Skip to content

fix(deps): bump github.com/opentdf/platform/lib/ocrypto from 0.11.0 to 0.12.0 in /sdk#3534

Merged
dmihalcik-virtru merged 1 commit into
mainfrom
dependabot/go_modules/sdk/github.com/opentdf/platform/lib/ocrypto-0.12.0
May 28, 2026
Merged

fix(deps): bump github.com/opentdf/platform/lib/ocrypto from 0.11.0 to 0.12.0 in /sdk#3534
dmihalcik-virtru merged 1 commit into
mainfrom
dependabot/go_modules/sdk/github.com/opentdf/platform/lib/ocrypto-0.12.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 27, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/opentdf/platform/lib/ocrypto from 0.11.0 to 0.12.0.

Release notes

Sourced from github.com/opentdf/platform/lib/ocrypto's releases.

protocol/go: v0.12.0

0.12.0 (2025-10-14)

Features

  • authz: defer to request auth as decision/entitlements entity (#2789) (feb34d8)
  • policy: Proto - root certificates by namespace (#2800) (0edb359)

Bug Fixes

  • core: deprecated stale protos and add better upgrade comments (#2793) (f2678cc)

sdk: v0.12.0

0.12.0 (2026-01-27)

⚠ BREAKING CHANGES

  • remove nanotdf support (#3013)

Features

Bug Fixes

service: v0.12.0

0.12.0 (2026-01-27)

⚠ BREAKING CHANGES

  • remove nanotdf support (#3013)
  • core: DSPX-2090 Removes unnamed key mgrs (#2952)

Features

  • core: Actually use KeyManager ProviderConfig (#2837) (65ba2e0)
  • core: add additive CORS configuration fields (#2941) (d45a34b)
  • core: add direct entitlement support (#2630) (cc8337a)
  • deps: Bump ocrypto to v0.9.0 (#3024) (cd79950)
  • kas: add configurable SRT skew tolerance and diagnostics (#2886) (1a57227)
  • kas: Add nano policy binding to rewrap audit. (#2870) (a12d1d4)
  • policy: add allow_traversal to attribute definitions (#3014) (bbbe21b)

... (truncated)

Commits
  • ff130fb chore(main): release sdk 0.12.0 (#3006)
  • 3b0834e feat(sdk): add automatic token refresh for Keycloak operations (#3019)
  • cd79950 feat(deps): Bump ocrypto to v0.9.0 (#3024)
  • 1aec413 chore(main): release lib/ocrypto 0.9.0 (#3015)
  • 62f76ae chore(deps): Bump proto/go to v0.15 (#3020)
  • 503f025 chore(main): release protocol/go 0.15.0 (#2988)
  • 3967377 feat(policy): Return definition when attr value is missing (#3012)
  • 4b1c1e5 fix(sdk): SDK linting errors (#3007)
  • bbbe21b feat(policy): add allow_traversal to attribute definitions (#3014)
  • 2a85f5f chore(ci): fix yq command by removing unsupported if-else syntax (#3016)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/opentdf/platform/lib/ocrypto](https://github.com/opentdf/platform) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/opentdf/platform/releases)
- [Commits](sdk/v0.11.0...sdk/v0.12.0)

---
updated-dependencies:
- dependency-name: github.com/opentdf/platform/lib/ocrypto
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 27, 2026
@dependabot
dependabot Bot requested review from a team as code owners May 27, 2026 20:00
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 27, 2026
@github-actions github-actions Bot added comp:sdk A software development kit, including library, for client applications and inter-service communicati size/s labels May 27, 2026
@github-actions

Copy link
Copy Markdown
Contributor
Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 226.38916ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric Value
Approved Decision Requests 1000
Denied Decision Requests 0
Total Time 140.738408ms

Benchmark Statistics

Name № Requests Avg Duration Min Duration Max Duration

Bulk Benchmark Results

Metric Value
Total Decrypts 100
Successful Decrypts 100
Failed Decrypts 0
Total Time 435.141291ms
Throughput 229.81 requests/second

TDF3 Benchmark Results:

Metric Value
Total Requests 5000
Successful Requests 5000
Failed Requests 0
Concurrent Requests 50
Total Time 44.066224584s
Average Latency 438.167139ms
Throughput 113.47 requests/second

@github-actions

Copy link
Copy Markdown
Contributor

⚠️ Govulncheck found vulnerabilities ⚠️

The following modules have known vulnerabilities:

  • examples
  • otdfctl
  • sdk
  • service
  • lib/fixtures
  • tests-bdd

See the workflow run for details.

@jakedoublev
jakedoublev enabled auto-merge May 27, 2026 21:36
@jakedoublev
jakedoublev added this pull request to the merge queue May 27, 2026
@github-merge-queue
github-merge-queue Bot removed this pull request from the merge queue due to failed status checks May 27, 2026
@jakedoublev
jakedoublev added this pull request to the merge queue May 27, 2026
@github-merge-queue
github-merge-queue Bot removed this pull request from the merge queue due to failed status checks May 27, 2026
@dmihalcik-virtru
dmihalcik-virtru added this pull request to the merge queue May 28, 2026
Merged via the queue into main with commit e95fb70 May 28, 2026
68 of 70 checks passed
@dmihalcik-virtru
dmihalcik-virtru deleted the dependabot/go_modules/sdk/github.com/opentdf/platform/lib/ocrypto-0.12.0 branch May 28, 2026 13:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

comp:sdk A software development kit, including library, for client applications and inter-service communicati dependencies Pull requests that update a dependency file go Pull requests that update Go code size/s

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants