Skip to content

Bump the go_modules group across 2 directories with 5 updates#7

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/go_modules-cbe45af1f4
Open

Bump the go_modules group across 2 directories with 5 updates#7
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/go_modules-cbe45af1f4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown

Bumps the go_modules group with 3 updates in the / directory: github.com/pion/interceptor, golang.org/x/image and github.com/pion/dtls/v3.
Bumps the go_modules group with 2 updates in the /examples directory: github.com/pion/interceptor and github.com/pion/dtls/v3.

Updates github.com/pion/interceptor from 0.1.37 to 0.1.39

Release notes

Sourced from github.com/pion/interceptor's releases.

v0.1.39

Changelog

  • fa5b35ea867389cec33a9c82fffbd459ca8958e5 Fix padding overflow with PacketFactory
  • 791455129d4ef736c4009692e8ce108afe0fff14 Update module github.com/pion/rtp to v1.8.18
  • bfb8425f36083bd9e85e782e9b9aa8025cd30ef7 Update module github.com/pion/rtp to v1.8.17
  • 0e794c49c5c6f5f4d4eae2c2a3ac31451ac401f7 Do not use cyrillic letter in error message
  • 46631964a3bc420099cfbe39e1750fbc8cd100a0 Update module github.com/pion/rtp to v1.8.16

v0.1.38

What's Changed

New Contributors

Full Changelog: pion/interceptor@v0.1.37...v0.1.38

Commits
  • fa5b35e Fix padding overflow with PacketFactory
  • 7914551 Update module github.com/pion/rtp to v1.8.18
  • bfb8425 Update module github.com/pion/rtp to v1.8.17
  • 0e794c4 Do not use cyrillic letter in error message
  • 4663196 Update module github.com/pion/rtp to v1.8.16
  • 5003ed5 FEC interceptor enhancements
  • 8d3fc6d Test encoder with different payload sizes
  • 9ab7d95 Copilot review
  • 5a23b30 Fix malformed FlexFEC-03
  • f30b304 Improve memory efficiency
  • Additional commits viewable in compare view

Updates golang.org/x/image from 0.23.0 to 0.41.0

Commits
  • 0d61147 bmp: reject input with invalid palette index
  • fe8ae45 tiff: limit PackBits decompression output size
  • 542a3d9 go.mod: update golang.org/x dependencies
  • 5cbe89a tiff: reject 0-size images
  • 3d5c9b6 go.mod: update golang.org/x dependencies
  • 854c274 font/sfnt: apply bounds checks before allocating read buffer
  • 96edba0 webp: reject VP8X headers with too-large canvases
  • 23ae9ed tiff: cap buffer growth to prevent OOM from malicious IFD offset
  • e589e60 webp: allow VP8L + VP8X(with alpha)
  • fe7d73d go.mod: update golang.org/x dependencies
  • Additional commits viewable in compare view

Updates github.com/pion/dtls/v3 from 3.0.4 to 3.0.11

Release notes

Sourced from github.com/pion/dtls/v3's releases.

v3.0.11

Backport security fix for GHSA-9f3f-wv7r-qc8r (CVE-2026-26014)

This is the only release with the security fix for Go v1.21.

v3.0.10

Changelog

  • 713910a964f7026715069716e245483f51e74eaf Upgrade to pion/transport/v4
  • e0d31600d0a99bdde26c549fdbf0668f863f05bd Add the key share extension (#749)
  • 7a57e2689ed88d7e1a8357ce1aa9c87bdec38636 Update CI configs to v0.11.36
  • 08d8c3e0ba82aa8a550abec1f3abb6852cddc597 Fix gosec slice bounds warnings (#764)
  • 7b9612e8c727eee1de08e5b895e12fae61301212 Handshake fragments assembly refactoring (#762)

v3.0.9

Changelog

  • ab5f89bfbc2b5de63f72069b763335073726000c Implement TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  • d5761acdb281969ec0b7e2d3a7f1848a1618a84f Prevent negative intervals

v3.0.8

Changelog

  • ffd97f5d98193cc8037b02d2ea98c1c7185425fe Backoff handshake retransmit
  • 7ab1bc9b2afabcb5a2dda1de8854671c4b61371b Update actions/checkout action to v6
  • bdb5f232470ee352ae95d82ec77e30c291e02e82 Update module github.com/pion/transport/v3 to v3.1.1 (#754)
  • 1d9b6b14c971221be058d6ec7118c373df3e867a Update module github.com/pion/transport/v3 to v3.1.0
  • c06c3a762453c2b460d054b5a99499ad3a80678e Lock while writing to encryptedPackets
  • ca7d80ec14d08037c639e6a8b41a900edd1f0544 Update CI configs to v0.11.32
  • 9cfb13f24436a4a9a92a9c8a7bed900310a65a30 Improve the record layer fuzz tests
  • daa0fd40294164ed1b4197ef1a996442d60c5976 Add fuzz tests for gcm
  • 9ed595078f105a4c039fb783c8241e9e93f35255 Add fuzz tests for ccm
  • 7b68bd95c2ce31014b07b4c52b570b82bbd9a034 Add fuzz tests for packet buffer
  • 7c62411d259332cfb86b4771c48829ea2934a350 Update CI configs to v0.11.31
  • 3e12f76523191b091639cee25cc21152e628279c Add more tests for prf
  • e7cbd62208a45412ece0a2d4dd790eab97137b1b Migrate elliptic curves from elliptic to ecdh
  • 6ff535f1d56ad078cc62ff82f8e30caaf754a888 Update module github.com/pion/transport/v3 to v3.0.8
  • f6b0286442f7bd42cc42b58bf7750bb28d3d9661 Add the supported_versions extension
  • 120a895e99cfee70febfee965ce67189ed8be48f Handle ECONNREFUSED timeout
  • ed044c06bac1237400b1acc41d10aad44a15c52f Update CI configs to v0.11.29
  • 5611b1401b09ff9e3853b30f0a92ffb2aac1fe15 Apply go modernize
  • 27c34050353e9f75e0ff51fc305562d874a5ad05 Update actions/checkout action to v5
  • 8764fbdc5334ffc1c1dc8f9ccacb11d3e7fce189 Update CI configs to v0.11.26
  • 465f544ca3dfa1807896e23a381886cbbdda3f85 Update CI configs to v0.11.25
  • 6e1e3c9c6fd8e4d667cc86f56aa6bc3b159b6b94 Update module github.com/stretchr/testify to v1.11.1
  • 495a7b544abc43e9a8cea907a158e106c9f94d77 Update CI configs to v0.11.24
  • 0b11eabf4369be43cfc6313c7bd5490a75eee848 Update module github.com/stretchr/testify to v1.11.0
  • b8c2ab4cdd44c893d2a80bcce4fbeb1724d6ecd6 Fix lint issues with golangci-lint@v2
  • 0bf19028b5d46229d045ea87f0f971625cc23387 Update CI configs to v0.11.22

v3.0.7

Changelog

  • e3cf6bc66eae309671c21f862608e48d3e09325c Comply with RFC5746 and RFC5246

... (truncated)

Commits

Updates golang.org/x/crypto from 0.29.0 to 0.32.0

Commits
  • 8929309 go.mod: update golang.org/x dependencies
  • 4a75ba5 all: make function and struct comments match the names
  • b4f1988 ssh: make the public key cache a 1-entry FIFO cache
  • 7042ebc openpgp/clearsign: just use rand.Reader in tests
  • 3e90321 go.mod: update golang.org/x dependencies
  • 8c4e668 x509roots/fallback: update bundle
  • See full diff in compare view

Updates golang.org/x/net from 0.31.0 to 0.34.0

Commits
  • 8da7ed1 go.mod: update golang.org/x dependencies
  • 2124140 all: make function and struct comments match the names
  • e9d95ba http2: do not surface errors from a conn's idle timer expiring
  • c2be992 quic: remember which remote connection IDs have been retired
  • dfc720d go.mod: update golang.org/x dependencies
  • 8e66b04 html: use strings.EqualFold instead of lowering ourselves
  • b935f7b html: avoid endless loop on error token
  • 9af49ef route: remove unused sizeof* consts
  • 6705db9 quic: clean up crypto streams when dropping packet protection keys
  • 4ef7588 quic: handle ACK frame in packet which drops number space
  • Additional commits viewable in compare view

Updates github.com/pion/interceptor from 0.1.37 to 0.1.39

Release notes

Sourced from github.com/pion/interceptor's releases.

v0.1.39

Changelog

  • fa5b35ea867389cec33a9c82fffbd459ca8958e5 Fix padding overflow with PacketFactory
  • 791455129d4ef736c4009692e8ce108afe0fff14 Update module github.com/pion/rtp to v1.8.18
  • bfb8425f36083bd9e85e782e9b9aa8025cd30ef7 Update module github.com/pion/rtp to v1.8.17
  • 0e794c49c5c6f5f4d4eae2c2a3ac31451ac401f7 Do not use cyrillic letter in error message
  • 46631964a3bc420099cfbe39e1750fbc8cd100a0 Update module github.com/pion/rtp to v1.8.16

v0.1.38

What's Changed

New Contributors

Full Changelog: pion/interceptor@v0.1.37...v0.1.38

Commits
  • fa5b35e Fix padding overflow with PacketFactory
  • 7914551 Update module github.com/pion/rtp to v1.8.18
  • bfb8425 Update module github.com/pion/rtp to v1.8.17
  • 0e794c4 Do not use cyrillic letter in error message
  • 4663196 Update module github.com/pion/rtp to v1.8.16
  • 5003ed5 FEC interceptor enhancements
  • 8d3fc6d Test encoder with different payload sizes
  • 9ab7d95 Copilot review
  • 5a23b30 Fix malformed FlexFEC-03
  • f30b304 Improve memory efficiency
  • Additional commits viewable in compare view

Updates golang.org/x/image from 0.21.0 to 0.23.0

Commits
  • 0d61147 bmp: reject input with invalid palette index
  • fe8ae45 tiff: limit PackBits decompression output size
  • 542a3d9 go.mod: update golang.org/x dependencies
  • 5cbe89a tiff: reject 0-size images
  • 3d5c9b6 go.mod: update golang.org/x dependencies
  • 854c274 font/sfnt: apply bounds checks before allocating read buffer
  • 96edba0 webp: reject VP8X headers with too-large canvases
  • 23ae9ed tiff: cap buffer growth to prevent OOM from malicious IFD offset
  • e589e60 webp: allow VP8L + VP8X(with alpha)
  • fe7d73d go.mod: update golang.org/x dependencies
  • Additional commits viewable in compare view

Updates github.com/pion/dtls/v3 from 3.0.4 to 3.0.11

Release notes

Sourced from github.com/pion/dtls/v3's releases.

v3.0.11

Backport security fix for GHSA-9f3f-wv7r-qc8r (CVE-2026-26014)

This is the only release with the security fix for Go v1.21.

v3.0.10

Changelog

  • 713910a964f7026715069716e245483f51e74eaf Upgrade to pion/transport/v4
  • e0d31600d0a99bdde26c549fdbf0668f863f05bd Add the key share extension (#749)
  • 7a57e2689ed88d7e1a8357ce1aa9c87bdec38636 Update CI configs to v0.11.36
  • 08d8c3e0ba82aa8a550abec1f3abb6852cddc597 Fix gosec slice bounds warnings (#764)
  • 7b9612e8c727eee1de08e5b895e12fae61301212 Handshake fragments assembly refactoring (#762)

v3.0.9

Changelog

  • ab5f89bfbc2b5de63f72069b763335073726000c Implement TLS_EMPTY_RENEGOTIATION_INFO_SCSV
  • d5761acdb281969ec0b7e2d3a7f1848a1618a84f Prevent negative intervals

v3.0.8

Changelog

  • ffd97f5d98193cc8037b02d2ea98c1c7185425fe Backoff handshake retransmit
  • 7ab1bc9b2afabcb5a2dda1de8854671c4b61371b Update actions/checkout action to v6
  • bdb5f232470ee352ae95d82ec77e30c291e02e82 Update module github.com/pion/transport/v3 to v3.1.1 (#754)
  • 1d9b6b14c971221be058d6ec7118c373df3e867a Update module github.com/pion/transport/v3 to v3.1.0
  • c06c3a762453c2b460d054b5a99499ad3a80678e Lock while writing to encryptedPackets
  • ca7d80ec14d08037c639e6a8b41a900edd1f0544 Update CI configs to v0.11.32
  • 9cfb13f24436a4a9a92a9c8a7bed900310a65a30 Improve the record layer fuzz tests
  • daa0fd40294164ed1b4197ef1a996442d60c5976 Add fuzz tests for gcm
  • 9ed595078f105a4c039fb783c8241e9e93f35255 Add fuzz tests for ccm
  • 7b68bd95c2ce31014b07b4c52b570b82bbd9a034 Add fuzz tests for packet buffer
  • 7c62411d259332cfb86b4771c48829ea2934a350 Update CI configs to v0.11.31
  • 3e12f76523191b091639cee25cc21152e628279c Add more tests for prf
  • e7cbd62208a45412ece0a2d4dd790eab97137b1b Migrate elliptic curves from elliptic to ecdh
  • 6ff535f1d56ad078cc62ff82f8e30caaf754a888 Update module github.com/pion/transport/v3 to v3.0.8
  • f6b0286442f7bd42cc42b58bf7750bb28d3d9661 Add the supported_versions extension
  • 120a895e99cfee70febfee965ce67189ed8be48f Handle ECONNREFUSED timeout
  • ed044c06bac1237400b1acc41d10aad44a15c52f Update CI configs to v0.11.29
  • 5611b1401b09ff9e3853b30f0a92ffb2aac1fe15 Apply go modernize
  • 27c34050353e9f75e0ff51fc305562d874a5ad05 Update actions/checkout action to v5
  • 8764fbdc5334ffc1c1dc8f9ccacb11d3e7fce189 Update CI configs to v0.11.26
  • 465f544ca3dfa1807896e23a381886cbbdda3f85 Update CI configs to v0.11.25
  • 6e1e3c9c6fd8e4d667cc86f56aa6bc3b159b6b94 Update module github.com/stretchr/testify to v1.11.1
  • 495a7b544abc43e9a8cea907a158e106c9f94d77 Update CI configs to v0.11.24
  • 0b11eabf4369be43cfc6313c7bd5490a75eee848 Update module github.com/stretchr/testify to v1.11.0
  • b8c2ab4cdd44c893d2a80bcce4fbeb1724d6ecd6 Fix lint issues with golangci-lint@v2
  • 0bf19028b5d46229d045ea87f0f971625cc23387 Update CI configs to v0.11.22

v3.0.7

Changelog

  • e3cf6bc66eae309671c21f862608e48d3e09325c Comply with RFC5746 and RFC5246

... (truncated)

Commits

Updates golang.org/x/crypto from 0.29.0 to 0.32.0

Commits
  • 8929309 go.mod: update golang.org/x dependencies
  • 4a75ba5 all: make function and struct comments match the names
  • b4f1988 ssh: make the public key cache a 1-entry FIFO cache
  • 7042ebc openpgp/clearsign: just use rand.Reader in tests
  • 3e90321 go.mod: update golang.org/x dependencies
  • 8c4e668 x509roots/fallback: update bundle
  • See full diff in compare view

Updates golang.org/x/net from 0.31.0 to 0.34.0

Commits
  • 8da7ed1 go.mod: update golang.org/x dependencies
  • 2124140 all: make function and struct comments match the names
  • e9d95ba http2: do not surface errors from a conn's idle timer expiring
  • c2be992 quic: remember which remote connection IDs have been retired
  • dfc720d go.mod: update golang.org/x dependencies
  • 8e66b04 html: use strings.EqualFold instead of lowering ourselves
  • b935f7b html: avoid endless loop on error token
  • 9af49ef route: remove unused sizeof* consts
  • 6705db9 quic: clean up crypto streams when dropping packet protection keys
  • 4ef7588 quic: handle ACK frame in packet which drops number space
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the go_modules group with 3 updates in the / directory: [github.com/pion/interceptor](https://github.com/pion/interceptor), [golang.org/x/image](https://github.com/golang/image) and [github.com/pion/dtls/v3](https://github.com/pion/dtls).
Bumps the go_modules group with 2 updates in the /examples directory: [github.com/pion/interceptor](https://github.com/pion/interceptor) and [github.com/pion/dtls/v3](https://github.com/pion/dtls).


Updates `github.com/pion/interceptor` from 0.1.37 to 0.1.39
- [Release notes](https://github.com/pion/interceptor/releases)
- [Commits](pion/interceptor@v0.1.37...v0.1.39)

Updates `golang.org/x/image` from 0.23.0 to 0.41.0
- [Commits](golang/image@v0.23.0...v0.41.0)

Updates `github.com/pion/dtls/v3` from 3.0.4 to 3.0.11
- [Release notes](https://github.com/pion/dtls/releases)
- [Commits](pion/dtls@v3.0.4...v3.0.11)

Updates `golang.org/x/crypto` from 0.29.0 to 0.32.0
- [Commits](golang/crypto@v0.29.0...v0.32.0)

Updates `golang.org/x/net` from 0.31.0 to 0.34.0
- [Commits](golang/net@v0.31.0...v0.34.0)

Updates `github.com/pion/interceptor` from 0.1.37 to 0.1.39
- [Release notes](https://github.com/pion/interceptor/releases)
- [Commits](pion/interceptor@v0.1.37...v0.1.39)

Updates `golang.org/x/image` from 0.21.0 to 0.23.0
- [Commits](golang/image@v0.23.0...v0.41.0)

Updates `github.com/pion/dtls/v3` from 3.0.4 to 3.0.11
- [Release notes](https://github.com/pion/dtls/releases)
- [Commits](pion/dtls@v3.0.4...v3.0.11)

Updates `golang.org/x/crypto` from 0.29.0 to 0.32.0
- [Commits](golang/crypto@v0.29.0...v0.32.0)

Updates `golang.org/x/net` from 0.31.0 to 0.34.0
- [Commits](golang/net@v0.31.0...v0.34.0)

---
updated-dependencies:
- dependency-name: github.com/pion/interceptor
  dependency-version: 0.1.39
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: golang.org/x/image
  dependency-version: 0.41.0
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: github.com/pion/dtls/v3
  dependency-version: 3.0.11
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.32.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.34.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/pion/interceptor
  dependency-version: 0.1.39
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/image
  dependency-version: 0.23.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/pion/dtls/v3
  dependency-version: 3.0.11
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.32.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/net
  dependency-version: 0.34.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants