Skip to content

chore(deps): update ⬆️ gomod patching to v0.44.0 [security]#54

Merged
renovate[bot] merged 1 commit into
mainfrom
renovate/go-golang.org-x-sys-vulnerability
May 28, 2026
Merged

chore(deps): update ⬆️ gomod patching to v0.44.0 [security]#54
renovate[bot] merged 1 commit into
mainfrom
renovate/go-golang.org-x-sys-vulnerability

Conversation

@renovate

@renovate renovate Bot commented May 28, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
golang.org/x/sys v0.43.0v0.44.0 age adoption passing confidence

Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

CVE-2026-39824 / GO-2026-5024

More information

Details

NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated string rather than an error.

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).


Configuration

📅 Schedule: (in timezone America/Los_Angeles)

  • Branch creation
    • ""
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the security label May 28, 2026
@renovate renovate Bot enabled auto-merge (squash) May 28, 2026 18:08
@renovate renovate Bot merged commit 4270e89 into main May 28, 2026
4 checks passed
@renovate renovate Bot deleted the renovate/go-golang.org-x-sys-vulnerability branch May 28, 2026 18:09
scottames pushed a commit that referenced this pull request Jul 7, 2026
🤖 I have created a release *beep* *boop*
---


## [0.8.1](v0.8.0...v0.8.1)
(2026-07-07)


### Bug Fixes

* **sync:** avoid actionable push prompts
([193220f](193220f))


### Miscellaneous Chores

* **deps:** update ⬆️ github-actions to v4.2.0
([#62](#62))
([4d22bd3](4d22bd3))
* **deps:** update ⬆️ github-actions to v5
([#49](#49))
([897ffca](897ffca))
* **deps:** update ⬆️ github-actions to v7
([#63](#63))
([ba21f96](ba21f96))
* **deps:** update ⬆️ gomod patching to v0.44.0 [security]
([#54](#54))
([4270e89](4270e89))
* **deps:** update ⬆️ gomod patching to v2.0.3
([#46](#46))
([6791279](6791279))
* **deps:** update ⬆️ gomod patching to v2.0.5
([#64](#64))
([7d82832](7d82832))
* **deps:** update ⬆️ gomod patching to v2.24.1
([#50](#50))
([8361802](8361802))
* **deps:** update ⬆️ gomod patching to v2.27.0
([#61](#61))
([4eceddb](4eceddb))
* **deps:** update ⬆️ trunk go to v1.26.2
([#42](#42))
([43907ab](43907ab))
* **deps:** update ⬆️ trunk go to v1.26.3
([#51](#51))
([eb5d772](eb5d772))
* **deps:** update dependency aqua:goreleaser/goreleaser to v2.15.2
([#40](#40))
([562d389](562d389))
* **deps:** update dependency aqua:goreleaser/goreleaser to v2.15.3
([#47](#47))
([a496fe9](a496fe9))
* **deps:** update dependency aqua:goreleaser/goreleaser to v2.15.4
([#48](#48))
([532f7ec](532f7ec))
* **deps:** update dependency aqua:goreleaser/goreleaser to v2.16.0
([#55](#55))
([879c2b6](879c2b6))
* **deps:** update dependency aqua:int128/ghcp to v1.15.3
([#43](#43))
([5047400](5047400))
* **deps:** update dependency go to v1.26.2
([#44](#44))
([177475b](177475b))
* **deps:** update dependency go to v1.26.3
([#52](#52))
([4aa0018](4aa0018))
* **deps:** update dependency go to v1.26.4
([#57](#57))
([068f37a](068f37a))
* **deps:** update github-actions
([#45](#45))
([678d9d5](678d9d5))
* **deps:** update github-actions
([#53](#53))
([9dccd90](9dccd90))
* **deps:** update github-actions
([#59](#59))
([162e7cf](162e7cf))
* **deps:** update go to v1.26.4
([#58](#58))
([e5a0b96](e5a0b96))
* **deps:** update gomod-patch-and-minor to v2.0.4
([#60](#60))
([db52c69](db52c69))
* **deps:** update gomod-patch-and-minor to v2.26.1
([#56](#56))
([8b3e80e](8b3e80e))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: scottames-github-bot[bot] <162828115+scottames-github-bot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants