Skip to content

chore(deps): bump the go-minor-patch group with 6 updates#4567

Merged
spiffcs merged 1 commit intomainfrom
dependabot/go_modules/go-minor-patch-24dfbff4ae
Jan 23, 2026
Merged

chore(deps): bump the go-minor-patch group with 6 updates#4567
spiffcs merged 1 commit intomainfrom
dependabot/go_modules/go-minor-patch-24dfbff4ae

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 23, 2026

Bumps the go-minor-patch group with 6 updates:

Package From To
github.com/github/go-spdx/v2 2.3.5 2.3.6
github.com/go-viper/mapstructure/v2 2.4.0 2.5.0
golang.org/x/mod 0.31.0 0.32.0
golang.org/x/net 0.48.0 0.49.0
modernc.org/sqlite 1.43.0 1.44.1
golang.org/x/tools 0.40.0 0.41.0

Updates github.com/github/go-spdx/v2 from 2.3.5 to 2.3.6

Release notes

Sourced from github.com/github/go-spdx/v2's releases.

Release v2.3.6

What's Changed

  • Bug fix for redundant + operator being added in licenses ending in -or-later
  • Updated dependencies

Full Changelog: github/go-spdx@v2.3.5...v2.3.6

Commits
  • f3197ff Merge pull request #128 from github/ashelytc/release
  • b476559 Update go.mod for Go version and retraction
  • eb6586b prepare for 2.3.6 release
  • f6a8388 Merge pull request #125 from github/ashelytc/extract-licenses
  • 096f026 add one more test
  • 3ea735f fix condition for concatenating =
  • See full diff in compare view

Updates github.com/go-viper/mapstructure/v2 from 2.4.0 to 2.5.0

Release notes

Sourced from github.com/go-viper/mapstructure/v2's releases.

v2.5.0

What's Changed

New Contributors

Full Changelog: go-viper/mapstructure@v2.4.0...v2.5.0

Commits
  • 9aa3f77 Merge pull request #166 from go-viper/unmarshal2
  • ae32a61 doc: add more documentation
  • 320c8c9 test: cover unmarshaler to map
  • 5b22829 feat: add unmarshaler interface
  • fd74c75 Merge pull request #137 from andreev-fn/opt-root-name
  • dee4661 Merge pull request #59 from DarkiT/main
  • 5605df4 chore: cover more test cases, fix edge cases, add docs
  • 6166631 fix(mapstructure): add multi-tag support and regression tests
  • 6471aa6 Merge pull request #149 from thespags/main
  • dbffaaa chore: add more tests and clarification to the documentation
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.31.0 to 0.32.0

Commits

Updates golang.org/x/net from 0.48.0 to 0.49.0

Commits
  • d977772 go.mod: update golang.org/x dependencies
  • eea413e internal/http3: use go1.25 synctest.Test instead of go1.24 synctest.Run
  • 9ace223 websocket: add missing call to resp.Body.Close
  • 7d3dbb0 http2: buffer the most recently received PRIORITY_UPDATE frame
  • See full diff in compare view

Updates modernc.org/sqlite from 1.43.0 to 1.44.1

Commits

Updates golang.org/x/tools from 0.40.0 to 0.41.0

Commits
  • 2ad2b30 go.mod: update golang.org/x dependencies
  • 5832cce internal/diff/lcs: introduce line diffs
  • 67c4257 gopls/internal/golang: Definition: fix Windows bug wrt //go:embed
  • 12c1f04 gopls/completion: check Selection invariant
  • 6d87185 internal/server: add vulncheck scanning after vulncheck prompt
  • 0c3a1fe go/ast/inspector: FindByPos returns the first innermost node
  • ca281cf go/analysis/passes/ctrlflow: add noreturn funcs from popular pkgs
  • 09c21a9 gopls/internal/analysis/unusedfunc: remove warnings for unused enum consts
  • 03cb455 internal/modindex: suppress missing modcacheindex message
  • 15d13e8 gopls/internal/util/typesutil: refine EnclosingSignature bug.Report
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the go-minor-patch group with 6 updates
8e0e7b1 
Bumps the go-minor-patch group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/github/go-spdx/v2](https://github.com/github/go-spdx) | `2.3.5` | `2.3.6` |
| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.4.0` | `2.5.0` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.31.0` | `0.32.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.48.0` | `0.49.0` |
| [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `1.43.0` | `1.44.1` |
| [golang.org/x/tools](https://github.com/golang/tools) | `0.40.0` | `0.41.0` |


Updates `github.com/github/go-spdx/v2` from 2.3.5 to 2.3.6
- [Release notes](https://github.com/github/go-spdx/releases)
- [Commits](github/go-spdx@v2.3.5...v2.3.6)

Updates `github.com/go-viper/mapstructure/v2` from 2.4.0 to 2.5.0
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](go-viper/mapstructure@v2.4.0...v2.5.0)

Updates `golang.org/x/mod` from 0.31.0 to 0.32.0
- [Commits](golang/mod@v0.31.0...v0.32.0)

Updates `golang.org/x/net` from 0.48.0 to 0.49.0
- [Commits](golang/net@v0.48.0...v0.49.0)

Updates `modernc.org/sqlite` from 1.43.0 to 1.44.1
- [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.43.0...v1.44.1)

Updates `golang.org/x/tools` from 0.40.0 to 0.41.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.40.0...v0.41.0)

---
updated-dependencies:
- dependency-name: github.com/github/go-spdx/v2
  dependency-version: 2.3.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor-patch
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/mod
  dependency-version: 0.32.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/net
  dependency-version: 0.49.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: modernc.org/sqlite
  dependency-version: 1.44.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/tools
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Involves changes to go.mod go.sum label Jan 23, 2026
@spiffcs spiffcs merged commit c0e0058 into main Jan 23, 2026
10 checks passed
@spiffcs spiffcs deleted the dependabot/go_modules/go-minor-patch-24dfbff4ae branch January 23, 2026 15:37
spiffcs added a commit that referenced this pull request Jan 23, 2026
@spiffcs
Merge branch 'main' of github.com:anchore/syft into 4184-pt2-oci-mode…
e121d3a 
…l-support

* 'main' of github.com:anchore/syft:
  chore(deps): bump the actions-minor-patch group across 2 directories with 3 updates (#4568)
  chore(deps): bump the go-minor-patch group with 6 updates (#4567)
  chore(deps): update tools to latest versions (#4565)
  chore(deps): bump github.com/spdx/tools-golang (#4557)
  ci: enable zizmor to fail PRs (#4556)
  Chore new slack action (#4553)
  chore(deps): update anchore dependencies (#4552)
  chore(deps): update tools to latest versions (#4551)
  chore(deps): update tools to latest versions (#4545)
  chore(deps): update tools to latest versions (#4542)
  chore(deps): bump the go-minor-patch group with 4 updates (#4543)
  chore(deps): bump anchore/sbom-action (#4544)
spiffcs added a commit to patrickpichler/syft that referenced this pull request Jan 30, 2026
@spiffcs
Merge branch 'main' into report-java-archive-metadata
169ded1 
* main: (114 commits)
  fix: lookup alternate scheme on url->licenseID (anchore#4588)
  chore(deps): bump the go-minor-patch group with 2 updates (anchore#4583)
  feat: add Qt6 binary detection (anchore#4550)
  chore(deps): bump the actions-minor-patch group across 1 directory with 2 updates (anchore#4584)
  fix: snap cataloger incorrectly identifies snap container as deb package (anchore#4500)
  chore(deps): update tools to latest versions (anchore#4577)
  fix: update mixed case dependencies in python to be normalized (anchore#4573)
  chore(deps): update anchore dependencies (anchore#4575)
  chore(deps): update tools to latest versions (anchore#4570)
  feat: detect Debian version from /etc/debian_version (anchore#4569)
  fix: correctly report supporting evidence for binary packages (anchore#4558)
  chore(deps): bump the actions-minor-patch group across 2 directories with 3 updates (anchore#4568)
  chore(deps): bump the go-minor-patch group with 6 updates (anchore#4567)
  chore(deps): update tools to latest versions (anchore#4565)
  chore(deps): bump github.com/spdx/tools-golang (anchore#4557)
  ci: enable zizmor to fail PRs (anchore#4556)
  Chore new slack action (anchore#4553)
  chore(deps): update anchore dependencies (anchore#4552)
  chore(deps): update tools to latest versions (anchore#4551)
  chore(deps): update tools to latest versions (anchore#4545)
  ...

Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Involves changes to go.mod go.sum

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@spiffcs