Bump golang.org/x/crypto from 0.45.0 to 0.53.0 in /cpdaemon#224
Bump golang.org/x/crypto from 0.45.0 to 0.53.0 in /cpdaemon#224dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.45.0 to 0.53.0. - [Commits](golang/crypto@v0.45.0...v0.53.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
|
Closing in favour of a security-only Dependabot policy. We're removing the |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
Bumps golang.org/x/crypto from 0.45.0 to 0.53.0.
Commits
45460e0go.mod: update golang.org/x dependenciesd37c95epkcs12: limit PBKDF iteration count to prevent CPU exhaustione2ffffessh: reject incomplete gssapi-with-mic configurations60e158assh/test: isolate CLI tests from user SSH config and agent1b77d23ssh/knownhosts: reject lines with multiple or unknown markers3872a2bssh/knownhosts: verify declared key type matches decoded key9f72eccssh/knownhosts: treat only ASCII space and tab as whitespace8f405a4ssh: validate ECDSA curve matches expected algorithmbb41b3dssh: improve DH GEX group selection using PreferredBitse04e721ssh/agent: validate ed25519 private key length in AddDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)