Skip to content

build(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 in /src in the go_modules group across 1 directory#490

Merged
cjlapao merged 3 commits into
mainfrom
dependabot/go_modules/src/go_modules-0e2407e740
Jun 12, 2026
Merged

build(deps): bump github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1 in /src in the go_modules group across 1 directory#490
cjlapao merged 3 commits into
mainfrom
dependabot/go_modules/src/go_modules-0e2407e740

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Copy link
Copy Markdown
Contributor

Bumps the go_modules group with 1 update in the /src directory: github.com/go-git/go-git/v5.

Updates github.com/go-git/go-git/v5 from 5.19.0 to 5.19.1

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.19.1

What's Changed

Full Changelog: go-git/go-git@v5.19.0...v5.19.1

Commits
  • 3c3be60 Merge pull request #2137 from go-git/validate-v5
  • 3fba897 plumbing: format/packfile, cap delta chain depth in parser
  • a97d660 Merge pull request #2125 from hiddeco/v5/format-input-bounds
  • aeaa125 plumbing: format/objfile, require Header before Read
  • 1f38e17 plumbing: format/packfile, bound inflate size
  • f7545a0 plumbing: format/idxfile, bound nr by file size
  • 170b881 Merge pull request #2116 from pjbgf/symlink-v5
  • 7b6d994 Merge pull request #2117 from hiddeco/v5/worktree-fs-mkdirall-root-noop
  • f0709b3 git: Stop validating symlink target paths
  • 776d00f git: Allow MkdirAll on worktree-root paths
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump github.com/go-git/go-git/v5
ba407cd 
Bumps the go_modules group with 1 update in the /src directory: [github.com/go-git/go-git/v5](https://github.com/go-git/go-git).


Updates `github.com/go-git/go-git/v5` from 5.19.0 to 5.19.1
- [Release notes](https://github.com/go-git/go-git/releases)
- [Changelog](https://github.com/go-git/go-git/blob/main/HISTORY.md)
- [Commits](go-git/go-git@v5.19.0...v5.19.1)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.19.1
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 19, 2026
@cjlapao cjlapao added community triage Selected for triage labels May 19, 2026
@cjlapao cjlapao added this to the 1.0.0 milestone May 19, 2026
@gitguardian

gitguardian Bot commented Jun 11, 2026
edited
Loading

Copy link
Copy Markdown

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request
GitGuardian id GitGuardian status Secret Commit Filename
21900200 Triggered Generic Password 041a3cf docs/_data/tutorial_devops-cli-quickstart.yml View secret
🛠 Guidelines to remediate hardcoded secrets
  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

@cjlapao

cjlapao commented Jun 12, 2026

Copy link
Copy Markdown
Collaborator

⚠️ GitGuardian has uncovered 1 secret following the scan of your pull request.

Please consider investigating the findings and remediating the incidents. Failure to do so may lead to compromising the associated services or software components.

🔎 Detected hardcoded secret in your pull request

GitGuardian id GitGuardian status Secret Commit Filename
21900200 Triggered Generic Password 041a3cf docs/_data/tutorial_devops-cli-quickstart.yml View secret
🛠 Guidelines to remediate hardcoded secrets

  1. Understand the implications of revoking this secret by investigating where it is used in your code.
  2. Replace and store your secret safely. Learn here the best practices.
  3. Revoke and rotate this secret.
  4. If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.

To avoid such incidents in the future consider

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

This is a generic password in a documentation file, just noise

@cjlapao cjlapao merged commit 338f436 into main Jun 12, 2026
14 of 15 checks passed
@cjlapao cjlapao deleted the dependabot/go_modules/src/go_modules-0e2407e740 branch June 12, 2026 07:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cjlapao cjlapao Awaiting requested review from cjlapao cjlapao is a code owner
@alevlasu alevlasu Awaiting requested review from alevlasu alevlasu is a code owner
@bineesh-n bineesh-n Awaiting requested review from bineesh-n bineesh-n is a code owner
@sai-kumar-peddireddy sai-kumar-peddireddy Awaiting requested review from sai-kumar-peddireddy sai-kumar-peddireddy is a code owner

Assignees

No one assigned

Labels

community dependencies Pull requests that update a dependency file go Pull requests that update Go code triage Selected for triage

Projects

None yet

Milestone

1.0.0

Development

Successfully merging this pull request may close these issues.

1 participant

@cjlapao