Skip to content

Bump the dependencies group across 1 directory with 5 updates #135

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the dependencies group across 1 directory with 5 updates #135

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 19, 2026

Bumps the dependencies group with 5 updates in the / directory:

Package From To
github.com/attestantio/go-eth2-client 0.27.1 0.28.0
github.com/ethereum/go-ethereum 1.16.5 1.16.8
github.com/itchyny/gojq 0.12.17 0.12.18
github.com/sirupsen/logrus 1.9.3 1.9.4
github.com/spf13/cobra 1.10.1 1.10.2

Updates github.com/attestantio/go-eth2-client from 0.27.1 to 0.28.0

Changelog

Sourced from github.com/attestantio/go-eth2-client's changelog.

0.28.0:

  • update dependency for go-bitfield to get from offchain instead of prysmatic org

0.27.2:

  • add /eth/v1/beacon/blobs/ endpoint support
  • update go version to 1.25
  • updated spec conformance tests for latest forks
  • updated linters and corresponding fixes
Commits
  • 9616db6 Merge pull request #278 from attestantio/release_go_eth2_client
  • ec91bf6 Lint.
  • 60ad4c7 Add release information.
  • 43433ff Update go-bitfield refs to OffchainLabs and fix linter issues #276
  • 3109c2f Merge pull request #277 from attestantio/release_27_2
  • e8d3f36 Fix linter.
  • be371ef Release 0.27.2
  • ca04703 Merge pull request #274 from attestantio/update_go_version_and_golangci_lint
  • 1bfc628 Merge pull request #273 from pk910/pk910/add-blobs-request
  • dd39e83 fix typo in filename
  • Additional commits viewable in compare view

Updates github.com/ethereum/go-ethereum from 1.16.5 to 1.16.8

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

Moisture Filters (v1.16.8)

This is a security fix release and is recommended for all users. It resolves two p2p vulnerabilities reported through the Ethereum Foundation bug bounty program.

As with all our previous releases, you can find the:

Ballistic Drift Stabilizer (v1.16.7)

This is a re-roll of v1.16.6, including an important fix in the KZG cryptography library.

This release enables the Fusaka hardfork on Ethereum mainnet.

The Fusaka fork is scheduled to occur at 2025-12-03 21:49:11 UTC. Please upgrade your node to v1.16.7 in time for the fork.

This release also enables two blob-parameter-only (BPO) upgrades. These upgrades change protocol parameters to increase the available blob capacity.

  • BPO1 on2025-12-09
  • BPO2 on 2026-01-07

Fusaka

  • Set mainnet timestamps for Osaka (#33063)
  • Enable Fusaka for geth --dev mode (#32917)

RPC

  • Add eth_sendRawTransactionSync which waits until either a timeout or the transaction is mined. This feature is mostly useful on L2s with lower blocktimes. (#32830, #32930, #32929)
  • Add support for eth_simulateV1 in ethclient (#32856)
  • Fix for an issue that might crash debug_traceCall (#33015)
  • Fix for an issuer where local transactions were not persisted to the journal (#32921)

Core

  • Fix for a cryptographic vulnerability in c-kzg-4844. This is only exploitable post-Fusaka. (#33093)
  • Add geth --genesis flag as an alternative to running geth init genesis.json (#32844)
  • Fix for receipt insertion during ERA file import. (#32934)
  • Work on getting the trie node history in order to serve historical eth_getProof request with the new path-based archive node. (#32907, #32914, #32937)
  • Further work on cmd/keeper, our guest program for zkVMs (#32816)
  • Various optimizations (#32971, #32916, #32965, #32946)

... (truncated)

Commits
  • abeb78c Merge branch 'dos-fixes' into release/1.16
  • ce43eb9 version: release go-ethereum v1.16.8 stable
  • 638741b crypto/ecies: use aes blocksize
  • fdfd123 core/txpool: drop peers on invalid KZG proofs
  • 8ecb686 version: begin v1.16.8 release cycle
  • b9f3a3d Merge branch 'master' into release/1.16
  • 07129d2 version: release go-ethereum v1.16.7 stable
  • 653f8d4 go.mod: update to c-kzg v2.1.5 (#33093)
  • 5b77af3 version: begin v1.16.7 release cycle
  • 386c3de Merge branch 'master' into release/1.16
  • Additional commits viewable in compare view

Updates github.com/itchyny/gojq from 0.12.17 to 0.12.18

Release notes

Sourced from github.com/itchyny/gojq's releases.

Release v0.12.18

  • implement trimstr/1, toboolean/0 function
  • fix last/1 to be included in builtins/0
  • fix --indent 0 to preserve newlines
  • fix string repetition to emit error when the result is too large
  • increase the array index limit to 536870912 (2^29)
  • stop numeric normalization for concurrent execution (see 1ace748d08df)
  • support binding expressions with binary operators (1 + 2 as $x | -$x)
  • improve gojq.NewIter to be a generic function
  • improve logic for getting file contents on JSON parse error
  • improve JSON parsing to preserve the precision of floating-point numbers
  • improve YAML parsing performance and preserve the precision of large integers
  • improve performance and reduce memory allocation of long-running queries
Changelog

Sourced from github.com/itchyny/gojq's changelog.

v0.12.18 (2025-12-02)

  • implement trimstr/1, toboolean/0 function
  • fix last/1 to be included in builtins/0
  • fix --indent 0 to preserve newlines
  • fix string repetition to emit error when the result is too large
  • increase the array index limit to 536870912 (2^29)
  • stop numeric normalization for concurrent execution (see 1ace748d08df)
  • support binding expressions with binary operators (1 + 2 as $x | -$x)
  • improve gojq.NewIter to be a generic function
  • improve logic for getting file contents on JSON parse error
  • improve JSON parsing to preserve the precision of floating-point numbers
  • improve YAML parsing performance and preserve the precision of large integers
  • improve performance and reduce memory allocation of long-running queries
Commits
  • fa534a1 bump up version to 0.12.18
  • d7e1531 update CHANGELOG.md for v0.12.18
  • 672cc79 update dependencies
  • 2263e18 update actions/checkout to v6
  • 5d8a53c add more tests for empty strings and NO_COLOR
  • 97274d3 make use of cmp package for comparisons
  • 3e31863 merge identical cases for getting operator functions
  • e4d456b avoid variable names that shadow built-in functions
  • 19a3975 stop replacing capturing group syntax
  • 5bb6d33 support binding expressions with binary operators (fix #283)
  • Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits
  • b61f268 Merge pull request #1472 from goldlinker/master
  • 15c29db refactor: replace the deprecated function in the ioutil package
  • cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
  • 29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
  • d916819 Merge pull request #1427 from dolmen/fix-testify-usage
  • 135e482 README: small touch-ups
  • 2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
  • 877ecec README: remove travis badge
  • 55cf256 Merge pull request #1393 from jsoref/grammar
  • 21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
  • Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.10.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

  • chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

🔥✍🏼 Docs

🍂 Refactors

🤗 New Contributors

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group across 1 directory with 5 updates
87b1153 
Bumps the dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/attestantio/go-eth2-client](https://github.com/attestantio/go-eth2-client) | `0.27.1` | `0.28.0` |
| [github.com/ethereum/go-ethereum](https://github.com/ethereum/go-ethereum) | `1.16.5` | `1.16.8` |
| [github.com/itchyny/gojq](https://github.com/itchyny/gojq) | `0.12.17` | `0.12.18` |
| [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) | `1.9.3` | `1.9.4` |
| [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.10.1` | `1.10.2` |



Updates `github.com/attestantio/go-eth2-client` from 0.27.1 to 0.28.0
- [Changelog](https://github.com/attestantio/go-eth2-client/blob/master/CHANGELOG.md)
- [Commits](attestantio/go-eth2-client@v0.27.1...v0.28.0)

Updates `github.com/ethereum/go-ethereum` from 1.16.5 to 1.16.8
- [Release notes](https://github.com/ethereum/go-ethereum/releases)
- [Commits](ethereum/go-ethereum@v1.16.5...v1.16.8)

Updates `github.com/itchyny/gojq` from 0.12.17 to 0.12.18
- [Release notes](https://github.com/itchyny/gojq/releases)
- [Changelog](https://github.com/itchyny/gojq/blob/main/CHANGELOG.md)
- [Commits](itchyny/gojq@v0.12.17...v0.12.18)

Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](sirupsen/logrus@v1.9.3...v1.9.4)

Updates `github.com/spf13/cobra` from 1.10.1 to 1.10.2
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](spf13/cobra@v1.10.1...v1.10.2)

---
updated-dependencies:
- dependency-name: github.com/attestantio/go-eth2-client
  dependency-version: 0.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github.com/ethereum/go-ethereum
  dependency-version: 1.16.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/itchyny/gojq
  dependency-version: 0.12.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/sirupsen/logrus
  dependency-version: 1.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/spf13/cobra
  dependency-version: 1.10.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jan 19, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant