Skip to content

chore(deps): update dependencies to address security vulnerabilities#1805

Open
pranav-new-relic wants to merge 2 commits intomainfrom
deps-upgrades-january-2026-v2
Open

chore(deps): update dependencies to address security vulnerabilities#1805
pranav-new-relic wants to merge 2 commits intomainfrom
deps-upgrades-january-2026-v2

Conversation

@pranav-new-relic
Copy link
Copy Markdown
Member

@pranav-new-relic pranav-new-relic commented Mar 13, 2026

Updates tools dependencies to address multiple Dependabot security alerts:

High Severity:

Key Updates:

  • google/go-containerregistry: v0.14.0 → v0.20.7
  • Docker packages: v24.0.9+ → v28.5.2+
  • containerd/stargz-snapshotter: v0.14.3 → v0.18.1
  • golang.org/x/tools: v0.38.0 → v0.39.0
  • golang.org/x/oauth2: v0.26.0 → v0.32.0
  • golang.org/x/sys: v0.38.0 → v0.39.0

This PR also addresses several medium and low severity alerts related to go-git, sigstore, cloudflare/circl, and go-viper/mapstructure transitive dependencies.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pranav-new-relic