliance] - PR Template Changes Required
af2dd3c Merge pull request #529 from hashicorp/dependabot-intge
bf52629 updating dependabot.yml
1f63e10 changelog added, updated dependabot.yaml
45af459 fix additional lint errors and increase linter scope
c8c6aba fix errcheck lint errors and run it as part of pr checks
9b76f98 copywrite header added
Additional commits viewable in compare view

Updates github.com/ulikunitz/xz from 0.5.11 to 0.5.14

Commits

7184815 Preparation of release v0.5.14
88ddf1d Address Security Issue GHSA-jc7w-c686-c4v9
c8314b8 Add new package xio with WriteCloserStack
4f11dce Update README.md and SECURITY.md to address security questions
f56ebbf TODO.md: fix a typo
See full diff in compare view<...
Description has been truncated

Bumps the go_modules group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/cometbft/cometbft](https://github.com/cometbft/cometbft) | `0.38.19` | `0.38.21` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.41.0` | `0.45.0` | | [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) | `1.1.0` | `1.1.1` | | [github.com/consensys/gnark-crypto](https://github.com/consensys/gnark-crypto) | `0.18.0` | `0.18.1` | | [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.2.1` | `2.4.0` | | [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) | `1.7.8` | `1.7.9` | | [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) | `0.5.11` | `0.5.14` | | [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.36.0` | `1.40.0` | Bumps the go_modules group with 8 updates in the /shardeumd directory: | Package | From | To | | --- | --- | --- | | [github.com/cometbft/cometbft](https://github.com/cometbft/cometbft) | `0.38.19` | `0.38.21` | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.41.0` | `0.45.0` | | [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) | `1.1.0` | `1.1.1` | | [github.com/consensys/gnark-crypto](https://github.com/consensys/gnark-crypto) | `0.18.0` | `0.18.1` | | [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.2.1` | `2.4.0` | | [github.com/hashicorp/go-getter](https://github.com/hashicorp/go-getter) | `1.7.8` | `1.7.9` | | [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz) | `0.5.11` | `0.5.14` | | [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.36.0` | `1.40.0` | Bumps the go_modules group with 6 updates in the /tests/systemtests directory: | Package | From | To | | --- | --- | --- | | [golang.org/x/crypto](https://github.com/golang/crypto) | `0.39.0` | `0.45.0` | | [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) | `1.1.0` | `1.1.1` | | [github.com/consensys/gnark-crypto](https://github.com/consensys/gnark-crypto) | `0.14.0` | `0.18.1` | | [github.com/dvsekhvalnov/jose2go](https://github.com/dvsekhvalnov/jose2go) | `1.6.0` | `1.7.0` | | [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.3.0` | `2.4.0` | | [github.com/ethereum/go-ethereum](https://github.com/ethereum/go-ethereum) | `1.15.5` | `1.17.0` | Updates `github.com/cometbft/cometbft` from 0.38.19 to 0.38.21 - [Release notes](https://github.com/cometbft/cometbft/releases) - [Changelog](https://github.com/cometbft/cometbft/blob/main/CHANGELOG.md) - [Commits](cometbft/cometbft@v0.38.19...v0.38.21) Updates `golang.org/x/crypto` from 0.41.0 to 0.45.0 - [Commits](golang/crypto@v0.41.0...v0.45.0) Updates `filippo.io/edwards25519` from 1.1.0 to 1.1.1 - [Commits](FiloSottile/edwards25519@v1.1.0...v1.1.1) Updates `github.com/consensys/gnark-crypto` from 0.18.0 to 0.18.1 - [Release notes](https://github.com/consensys/gnark-crypto/releases) - [Changelog](https://github.com/Consensys/gnark-crypto/blob/master/CHANGELOG.md) - [Commits](Consensys/gnark-crypto@v0.18.0...v0.18.1) Updates `github.com/go-viper/mapstructure/v2` from 2.2.1 to 2.4.0 - [Release notes](https://github.com/go-viper/mapstructure/releases) - [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md) - [Commits](go-viper/mapstructure@v2.2.1...v2.4.0) Updates `github.com/hashicorp/go-getter` from 1.7.8 to 1.7.9 - [Release notes](https://github.com/hashicorp/go-getter/releases) - [Commits](hashicorp/go-getter@v1.7.8...v1.7.9) Updates `github.com/ulikunitz/xz` from 0.5.11 to 0.5.14 - [Commits](ulikunitz/xz@v0.5.11...v0.5.14) Updates `go.opentelemetry.io/otel/sdk` from 1.36.0 to 1.40.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.36.0...v1.40.0) Updates `github.com/cometbft/cometbft` from 0.38.19 to 0.38.21 - [Release notes](https://github.com/cometbft/cometbft/releases) - [Changelog](https://github.com/cometbft/cometbft/blob/main/CHANGELOG.md) - [Commits](cometbft/cometbft@v0.38.19...v0.38.21) Updates `golang.org/x/crypto` from 0.41.0 to 0.45.0 - [Commits](golang/crypto@v0.41.0...v0.45.0) Updates `filippo.io/edwards25519` from 1.1.0 to 1.1.1 - [Commits](FiloSottile/edwards25519@v1.1.0...v1.1.1) Updates `github.com/consensys/gnark-crypto` from 0.18.0 to 0.18.1 - [Release notes](https://github.com/consensys/gnark-crypto/releases) - [Changelog](https://github.com/Consensys/gnark-crypto/blob/master/CHANGELOG.md) - [Commits](Consensys/gnark-crypto@v0.18.0...v0.18.1) Updates `github.com/go-viper/mapstructure/v2` from 2.2.1 to 2.4.0 - [Release notes](https://github.com/go-viper/mapstructure/releases) - [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md) - [Commits](go-viper/mapstructure@v2.2.1...v2.4.0) Updates `github.com/hashicorp/go-getter` from 1.7.8 to 1.7.9 - [Release notes](https://github.com/hashicorp/go-getter/releases) - [Commits](hashicorp/go-getter@v1.7.8...v1.7.9) Updates `github.com/ulikunitz/xz` from 0.5.11 to 0.5.14 - [Commits](ulikunitz/xz@v0.5.11...v0.5.14) Updates `go.opentelemetry.io/otel/sdk` from 1.36.0 to 1.40.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go@v1.36.0...v1.40.0) Updates `golang.org/x/crypto` from 0.39.0 to 0.45.0 - [Commits](golang/crypto@v0.41.0...v0.45.0) Updates `filippo.io/edwards25519` from 1.1.0 to 1.1.1 - [Commits](FiloSottile/edwards25519@v1.1.0...v1.1.1) Updates `github.com/consensys/gnark-crypto` from 0.14.0 to 0.18.1 - [Release notes](https://github.com/consensys/gnark-crypto/releases) - [Changelog](https://github.com/Consensys/gnark-crypto/blob/master/CHANGELOG.md) - [Commits](Consensys/gnark-crypto@v0.18.0...v0.18.1) Updates `github.com/dvsekhvalnov/jose2go` from 1.6.0 to 1.7.0 - [Commits](dvsekhvalnov/jose2go@v1.6.0...v1.7.0) Updates `github.com/go-viper/mapstructure/v2` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/go-viper/mapstructure/releases) - [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md) - [Commits](go-viper/mapstructure@v2.2.1...v2.4.0) Updates `github.com/ethereum/go-ethereum` from 1.15.5 to 1.17.0 - [Release notes](https://github.com/ethereum/go-ethereum/releases) - [Commits](ethereum/go-ethereum@v1.15.5...v1.17.0) --- updated-dependencies: - dependency-name: github.com/cometbft/cometbft dependency-version: 0.38.21 dependency-type: direct:production dependency-group: go_modules - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: direct:production dependency-group: go_modules - dependency-name: filippo.io/edwards25519 dependency-version: 1.1.1 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/consensys/gnark-crypto dependency-version: 0.18.1 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/go-viper/mapstructure/v2 dependency-version: 2.4.0 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/hashicorp/go-getter dependency-version: 1.7.9 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/ulikunitz/xz dependency-version: 0.5.14 dependency-type: indirect dependency-group: go_modules - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/cometbft/cometbft dependency-version: 0.38.21 dependency-type: direct:production dependency-group: go_modules - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: indirect dependency-group: go_modules - dependency-name: filippo.io/edwards25519 dependency-version: 1.1.1 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/consensys/gnark-crypto dependency-version: 0.18.1 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/go-viper/mapstructure/v2 dependency-version: 2.4.0 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/hashicorp/go-getter dependency-version: 1.7.9 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/ulikunitz/xz dependency-version: 0.5.14 dependency-type: indirect dependency-group: go_modules - dependency-name: go.opentelemetry.io/otel/sdk dependency-version: 1.40.0 dependency-type: indirect dependency-group: go_modules - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: indirect dependency-group: go_modules - dependency-name: filippo.io/edwards25519 dependency-version: 1.1.1 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/consensys/gnark-crypto dependency-version: 0.18.1 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/dvsekhvalnov/jose2go dependency-version: 1.7.0 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/go-viper/mapstructure/v2 dependency-version: 2.4.0 dependency-type: indirect dependency-group: go_modules - dependency-name: github.com/ethereum/go-ethereum dependency-version: 1.17.0 dependency-type: direct:production dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-03-19T02:20:09Z

Superseded by #113.

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 1, 2026

dependabot Bot mentioned this pull request Mar 1, 2026

Bump the go_modules group across 3 directories with 9 updates #109

Closed

dependabot Bot closed this Mar 19, 2026

dependabot Bot deleted the dependabot/go_modules/go_modules-0e1eaf6a17 branch March 19, 2026 02:20

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the go_modules group across 3 directories with 10 updates#112

Bump the go_modules group across 3 directories with 10 updates#112
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/go_modules/go_modules-0e1eaf6a17

dependabot Bot commented on behalf of github Mar 1, 2026

Uh oh!

dependabot Bot commented on behalf of github Mar 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Mar 1, 2026

v0.38.21

What's Changed

v0.38.20

What's Changed

v0.18.1

[v0.18.1] - 2025-10-28

Docs

Perf

v2.4.0

What's Changed

New Contributors

v2.3.0

What's Changed

New Contributors

v1.7.9

What's Changed

New Contributors

[1.40.0/0.62.0/0.16.0] 2026-02-02

Added

Changed

Fixed

Deprecated

[1.39.0/0.61.0/0.15.0/0.0.14] 2025-12-05

Added

v0.38.21

What's Changed

v0.38.20

What's Changed

v0.18.1

[v0.18.1] - 2025-10-28

Docs

Perf

v2.4.0

What's Changed

New Contributors

v2.3.0

What's Changed

New Contributors

v1.7.9

What's Changed

New Contributors

Uh oh!

dependabot Bot commented on behalf of github Mar 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants