chore(deps): update security updates (major)

[NumaryBot]

This PR contains the following updates:

Package	Type	Update	Change
github.com/formancehq/go-libs	require	major	v1.7.2 -> v4.1.1
github.com/formancehq/go-libs/v3	require	major	v3.4.0 -> v4.1.1
github.com/lithammer/shortuuid/v3	indirect	major	v3.0.7 -> v4.2.0
github.com/oklog/ulid	indirect	major	v1.3.1 -> v2.1.1
github.com/puzpuzpuz/xsync/v3	indirect	major	v3.5.1 -> v4.4.0
github.com/zitadel/oidc/v2	require	major	v2.12.2 -> v3.45.5
gopkg.in/go-jose/go-jose.v2	indirect	major	v2.6.3 -> v4.1.3

---

Release Notes

formancehq/go-libs (github.com/formancehq/go-libs)

v4.1.1

Compare Source

v4.1.0

Compare Source

What's Changed

• chore(deps): update module go.opentelemetry.io/otel/sdk to v1.40.0 [security] by @​NumaryBot in https://github.com/formancehq/go-libs/pull/551
• chore(deps): update module filippo.io/edwards25519 to v1.1.1 [security] by @​NumaryBot in https://github.com/formancehq/go-libs/pull/550
• feat(EN-780): extract OTel trace context from message metadata in que… by @​fguery in https://github.com/formancehq/go-libs/pull/558
• chore(deps): update module github.com/docker/cli to v29 [security] by @​NumaryBot in https://github.com/formancehq/go-libs/pull/560
• feat: listener should inject the context into the context so that it … by @​fguery in https://github.com/formancehq/go-libs/pull/561
• chore(deps): update module github.com/nats-io/nats-server/v2 to v2.11.12 [security] by @​NumaryBot in https://github.com/formancehq/go-libs/pull/553
• feat(licence): offline JWT validation with embedded Formance public key by @​flemzord in https://github.com/formancehq/go-libs/pull/562

Full Changelog: formancehq/go-libs@v4.0.0...v4.1.0

v4.0.0

Compare Source

v3.6.1

Compare Source

v3.6.0

Compare Source

v3.5.0

Compare Source

v3.4.0

Compare Source

What's Changed

• fix: really use the publisher-nats-client-id flag for nats connections by @​sylr in https://github.com/formancehq/go-libs/pull/523
• chore(deps): update module github.com/opencontainers/runc to v1.2.8 [security] by @​NumaryBot in https://github.com/formancehq/go-libs/pull/525
• feat: add capacity to specify a static keyset on auth middleware by @​gfyrag in https://github.com/formancehq/go-libs/pull/524

New Contributors

• @​sylr made their first contribution in https://github.com/formancehq/go-libs/pull/523

Full Changelog: formancehq/go-libs@v3.3.0...v3.4.0

v3.3.0

Compare Source

v3.2.1

Compare Source

v3.2.0

Compare Source

v3.1.0

Compare Source

v3.0.1

Compare Source

v3.0.0

Compare Source

v2.2.4

Compare Source

v2.2.3

Compare Source

v2.2.2

Compare Source

v2.2.1

Compare Source

v2.0.0

Compare Source

What's Changed

• feat(otlp/metrics): add in memory exporter and noop meter provider by @​gfyrag in https://github.com/formancehq/go-libs/pull/127
• chore: upgrade under v2 by @​gfyrag in https://github.com/formancehq/go-libs/pull/134
• chore: switch pq to pgx by @​gfyrag in https://github.com/formancehq/go-libs/pull/138

Full Changelog: formancehq/go-libs@v1.7.2...v2.0.0

lithammer/shortuuid (github.com/lithammer/shortuuid/v3)

v4.2.0

Compare Source

What's Changed

• Support custom character length alphabets by @​anatoly-kussul in https://github.com/lithammer/shortuuid/pull/59
• Fix panic when using multibyte alphabet characters by @​anatoly-kussul in https://github.com/lithammer/shortuuid/pull/59
• More performance improvements (see pull request) by @​anatoly-kussul in https://github.com/lithammer/shortuuid/pull/59

Full Changelog: lithammer/shortuuid@v4.1.0...v4.2.0

v4.1.0

Compare Source

What's Changed

• Fixed code example in README by @​rfyiamcool in https://github.com/lithammer/shortuuid/pull/46
• Bump github.com/google/uuid from 1.3.0 to 1.6.0 by @​dependabot in https://github.com/lithammer/shortuuid/pull/50
• Massive performance improvements by @​anatoly-kussul in https://github.com/lithammer/shortuuid/pull/58

New Contributors

• @​rfyiamcool made their first contribution in https://github.com/lithammer/shortuuid/pull/46
• @​anatoly-kussul made their first contribution in https://github.com/lithammer/shortuuid/pull/58

Full Changelog: lithammer/shortuuid@v4.0.0...v4.1.0

v4.0.0

Compare Source

• [GH-29] Use MSB (instead of LSB) to encode/decode UUIDs (now compatible with the shortuuid v1.x.x Python library).
• [GH-29] Robuster URL check.
• [GH-29] 10-25% speed improvement via fewer allocations.

oklog/ulid (github.com/oklog/ulid)

v2.1.1

Compare Source

What's Changed

• README fix broken pkg.go.dev links by @​peteraba in https://github.com/oklog/ulid/pull/82
• README: fix small typos by @​craigpastro in https://github.com/oklog/ulid/pull/88
• Add fmt, vet, staticcheck to CI and lint accordingly by @​craigpastro in https://github.com/oklog/ulid/pull/89
• ulid: add MakeFromTime helper function by @​craigpastro in https://github.com/oklog/ulid/pull/87
• Refactor default entropy and fix test by @​peterbourgon in https://github.com/oklog/ulid/pull/98
• Add ulid.Timestamp method by @​peterbourgon in https://github.com/oklog/ulid/pull/107
• bump actions/setup-go@v5 by @​shogo82148 in https://github.com/oklog/ulid/pull/114
• bump actions/checkout@v4 by @​shogo82148 in https://github.com/oklog/ulid/pull/113
• Add ulid.Nil and .IsZero() method by @​tonyhb in https://github.com/oklog/ulid/pull/112

New Contributors

• @​peteraba made their first contribution in https://github.com/oklog/ulid/pull/82
• @​craigpastro made their first contribution in https://github.com/oklog/ulid/pull/88
• @​shogo82148 made their first contribution in https://github.com/oklog/ulid/pull/114
• @​tonyhb made their first contribution in https://github.com/oklog/ulid/pull/112

Full Changelog: oklog/ulid@v2.1.0...v2.1.1

v2.1.0

Compare Source

Full release of v2.1.0, thanks to our testers.

What's Changed

• Adding Bytes() to get slice representation of ULID by @​sabify in https://github.com/oklog/ulid/pull/49
• Update README to mention v2 by @​lmas in https://github.com/oklog/ulid/pull/48
• Continuous fuzzing by @​bookmoons in https://github.com/oklog/ulid/pull/55
• Long-overdue tidying up by @​peterbourgon in https://github.com/oklog/ulid/pull/61
• Update Value docs re: zero-value behavior by @​peterbourgon in https://github.com/oklog/ulid/pull/60
• Fix max theorical date in the README by @​fancyweb in https://github.com/oklog/ulid/pull/65
• Refer updated github link of alizain/ulid by @​kachick in https://github.com/oklog/ulid/pull/67
• Fix timezone formatting in RFC 3339 output by @​scop in https://github.com/oklog/ulid/pull/74
• Linter fixes by @​scop in https://github.com/oklog/ulid/pull/75
• ulid: add DefaultEntropy() and Make() by @​tsenart in https://github.com/oklog/ulid/pull/81

New Contributors

• @​sabify made their first contribution in https://github.com/oklog/ulid/pull/49
• @​lmas made their first contribution in https://github.com/oklog/ulid/pull/48
• @​bookmoons made their first contribution in https://github.com/oklog/ulid/pull/55
• @​fancyweb made their first contribution in https://github.com/oklog/ulid/pull/65
• @​kachick made their first contribution in https://github.com/oklog/ulid/pull/67
• @​scop made their first contribution in https://github.com/oklog/ulid/pull/74

Full Changelog: oklog/ulid@v2.0.2...v2.1.0

v2.0.2

Compare Source

Identical to v2.0.1, except uses the proper /v2 suffix on the ulid import in ulid_test.go. Without this change, anyone who imported oklog/ulid at e.g. v2.0.1 into their project would also get oklog/ulid at v0-something due to the inadvertent transitive dependency.

v2.0.1

Compare Source

Identical to v2.0.0, but fixes a bug in the go.mod module path.

v2.0.0

Compare Source

A new major version to go with support for Go modules. Also, improved support for safe monotonic readers.

puzpuzpuz/xsync (github.com/puzpuzpuz/xsync/v3)

v4.4.0

Compare Source

• Micro-optimize Map for integer keys #​185
• Add Map.RangeRelaxed method for faster map iteration #​187
• Add Map.DeleteMatching method for batch entry deletion #​186

Read-heavy operations on Map with integer keys are now 24-29% faster due to a more efficient hash function, as well as a number of micro-optimizations.

RangeRelaxed is a much faster (~11x), lock-free alternative to Range. The downside is that the same key may be visited by RangeRelaxed more than once if it is concurrently deleted and re-inserted during the iteration. RangeRelaxed should be preferred over Range in all cases when weaker consistency is acceptable.

m := xsync.NewMap[string, int]()
m.Store("alice", 10)
m.Store("bob", 20)
m.Store("carol", 30)
m.Store("dave", 40)

// Iterate map entries and calculate sum of all values.
sum := 0
m.RangeRelaxed(func(key string, value int) bool {
	sum += value
	return true // continue iteration
})

DeleteMatching deletes all entries for which the delete return value of the input function is true. If the cancel return value is true, the iteration stops immediately. The function returns the number of deleted entries. The call locks a hash table bucket for the duration of evaluating the function for all entries in the bucket and performing deletions. It performs up to 20% faster than Range + Delete, yet if the percentage of the entries to-be-deleted is low, RangeRelaxed + Delete combination should be more efficient.

// Delete entries with value greater than 25.
deleted := m.DeleteMatching(func(key string, value int) (delete, cancel bool) {
	return value > 25, false
})

v4.3.0

Compare Source

• Add iterator function Map.All #​181
• Make shrink resize lock-free on target buckets #​180

All is similar to Range, but returns an iter.Seq2, so is compatible with Go 1.23+ iterators. All of the same caveats and behavior from Range apply to All.

m := xsync.NewMap[string, int]()
for i := range 100 {
  m.Store(strconv.Itoa(i), i)
}

// Will print all of the map entries
for key, val := range m.All() {
  fmt.Printf("m[%q] = %q\n")
}

Kudos to @​llxisdsh and @​moskyb for making this release happen.

v4.2.0

Compare Source

• Cooperative parallel rehashing in Map #​178
• Use runtime.cheaprand instead of fastrand #​177

Introduces cooperative rehashing for xsync.Map this means that goroutines that execute write operations, such as Compute or Store, may participate in table rehashing when the hash table grows or shrinks. From now on, table rehashing never spawns additional goroutines.

This behavior is always enabled, so the WithSerialResize function is now marked as deprecated and acts as a no-op.

v4.1.0

Compare Source

• New data structure: UMPSCQueue #​168
• Speed up LoadAndDelete and Delete in case of non-existing Map key #​167
• Parallel Map resize #​170

UMPSCQueue is meant to serve as a replacement for a channel. However, crucially, it has infinite capacity. This is a very bad idea in many cases as it means that it never exhibits backpressure. In other words, if nothing is consuming elements from the queue, it will eventually consume all available memory and crash the process. However, there are also cases where this is desired behavior as it means the queue will dynamically allocate more memory to store temporary bursts, allowing producers to never block while the consumer catches up.

From now on, Map spawns additional goroutines to speed up resizing the hash table. This can be disabled when creating a Map with the new WithSerialResize setting:

m := xsync.NewMap[int, int](xsync.WithSerialResize())
// resize will take place on the current goroutine only
for i := 0; i < 10000; i++ {
	m.Store(i, i)
}

Thanks @​PapaCharlie and @​llxisdsh for the contributions!

v4.0.0

Compare Source

• Minimal Golang version is now 1.24.
• All non-generic data structures are now removed. Generic versions should be used instead - they use the old names, but type aliases are present to simplify v3-to-v4 code migration.
• MapOf's hasher API is gone. The default and only hash function is now based on maphash.Comparable.
• Map's Compute API now supports no-op (cancel) compute operation.

Thanks @​PapaCharlie for making this release happen

Migration notes

• The old *Of types are kept as type aliases for the renamed data structures to simplify the migration, e.g. MapOf is an alias for Map.
• NewMapOfPresized function is gone. NewMap combined with WithPresize should be used instead.
• Map.Compute method now expects valueFn to return a ComputeOp value instead of a boolean flag. That's to support compute operation cancellation, so that the call does nothing.
• Map.LoadOrTryCompute method is renamed to LoadOrCompute. The old LoadOrCompute method is removed as it was redundant.

zitadel/oidc (github.com/zitadel/oidc/v2)

v3.45.5

Compare Source

Bug Fixes

• add auth_methods client_secret_basic for refresh token and revok… (#​803) (811e8b2)

v3.45.4

Compare Source

Bug Fixes

• grant type in device code validation error message (#​845) (c238329)

v3.45.3

Compare Source

Bug Fixes

• tracing: renamed tracer in op (#​809) (d105faf), closes #​808

v3.45.2

Compare Source

Bug Fixes

• consistently handle string-valued boolean fields from non-compliant OIDC providers (#​791) (b4dca67), closes #​139

v3.45.1

Compare Source

Bug Fixes

• rp: don't ignore JWKS parsing errors (#​771) (a3f3428), closes #​541

v3.45.0

Compare Source

Features

• rp: add WithPKCEFromDisocvery (#​776) (e3169b6), closes #​506 #​506

v3.44.0

Compare Source

Features

• allow setting op.Crypto during provider setup (#​778) (3edc81e)

v3.43.1

Compare Source

Bug Fixes

• add redirect_uri decoded (#​775) (1fb34f3)

v3.43.0

Compare Source

Features

• rp: optional authorized party check (#​752) (0d50c93)

v3.42.0

Compare Source

Features

• pass optional logout hint and ui locales to end session request (#​774) (dbf1a73)

v3.41.0

Compare Source

Features

• Request aware cookie handling (#​753) (c0d0ba9)

v3.40.0

Compare Source

Features

• exclude OTEL instrumentation via build tag (#​770) (21e830e)

v3.39.1

Compare Source

Bug Fixes

• Omit empty assertion fields in client creds request (#​745) (71b7500)

v3.39.0

Compare Source

Features

• update end session request to pass all params according to specification (#​754) (f94bd54)

v3.38.1

Compare Source

Bug Fixes

• op: Add mitigation for PKCE Downgrade Attack (#​741) (4f0ed79)

v3.38.0

Compare Source

Features

• enhance authentication response handling (#​728) (5913c5a)

v3.37.0

Compare Source

Features

• op: always verify code challenge when available (#​721) (c51628e)

v3.36.1

Compare Source

Bug Fixes

• ignore empty json strings for locale (#​678) (efd6fda), closes #​673

v3.36.0

Compare Source

Features

• add CanGetPrivateClaimsFromRequest interface (#​717) (7a767d8)

v3.35.0

Compare Source

Features

• support for session_state (#​712) (4ef9529)

v3.34.2

Compare Source

Bug Fixes

• migrate deprecated io/ioutil.ReadFile to os.ReadFile (#​714) (eb98343)

v3.34.1

Compare Source

Bug Fixes

• allow native clients to use https:// on localhost redirects (#​691) (de2fd41)

v3.34.0

Compare Source

Features

• add redirect URI-s ENV setting to web clients (#​693) (a0f67c0)

v3.33.1

Compare Source

Bug Fixes

• op: add scope to access token scope (#​664) (897c720)

v3.33.0

Compare Source

Features

• pkg/op: allow custom SupportedScopes (#​675) (8afb8b8)

v3.32.1

Compare Source

Bug Fixes

• ignore all unmarshal errors from locale (#​673) (fbf009f)

v3.32.0

Compare Source

Features

• OP: add back channel logout support (#​671) (f1e4cb2)

v3.31.0

Compare Source

Features

• example: Allow configuring some parameters with env variables (#​663) (24869d2)

v3.30.1

Compare Source

Bug Fixes

• fix slice init length (#​658) (97d7b28)

v3.30.0

Compare Source

Features

• oidc: return defined error when discovery failed (#​653) (3b64e79)

v3.29.1

Compare Source

Bug Fixes

• oidc: set client ID to access token JWT (#​650) (b555396)

v3.29.0

Compare Source

Features

• Define redirect uris with env variables (#​644) (e1633bd)

v3.28.2

Compare Source

Bug Fixes

• client assertions for Okta (#​636) (67688db)

v3.28.1

Compare Source

Bug Fixes

• op: initialize http Headers in response objects (#​637) (1e75773)

v3.28.0

Compare Source

Features

• crypto: hash algorithm for EdDSA (#​638) (9930193)

v3.27.1

Compare Source

Bug Fixes

• op: do not redirect to unverified uri on error (#​640) (0aa61b0), closes #​627

v3.27.0

Compare Source

Features

• op: allow returning of parent errors to client (#​629) (b6f3b1e)

v3.26.1

Compare Source

Bug Fixes

• overwrite redirect content length (#​632) (6f0a630)

v3.26.0

Compare Source

Features

• support PKCS#​8 (#​623) (e5a428d)

v3.25.1

Compare Source

Bug Fixes

• example: set content-type in the userinfo response (#​614) (da4e683)

v3.25.0

Compare Source

Features

• op: allow scope without openid (#​613) (a7b5355)

v3.24.0

Compare Source

Features

• add default signature algorithms (#​606) (8a47532)

v3.23.2

Compare Source

Bug Fixes

• Omit non-standard, empty fields in RefreshTokenRequest when performing a token refresh (#​599) (5a84d8c)

v3.23.1

Compare Source

Bug Fixes

• Handle case where verifier Nonce func is nil (#​594) (24d43f5)

v3.23.0

Compare Source

Features

• op: authorize callback handler as argument in legacy server registration (#​598) (37ca0e4)

v3.22.1

Compare Source

Bug Fixes

• to propagate context (#​593) (3512c72)

v3.22.0

Compare Source

Features

• Added the ability to verify ID tokens using the value of id_token_signing_alg_values_supported retrieved from DiscoveryEndpoint (#​579) (68d4e08), closes #​574

v3.21.0

Compare Source

Features

• deps: update go-jose to v4 (#​588) (33f8df7), closes #​583

v3.20.1

Compare Source

Bug Fixes

• Fail safe, if optional endpoints are not given (#​582) (06f37f8)

v3.20.0

Compare Source

Features

• support verification_url workaround for DeviceAuthorizationResponse unmarshal (#​577) (e75a061)

v3.19.0

Compare Source

Features

• return oidc.Error in case of call token failure (#​571) (c89d0ed)

v3.18.0

Compare Source

Features

• oidc: add actor claim to introspection response (#​570) (56397f8)

v3.17.0

Compare Source

Features

• op: allow setting the actor to Token Requests (#​569) (4d63d68)

v3.16.0

Compare Source

Features

• client: tracing in rp (bdcccc3)
• rp: extend tracing (d18aba8)

v3.15.0

Compare Source

Features

• extend token exchange response (#​567) (ad79802)

v3.14.0

Compare Source

Features

• op: Add response_mode: form_post (#​551) (5ef597b)

v3.13.0

Compare Source

Features

• go 1.22 and slog migration (#​557) (972b898)

v3.12.0

Compare Source

Features

• Add rp.WithAuthStyle as Option (#​546) (f4bbffb)

v3.11.2

Compare Source

Bug Fixes

• Set unauthorizedHandler, if not defined (#​547) (b45072a)

v3.11.1

Compare Source

Bug Fixes

• op: allow expired id token hints in authorize (#​527) (045b59e)

v3.11.0

Compare Source

Features

• op: split the access and ID token hint verifiers (#​525) (e9bd7d7)

v3.10.3

Compare Source

Bug Fixes

• allow expired ID token hint to end sessions (#​522) (b8e520a)

v3.10.2

Compare Source

Bug Fixes

• don't force server errors in legacy server (#​517) (57d04e7)

v3.10.1

Compare Source

Bug Fixes

• op: check redirect URI in code exchange (#​516) (844e233)

v3.10.0

Compare Source

Features

• rp: Add UnauthorizedHandler (#​503) (984e31a)

v3.9.1

Compare Source

Bug Fixes

• Implement dedicated error for RevokeToken (#​508) (e23b1d4)

v3.9.0

Compare Source

Features

• op: allow double star globs (#​507) (c37ca25)

v3.8.1

Compare Source

Bug Fixes

• oidc: ignore unknown language tag in userinfo unmarshal (#​505) (dce79a7)

v3.8.0

Compare Source

Features

• op: ID token for device authorization grant (#​500) (b300027)

v3.7.0

Compare Source

Features

• op: User-configurable claims_supported (#​495) (7bdaf9c)

v3.6.0

Compare Source

Features

• op: PKCE Verification in Legacy Server when AuthMethod is not NONE and CodeVerifier is not Empty (#​496) (9d12d1d)

v3.5.1

Compare Source

Bug Fixes

• crypto: nil pointer dereference in crypto.BytesToPrivateKey (#​491) (#​493) (3a4d44c)

v3.5.0

Compare Source

Features

• rp: client credentials grant (#​494) (fe3e02b), closes /datatracker.ietf.org/doc/html/rfc6749#section-4

v3.4.0

Compare Source

Features

• op: create a JWT profile with a keyset (f7a0f7c)
• op: JWT profile verifier with keyset (a8ef8de)

v3.3.1

Compare Source

Bug Fixes

• examples: Offer Storage with non-global client (#​489) (7d0cdec)

v3.3.0

Compare Source

Features

• Allow CORS policy to be configured (#​484) (7b64687)

v3.2.1

Compare Source

Bug Fixes

• op: export NewProvider to allow customized issuer (#​479) (d88c0ac)

v3.2.0

Compare Source

Features

• op: issuer from custom headers (#​478) (7475023)

v3.1.1

Compare Source

Bug Fixes

• build callback url from server, not op (#​468) (e5f0dca)
• server: do not get client by id for introspection (#​467) (73a1982)

v3.1.0

Compare Source

Features

• op: allow Legacy Server extension (#​466) (bab5399)

v3.0.3

Compare Source

Bug Fixes

• op: terminate session from request in legacy server (#​465) (164c5b2)

v3.0.2

Compare Source

What's Changed

• chore(deps): upgrade go-chi/chi to v5 by @​muhlemmer in https://github.com/zitadel/oidc/pull/462

Full Changelog: zitadel/oidc@v3.0.1...v3.0.2

[v3.0.1](https://redire

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

[NumaryBot]

⚠️ Artifact update problem

Renovate failed to update artifacts related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -d -t ./...
go: -d flag is deprecated. -d=true is a no-op
go: gopkg.in/go-jose/go-jose.v4@v4.1.3: parsing go.mod:
	module declares its path as: github.com/go-jose/go-jose/v4
	        but was required as: gopkg.in/go-jose/go-jose.v4

File name: undefined

Command failed: just pre-commit
go mod tidy
go: gopkg.in/go-jose/go-jose.v4@v4.1.3: parsing go.mod:
	module declares its path as: github.com/go-jose/go-jose/v4
	        but was required as: gopkg.in/go-jose/go-jose.v4
error: Recipe `tidy` failed on line 13 with exit code 1

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (1)

• go.mod is excluded by !**/*.mod

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4fcc7f0b-0196-42c4-91bd-c97d9c332cff

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/major-security

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}