deps: bump golang.org/x/crypto from 0.51.0 to 0.54.0#82
Conversation
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.51.0 to 0.54.0. - [Commits](golang/crypto@v0.51.0...v0.54.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.54.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 42b197ce09
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| golang.org/x/net v0.54.0 | ||
| golang.org/x/sys v0.44.0 | ||
| golang.org/x/term v0.43.0 | ||
| golang.org/x/crypto v0.54.0 |
There was a problem hiding this comment.
Handle NewKeyring's unsupported confirm constraint
With golang.org/x/crypto at v0.54.0, agent.NewKeyring().Add now rejects AddedKey values that set ConfirmBeforeUse instead of silently ignoring that constraint. In the no-SSH_AUTH_SOCK path, ConnectSshAgent falls back to agent.NewKeyring, while AddKeySshAgent always sets ConfirmBeforeUse: true and ignores the returned error (agent.go:47-55), so adding a key to the in-memory agent now silently stores nothing and later agent forwarding/signing sees no key. Please either avoid that constraint for NewKeyring or surface/handle the Add error.
Useful? React with 👍 / 👎.
Bumps golang.org/x/crypto from 0.51.0 to 0.54.0.
Commits
cdce021go.mod: update golang.org/x dependenciesd9474ccopenpgp: make the deprecation message more explicit7626c50ssh: verify declared key type matches decoded key in authorized_keys0471e79ssh/agent: enforce strict limits on DSA key parameters6435c37ssh: sanitize client disconnect messages7d695dassh/agent: drain channel stderr in agent forwarders5b7f841acme/autocert: fix data race in Manager.createCert0b316e7argon2: update RFC 9106 parameter recommendations55aec0ax509roots/fallback: update bundle5f2de1ainternal: remove wycheproof testsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)