fix(deps): update module golang.org/x/crypto to v0.45.0 [security] - autoclosed by renovate[bot] · Pull Request #5561 · SAP/jenkins-library

renovate · 2025-11-20T05:35:33Z

This PR contains the following updates:

Package	Change	Age	Confidence
golang.org/x/crypto	`v0.40.0` → `v0.45.0`

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate · 2025-11-20T05:35:34Z

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

6 additional dependencies were updated

Details:

Package	Change
`golang.org/x/mod`	`v0.22.0` -> `v0.29.0`
`golang.org/x/text`	`v0.24.0` -> `v0.31.0`
`golang.org/x/net`	`v0.39.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.14.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.32.0` -> `v0.38.0`
`golang.org/x/term`	`v0.31.0` -> `v0.37.0`

github-actions · 2025-11-20T05:35:41Z

/it-go

renovate · 2025-12-15T16:51:15Z

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

6 additional dependencies were updated

Details:

Package	Change
`golang.org/x/mod`	`v0.25.0` -> `v0.29.0`
`golang.org/x/text`	`v0.27.0` -> `v0.31.0`
`golang.org/x/net`	`v0.41.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.16.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.34.0` -> `v0.38.0`
`golang.org/x/term`	`v0.33.0` -> `v0.37.0`

github-actions · 2025-12-15T16:51:24Z

/it-go

sonarqubecloud · 2025-12-15T16:53:07Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

github-actions · 2026-02-02T18:43:16Z

/it-go

github-actions · 2026-02-06T09:18:37Z

/it-go

github-actions · 2026-02-12T12:42:52Z

/it-go

github-actions · 2026-02-24T19:55:44Z

/it-go

github-actions · 2026-02-27T12:37:21Z

/it-go

github-actions · 2026-03-05T20:53:16Z

/it-go

github-actions · 2026-03-13T16:19:53Z

/it-go

github-actions · 2026-03-16T14:50:06Z

/it-go

github-actions · 2026-03-16T14:50:14Z

/it-go

github-actions · 2026-03-16T14:50:29Z

/it-go

sonarqubecloud · 2026-03-16T14:51:56Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

renovate Bot added the dependencies Pull requests that update a dependency file label Nov 20, 2025

renovate Bot requested a review from a team as a code owner November 20, 2025 05:35

renovate Bot added the dependencies Pull requests that update a dependency file label Nov 20, 2025

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from 6e2a212 to d59b6ad Compare December 15, 2025 16:51

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from d59b6ad to f1b7051 Compare February 2, 2026 18:43

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from f1b7051 to 4d66d7b Compare February 6, 2026 09:18

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from 4d66d7b to 79d6890 Compare February 12, 2026 12:42

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from 79d6890 to 4aa7106 Compare February 24, 2026 19:55

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from 4aa7106 to b7f699d Compare February 27, 2026 12:37

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from b7f699d to f616755 Compare March 5, 2026 20:53

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from f616755 to b9c34fb Compare March 13, 2026 16:19

renovate Bot changed the title ~~fix(deps): update module golang.org/x/crypto to v0.45.0 [security]~~ fix(deps): update module golang.org/x/crypto to v0.45.0 [security] - autoclosed Mar 16, 2026

renovate Bot closed this Mar 16, 2026

renovate Bot deleted the renovate/go-golang.org-x-crypto-vulnerability branch March 16, 2026 13:11

fix(deps): update module golang.org/x/crypto to v0.45.0 [security]

cc9623e

renovate Bot changed the title ~~fix(deps): update module golang.org/x/crypto to v0.45.0 [security] - autoclosed~~ fix(deps): update module golang.org/x/crypto to v0.45.0 [security] Mar 16, 2026

renovate Bot reopened this Mar 16, 2026

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from cc9623e to b9c34fb Compare March 16, 2026 14:49

renovate Bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch from b9c34fb to cc9623e Compare March 16, 2026 14:49

renovate Bot changed the title ~~fix(deps): update module golang.org/x/crypto to v0.45.0 [security]~~ fix(deps): update module golang.org/x/crypto to v0.45.0 [security] - autoclosed Mar 25, 2026

renovate Bot closed this Mar 25, 2026

Conversation

renovate Bot commented Nov 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

CVE-2025-58181

CVE-2025-47914

Configuration

Uh oh!

renovate Bot commented Nov 20, 2025

ℹ Artifact update notice

File name: go.mod

Uh oh!

github-actions Bot commented Nov 20, 2025

Uh oh!

renovate Bot commented Dec 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

ℹ️ Artifact update notice

File name: go.mod

Uh oh!

github-actions Bot commented Dec 15, 2025

Uh oh!

sonarqubecloud Bot commented Dec 15, 2025

Quality Gate passed

Uh oh!

github-actions Bot commented Feb 2, 2026

Uh oh!

github-actions Bot commented Feb 6, 2026

Uh oh!

github-actions Bot commented Feb 12, 2026

Uh oh!

github-actions Bot commented Feb 24, 2026

Uh oh!

github-actions Bot commented Feb 27, 2026

Uh oh!

github-actions Bot commented Mar 5, 2026

Uh oh!

github-actions Bot commented Mar 13, 2026

Uh oh!

github-actions Bot commented Mar 16, 2026

Uh oh!

github-actions Bot commented Mar 16, 2026

Uh oh!

github-actions Bot commented Mar 16, 2026

Uh oh!

sonarqubecloud Bot commented Mar 16, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate Bot commented Nov 20, 2025 •

edited

Loading

renovate Bot commented Dec 15, 2025 •

edited

Loading