Skip to content

chore(deps): bump golang.org/x/net from 0.55.0 to 0.56.0#1044

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/golang.org/x/net-0.56.0
Open

chore(deps): bump golang.org/x/net from 0.55.0 to 0.56.0#1044
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/golang.org/x/net-0.56.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown

Bumps golang.org/x/net from 0.55.0 to 0.56.0.

Commits
  • 9e7fdbf internal/http3: fix wrong argument being given when validating header value
  • b686e5f internal/http3: add gzip support to transport
  • 8a34885 go.mod: update golang.org/x dependencies
  • 72eaf98 dns/dnsmessage: correctly validate SVCB record parameter order
  • 82e7868 dns/dnsmessage: avoid panic when parsing SVCB record with truncated data
  • b64f1fa internal/http3: add server support for "Trailer:" magic prefix
  • 2707ee2 internal/http3: implement HTTP/3 clientConn methods
  • 31358cc internal/http3: snapshot response headers at WriteHeader time
  • 8ecbaa9 html: don't adjust xml:base
  • 8ae811a html: properly handle end script tag in fragment mode
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Bump golang.org/x/net from v0.55.0 to v0.56.0

Updates the golang.org/x/net dependency in go.mod and refreshes checksums in go.sum.

Macroscope summarized 9abb890.

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.55.0 to 0.56.0.
- [Commits](golang/net@v0.55.0...v0.56.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-version: 0.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests updating dependencies go Pull requests that update go code labels Jul 6, 2026
@dependabot dependabot Bot requested a review from KooshaPari as a code owner July 6, 2026 06:54
@dependabot dependabot Bot added dependencies Pull requests updating dependencies go Pull requests that update go code labels Jul 6, 2026
@chatgpt-codex-connector

Copy link
Copy Markdown

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Repo admins can enable using credits for code reviews in their settings.

@codeant-ai

codeant-ai Bot commented Jul 6, 2026

Copy link
Copy Markdown

Skipping PR review because a bot author is detected.

If you want to trigger CodeAnt AI, comment @codeant-ai review to trigger a manual review.

@socket-security

Copy link
Copy Markdown

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security
Vulnerability Quality Maintenance License
Updatedgolang/​golang.org/​x/​net@​v0.55.0 ⏵ v0.56.075 +1100100100100

View full report

@sonarqubecloud

sonarqubecloud Bot commented Jul 6, 2026

Copy link
Copy Markdown

@kilo-code-bot

kilo-code-bot Bot commented Jul 8, 2026

Copy link
Copy Markdown

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Overview

Routine Dependabot bump of golang.org/x/net from v0.55.0 to v0.56.0. Changes are confined to go.mod (version pin) and go.sum (refreshed module checksums). No source code, logic, or API surface was modified.

  • golang.org/x/net is a direct/production dependency and the bump is a semver-minor update.
  • go.sum checksums for both the module and its go.mod were updated consistently.
  • Socket supply-chain scan reports +1 on supply chain security with clean vulnerability/quality/maintenance/license scores.
  • No new inter-crate or dependency constraints introduced.
Files Reviewed (2 files)
  • go.mod
  • go.sum

Reviewed by hy3-20260706:free · Input: 35.9K · Output: 1.3K · Cached: 71.6K

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests updating dependencies go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants