Skip to content

Bump the go-dependencies group across 1 directory with 4 updates#1255

Merged
pjbgf merged 1 commit into
mainfrom
dependabot/go_modules/go-dependencies-98bebb0e6a
May 26, 2026
Merged

Bump the go-dependencies group across 1 directory with 4 updates#1255
pjbgf merged 1 commit into
mainfrom
dependabot/go_modules/go-dependencies-98bebb0e6a

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026
edited
Loading

Bumps the go-dependencies group with 3 updates in the / directory: github.com/betterleaks/betterleaks, github.com/posthog/posthog-go and golang.org/x/crypto.

Updates github.com/betterleaks/betterleaks from 1.2.0 to 1.3.1

Release notes

Sourced from github.com/betterleaks/betterleaks's releases.

v1.3.1

Changelog

  • ea102f10e2255c28a2e45cd58db643ee5864e05b Update README.md
  • 5877fac24e50140cb277e8538e2412139cba4a0c Update betterleaks config link to main branch (#144)
  • 2d72998e2c2d2f5f6a4526de60eb6281439f1cdb bump min bl config version (#143)
  • 92cea1164d1cc551ead2402b1257055dd0080016 use filter in rule generation instead of relying on translate (#145)

v1.3.0

What's New

S3 Source

You can scan S3 and other S3 compatible object stores with the betterleaks s3 command:

betterleaks s3 <url> [flags]

Scan an AWS bucket


betterleaks s3 https://my-bucket.s3.us-east-1.amazonaws.com/logs/


AWS shorthand (region auto-probed)


betterleaks s3 s3://my-bucket/logs/


Enumerate and scan all buckets in the account


(requires s3:ListAllMyBuckets on the credentials)


betterleaks s3 'https://s3.us-east-1.amazonaws.com/*'


Enumerate buckets matching a glob, scan a shared prefix in each


(same permission requirement as above)


betterleaks s3 'https://s3.us-east-1.amazonaws.com/prod-*/logs/'


Scan a public bucket without credentials


(the bucket policy must grant anonymous s3:ListBucket, not just s3:GetObject)


betterleaks s3 --anonymous https://<public-bucket>.s3.<region>.amazonaws.com/


Scan a single Cloudflare R2 bucket


betterleaks s3 https://my-bucket.acct123.r2.cloudflarestorage.com/


Enumerate all R2 buckets in an account


(requires an admin-scoped R2 API token, not a bucket-scoped one)


betterleaks s3 'https://acct123.r2.cloudflarestorage.com/*'


Scan a MinIO bucket


betterleaks s3 --region=us-east-1 http://localhost:9000/mybucket


Flags:
--access-key string      AWS access key (overrides AWS_ACCESS_KEY_ID)
--anonymous              do not sign requests; ignore AWS_* env vars and --access-key/--secret-key
-h, --help                   help for s3
--max-object-size int    objects larger than this many bytes are skipped (0 = 250 MiB default)
--region string          AWS region (required for some non-AWS endpoints; auto-probed for AWS)
</tr></table>

... (truncated)

Commits

Updates github.com/posthog/posthog-go from 1.12.5 to 1.12.6

Release notes

Sourced from github.com/posthog/posthog-go's releases.

1.12.6

Unreleased

Changelog

Sourced from github.com/posthog/posthog-go's changelog.

1.12.6

Patch Changes

  • 9289d53: Reject semver values with leading zeros in local flag evaluation. Per semver 2.0.0 §2, numeric identifiers must not include leading zeros — values like 1.07.3 are not valid semver and should not match targeting conditions. Both override values and flag values are now validated; invalid inputs surface an InconclusiveMatchError so the condition does not match.
Commits
  • a99dc57 chore: release v1.12.6 [version bump] [skip ci]
  • 9289d53 fix: reject leading-zero semver values in local evaluation (#200)
  • 4caaa1e chore: pin github actions to commit shas (#202)
  • See full diff in compare view

Updates golang.org/x/crypto from 0.51.0 to 0.52.0

Commits
  • a1c0d99 go.mod: update golang.org/x dependencies
  • 3c7c869 ssh: fix deadlock on unexpected channel responses
  • 533fb3f ssh: fix source-address critical option bypass
  • abbc44d ssh: fix incorrect operator order
  • e052873 ssh: fix infinite loop on large channel writes due to integer overflow
  • b61cf85 ssh: enforce user presence verification for security keys
  • 9c2cd33 ssh: enforce strict limits on DSA key parameters
  • 8907318 ssh: reject RSA keys with excessively large moduli
  • ffd87b4 ssh: fix panic when authority callbacks are nil
  • 4e7a738 ssh: fix deadlock on unexpected global responses
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.44.0 to 0.45.0

Commits
  • 397d5f8 unix: update to Linux kernel 7.0
  • 0a387f7 cpu: detect zbc extension on riscv64
  • 758f71c cpu: add LLACQ_SCREL, SCQ, DBAR_HINTS detection for loong64
  • 99666ae unix: merge Linux readv/writev implementation with Darwin/OpenBSD
  • e4444cb windows: add NtSetEaFile, NtQueryEaFile and NtQueryInformationFile
  • 04396e8 unix: add Readv, Writev, Preadv, Pwritev for OpenBSD
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 22, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 22, 2026 19:07
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 22, 2026
@dependabot
Bump the go-dependencies group across 1 directory with 4 updates
98ae92c 
Bumps the go-dependencies group with 3 updates in the / directory: [github.com/betterleaks/betterleaks](https://github.com/betterleaks/betterleaks), [github.com/posthog/posthog-go](https://github.com/posthog/posthog-go) and [golang.org/x/crypto](https://github.com/golang/crypto).


Updates `github.com/betterleaks/betterleaks` from 1.2.0 to 1.3.1
- [Release notes](https://github.com/betterleaks/betterleaks/releases)
- [Commits](betterleaks/betterleaks@v1.2.0...v1.3.1)

Updates `github.com/posthog/posthog-go` from 1.12.5 to 1.12.6
- [Release notes](https://github.com/posthog/posthog-go/releases)
- [Changelog](https://github.com/PostHog/posthog-go/blob/main/CHANGELOG.md)
- [Commits](PostHog/posthog-go@v1.12.5...v1.12.6)

Updates `golang.org/x/crypto` from 0.51.0 to 0.52.0
- [Commits](golang/crypto@v0.51.0...v0.52.0)

Updates `golang.org/x/sys` from 0.44.0 to 0.45.0
- [Commits](golang/sys@v0.44.0...v0.45.0)

---
updated-dependencies:
- dependency-name: github.com/betterleaks/betterleaks
  dependency-version: 1.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/posthog/posthog-go
  dependency-version: 1.12.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependencies
- dependency-name: golang.org/x/crypto
  dependency-version: 0.52.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-dependencies-98bebb0e6a branch from 95624fe to 98ae92c Compare May 26, 2026 00:11
@pjbgf pjbgf merged commit 6853523 into main May 26, 2026
9 checks passed
@pjbgf pjbgf deleted the dependabot/go_modules/go-dependencies-98bebb0e6a branch May 26, 2026 09:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pjbgf pjbgf pjbgf approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pjbgf