Bump github.com/ProtonMail/go-crypto from 1.1.0-alpha.2 to 1.1.0-alpha.4-proton#973

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Jump to bottom

Closed

dependabot wants to merge1 commit intomainfromdependabot/go_modules/github.com/ProtonMail/go-crypto-1.1.0-alpha.4-proton

Closed

Bump github.com/ProtonMail/go-crypto from 1.1.0-alpha.2 to 1.1.0-alpha.4-proton#973

dependabot wants to merge1 commit intomainfromdependabot/go_modules/github.com/ProtonMail/go-crypto-1.1.0-alpha.4-proton

Conversation

Copy link

Contributor

dependabotbot commented on behalf ofgithubJul 17, 2024

Bumpsgithub.com/ProtonMail/go-crypto from 1.1.0-alpha.2 to 1.1.0-alpha.4-proton.

Release notes

Sourced fromgithub.com/ProtonMail/go-crypto's releases.

v1.1.0-alpha.4-proton
This pre-release is v1.1.0-alpha.4 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.
v1.1.0-alpha.3-proton
This pre-release is v1.1.0-alpha.3 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.
v1.1.0-alpha.1-proton
This pre-release is v1.1.0-alpha.1 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.
v1.1.0-alpha.0-proton
This pre-release is v1.1.0-alpha.0 with support for symmetric keys and automatic forwarding, both of which are not standardized yet.
v1.1.0-alpha.4
What's Changed
ECDH with v6 must use the full fingerprint (ProtonMail/go-crypto#211)
Restrict S2K types (ProtonMail/go-crypto#213)
Put support for reading v5 packets behind a feature flag (ProtonMail/go-crypto#212)
Allow empty Key Flags subpackets (ProtonMail/go-crypto#214)
Randomize v4 and v5 signatures via custom notation (ProtonMail/go-crypto#209)
Fix SEIPDv2 packet parsing error messages (ProtonMail/go-crypto#215)
Full Changelog:ProtonMail/go-crypto@v1.1.0-alpha.3...v1.1.0-alpha.4
v1.1.0-alpha.3
What's Changed
New functions to verify signature hash tags
Allow parsing certifications explicitly marked as exportable
Sorting signature sub-packets by their ID when serializing
Markcreation time,issuer key ID, andkey flag signature sub-packets as critical
When AEAD is in use, the session key length is now determined by the cipher specified in the AEAD preference.
Full Changelog:v1.1.0-alpha.2...v1.1.0-alpha.3

Commits

0b33f7b Fix HMAC generation (#204)
9c1877a Replace ioutil.ReadAll with io.ReadAll
91a0def fix(v2): Adapt NewForwardingEntity to refactored NewEntity
da66ff5 fix(v2): Do not allow encrpytion with a forwarding key
f27ab7d feat: Add symmetric keys to v2
4017cb3 fix: Address warnings
fcee26d feat: Add forwarding to v2 api
20a257b fix: Address rebase on version 2 issues
a5524a5 Use fingerprints instead of KeyIDs
9be33fe Create a copy of the encrypted key when forwarding
Additional commits viewable incompare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting@dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bump github.com/ProtonMail/go-crypto

fc077e7

Bumps [github.com/ProtonMail/go-crypto](https://github.com/ProtonMail/go-crypto) from 1.1.0-alpha.2 to 1.1.0-alpha.4-proton.- [Release notes](https://github.com/ProtonMail/go-crypto/releases)- [Commits](ProtonMail/go-crypto@v1.1.0-alpha.2...v1.1.0-alpha.4-proton)---updated-dependencies:- dependency-name: github.com/ProtonMail/go-crypto  dependency-type: direct:production  update-type: version-update:semver-patch...Signed-off-by: dependabot[bot] <support@github.com>

dependabotbot added the topic: infrastructureRelated to project infrastructure label

Jul 17, 2024

dependabotbot mentioned this pull request

Jul 17, 2024

Bump github.com/ProtonMail/go-crypto from 1.1.0-alpha.2 to 1.1.0-alpha.3-proton#968

Closed

Copy link

codecov-commenter commentedJul 17, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 20.04%. Comparing base(da1fa2e) to head(fc077e7).

Additional details and impacted files

@@           Coverage Diff           @@##             main     #973   +/-   ##=======================================  Coverage   20.04%   20.04%           =======================================  Files          42       42             Lines        2569     2569           =======================================  Hits          515      515             Misses       1968     1968             Partials       86       86