Bump the dependabot group across 1 directory with 4 updates by dependabot[bot] · Pull Request #200 · calypr/git-drs

dependabot · 2026-02-09T20:20:03Z

Bumps the dependabot group with 4 updates in the / directory: github.com/go-git/go-git/v5, github.com/golang-jwt/jwt/v5, github.com/aws/aws-sdk-go-v2/service/s3 and golang.org/x/oauth2.

Updates github.com/go-git/go-git/v5 from 5.12.0 to 5.16.5

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.5

What's Changed

build: Update module golang.org/x/crypto to v0.45.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1744

build: Bump Go test versions to 1.23-1.25 (v5) by @pjbgf in go-git/go-git#1746

[v5] git: worktree, Don't delete local untracked files when resetting worktree by @Ch00k in go-git/go-git#1800

Expand packfile checks by @pjbgf in go-git/go-git#1836

Full Changelog: go-git/go-git@v5.16.4...v5.16.5

v5.16.4

What's Changed

backport plumbing: format/idxfile, prevent panic by @swills in go-git/go-git#1732

[backport] build: test, Fix build on Windows. by @pjbgf in go-git/go-git#1734

build: Update module golang.org/x/net to v0.38.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1742

build: Update module github.com/cloudflare/circl to v1.6.1 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1741

build: Update module github.com/go-git/go-git/v5 to v5.13.0 [SECURITY] (releases/v5.x) by @go-git-renovate[bot] in go-git/go-git#1743

Full Changelog: go-git/go-git@v5.16.3...v5.16.4

v5.16.3

What's Changed

internal: Expand regex to fix build [5.x] by @baloo in go-git/go-git#1644

build: raise timeouts for windows CI tests and disable CIFuzz [5.x] by @baloo in go-git/go-git#1646

plumbing: support commits extra headers, support jujutsu signed commit [5.x] by @baloo in go-git/go-git#1633

Full Changelog: go-git/go-git@v5.16.2...v5.16.3

v5.16.2

What's Changed

utils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by @kane8n in go-git/go-git#1567

Full Changelog: go-git/go-git@v5.16.1...v5.16.2

v5.16.1

What's Changed

utils: merkletrie, Fix diff on sparse-checkout index. Fixes #1406 to releases/v5.x by @kane8n in go-git/go-git#1561

New Contributors

@kane8n made their first contribution in go-git/go-git#1561

Full Changelog: go-git/go-git@v5.16.0...v5.16.1

v5.16.0

What's Changed

[v5] plumbing: support mTLS for HTTPS protocol by @hiddeco in go-git/go-git#1510

v5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix #1514 by @pjbgf in go-git/go-git#1515

... (truncated)

Commits

48a1ae0 Merge pull request #1836 from go-git/check-v5
42bdf1f storage: filesystem, Verify idx matches pack file
4146a56 plumbing: format/idxfile, Verify idxfile's checksum
63d78ec plumbing: format/packfile, Add new ErrMalformedPackFile
25f1624 Merge pull request #1800 from Ch00k/no-delete-untracked-v5
600fb13 git: worktree, Don't delete local untracked files when resetting worktree
390a569 Merge pull request #1746 from pjbgf/bump-go
61c8b85 build: Bump Go test versions to 1.23-1.25 (v5)
e5a05ec Merge pull request #1744 from go-git/renovate/releases/v5.x-go-golang.org-x-c...
1495930 plumbing: Remove use of non-constant format strings
Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.3.0 to 5.3.1

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.1

What's Changed

🔐 Features

Add spellcheck Github action to catch common spelling mistakes by @equalsgibson in golang-jwt/jwt#458

Add WithNotBeforeRequired parser option and add test coverage by @equalsgibson in golang-jwt/jwt#456

Update godoc example func to properly refer to NewWithClaims() by @equalsgibson in golang-jwt/jwt#459

Update github workflows by @mfridman in golang-jwt/jwt#462

Additional test for CustomClaims that validates unmarshalling behaviour by @equalsgibson in golang-jwt/jwt#457

Fix early file close in jwt cli by @mfridman in golang-jwt/jwt#472

Add TPM signature reference by @salrashid123 in golang-jwt/jwt#473

Remove misleading ParserOptions documentation in golang-jwt/jwt#484

Save signature to Token struct after successful signing by @EgorSheff in golang-jwt/jwt#417

Set token.Signature in ParseUnverified by @slickwilli in golang-jwt/jwt#414

👒 Dependencies

Bump crate-ci/typos from 1.34.0 to 1.35.3 by @dependabot[bot] in golang-jwt/jwt#461

Bump crate-ci/typos from 1.35.4 to 1.36.2 by @dependabot[bot] in golang-jwt/jwt#470

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in golang-jwt/jwt#478

Bump crate-ci/typos from 1.36.2 to 1.39.0 by @dependabot[bot] in golang-jwt/jwt#480

Bump golangci/golangci-lint-action from 8 to 9 by @dependabot[bot] in golang-jwt/jwt#481

Bump actions/setup-go from 5 to 6 by @dependabot[bot] in golang-jwt/jwt#469

Bump crate-ci/typos from 1.39.0 to 1.40.0 by @dependabot[bot] in golang-jwt/jwt#488

Bump actions/checkout from 5 to 6 by @dependabot[bot] in golang-jwt/jwt#487

Bump crate-ci/typos from 1.40.0 to 1.41.0 by @dependabot[bot] in golang-jwt/jwt#490

Bump crate-ci/typos from 1.41.0 to 1.42.1 by @dependabot[bot] in golang-jwt/jwt#492

New Contributors

@equalsgibson made their first contribution in golang-jwt/jwt#458

@salrashid123 made their first contribution in golang-jwt/jwt#473

@EgorSheff made their first contribution in golang-jwt/jwt#417

@slickwilli made their first contribution in golang-jwt/jwt#414

Full Changelog: golang-jwt/jwt@v5.3.0...v5.3.1

Commits

7ceae61 Add release.yml for changelog configuration
dce8e4d Set token.Signature in ParseUnverified (#414)
8889e20 Save signature to Token struct after successful signing (#417)
d237f82 ci: update github-actions schedule interval to monthly
d8dce95 Bump crate-ci/typos from 1.41.0 to 1.42.1 (#492)
e931803 Bump crate-ci/typos from 1.40.0 to 1.41.0 (#490)
e6a0afa Bump actions/checkout from 5 to 6 (#487)
9f85c9e Bump crate-ci/typos from 1.39.0 to 1.40.0 (#488)
60a8669 Bump actions/setup-go from 5 to 6 (#469)
76f5828 Remove misleading ParserOptions documentation (#484)
Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.95.1 to 1.96.0

Commits

bdb98c5 Release 2026-01-28
c878d57 Regenerated Clients
4f5d503 Update API model
b7bf952 Feat release s3 transfer manager v2 (#3293)
0baa1dc Release 2026-01-27
11eae4b Regenerated Clients
297caa5 Update endpoints model
43d96e4 Update API model
de58dc6 Release 2026-01-26
dba39e6 Regenerated Clients
Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.34.0 to 0.35.0

Commits

89ff2e1 google: add safer credentials JSON loading options.
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependabot group with 4 updates in the / directory: [github.com/go-git/go-git/v5](https://github.com/go-git/go-git), [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt), [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) and [golang.org/x/oauth2](https://github.com/golang/oauth2). Updates `github.com/go-git/go-git/v5` from 5.12.0 to 5.16.5 - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.12.0...v5.16.5) Updates `github.com/golang-jwt/jwt/v5` from 5.3.0 to 5.3.1 - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Commits](golang-jwt/jwt@v5.3.0...v5.3.1) Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.95.1 to 1.96.0 - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json) - [Commits](aws/aws-sdk-go-v2@service/s3/v1.95.1...service/s3/v1.96.0) Updates `golang.org/x/oauth2` from 0.34.0 to 0.35.0 - [Commits](golang/oauth2@v0.34.0...v0.35.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-version: 5.16.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot - dependency-name: github.com/golang-jwt/jwt/v5 dependency-version: 5.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot - dependency-name: github.com/aws/aws-sdk-go-v2/service/s3 dependency-version: 1.96.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot - dependency-name: golang.org/x/oauth2 dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Feb 9, 2026

dependabot bot force-pushed the dependabot/go_modules/main/dependabot-6f9ad8b8e3 branch 2 times, most recently from dfbb9fd to 9cb656b Compare February 11, 2026 01:02

dependabot bot force-pushed the dependabot/go_modules/main/dependabot-6f9ad8b8e3 branch from 9cb656b to a91f38e Compare February 12, 2026 16:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependabot group across 1 directory with 4 updates#200

Bump the dependabot group across 1 directory with 4 updates#200
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/main/dependabot-6f9ad8b8e3

dependabot bot commented on behalf of github Feb 9, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Feb 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.16.5

What's Changed

v5.16.4

What's Changed

v5.16.3

What's Changed

v5.16.2

What's Changed

v5.16.1

What's Changed

New Contributors

v5.16.0

What's Changed

v5.3.1

What's Changed

🔐 Features

👒 Dependencies

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot bot commented on behalf of github Feb 9, 2026 •

edited

Loading