Skip to content

Bump the all group across 1 directory with 2 updates#15

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/all-eda22a1624
Open

Bump the all group across 1 directory with 2 updates#15
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/all-eda22a1624

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the all group with 2 updates in the / directory: github.com/coreos/go-oidc/v3 and github.com/jedib0t/go-pretty/v6.

Updates github.com/coreos/go-oidc/v3 from 3.18.0 to 3.19.0

Release notes

Sourced from github.com/coreos/go-oidc/v3's releases.

v3.19.0

What's Changed

New Contributors

Full Changelog: coreos/go-oidc@v3.18.0...v3.19.0

Commits
  • 4204f0b oidc: add support for validating back-channel logout tokens
  • f77e01c fix: Key refresh should set no-cache to get most up to date keys
  • See full diff in compare view

Updates github.com/jedib0t/go-pretty/v6 from 6.8.0 to 6.8.1

Release notes

Sourced from github.com/jedib0t/go-pretty/v6's releases.

v6.8.1

What's Changed

A hardening pass across the table, list, progress, and text packages, fixing security issues, crash/race bugs, and performance problems in the render hot paths, with benchmarks added to back the optimizations.

Security

  • table/list (HTML): escape the title, caption, and CSS class names in RenderHTML() to prevent HTML/attribute injection.
  • table (CSV): make RenderCSV() output RFC 4180 compliant, and add an opt-in Style().CSV.FieldProtection option that neutralizes spreadsheet formula-injection fields (=, +, -, @, tab, CR).
  • text: sanitize hyperlink URLs and bound the escape-sequence parser buffer so adversarial input can't grow it without limit.

Correctness

  • progress: fix a render panic on tiny tracker lengths, data races on tracker/indicator state, and a leaked time.Ticker in the terminal-size watcher.
  • table: guard auto-index rendering against empty maxColumnLengths.
  • text: prevent a panic in VAlign.Apply on negative maxLines.

Performance

  • table: compile regex filters once per render; pre-size render builders.
  • list: hoist repeated width math out of the render loops.
  • text: speed up Align.Apply and StringWidthWithoutEscSequences.
  • progress: build PacManChomp frames with a strings.Builder.

Tooling

  • Moved root-level benchmarks into their packages and wired up make bench; added benchmarks for the table/text/list/progress render hot paths and tests covering the retained-done-tracker render paths.

Full Changelog: jedib0t/go-pretty@v6.8.0...v6.8.1

Commits

@dependabot dependabot Bot added the kind/dependency Kind: Dependency label Jun 22, 2026
Bumps the all group with 2 updates in the / directory: [github.com/coreos/go-oidc/v3](https://github.com/coreos/go-oidc) and [github.com/jedib0t/go-pretty/v6](https://github.com/jedib0t/go-pretty).


Updates `github.com/coreos/go-oidc/v3` from 3.18.0 to 3.19.0
- [Release notes](https://github.com/coreos/go-oidc/releases)
- [Commits](coreos/go-oidc@v3.18.0...v3.19.0)

Updates `github.com/jedib0t/go-pretty/v6` from 6.8.0 to 6.8.1
- [Release notes](https://github.com/jedib0t/go-pretty/releases)
- [Commits](jedib0t/go-pretty@v6.8.0...v6.8.1)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-oidc/v3
  dependency-version: 3.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/jedib0t/go-pretty/v6
  dependency-version: 6.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/all-eda22a1624 branch from 5c1bb9c to 8efda31 Compare June 29, 2026 10:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

kind/dependency Kind: Dependency

Development

Successfully merging this pull request may close these issues.

0 participants