fix(deps): Update module golang.org/x/crypto to v0.45.0 [SECURITY] #21647

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

kodiakhq merged 1 commit into main from renovate/go-golang.org-x-crypto-vulnerability

Nov 20, 2025

Contributor

cq-bot commented Nov 20, 2025

This PR contains the following updates:

Package	Type	Update	Change
golang.org/x/crypto	indirect	minor	`v0.43.0` -> `v0.45.0`

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.


          fix(deps): Update module golang.org/x/crypto to v0.45.0 [SECURITY]

bffb753

cq-bot added automerge security labels

Contributor Author

cq-bot commented Nov 20, 2025

ℹ Artifact update notice

File name: cli/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

5 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/term`	`v0.36.0` -> `v0.37.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

5 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/term`	`v0.36.0` -> `v0.37.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/azblob/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

4 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/bigquery/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

3 additional dependencies were updated

Details:

Package	Change
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/gcs/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

4 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/kafka/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

4 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/mongodb/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

4 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/mssql/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

4 additional dependencies were updated

Details:

Package	Change
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/postgresql/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

4 additional dependencies were updated

Details:

Package	Change
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

File name: plugins/destination/snowflake/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

5 additional dependencies were updated

Details:

Package	Change
`golang.org/x/sync`	`v0.17.0` -> `v0.18.0`
`golang.org/x/net`	`v0.46.0` -> `v0.47.0`
`golang.org/x/sys`	`v0.37.0` -> `v0.38.0`
`golang.org/x/term`	`v0.36.0` -> `v0.37.0`
`golang.org/x/text`	`v0.30.0` -> `v0.31.0`

cq-bot added the security label

kodiakhq bot approved these changes

View reviewed changes

cq-bot added area/cli area/plugin/destination/snowflake area/plugin/destination/gcs area/plugin/destination/mongodb area/plugin/destination/kafka area/plugin/destination/postgresql area/plugin/destination/mssql area/plugin/destination/bigquery area/plugin/destination/azblob labels

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/azblob

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/bigquery

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/gcs

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/kafka

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/mongodb

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/mssql

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/postgresql

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=plugins/destination/snowflake

Contributor Author

cq-bot commented Nov 20, 2025

/gen sha=bffb7535594ddb9fa368c08ea79c5ad00609a70a dir=cli

kodiakhq bot merged commit d3f1ff8 into main

30 checks passed

kodiakhq bot deleted the renovate/go-golang.org-x-crypto-vulnerability branch

November 20, 2025 03:09

This was referenced Nov 20, 2025

chore(main): Release cli v6.31.0 #21648

Merged

chore(main): Release plugins-destination-azblob v4.4.34 #21649

Merged

chore(main): Release plugins-destination-bigquery v4.6.3 #21650

Merged

This was referenced Nov 20, 2025

chore(main): Release plugins-destination-gcs v5.4.33 #21651

Merged

chore(main): Release plugins-destination-kafka v5.6.3 #21652

Merged

chore(main): Release plugins-destination-mongodb v2.7.5 #21630

Merged

chore(main): Release plugins-destination-mssql v5.2.6 #21653

Merged

chore(main): Release plugins-destination-postgresql v8.13.3 #21654

Merged

chore(main): Release plugins-destination-snowflake v5.1.6 #21621

Merged

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release cli v6.31.0 (#21648)

cf68782

🤖 I have created a release *beep* *boop*
---


## [6.31.0](cli-v6.30.5...cli-v6.31.0) (2025-12-01)


### Features

* Add optional tenant ID field to logger ([#21675](#21675)) ([1c79d05](1c79d05))


### Bug Fixes

* **deps:** Update module github.com/cloudquery/plugin-pb-go to v1.27.0 ([#21676](#21676)) ([7b917cc](7b917cc))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-postgresql v8.13.3 (#21654)

6ad90e7

🤖 I have created a release *beep* *boop*
---


## [8.13.3](plugins-destination-postgresql-v8.13.2...plugins-destination-postgresql-v8.13.3) (2025-12-19)


### Bug Fixes

* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-kafka v5.6.3 (#21652)

8ce534a

🤖 I have created a release *beep* *boop*
---


## [5.6.3](plugins-destination-kafka-v5.6.2...plugins-destination-kafka-v5.6.3) (2025-12-19)


### Bug Fixes

* **deps:** Update module github.com/cloudquery/filetypes/v4 to v4.6.11 ([#21726](#21726)) ([105c189](105c189))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-bigquery v4.6.3 (#21650)

b1de6c4

🤖 I have created a release *beep* *boop*
---


## [4.6.3](plugins-destination-bigquery-v4.6.2...plugins-destination-bigquery-v4.6.3) (2025-12-19)


### Bug Fixes

* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))
* **deps:** Update module google.golang.org/api to v0.256.0 ([#21667](#21667)) ([040c4b6](040c4b6))
* **deps:** Update module google.golang.org/api to v0.257.0 ([#21721](#21721)) ([59a7650](59a7650))
* Revise service_account_key_json wording ([#21706](#21706)) ([034a668](034a668))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-mongodb v2.7.5 (#21630)

ed57139

🤖 I have created a release *beep* *boop*
---


## [2.7.5](plugins-destination-mongodb-v2.7.4...plugins-destination-mongodb-v2.7.5) (2025-12-19)


### Bug Fixes

* **deps:** Update aws-sdk-go-v2 monorepo ([#21628](#21628)) ([ea18029](ea18029))
* **deps:** Update aws-sdk-go-v2 monorepo ([#21657](#21657)) ([903f32a](903f32a))
* **deps:** Update aws-sdk-go-v2 monorepo ([#21665](#21665)) ([659b689](659b689))
* **deps:** Update aws-sdk-go-v2 monorepo ([#21684](#21684)) ([532174b](532174b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-gcs v5.4.33 (#21651)

c87a462

🤖 I have created a release *beep* *boop*
---


## [5.4.33](plugins-destination-gcs-v5.4.32...plugins-destination-gcs-v5.4.33) (2025-12-19)


### Bug Fixes

* **deps:** Update module cloud.google.com/go/storage to v1.57.2 ([#21659](#21659)) ([4623904](4623904))
* **deps:** Update module cloud.google.com/go/storage to v1.58.0 ([#21720](#21720)) ([53175d7](53175d7))
* **deps:** Update module github.com/cloudquery/filetypes/v4 to v4.6.11 ([#21726](#21726)) ([105c189](105c189))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))
* **deps:** Update module google.golang.org/api to v0.256.0 ([#21668](#21668)) ([35f53ce](35f53ce))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-mssql v5.2.6 (#21653)

0060ad6

🤖 I have created a release *beep* *boop*
---


## [5.2.6](plugins-destination-mssql-v5.2.5...plugins-destination-mssql-v5.2.6) (2025-12-19)


### Bug Fixes

* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-azblob v4.4.34 (#21649)

04b2d02

🤖 I have created a release *beep* *boop*
---


## [4.4.34](plugins-destination-azblob-v4.4.33...plugins-destination-azblob-v4.4.34) (2025-12-19)


### Bug Fixes

* **deps:** Update module github.com/Azure/azure-sdk-for-go/sdk/azidentity to v1.13.1 ([#21661](#21661)) ([63cd129](63cd129))
* **deps:** Update module github.com/cloudquery/filetypes/v4 to v4.6.11 ([#21726](#21726)) ([105c189](105c189))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

kodiakhq bot pushed a commit that referenced this pull request


          chore(main): Release plugins-destination-snowflake v5.1.6 (#21621)

534a5ee

🤖 I have created a release *beep* *boop*
---


## [5.1.6](plugins-destination-snowflake-v5.1.5...plugins-destination-snowflake-v5.1.6) (2025-12-19)


### Bug Fixes

* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.92.1 ([#21682](#21682)) ([8a7596b](8a7596b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.0 ([#21710](#21710)) ([f0f2c5b](f0f2c5b))
* **deps:** Update module github.com/cloudquery/plugin-sdk/v4 to v4.93.1 ([#21725](#21725)) ([aa46079](aa46079))
* **deps:** Update module github.com/dvsekhvalnov/jose2go to v1.7.0 [SECURITY] ([#21620](#21620)) ([00e8f5c](00e8f5c))
* **deps:** Update module golang.org/x/crypto to v0.45.0 [SECURITY] ([#21647](#21647)) ([d3f1ff8](d3f1ff8))

---
This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/cli area/plugin/destination/azblob area/plugin/destination/bigquery area/plugin/destination/gcs area/plugin/destination/kafka area/plugin/destination/mongodb area/plugin/destination/mssql area/plugin/destination/postgresql area/plugin/destination/snowflake automerge security