Skip to content

Dependency bumps: golang.org/x/crypto v0.50.0 -> v0.54.0 and github.com/go-git/go-git /v5 v5.19.0 -> v5.19.1#162

Merged
gerrytan merged 2 commits into
mainfrom
chore/202060717-dependency-bump
Jul 16, 2026
Merged

Dependency bumps: golang.org/x/crypto v0.50.0 -> v0.54.0 and github.com/go-git/go-git /v5 v5.19.0 -> v5.19.1#162
gerrytan merged 2 commits into
mainfrom
chore/202060717-dependency-bump

Conversation

@gerrytan

@gerrytan gerrytan commented Jul 16, 2026

Copy link
Copy Markdown
Member

Dependency bump:

  1. golang.org/x/crypto v0.50.0 -> v0.54.0
  2. github.com/go-git/go-git /v5 v5.19.0 -> v5.19.1

Both are indirect deps, the direct hasn't fixed it yet :(

go mod why -m for both:

# golang.org/x/crypto
github.com/Azure/aztfmigrate
github.com/mitchellh/cli
github.com/Masterminds/sprig/v3
golang.org/x/crypto/bcrypt

# github.com/go-git/go-git/v5
github.com/Azure/aztfmigrate/tf
github.com/hashicorp/hc-install
github.com/hashicorp/hc-install.test
github.com/hashicorp/hc-install/build
github.com/go-git/go-git/v5

Testing

  1. Verified all bumps are minor semver ✅
  2. make test passes ✅
  3. Compile the binary locally and smoke test with aztfmigrate --help

@azure-pipelines

Copy link
Copy Markdown
Azure Pipelines:
Some pipeline(s) encountered errors during trigger evaluation.

@gerrytan
gerrytan marked this pull request as ready for review July 16, 2026 23:47
@gerrytan
gerrytan requested a review from magodo July 16, 2026 23:50
@gerrytan
gerrytan merged commit ec34f7e into main Jul 16, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants