Skip to content

[🐸 Frogbot] Update dependencies#84

Merged
SaharBracha merged 1 commit into
mainfrom
frogbot-golang.org/x/sys-34b50beb0a7cfb768aacab910ae17310
Jun 11, 2026
Merged

[🐸 Frogbot] Update dependencies#84
SaharBracha merged 1 commit into
mainfrom
frogbot-golang.org/x/sys-34b50beb0a7cfb768aacab910ae17310

Conversation

@github-actions

@github-actions github-actions Bot commented May 23, 2026

Copy link
Copy Markdown
Contributor

🚨 This automated pull request was created by Frogbot and fixes the below:

📦 Vulnerable Dependencies

Severity ID Contextual Analysis Direct Dependencies Impacted Dependency Fixed Versions
unknown
Unknown		 CVE-2026-39824 Not Covered github.com/go-git/go-git/v5:v5.18.0
github.com/jfrog/build-info-go:v1.13.1-0.20260429070557-93b98034d295
github.com/jfrog/jfrog-cli-core/v2:v2.60.1-0.20260504054219-ba16d20c7b0f
github.com/jfrog/jfrog-client-go:v1.55.1-0.20251223101502-1a13a993b0c7
golang.org/x/crypto:v0.45.0
golang.org/x/net:v0.47.0
golang.org/x/sys:v0.38.0		 golang.org/x/sys v0.38.0 [0.44.0]

🔖 Details

Vulnerability Details
Contextual Analysis: Not Covered
Direct Dependencies: github.com/go-git/go-git/v5:v5.18.0, github.com/jfrog/build-info-go:v1.13.1-0.20260429070557-93b98034d295, github.com/jfrog/jfrog-cli-core/v2:v2.60.1-0.20260504054219-ba16d20c7b0f, github.com/jfrog/jfrog-client-go:v1.55.1-0.20251223101502-1a13a993b0c7, golang.org/x/crypto:v0.45.0, golang.org/x/net:v0.47.0, golang.org/x/sys:v0.38.0
Impacted Dependency: golang.org/x/sys:v0.38.0
Fixed Versions: [0.44.0]
CVSS V3: -

Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

@SaharBracha SaharBracha force-pushed the frogbot-golang.org/x/sys-34b50beb0a7cfb768aacab910ae17310 branch from f852245 to ee850c2 Compare June 11, 2026 09:34
@github-actions

github-actions Bot commented Jun 11, 2026
edited
Loading

Copy link
Copy Markdown
Contributor Author

Test Results

52 tests  ±0   51 ✅ ±0   6m 32s ⏱️ + 1m 33s
 2 suites ±0    1 💤 ±0 
 1 files   ±0    0 ❌ ±0 

Results for commit 7e3daab. ± Comparison against base commit 4de652a.

♻️ This comment has been updated with latest results.

@SaharBracha SaharBracha reopened this Jun 11, 2026
@SaharBracha SaharBracha force-pushed the frogbot-golang.org/x/sys-34b50beb0a7cfb768aacab910ae17310 branch from ee850c2 to 7e3daab Compare June 11, 2026 09:44
@github-actions

github-actions Bot commented Jun 11, 2026

Copy link
Copy Markdown
Contributor Author


Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

I have read the CLA Document and I hereby sign the CLA

Sahar Bracha seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You can retrigger this bot by commenting recheck in this Pull Request. Posted by the CLA Assistant Lite bot.

@SaharBracha SaharBracha changed the title [🐸 Frogbot] Update version of golang.org/x/sys to 0.44.0 [🐸 Frogbot] Update dependencies Jun 11, 2026
@SaharBracha SaharBracha merged commit 2ce9356 into main Jun 11, 2026
6 of 8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SaharBracha