Skip to content

Bump the dev-dependencies group across 1 directory with 4 updates #42

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump the dev-dependencies group across 1 directory with 4 updates #42

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 12, 2026
edited
Loading

Bumps the dev-dependencies group with 3 updates in the / directory: github.com/spf13/cobra, golang.org/x/crypto and gonum.org/v1/gonum.

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

  • chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

Updates golang.org/x/crypto from 0.43.0 to 0.46.0

Commits
  • 19acf81 go.mod: update golang.org/x dependencies
  • 3a1c6b4 x509roots/fallback: update bundle
  • f4602e4 ssh/agent: fix flaky test by ensuring a writeable home directory
  • 4e0068c go.mod: update golang.org/x dependencies
  • e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
  • f91f7a7 ssh/agent: prevent panic on malformed constraint
  • 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
  • bcf6a84 acme: pass context to request
  • b4f2b62 ssh: fix error message on unsupported cipher
  • 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
  • Additional commits viewable in compare view

Updates golang.org/x/term from 0.36.0 to 0.38.0

Commits

Updates gonum.org/v1/gonum from 0.16.0 to 0.17.0

Release notes

Sourced from gonum.org/v1/gonum's releases.

v0.17.0

Release v0.17.0 is a minor release in the v0.17 branch.

Bug fixes/improvements since v0.16.0:

fc402bc4 spatial: add Umeyama's algorithm for estimating point pattern transformation parameters 837a68db optimize: add configurable MinimumStepSize ac810a10 mathext: optimize Li2 and add benchmarks 8da34cf6 optimize/functions: add sphere function a9119bd3 distuv: add non-central t distribution 27d16a49 spatial/r2: increase box scale test tolerance 9c251ca0 mathext: add dilogarithm function Li2 509ffe02 mathext: add Hypergeo for computing the Gaussian Hypergeometric function 98271d5d graph/network: add Dinic maximum flow function 672aa59e stat: implement Wasserstein distance calculation 4408afac stat: add an example to compute a confidence interval 43738f81 graph/network: add diameter example for Eccentricity 6b50a894 graph/network: add eccentricity measurement e62ddf59 lapack/testlapack: fix random source use

Commits
  • fc402bc spatial: add Umeyama's algorithm for estimating point pattern transformation ...
  • 93a8c05 A+C: add Mohamed Ali Bouhaouala
  • 837a68d optimize: add configurable MinimumStepSize
  • ac810a1 mathext: optimize Li2 and add benchmarks
  • 9a4c13c A+C: add Nathan Rooy
  • 8da34cf optimize/functions: add sphere function
  • a9119bd distuv: add non-central t distribution
  • 27d16a4 spatial/r2: increase box scale test tolerance
  • ba05c15 all: use go tool directive
  • 9c251ca mathext: add dilogarithm function Li2
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dev-dependencies group across 1 directory with 4 updates
59c32bb 
Bumps the dev-dependencies group with 3 updates in the / directory: [github.com/spf13/cobra](https://github.com/spf13/cobra), [golang.org/x/crypto](https://github.com/golang/crypto) and [gonum.org/v1/gonum](https://github.com/gonum/gonum).


Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.10.1...v1.10.2)

Updates `golang.org/x/crypto` from 0.43.0 to 0.46.0
- [Commits](golang/crypto@v0.43.0...v0.46.0)

Updates `golang.org/x/term` from 0.36.0 to 0.38.0
- [Commits](golang/term@v0.36.0...v0.38.0)

Updates `gonum.org/v1/gonum` from 0.16.0 to 0.17.0
- [Release notes](https://github.com/gonum/gonum/releases)
- [Commits](gonum/gonum@v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-dependencies
- dependency-name: golang.org/x/crypto
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: golang.org/x/term
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
- dependency-name: gonum.org/v1/gonum
  dependency-version: 0.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jan 12, 2026
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 17, 2026

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot bot closed this Jan 17, 2026
@dependabot dependabot bot deleted the dependabot/go_modules/main/dev-dependencies-56f8f4c592 branch January 17, 2026 03:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant