Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit4d00b76

Browse files
chore: bump github.com/justinas/nosurf from 1.1.1 to 1.2.0 (#17829)
Bumps [github.com/justinas/nosurf](https://github.com/justinas/nosurf)from 1.1.1 to 1.2.0.<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/justinas/nosurf/releases">github.com/justinas/nosurf'sreleases</a>.</em></p><blockquote><h2>v1.2.0</h2><p>This is a <em>security</em> release for nosurf. It mainly addresses<ahref="https://github.com/justinas/nosurf-cve-2025-46721">CVE-2025-46721</a>.</p><p>This release technically includes breaking changes, as nosurf startsapplying same-origin checks that were not previously enforced. In mostcases, users will not need to make any changes to their code. However,it is recommended to read <ahref="https://github.com/justinas/nosurf/blob/master/docs/origin-checks.md">thedocumentation on nosurf's trusted origin checks</a> beforeupgrading.</p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/justinas/nosurf/commit/ec9bb776d8e5ba9e906b6eb70428f4e7b009feee"><code>ec9bb77</code></a>Rework origin checks (<ahref="https://redirect.github.com/justinas/nosurf/issues/74">#74</a>)</li><li><ahref="https://github.com/justinas/nosurf/commit/e5c9c1fe2d4f69668ff78f872abf3b396a08673a"><code>e5c9c1f</code></a>Add GitHub Actions CI, fix lints and tests</li><li>See full diff in <ahref="https://github.com/justinas/nosurf/compare/v1.1.1...v1.2.0">compareview</a></li></ul></details><br />[![Dependabot compatibilityscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/justinas/nosurf&package-manager=go_modules&previous-version=1.1.1&new-version=1.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore this major version` will close this PR and stopDependabot creating any more for this major version (unless you reopenthe PR or upgrade to it yourself)- `@dependabot ignore this minor version` will close this PR and stopDependabot creating any more for this minor version (unless you reopenthe PR or upgrade to it yourself)- `@dependabot ignore this dependency` will close this PR and stopDependabot creating any more for this dependency (unless you reopen thePR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the[Security Alerts page](https://github.com/coder/coder/network/alerts).</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent74934e1 commit4d00b76

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

‎go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -146,7 +146,7 @@ require (
146146
github.com/imulab/go-scim/pkg/v2v2.2.0
147147
github.com/jedib0t/go-pretty/v6v6.6.7
148148
github.com/jmoiron/sqlxv1.4.0
149-
github.com/justinas/nosurfv1.1.1
149+
github.com/justinas/nosurfv1.2.0
150150
github.com/kballard/go-shellquotev0.0.0-20180428030007-95032a82bc51
151151
github.com/kirsle/configdirv0.0.0-20170128060238-e45d2f54772f
152152
github.com/klauspost/compressv1.18.0

‎go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1442,8 +1442,8 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1
14421442
github.com/jstemmer/go-junit-reportv0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
14431443
github.com/jung-kurt/gofpdfv1.0.0/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
14441444
github.com/jung-kurt/gofpdfv1.0.3-0.20190309125859-24315acbbda5/go.mod h1:7Id9E/uU8ce6rXgefFLlgrJj/GYY22cpxn+r32jIOes=
1445-
github.com/justinas/nosurfv1.1.1 h1:92Aw44hjSK4MxJeMSyDa7jwuI9GR2J/JCQiaKvXXSlk=
1446-
github.com/justinas/nosurfv1.1.1/go.mod h1:ALpWdSbuNGy2lZWtyXdjkYv4edL23oSEgfBT1gPJ5BQ=
1445+
github.com/justinas/nosurfv1.2.0 h1:yMs1bSRrNiwXk4AS6n8vL2Ssgpb9CB25T/4xrixaK0s=
1446+
github.com/justinas/nosurfv1.2.0/go.mod h1:ALpWdSbuNGy2lZWtyXdjkYv4edL23oSEgfBT1gPJ5BQ=
14471447
github.com/kballard/go-shellquotev0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
14481448
github.com/kballard/go-shellquotev0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
14491449
github.com/kevinburke/ssh_configv1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4=

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp