Skip to content

Bump the all-go-deps group across 1 directory with 4 updates#96

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-go-deps-95ddaaaac3
Open

Bump the all-go-deps group across 1 directory with 4 updates#96
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-go-deps-95ddaaaac3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 16, 2026

Bumps the all-go-deps group with 3 updates in the / directory: filippo.io/torchwood, github.com/go-git/go-git/v5 and golang.org/x/mod.

Updates filippo.io/torchwood from 0.8.0 to 0.9.0

Changelog

Sourced from filippo.io/torchwood's changelog.

v0.9.0

torchwood

  • Added FormatProof, FormatProofWithExtraData and ProofExtraData to format c2sp.org/tlog-proof@v1 inclusion proofs ("spicy signatures").

  • Added Policy interface and VerifyProof/VerifyCheckpoint to verify proofs and checkpoints against a configurable (co)signature policy.

  • Added ParsePolicy to parse policies from a format based on the Sigsum textual policies, but using vkeys instead of raw public keys.

tesserax

  • New package with a TileReader adapter for tessera.LogReader.

litebastion

  • -listen-http now accepts host:port in addition to a bare port number.

  • ACME now works correctly when using -listen-http.

  • Added -tls-cert and -tls-key flags to use a provided TLS certificate instead of ACME. -testcert was removed.

  • The backends file is now allowed to be empty.

  • Added -obscurity flag to disable the /logz endpoint.

litewitness

  • Added -obscurity flag to disable the / and /logz endpoints.

witnessctl

  • add-key now rejects duplicate keys.

  • list-logs no longer shows duplicate keys and bastions.

age-keyserver

Commits
  • d6aedf0 cmd/{litebastion,litewitness}: add -obscurity flag
  • ce6e210 internal/witness: reject requests with more than 63 proof lines
  • 5133cde internal/witness: return 404 for unknown logs
  • 4e5b182 cmd/litewitness: fix TestScript/bastionlocalhost
  • 5fbf6b2 NEWS: add recent changes for v0.9.0
  • bc819ad cmd/litebastion: add TLS cert/key flags (#52)
  • 64481ef cmd/witnessctl: improve warning for logs with no keys
  • 12ebc84 witnessctl: reject duplicate keys in add-key
  • f2f6262 bastion: fix ACME when using HandleBackendConnection
  • d9bdbe9 cmd/litebastion: support custom host for HTTP listener
  • Additional commits viewable in compare view

Updates github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.5

What's Changed

Full Changelog: go-git/go-git@v5.16.4...v5.16.5

Commits
  • 48a1ae0 Merge pull request #1836 from go-git/check-v5
  • 42bdf1f storage: filesystem, Verify idx matches pack file
  • 4146a56 plumbing: format/idxfile, Verify idxfile's checksum
  • 63d78ec plumbing: format/packfile, Add new ErrMalformedPackFile
  • 25f1624 Merge pull request #1800 from Ch00k/no-delete-untracked-v5
  • 600fb13 git: worktree, Don't delete local untracked files when resetting worktree
  • 390a569 Merge pull request #1746 from pjbgf/bump-go
  • 61c8b85 build: Bump Go test versions to 1.23-1.25 (v5)
  • e5a05ec Merge pull request #1744 from go-git/renovate/releases/v5.x-go-golang.org-x-c...
  • 1495930 plumbing: Remove use of non-constant format strings
  • Additional commits viewable in compare view

Updates github.com/transparency-dev/formats from 0.0.0-20251017110053-404c0d5b696c to 0.0.0-20251208091212-1378f9e1b1b7

Commits

Updates golang.org/x/mod from 0.31.0 to 0.33.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-go-deps group across 1 directory with 4 updates
63357e0 
Bumps the all-go-deps group with 3 updates in the / directory: [filippo.io/torchwood](https://github.com/FiloSottile/torchwood), [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) and [golang.org/x/mod](https://github.com/golang/mod).


Updates `filippo.io/torchwood` from 0.8.0 to 0.9.0
- [Changelog](https://github.com/FiloSottile/torchwood/blob/main/NEWS.md)
- [Commits](FiloSottile/torchwood@v0.8.0...v0.9.0)

Updates `github.com/go-git/go-git/v5` from 5.16.4 to 5.16.5
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](go-git/go-git@v5.16.4...v5.16.5)

Updates `github.com/transparency-dev/formats` from 0.0.0-20251017110053-404c0d5b696c to 0.0.0-20251208091212-1378f9e1b1b7
- [Release notes](https://github.com/transparency-dev/formats/releases)
- [Commits](https://github.com/transparency-dev/formats/commits)

Updates `golang.org/x/mod` from 0.31.0 to 0.33.0
- [Commits](golang/mod@v0.31.0...v0.33.0)

---
updated-dependencies:
- dependency-name: filippo.io/torchwood
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.16.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-go-deps
- dependency-name: github.com/transparency-dev/formats
  dependency-version: 0.0.0-20251208091212-1378f9e1b1b7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-go-deps
- dependency-name: golang.org/x/mod
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-go-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Feb 16, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants