Skip to content

chore(deps): bump github.com/fxamacker/cbor/v2 from 2.9.1 to 2.9.2#43

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/fxamacker/cbor/v2-2.9.2
Open

chore(deps): bump github.com/fxamacker/cbor/v2 from 2.9.1 to 2.9.2#43
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/fxamacker/cbor/v2-2.9.2

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 27, 2026
edited
Loading

Bumps github.com/fxamacker/cbor/v2 from 2.9.1 to 2.9.2.

Release notes

Sourced from github.com/fxamacker/cbor/v2's releases.

v2.9.2

This release refactors and hardens the streaming encoder by adding stricter checks for encoding CBOR indefinite-length data. Other changes include minor bugfixes, defensive checks, and more tests.

Projects that don't use CBOR indefinite-length data may also want to upgrade (summary of prior releases).

The stricter checks in the encoder prevent improper use of the library and bad inputs from producing malformed CBOR indefinite-length data that would be rejected by the decoder.

This release passed fuzz tests (billions of execs) and it is production quality.

What's Changed

CI / GitHub Actions and Docs

Full Changelog: fxamacker/cbor@v2.9.1...v2.9.2

Commits
  • 45589ab Merge pull request #769 from fxamacker/fxamacker/update-readme-release-status
  • 8e98ea5 Update README for v2.9.2 release
  • e501aca Merge pull request #768 from fxamacker/fxamacker/update-docs
  • e6af0aa Merge pull request #767 from fxamacker/fxamacker/refactor-indefinite-length-e...
  • 57f1601 Merge pull request #766 from fxamacker/fxamacker/no-opt-to-remove-nil-type-in...
  • 0cdb674 Fix indefinite-length string chunk validation
  • c0db60f Improve GitHub Workflow code coverage regex
  • 63937fe Fix panic message to print the unrecognized tag
  • f0352a5 Add more tests
  • 0c20a0f Refactor encoding of indefinite-length data item
  • Additional commits viewable in compare view

@dependabot @github
Copy link
Copy Markdown
Author

dependabot Bot commented on behalf of github May 27, 2026

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/fxamacker/cbor/v2-2.9.2 branch 2 times, most recently from 04268cf to 86d7ff7 Compare June 2, 2026 16:06
@dependabot
chore(deps): bump github.com/fxamacker/cbor/v2 from 2.9.1 to 2.9.2
0410c2c 
Bumps [github.com/fxamacker/cbor/v2](https://github.com/fxamacker/cbor) from 2.9.1 to 2.9.2.
- [Release notes](https://github.com/fxamacker/cbor/releases)
- [Commits](fxamacker/cbor@v2.9.1...v2.9.2)

---
updated-dependencies:
- dependency-name: github.com/fxamacker/cbor/v2
  dependency-version: 2.9.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/fxamacker/cbor/v2-2.9.2 branch from 86d7ff7 to 0410c2c Compare June 2, 2026 17:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants