Skip to content

Bump the support-dependencies group across 1 directory with 12 updates#313

Merged
chocolatkey merged 2 commits into
developfrom
dependabot/go_modules/support-dependencies-85c64fe24f
Jul 8, 2026
Merged

Bump the support-dependencies group across 1 directory with 12 updates#313
chocolatkey merged 2 commits into
developfrom
dependabot/go_modules/support-dependencies-85c64fe24f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the support-dependencies group with 7 updates in the / directory:

Package From To
cloud.google.com/go/storage 1.62.2 1.63.0
github.com/abema/go-mp4 1.6.0 1.7.1
github.com/andybalholm/cascadia 1.3.3 1.3.4
github.com/aws/aws-sdk-go-v2 1.41.7 1.42.0
github.com/aws/aws-sdk-go-v2/service/s3 1.101.0 1.104.1
github.com/pdfcpu/pdfcpu 0.12.1 0.13.0
golang.org/x/image 0.41.0 0.43.0

Updates cloud.google.com/go/storage from 1.62.2 to 1.63.0

Release notes

Sourced from cloud.google.com/go/storage's releases.

compute: v1.63.0

v1.63.0 (2026-05-14)

Features

storage: v1.63.0

1.63.0 (2026-06-25)

Features

  • go: Add full object checksum for negative offsets > size (#20026) (a04d980)
  • storage: Add client feature tracking in HTTP client (#14691) (319cc4c)
  • storage: App Centric Observability (#14685) (c3273bb)
  • storage: Read checksums in gRPC partial reads (#14586) (d29f68a)
  • storage: Support deleteSourceObjects option in object compose (#14704) (0d2d680)
  • Update API sources and regenerate (#14701) (a9b7921)

Bug Fixes

  • storage: Add server closed idle connection to retriable errors (#14594) (a6bd392)
  • storage: Fix race condition during retries in gRPC writer (#14649) (c781a75)

storage: v1.62.3

v1.62.3 (2026-06-03)

Bug Fixes

  • fix race condition during retries in gRPC writer (#14649) (04b6c635)

  • add server closed idle connection to retriable errors (#14594) (20b37d65)

Commits
  • 14ea3de fix: Fix name collision on SandboxEnvironment.state by renaming enum to Sandb...
  • d9de3a5 test(spanner): skip DirectPath-incompatible tests when DirectPath is enabled ...
  • 043aa71 test(spanner): fix nil pointer panic in TestNewBuiltinMetricsTracerFactory un...
  • d6f00a2 test(spanner): disable TestIntegration_QueueMutations (#14550)
  • d10add3 refactor(pubsub/v2/pstest): implement custom filter parser (#14497)
  • 94d24ca chore: librarian release pull request: 20260507T184113Z (#14549)
  • 541569e docs: update README to reflect Gemini Enterprise Agent Platform
  • 237533a Merge pull request #14545 from googleapis:release-agentplatform-0.20.0
  • d70876a chore: release agentplatform@v0.20.0
  • See full diff in compare view

Updates github.com/abema/go-mp4 from 1.6.0 to 1.7.1

Release notes

Sourced from github.com/abema/go-mp4's releases.

v1.7.1

What's Changed

Full Changelog: abema/go-mp4@v1.7.0...v1.7.1

v1.7.0

What's Changed

Full Changelog: abema/go-mp4@v1.6.0...v1.7.0

Commits

Updates github.com/andybalholm/cascadia from 1.3.3 to 1.3.4

Commits
  • e146583 Update to golang.org/x/net@v0.55.0
  • 7d2058d perf: avoid per-node heap allocation in :has and :haschild
  • 9c17a91 perf: avoid buffer allocation in :empty matcher
  • See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2 from 1.41.7 to 1.42.0

Commits

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.101.0 to 1.104.1

Commits
  • 26060c5 Release 2026-06-29
  • 24e918a Regenerated Clients
  • 334471f Update API model
  • 96d81dc Deprecate iotevents, ioteventsdata, panorama and simspaceweaver (#3458)
  • 30502cb feat: mark common plugins and fix per-op ordering for invokeOperation refacto...
  • 8881653 Revert "feat: mark common plugins and fix per-op ordering for invokeOperation...
  • eba2f01 feat: mark common plugins and fix per-op ordering for invokeOperation… (#3443)
  • 2c5e1db Release 2026-06-23
  • d09eeb5 Regenerated Clients
  • 2f5f5f9 Update API model
  • Additional commits viewable in compare view

Updates github.com/aws/smithy-go from 1.25.1 to 1.27.1

Changelog

Sourced from github.com/aws/smithy-go's changelog.

Release (2026-06-26)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.3
    • Bug Fix: Fix bug in JSON doc encoder and endpoint host label format validation

Release (2026-06-05)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.2
    • Bug Fix: Fix incorrect serialization of unions in CBOR-based protocols.

Release (2026-06-04)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.1
    • Bug Fix: Fixed a deserialization failure in all protocols when encountering a union with explicit null members.
    • Bug Fix: Fixed a panic when deserializing nested unions in JSON- and CBOR-based protocols.

Release (2026-06-02)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.0
    • Feature: Add APIs for schema-based serialization.
    • Feature: Add support for all current AWS and Smithy protocols.
    • Bug Fix: Enforce max nesting depth of 128 on CBOR payloads.
  • github.com/aws/smithy-go/aws-http-auth: v1.2.0
    • Feature: Add event stream signer.

Release (2026-05-27)

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.26.0
    • Feature: Add StringSlice to endpoint rulesfn.

... (truncated)

Commits

Updates github.com/pdfcpu/pdfcpu from 0.12.1 to 0.13.0

Release notes

Sourced from github.com/pdfcpu/pdfcpu's releases.

v0.13.0

A Release Featuring CLI Pipelines and Safer Defaults

Starting with this release, pdfcpu improves CLI usability with broader stdin/stdout pipeline support and stricter overwrite handling.

Check out the refreshed documentation at https://pdfcpu.io

Many commands now support - for stdin/stdout, making pdfcpu easier to use in shell pipelines. Explicit output files and non-empty output directories are no longer overwritten implicitly. Use the new global --force flag when overwriting is intentional.

Example:

pdfcpu optimize - out.pdf < in.pdf

or:

cat in.pdf | pdfcpu optimize - - > out.pdf

or a pipeline:

aws s3 cp s3://acme-contracts/master.pdf - \
      | pdfcpu optimize - - \
      | aws s3 cp - s3://acme-contracts/optimized/master.pdf

CLI Improvements

This release adds and refines several user-facing CLI features:

  • Broader stdin/stdout support using -
  • Global --force flag for explicit overwrite handling
  • annotations list --json
  • form list --json
  • certificates list --json
  • merge --bookmark-mode wrap|preserve
  • Improved version command behavior
  • Clarified help text around signature validation scope and trust boundaries

The new overwrite behavior is intentionally stricter. Existing scripts that relied on implicit overwrites may need to add --force.


Merge Bookmarks

... (truncated)

Commits

Updates golang.org/x/image from 0.41.0 to 0.43.0

Commits
  • b5baf41 tiff: avoid overflow when reading IFD entries
  • e7513b5 tiff: limit the amount of data read in IFD entries
  • cb9f1a6 tiff: limit uncompressed data reads
  • 304d4cc tiff: reject tiles too much larger than the image
  • 7c04344 tiff: add buffer slice overflow checks for 32-bit systems
  • c5511df webp: require that VP8/VP8L dimensions match canvas dimensions
  • 38fd220 bmp: don't panic on too-large image, reject 0xN
  • f95dd26 font/sfnt: avoid panics from out-of-bounds access in invalid GPOS table
  • 1e486eb tiff: don't panic when decoding too-large image on 32-bit platforms
  • 3fd0b07 go.mod: update golang.org/x dependencies
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.55.0 to 0.56.0

Commits
  • 9e7fdbf internal/http3: fix wrong argument being given when validating header value
  • b686e5f internal/http3: add gzip support to transport
  • 8a34885 go.mod: update golang.org/x dependencies
  • 72eaf98 dns/dnsmessage: correctly validate SVCB record parameter order
  • 82e7868 dns/dnsmessage: avoid panic when parsing SVCB record with truncated data
  • b64f1fa internal/http3: add server support for "Trailer:" magic prefix
  • 2707ee2 internal/http3: implement HTTP/3 clientConn methods
  • 31358cc internal/http3: snapshot response headers at WriteHeader time
  • 8ecbaa9 html: don't adjust xml:base
  • 8ae811a html: properly handle end script tag in fragment mode
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.20.0 to 0.21.0

Commits

Updates golang.org/x/text from 0.37.0 to 0.38.0

Commits

Updates google.golang.org/api from 0.274.0 to 0.285.0

Release notes

Sourced from google.golang.org/api's releases.

v0.285.0

0.285.0 (2026-06-16)

Features

v0.284.0

0.284.0 (2026-06-09)

Features

v0.283.0

0.283.0 (2026-06-01)

Features

v0.282.0

0.282.0 (2026-05-27)

Features

v0.281.0

0.281.0 (2026-05-26)

Features

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.285.0 (2026-06-16)

Features

0.284.0 (2026-06-09)

Features

0.283.0 (2026-06-01)

Features

0.282.0 (2026-05-27)

Features

0.281.0 (2026-05-26)

Features

0.280.0 (2026-05-19)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the support-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) | `1.62.2` | `1.63.0` |
| [github.com/abema/go-mp4](https://github.com/abema/go-mp4) | `1.6.0` | `1.7.1` |
| [github.com/andybalholm/cascadia](https://github.com/andybalholm/cascadia) | `1.3.3` | `1.3.4` |
| [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) | `1.41.7` | `1.42.0` |
| [github.com/aws/aws-sdk-go-v2/service/s3](https://github.com/aws/aws-sdk-go-v2) | `1.101.0` | `1.104.1` |
| [github.com/pdfcpu/pdfcpu](https://github.com/pdfcpu/pdfcpu) | `0.12.1` | `0.13.0` |
| [golang.org/x/image](https://github.com/golang/image) | `0.41.0` | `0.43.0` |



Updates `cloud.google.com/go/storage` from 1.62.2 to 1.63.0
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](googleapis/google-cloud-go@storage/v1.62.2...compute/v1.63.0)

Updates `github.com/abema/go-mp4` from 1.6.0 to 1.7.1
- [Release notes](https://github.com/abema/go-mp4/releases)
- [Commits](abema/go-mp4@v1.6.0...v1.7.1)

Updates `github.com/andybalholm/cascadia` from 1.3.3 to 1.3.4
- [Release notes](https://github.com/andybalholm/cascadia/releases)
- [Commits](andybalholm/cascadia@v1.3.3...v1.3.4)

Updates `github.com/aws/aws-sdk-go-v2` from 1.41.7 to 1.42.0
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@v1.41.7...v1.42.0)

Updates `github.com/aws/aws-sdk-go-v2/service/s3` from 1.101.0 to 1.104.1
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](aws/aws-sdk-go-v2@service/s3/v1.101.0...service/s3/v1.104.1)

Updates `github.com/aws/smithy-go` from 1.25.1 to 1.27.1
- [Release notes](https://github.com/aws/smithy-go/releases)
- [Changelog](https://github.com/aws/smithy-go/blob/main/CHANGELOG.md)
- [Commits](aws/smithy-go@v1.25.1...v1.27.1)

Updates `github.com/pdfcpu/pdfcpu` from 0.12.1 to 0.13.0
- [Release notes](https://github.com/pdfcpu/pdfcpu/releases)
- [Commits](pdfcpu/pdfcpu@v0.12.1...v0.13.0)

Updates `golang.org/x/image` from 0.41.0 to 0.43.0
- [Commits](golang/image@v0.41.0...v0.43.0)

Updates `golang.org/x/net` from 0.55.0 to 0.56.0
- [Commits](golang/net@v0.55.0...v0.56.0)

Updates `golang.org/x/sync` from 0.20.0 to 0.21.0
- [Commits](golang/sync@v0.20.0...v0.21.0)

Updates `golang.org/x/text` from 0.37.0 to 0.38.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.37.0...v0.38.0)

Updates `google.golang.org/api` from 0.274.0 to 0.285.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.274.0...v0.285.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-version: 1.63.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: github.com/abema/go-mp4
  dependency-version: 1.7.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: github.com/andybalholm/cascadia
  dependency-version: 1.3.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: support-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: github.com/aws/aws-sdk-go-v2/service/s3
  dependency-version: 1.104.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: github.com/aws/smithy-go
  dependency-version: 1.27.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: github.com/pdfcpu/pdfcpu
  dependency-version: 0.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: golang.org/x/image
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: golang.org/x/net
  dependency-version: 0.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: golang.org/x/sync
  dependency-version: 0.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: golang.org/x/text
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
- dependency-name: google.golang.org/api
  dependency-version: 0.285.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: support-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jul 1, 2026
@chocolatkey
chocolatkey merged commit 885eb9f into develop Jul 8, 2026
4 checks passed
@chocolatkey
chocolatkey deleted the dependabot/go_modules/support-dependencies-85c64fe24f branch July 8, 2026 07:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant