Skip to content

chore: update dependencies#652

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/dependencies
Open

chore: update dependencies#652
renovate[bot] wants to merge 1 commit intomainfrom
renovate/dependencies

Conversation

@renovate
Copy link

@renovate renovate bot commented Nov 3, 2025

Update Request | Renovate Bot

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/stale action digest 9971854b5d41d4
github.com/ProtonMail/gopenpgp/v2 require major v2.9.0v3.3.0 age adoption passing confidence
github.com/cenkalti/backoff/v4 require major v4.3.0v5.0.3 age adoption passing confidence
github.com/grpc-ecosystem/grpc-gateway/v2 require minor v2.27.8v2.28.0 age adoption passing confidence
github.com/planetscale/vtprotobuf require digest 0393e58ba97887
google.golang.org/grpc require minor v1.78.0v1.79.1 age adoption passing confidence

Release Notes

ProtonMail/gopenpgp (github.com/ProtonMail/gopenpgp/v2)

v3.3.0

Compare Source

What's Changed
Added
  • MaxDecompressedSize option to control the maximum size of decompressed messages.
Changed
  • Update go-crypto to v1.3.0.

Full Changelog: ProtonMail/gopenpgp@v3.2.1...v3.3.0

v3.2.1

Compare Source

What's Changed

Fixed
  • Avoid double compression in signcryption with a session key by @​lubux in #​337

Full Changelog: ProtonMail/gopenpgp@v3.2.0...v3.2.1

v3.2.0

Compare Source

What's Changed
Added
Changed
  • Bumped minimum supported Go version to 1.22.0.
  • Update go-crypto fork to v1.2.0.
  • Remove pkgs/errors dependency.

Full Changelog: ProtonMail/gopenpgp@v3.1.3...v3.2.0

v3.1.3

Compare Source

What's Changed
Changed
  • Update go-crypto fork to v1.1.6

Full Changelog: ProtonMail/gopenpgp@v3.1.2...v3.1.3

v3.1.2

Compare Source

What's Changed
Changed
  • Update go-crypto fork to v1.1.5

Full Changelog: ProtonMail/gopenpgp@v3.1.1...v3.1.2

v3.1.1

Compare Source

What's Changed
Changed
  • Update go-crypto fork to v1.1.4

Full Changelog: ProtonMail/gopenpgp@v3.1.0...v3.1.1

v3.1.0

Compare Source

What's Changed
Added
Changed
  • Adapt to go-crypto cleartext API changes by @​lubux in #​310
  • Rename profile.Custom.AllowWeakRSA to profile.Custom.InsecureAllowWeakRSA
  • Update go-crypto fork to v1.1.3

Full Changelog: ProtonMail/gopenpgp@v3.0.0...v3.1.0

v3.0.0

Compare Source

What's Changed
New simplified and unified API

GopenPGP v3 introduces a new unified API for high level OpenPGP operations. In comparison to GopenPGP v2, where similar functions were dispersed across different types and required varying implementations for the same operations, GopenPGP v3 consolidates these functions into a consistent interface. Now, operations such as Sign, Verify, Encrypt, Decrypt, and Key generation are each accessible through a unified, builder like API, simplifying integration and enhancing code readability across cryptographic workflows.

However, applications migrating from v2 to v3 will need to update their API calls, as the changes are not backward-compatible. This means that all previous API calls must be rewritten to align with the new, unified API structure. GopenPGP v3 supports the migration process by offering extensive documentation and practical examples. We recommend upgrading to v3 for the latest features and improvements, but we'll continue to support GopenPGP v2 for the time being. Our support includes ongoing bug fixes and minor feature updates to ensure stability and functionality for existing users.

For usage examples of the new API, see the README. For the full documentation, see https://pkg.go.dev/github.com/ProtonMail/gopenpgp/v3.

Profiles

GopenPGP v3 introduces the concept of profiles, enabling applications to configure OpenPGP algorithm selection based on their specific needs. For most applications, the provided preset profiles offer robust and secure defaults, eliminating the need for additional configuration.

RFC 9580 and Interoperability

GopenPGP v3 adds full support for the latest OpenPGP specification, RFC 9580. Compliance with the specification has also been significantly enhanced, as confirmed by the results in the OpenPGP interoperability test suite. These enhancements in GopenPGP v3 are possible by leveraging a new API in the go-crypto fork, which enables a range of improvements in functionality, compliance, and performance.

Go Mobile Support

GopenPGP v3 aims to be fully compatible with Gomobile to provide an API for mobile platforms. For this reason, the library defaults to a builder-like pattern, which is less commonly used in Go. All code that is only relevant for mobile platforms has been moved to the mobile module.

Extending Functionality

GopenPGP v3 introduces a streaming interface across all APIs, enabling memory efficient processing of large data.
Additionally, it extends the library's functionality with various improvements, such as:

  • Consider all signatures in a message during verification and allow inspection of each.
  • Support signing with multiple keys.
  • Support encrypting to an "anonymous recipient", where the recipient KeyID is represented as all zeros in the message.
  • Add support for the intended recipient feature as specified in RFC 9580.
  • Ensure consistent behaviour across all APIs.
  • Support generating v6 keys as specified in RFC 9580.

Full Changelog: ProtonMail/gopenpgp@v2.7.5...v3.0.0.

Changelog since v3.0.0-beta.0: ProtonMail/gopenpgp@v3.0.0-beta.0...v3.0.0.

cenkalti/backoff (github.com/cenkalti/backoff/v4)

v5.0.3

Compare Source

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source

grpc-ecosystem/grpc-gateway (github.com/grpc-ecosystem/grpc-gateway/v2)

v2.28.0

Compare Source

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.8...v2.28.0

grpc/grpc-go (google.golang.org/grpc)

v1.79.1: Release 1.79.1

Compare Source

Bug Fixes

  • grpc: Remove the -dev suffix from the User-Agent header. (#​8902)

v1.79.0: Release 1.79.0

Compare Source

API Changes

  • mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (#​8806)
  • experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (#​8780)

Behavior Changes

  • balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (#​8841)

New Features

  • experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (#​8780)
  • pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.
    • This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (#​8864)
  • xds: Implement :authority rewriting, as specified in gRFC A81. (#​8779)
  • balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (#​8650)
  • server: Include status detail headers, if available, when terminating a stream during request header processing. (#​8754)

Bug Fixes

  • credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (#​8726)
  • xds/priority: Fix a bug causing delayed failover to lower-priority clusters when a higher-priority cluster is stuck in CONNECTING state. (#​8813)
  • health: Fix a bug where health checks failed for clients using legacy compression options (WithDecompressor or RPCDecompressor). (#​8765)
  • transport: Fix an issue where the HTTP/2 server could skip header size checks when terminating a stream early. (#​8769)

Performance Improvements

  • credentials/alts: Optimize read buffer alignment to reduce copies. (#​8791)
  • mem: Optimize pooling and creation of buffer objects. (#​8784)
  • transport: Reduce slice re-allocations by reserving slice capacity. (#​8797)

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@github-project-automation github-project-automation bot moved this to To Do in Planning Nov 3, 2025
@talos-bot talos-bot moved this from To Do to In Review in Planning Nov 3, 2025
@smira smira removed this from Planning Nov 3, 2025
@renovate renovate bot force-pushed the renovate/dependencies branch 3 times, most recently from 02df47f to 13c03d4 Compare November 9, 2025 07:58
@renovate renovate bot force-pushed the renovate/dependencies branch 2 times, most recently from 49e0312 to 2202d47 Compare November 19, 2025 19:08
@renovate
Copy link
Author

renovate bot commented Nov 19, 2025

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 6 additional dependencies were updated

Details:

Package Change
golang.org/x/crypto v0.40.0 -> v0.43.0
golang.org/x/net v0.42.0 -> v0.46.1-0.20251013234738-63d1a5100f82
golang.org/x/sys v0.34.0 -> v0.37.0
golang.org/x/text v0.29.0 -> v0.30.0
google.golang.org/genproto/googleapis/api v0.0.0-20250929231259-57b25ae835d4 -> v0.0.0-20251022142026-3a174f9686a8
google.golang.org/genproto/googleapis/rpc v0.0.0-20250929231259-57b25ae835d4 -> v0.0.0-20251022142026-3a174f9686a8

@renovate renovate bot force-pushed the renovate/dependencies branch from 2202d47 to c2b98fd Compare November 20, 2025 02:36
@renovate renovate bot force-pushed the renovate/dependencies branch 3 times, most recently from 9f0fe66 to bf1bc06 Compare December 8, 2025 19:51
@renovate renovate bot force-pushed the renovate/dependencies branch from bf1bc06 to da3b205 Compare December 13, 2025 11:25
@renovate renovate bot force-pushed the renovate/dependencies branch 2 times, most recently from b3182e7 to 63f748f Compare December 27, 2025 08:04
@renovate renovate bot force-pushed the renovate/dependencies branch 2 times, most recently from 04cb542 to 0e0ebdf Compare January 22, 2026 08:15
@renovate renovate bot force-pushed the renovate/dependencies branch 2 times, most recently from 5ef4eb9 to 25d7262 Compare January 30, 2026 03:35
@renovate renovate bot force-pushed the renovate/dependencies branch 5 times, most recently from d178bac to 7406bc1 Compare February 12, 2026 10:28
@renovate renovate bot force-pushed the renovate/dependencies branch from 7406bc1 to cc24e46 Compare February 14, 2026 02:56
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot force-pushed the renovate/dependencies branch from cc24e46 to dedbb76 Compare February 18, 2026 23:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants

Comments