Skip to content

build(deps): bump the go_modules group across 2 directories with 3 updates#2

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go_modules-2f4a114bb3
Open

build(deps): bump the go_modules group across 2 directories with 3 updates#2
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go_modules-2f4a114bb3

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 19, 2026

Bumps the go_modules group with 2 updates in the / directory: github.com/opencontainers/selinux and github.com/ulikunitz/xz.
Bumps the go_modules group with 1 update in the /tests/tools directory: github.com/sirupsen/logrus.

Updates github.com/opencontainers/selinux from 1.11.1 to 1.13.0

Release notes

Sourced from github.com/opencontainers/selinux's releases.

v1.13.0

What's Changed

Full Changelog: opencontainers/selinux@v1.12.0...v1.13.0

v1.12.0

This release removes deprecated functions from the label package, and improves documentation and error reporting of SetCreateKey.

What's Changed

Full Changelog: opencontainers/selinux@v1.11.1...v1.12.0

Commits
  • 4be9937 Merge pull request #237 from cyphar/selinux-safe-procfs
  • c8cfa6f selinux: migrate to pathrs-lite procfs API
  • f2424d8 Merge pull request #236 from kolyshkin/modernize-ci
  • 648ce7f ci: add go 1.25
  • 916cab9 ci: bump golangci-lint to v2.5
  • b42e5c8 all: format sources with latest gofumpt
  • 74393ea Merge pull request #235 from cyphar/fix-keyring-err-check
  • 6ec194b keyring: fix typo in EACCES check
  • 879a755 Merge pull request #234 from opencontainers/dependabot/github_actions/actions...
  • 3c1bd9a build(deps): bump actions/setup-go from 5 to 6
  • Additional commits viewable in compare view

Updates github.com/ulikunitz/xz from 0.5.12 to 0.5.14

Commits

Updates github.com/sirupsen/logrus from 1.4.1 to 1.8.3

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.8.3

What's Changed

New Contributors

Full Changelog: sirupsen/logrus@v1.8.2...v1.8.3

v1.8.2

What's Changed

New Contributors

Full Changelog: sirupsen/logrus@v1.8.1...v1.8.2

v1.8.1

No release notes provided.

v1.8.0

Correct versioning number replacing v1.7.1

v1.7.1

... (truncated)

Changelog

Sourced from github.com/sirupsen/logrus's changelog.

1.8.3

Fixes:

  • Fix potential denial of service in logrus.Writer() when logging >64KB single-line payloads without newlines (#1376)

1.8.2

Features:

  • Add support for the logger private buffer pool (#1253)

Fixes:

  • Fix race condition for SetFormatter and SetReportCaller
  • Fix data race in hooks test package

1.8.1

Code quality:

  • move magefile in its own subdir/submodule to remove magefile dependency on logrus consumer
  • improve timestamp format documentation

Fixes:

  • fix race condition on logger hooks

1.8.0

Correct versioning number replacing v1.7.1.

1.7.1

Beware this release has introduced a new public API and its semver is therefore incorrect.

Code quality:

  • use go 1.15 in travis
  • use magefile as task runner

Fixes:

  • small fixes about new go 1.13 error formatting system
  • Fix for long time race condiction with mutating data hooks

Features:

  • build support for zos

1.7.0

Fixes:

  • the dependency toward a windows terminal library has been removed

Features:

  • a new buffer pool management API has been added
  • a set of <LogLevel>Fn() functions have been added

... (truncated)

Commits
  • b30aa27 Merge pull request #1339 from xieyuschen/patch-1
  • 6acd903 Merge pull request #1376 from ozfive/master
  • 105e63f Merge pull request #1 from ashmckenzie/ashmckenzie/fix-writer-scanner
  • c052ba6 Scan text in 64KB chunks
  • e59b167 Merge pull request #1372 from tommyblue/syslog_different_loglevels
  • 766cfec This commit fixes a potential denial of service vulnerability in logrus.Write...
  • 70234da Add instructions to use different log levels for local and syslog
  • a448f82 Merge pull request #1362 from FrancoisWagner/fix-data-race-in-hooks-test-pkg
  • ff07b25 Fix data race in hooks.test package
  • f8bf765 Merge pull request #1343 from sirupsen/dbd-upd-dep
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the go_modules group across 2 directories with 3 up…
6e8ca7d 
…dates

Bumps the go_modules group with 2 updates in the / directory: [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) and [github.com/ulikunitz/xz](https://github.com/ulikunitz/xz).
Bumps the go_modules group with 1 update in the /tests/tools directory: [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus).


Updates `github.com/opencontainers/selinux` from 1.11.1 to 1.13.0
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](opencontainers/selinux@v1.11.1...v1.13.0)

Updates `github.com/ulikunitz/xz` from 0.5.12 to 0.5.14
- [Commits](ulikunitz/xz@v0.5.12...v0.5.14)

Updates `github.com/sirupsen/logrus` from 1.4.1 to 1.8.3
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](sirupsen/logrus@v1.4.1...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
  dependency-version: 1.13.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/ulikunitz/xz
  dependency-version: 0.5.14
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.8.3
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 19, 2026
@dependabot dependabot bot mentioned this pull request Mar 19, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants