Skip to content

chore(deps): bump the go-deps group with 2 updates#10

Merged
kanywst merged 1 commit into
mainfrom
dependabot/go_modules/go-deps-5904e77be2
Jun 29, 2026
Merged

chore(deps): bump the go-deps group with 2 updates#10
kanywst merged 1 commit into
mainfrom
dependabot/go_modules/go-deps-5904e77be2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-deps group with 2 updates: github.com/mark3labs/mcp-go and github.com/open-policy-agent/opa.

Updates github.com/mark3labs/mcp-go from 0.55.0 to 0.55.1

Commits

Updates github.com/open-policy-agent/opa from 1.17.1 to 1.18.0

Release notes

Sourced from github.com/open-policy-agent/opa's releases.

v1.18.0

This release contains a mix of bugfixes and small features. Notably:

  • A breaking fix to the outbound User-Agent header so it conforms to RFC 9110 (see below)
  • Container-aware resource limits: automatic GOMAXPROCS is restored and automatic GOMEMLIMIT is now supported
  • Several opa fmt correctness fixes
  • Improvements to opa test --coverage (ranges in report, inline rule head tracking, conjunction-expression coverage)

Breaking: Fix User-Agent according to RFC9110 (#8792)

OPA's outbound HTTP requests (bundle, discovery, decision log, status, http.send, AWS KMS/ECR) previously sent User-Agent: Open Policy Agent/<version> (<os>, <arch>), which is not a valid RFC 9110 User-Agent value because the product token cannot contain spaces. The header is now Open-Policy-Agent/<version> (<os>, <arch>). Server-side log filters or WAF rules that exact-match the old string will need to be updated.

Authored by @​sspaink, reported by @​SpecLad

Runtime, SDK, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

... (truncated)

Changelog

Sourced from github.com/open-policy-agent/opa's changelog.

1.18.0

This release contains a mix of bugfixes and small features. Notably:

  • A breaking fix to the outbound User-Agent header so it conforms to RFC 9110 (see below)
  • Container-aware resource limits: automatic GOMAXPROCS is restored and automatic GOMEMLIMIT is now supported
  • Several opa fmt correctness fixes
  • Improvements to opa test --coverage (ranges in report, inline rule head tracking, conjunction-expression coverage)

Breaking: Fix User-Agent according to RFC9110 (#8792)

OPA's outbound HTTP requests (bundle, discovery, decision log, status, http.send, AWS KMS/ECR) previously sent User-Agent: Open Policy Agent/<version> (<os>, <arch>), which is not a valid RFC 9110 User-Agent value because the product token cannot contain spaces. The header is now Open-Policy-Agent/<version> (<os>, <arch>). Server-side log filters or WAF rules that exact-match the old string will need to be updated.

Authored by @​sspaink, reported by @​SpecLad

Runtime, SDK, Tooling

Compiler, Topdown and Rego

Docs, Website, Ecosystem

... (truncated)

Commits
  • cc2c5c6 Prepare v1.18 release (#8820)
  • e72a98f format: keep lone with on the closing-bracket line of multi-line expression...
  • 03646dd topdown: Fix PE not namespacing vars in comprehensions nested inside every ...
  • bf2bb52 benchmarks: split off script, emit markdown table
  • 02ce276 version: fix ill-formed User-Agent header (#8796)
  • 1fdbb77 build(deps): bump the dependencies group across 2 directories with 6 updates
  • 954196a cover: Add support for coverage of conjunction exprs (#8809)
  • dec8333 deduplicate change-detection output in pr CI checks (#8808)
  • 09679ab benchmarks: use details+summary comments for benchlab results (#8811)
  • 57742e8 build(deps): bump webpack-dev-server from 5.2.4 to 5.2.5 in /docs (#8807)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-deps group with 2 updates: [github.com/mark3labs/mcp-go](https://github.com/mark3labs/mcp-go) and [github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa).


Updates `github.com/mark3labs/mcp-go` from 0.55.0 to 0.55.1
- [Release notes](https://github.com/mark3labs/mcp-go/releases)
- [Commits](mark3labs/mcp-go@v0.55.0...v0.55.1)

Updates `github.com/open-policy-agent/opa` from 1.17.1 to 1.18.0
- [Release notes](https://github.com/open-policy-agent/opa/releases)
- [Changelog](https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md)
- [Commits](open-policy-agent/opa@v1.17.1...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/mark3labs/mcp-go
  dependency-version: 0.55.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-deps
- dependency-name: github.com/open-policy-agent/opa
  dependency-version: 1.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jun 29, 2026
@kanywst kanywst merged commit 9467880 into main Jun 29, 2026
5 checks passed
@kanywst kanywst deleted the dependabot/go_modules/go-deps-5904e77be2 branch June 29, 2026 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant