Bump github.com/fsouza/fake-gcs-server from 1.52.2 to 1.52.3 #2789
Conversation
Kusari Analysis Results:
Both dependency and code security analyses independently confirm this Pull Request is safe to merge. The fake-gcs-server update (v1.52.2 → v1.52.3) is a clean minor patch with zero vulnerabilities and excellent maintenance scores. The newly added Google Pub/Sub SDK is an official Google package with no security issues. Code analysis found zero vulnerabilities, no exposed secrets, and successful govulncheck results. This is a standard Dependabot dependency update with only go.mod and go.sum modifications as expected. All packages have risk scores of 0 with no security advisories. The only recommendation is a non-blocking future update to Pub/Sub v2.2.0 for latest features. Note View full detailed analysis result for more information on the output and the checks that were run.
Found this helpful? Give it a 👍 or 👎 reaction! |
74c4e36 to
bcac053
Compare
Bumps [github.com/fsouza/fake-gcs-server](https://github.com/fsouza/fake-gcs-server) from 1.52.2 to 1.52.3. - [Release notes](https://github.com/fsouza/fake-gcs-server/releases) - [Commits](fsouza/fake-gcs-server@v1.52.2...v1.52.3) --- updated-dependencies: - dependency-name: github.com/fsouza/fake-gcs-server dependency-version: 1.52.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
bcac053 to
7bc7086
Compare
Bumps github.com/fsouza/fake-gcs-server from 1.52.2 to 1.52.3.
Release notes
Sourced from github.com/fsouza/fake-gcs-server's releases.
... (truncated)
Commits
e796ab6Add support for NetBSD (#1989)ec544caGo 1.25.0 is out, drop 1.23 (#2006)80425acEnable HTTP/2 (#2004)a950942chore: bump v1 Pub/Sub Go client library to v2 (#2005)a524edbbuild(deps): bump@google-cloud/storagein /examples/node (#2002)05e53e8build(deps): bump golang from 1.24 to 1.25 (#2001)b2ae5e6build(deps): bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0 (#2000)1ca024fbuild(deps): bump actions/cache from 4.2.3 to 4.2.4 (#1995)003be97build(deps): bump docker/login-action from 3.4.0 to 3.5.0 (#1993)f2c4ad9build(deps): bump docker/metadata-action from 5.7.0 to 5.8.0 (#1992)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)