Skip to content

build(deps): Bump the go-dependencies group across 1 directory with 2 updates#11

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-dependencies-c40dbcb055
Open

build(deps): Bump the go-dependencies group across 1 directory with 2 updates#11
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-dependencies-c40dbcb055

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-dependencies group with 2 updates in the / directory: golang.org/x/sync and golang.org/x/sys.

Updates golang.org/x/sync from 0.21.0 to 0.22.0

Commits

Updates golang.org/x/sys from 0.46.0 to 0.47.0

Commits
  • 9e7e939 cpu: handle vendor suffixes in parseRelease
  • f6fb8a1 unix: use epoll_pwait rather than epoll_wait
  • f3eeabf windows: avoid length overflow in NewNTString
  • 3cb6647 unix: update glibc to 2.43
  • c507910 windows: document safe usage of TrusteeValue
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 8, 2026
Copilot AI review requested due to automatic review settings July 8, 2026 20:14

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot can't review bot-authored pull requests automatically. A user with Copilot access can request a review manually.

@socket-security

socket-security Bot commented Jul 8, 2026

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedgolang.org/​x/​sys@​v0.46.0 ⏵ v0.47.084100100100100
Updatedgolang.org/​x/​sync@​v0.21.0 ⏵ v0.22.099 +1100100100100

View full report

… updates

Bumps the go-dependencies group with 2 updates in the / directory: [golang.org/x/sync](https://github.com/golang/sync) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sync` from 0.21.0 to 0.22.0
- [Commits](golang/sync@v0.21.0...v0.22.0)

Updates `golang.org/x/sys` from 0.46.0 to 0.47.0
- [Commits](golang/sys@v0.46.0...v0.47.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): Bump the go-dependencies group with 2 updates build(deps): Bump the go-dependencies group across 1 directory with 2 updates Jul 15, 2026
@dependabot
dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-c40dbcb055 branch from f1fb87b to d81ab52 Compare July 15, 2026 20:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant