Skip to content

Bump the go-modules group across 1 directory with 2 updates#118

Merged
mgoetzegb merged 1 commit intomain-gbfrom
dependabot/go_modules/go-modules-18f1124527
Jan 2, 2026
Merged

Bump the go-modules group across 1 directory with 2 updates#118
mgoetzegb merged 1 commit intomain-gbfrom
dependabot/go_modules/go-modules-18f1124527

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Dec 29, 2025

Bumps the go-modules group with 2 updates in the / directory: github.com/BurntSushi/toml and github.com/cloudflare/circl.

Updates github.com/BurntSushi/toml from 1.5.0 to 1.6.0

Release notes

Sourced from github.com/BurntSushi/toml's releases.

v1.6.0

TOML 1.1 is now enabled by default. The TOML changelog has an overview of changes: https://github.com/toml-lang/toml/blob/main/CHANGELOG.md

Also two small fixes:

  • Encode large floats as exponent syntax so that round-tripping things like 5e+22 is correct.

  • Using duplicate array keys would not give an error:

    arr = [1]
arr = [2]

    This will now correctly give a "Key 'arr' has already been defined" error.

Commits
  • 5253492 Enable TOML 1.1 by default (#457)
  • e954445 Reject duplicate arrays (#455)
  • 6b16cbd Update toml-test test cases from upstream (#456)
  • 011fa2b Ensure constant format strings in wf calls
  • 4b439bf Remove itemNil
  • a473c12 Add test for out of range float64
  • b535ff8 Add some boring tests for lex.go
  • 6011ef0 Remove unreachable condition in lexTableNameStart
  • c8ca9e6 Remove unreachable condition
  • 1121f81 Make tomlv read from stdin
  • Additional commits viewable in compare view

Updates github.com/cloudflare/circl from 1.6.1 to 1.6.2

Release notes

Sourced from github.com/cloudflare/circl's releases.

CIRCL v1.6.2

  • New SLH-DSA, improvements in ML-DSA for arm64.
  • Tested compilation on WASM.

What's Changed

New Contributors

Full Changelog: cloudflare/circl@v1.6.1...v1.6.2

Commits
  • a763d47 Release CIRCL v1.6.2
  • 3c70bf9 Bump x/crypto x/sys dependencies.
  • 3f0f15b Revert to using package-declared HPKE errors for shortkem instead of standard...
  • 23491bd Adding generic Power2Round method.
  • 5da4a63 Including WASM compilation.
  • da1faa4 Bump CI & Go version to 1.25
  • e3ce0e6 Simplifying golancilint configuration.
  • 0007d24 Excluding unsafe calls for SHA3 code.
  • 5e814e6 Check err on fmt.Fprintf.
  • 84611b2 Checking error on close.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the go-modules group across 1 directory with 2 updates
7a83f94 
Bumps the go-modules group with 2 updates in the / directory: [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml) and [github.com/cloudflare/circl](https://github.com/cloudflare/circl).


Updates `github.com/BurntSushi/toml` from 1.5.0 to 1.6.0
- [Release notes](https://github.com/BurntSushi/toml/releases)
- [Commits](BurntSushi/toml@v1.5.0...v1.6.0)

Updates `github.com/cloudflare/circl` from 1.6.1 to 1.6.2
- [Release notes](https://github.com/cloudflare/circl/releases)
- [Commits](cloudflare/circl@v1.6.1...v1.6.2)

---
updated-dependencies:
- dependency-name: github.com/BurntSushi/toml
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-modules
- dependency-name: github.com/cloudflare/circl
  dependency-version: 1.6.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: go-modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 29, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 29, 2025 04:07
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Dec 29, 2025
@greenbonebot
Copy link
Member

greenbonebot commented Dec 29, 2025

Scanning the following files:

go.mod
go.sum

Scan: 'go.mod'

Nothing detected in go.mod
Scan took 0.00 seconds

Scan: 'go.sum'

Nothing detected in go.sum
Scan took 0.00 seconds

@github-actions
Copy link

github-actions bot commented Dec 29, 2025

Conventional Commits Report

😢 No conventional commits found.

👉 Learn more about the conventional commits usage at Greenbone.

@github-actions
Copy link

github-actions bot commented Dec 29, 2025

Modver result

This report was generated by Modver,
a Go package and command that helps you obey semantic versioning rules in your Go module.

This PR does not require a change in your module’s version number.
(You might still consider bumping the patchlevel anyway.)

@mgoetzegb mgoetzegb merged commit 1a87179 into main-gb Jan 2, 2026
6 of 7 checks passed
@mgoetzegb mgoetzegb deleted the dependabot/go_modules/go-modules-18f1124527 branch January 2, 2026 09:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mgoetzegb mgoetzegb mgoetzegb approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@greenbonebot @mgoetzegb