Skip to content

deps(go): Bump the go-minor-patch group across 1 directory with 2 updates#535

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-minor-patch-1784fe5d79
Open

deps(go): Bump the go-minor-patch group across 1 directory with 2 updates#535
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-minor-patch-1784fe5d79

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 30, 2026
edited
Loading

Bumps the go-minor-patch group with 2 updates in the / directory: github.com/fsnotify/fsnotify and golang.org/x/sys.

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

  • inotify: don't remove sibling watches sharing a path prefix (#754)

  • inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

  • inotify: improve initialization error message (#731)

  • inotify: send Rename event if recursive watch is renamed (#696)

  • inotify: avoid copying event buffers when reading names (#741)

  • kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

  • kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

  • windows: fix nil pointer dereference in remWatch (#736)

  • windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

  • inotify: don't remove sibling watches sharing a path prefix (#754)

  • inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

  • inotify: improve initialization error message (#731)

  • inotify: send Rename event if recursive watch is renamed (#696)

  • inotify: avoid copying event buffers when reading names (#741)

  • kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

  • kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

  • windows: fix nil pointer dereference in remWatch (#736)

  • windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits
  • 76b01a6 Release 1.10.1
  • fec150b Update changelog
  • 162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
  • 224257f inotify: don't remove sibling watches sharing a path prefix (#754)
  • e0c956c windows: document directory Write events and stabilize tests (#745)
  • 8d01d7b Release 1.10.0
  • 602284e Update changelog
  • 7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
  • dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
  • eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.42.0 to 0.43.0

Commits
  • f33a730 windows: support nil security descriptor on GetNamedSecurityInfo
  • 493d172 cpu: add runtime import in cpu_darwin_arm64_other.go
  • 2c2be75 windows: use syscall.SyscallN in Proc.Call
  • a76ec62 cpu: roll back "use IsProcessorFeaturePresent to calculate ARM64 on windows"
  • See full diff in compare view

@dependabot dependabot Bot requested a review from itcmsgr as a code owner April 30, 2026 20:56
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 30, 2026

Labels

The following labels could not be found: dependencies, go, security. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 30, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
gomod/github.com/fsnotify/fsnotify 1.10.1 🟢 5.6
Details
CheckScoreReason
Code-Review🟢 5Found 15/26 approved changesets -- score normalized to 5
Maintained🟢 1014 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy⚠️ 0security policy file not detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
gomod/golang.org/x/sys 0.43.0 UnknownUnknown

Scanned Files

  • go.mod

@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-minor-patch-1784fe5d79 branch from 7dd2de8 to 5820531 Compare May 2, 2026 00:27
@dependabot
deps(go): Bump the go-minor-patch group across 1 directory with 2 upd…
60e225f 
…ates

Bumps the go-minor-patch group with 2 updates in the / directory: [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `github.com/fsnotify/fsnotify` from 1.9.0 to 1.10.1
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md)
- [Commits](fsnotify/fsnotify@v1.9.0...v1.10.1)

Updates `golang.org/x/sys` from 0.42.0 to 0.43.0
- [Commits](golang/sys@v0.42.0...v0.43.0)

---
updated-dependencies:
- dependency-name: github.com/fsnotify/fsnotify
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
- dependency-name: golang.org/x/sys
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title deps(go): bump the go-minor-patch group across 1 directory with 2 updates deps(go): Bump the go-minor-patch group across 1 directory with 2 updates May 5, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-minor-patch-1784fe5d79 branch from 5820531 to 60e225f Compare May 5, 2026 00:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@itcmsgr itcmsgr Awaiting requested review from itcmsgr itcmsgr is a code owner

Assignees

@itcmsgr itcmsgr

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@itcmsgr