build(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.36.0#2129
build(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.36.0#2129dependabot[bot] wants to merge 1 commit intomasterfrom
Conversation
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.34.0 to 0.36.0. - [Commits](golang/oauth2@v0.34.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
|
Closing since this requires go v1.25 (we're on v1.24.9) |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/go_modules/golang.org/x/oauth2-0.36.0
branch
|
@im-adithya why don't we update Go? |
|
Sure will do, I thought we do it when it's a hard requirement on a significant package |
|
Here is a case where we can't update dependencies without updating Go, so it might be a good time to do it |
2 participants
Bumps golang.org/x/oauth2 from 0.34.0 to 0.36.0.
Commits
4d954e6all: upgrade go directive to at least 1.25.0 [generated]89ff2e1google: add safer credentials JSON loading options.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)