chore(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 in /services/apps/git_integration/src/crowdgit/services/vulnerability_scanner#3937
Conversation
Bumps [github.com/cloudflare/circl](https://github.com/cloudflare/circl) from 1.6.1 to 1.6.3. - [Release notes](https://github.com/cloudflare/circl/releases) - [Commits](cloudflare/circl@v1.6.1...v1.6.3) --- updated-dependencies: - dependency-name: github.com/cloudflare/circl dependency-version: 1.6.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
|
|
|
Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability. Example:
Projects:
Please add a Jira issue key to your PR title. |
2 similar comments
|
Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability. Example:
Projects:
Please add a Jira issue key to your PR title. |
|
Your PR title doesn't contain a Jira issue key. Consider adding it for better traceability. Example:
Projects:
Please add a Jira issue key to your PR title. |
1 participant
Bumps github.com/cloudflare/circl from 1.6.1 to 1.6.3.
Release notes
Sourced from github.com/cloudflare/circl's releases.
Commits
24ae53cRelease CIRCL v1.6.3581020bRename method to oddMultiplesProjective.12209a4Removing unused cmov for jacobian points.fcba359ecc/p384: use of complete projective formulas for scalar multiplication.5e1bae8ecc/p384: handle point doubling in point addition with Jacobian coordinates.3416046Check opts for nil value.a763d47Release CIRCL v1.6.23c70bf9Bump x/crypto x/sys dependencies.3f0f15bRevert to using package-declared HPKE errors for shortkem instead of standard...23491bdAdding generic Power2Round method.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.
Note
Low Risk
Low risk dependency-only change; primary impact is updated cryptography library code paths via
github.com/cloudflare/circland refreshed module metadata.Overview
Updates the
vulnerability-scannerGo module dependencies by bumpinggithub.com/cloudflare/circlfromv1.6.1tov1.6.3(with correspondinggo.sumupdates).Also promotes
github.com/ossf/osv-schema/bindings/gofrom an indirect dependency to a directrequire, reflecting its explicit use in the module.Written by Cursor Bugbot for commit 1a7c34f. This will update automatically on new commits. Configure here.