chore(deps): bump the go-minor-patch group across 1 directory with 3 updates

[dependabot]

Bumps the go-minor-patch group with 3 updates in the / directory: github.com/go-playground/validator/v10, github.com/mark3labs/mcp-go and golang.org/x/sync.

Updates github.com/go-playground/validator/v10 from 10.30.2 to 10.30.3

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

v10.30.3

What's Changed

• Fix/issue 1550 UUID case insensitive by @​leo-jp-edwards in go-playground/validator#1551
• Feat: Add NoneOf Validation by @​Carmen-Shannon in go-playground/validator#1554
• Add bcp47_strict_language_tag validator by @​bfabio in go-playground/validator#1489
• chore(deps): bump golang.org/x/text from 0.35.0 to 0.36.0 by @​dependabot[bot] in go-playground/validator#1558
• chore(deps): bump golang.org/x/crypto from 0.49.0 to 0.50.0 by @​dependabot[bot] in go-playground/validator#1559
• Add CLAUDE.md with repo guidance for Claude Code by @​deankarn in go-playground/validator#1564
• Reduce build size with dead code elimination by @​zemzale in go-playground/validator#1542
• Refactored out detectFileMIMEType, matchesMIMEType logic for reuse. Added standalone isMIMEType validator for flexibility by @​dapzthelegend in go-playground/validator#1544
• feat(translations): add timezone support for en and ja locales by @​dedyf5 in go-playground/validator#1566
• docs: use errors.As in README and translations example by @​eyupcanakman in go-playground/validator#1563
• docs: fix typos by @​rymiyamoto in go-playground/validator#1568
• feat: add origin validator for web origin URLs by @​ahmedkamalio in go-playground/validator#1565
• fix: reject hostnames with trailing hyphen in RFC 952 validator by @​ahmedkamalio in go-playground/validator#1569
• fix(lint): correctly disable govet inline analyzer & deprecated gomodguard by @​nodivbyzero in go-playground/validator#1574
• chore(deps): bump golang.org/x/text from 0.36.0 to 0.37.0 by @​dependabot[bot] in go-playground/validator#1572
• chore(deps): bump golang.org/x/crypto from 0.50.0 to 0.51.0 by @​dependabot[bot] in go-playground/validator#1571
• fix(cron): anchor regex and accept full cron syntax by @​ahmedkamalio in go-playground/validator#1577
• chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0 by @​dependabot[bot] in go-playground/validator#1580
• feat: omit blank tag names from namespace by @​abemedia in go-playground/validator#1567
• fix(docs): correct ripemd160 tag name in README validation table by @​napoleonbot in go-playground/validator#1582

New Contributors

• @​leo-jp-edwards made their first contribution in go-playground/validator#1551
• @​Carmen-Shannon made their first contribution in go-playground/validator#1554
• @​dapzthelegend made their first contribution in go-playground/validator#1544
• @​dedyf5 made their first contribution in go-playground/validator#1566
• @​eyupcanakman made their first contribution in go-playground/validator#1563
• @​rymiyamoto made their first contribution in go-playground/validator#1568
• @​abemedia made their first contribution in go-playground/validator#1567
• @​napoleonbot made their first contribution in go-playground/validator#1582

Full Changelog: go-playground/validator@v10.30.2...v10.30.3

Commits

• ac4c1ba fix(docs): correct ripemd160 tag name in README validation table (#1582)
• feacb34 feat: omit blank tag names from namespace (#1567)
• 5ed0a7e chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0 (#1580)
• 0364541 fix(cron): anchor regex and accept full cron syntax (#1577)
• 8eb2659 chore(deps): bump golang.org/x/crypto from 0.50.0 to 0.51.0 (#1571)
• f7e1721 chore(deps): bump golang.org/x/text from 0.36.0 to 0.37.0 (#1572)
• cf37fce fix(lint): correctly disable govet inline analyzer & deprecated gomodguard (#...
• 7c334e5 fix: reject hostnames with trailing hyphen in RFC 952 validator (#1569)
• 6bcb7bc feat: add origin validator for web origin URLs (#1565)
• 6fd2fa8 docs: fix typos (#1568)
• Additional commits viewable in compare view

Updates github.com/mark3labs/mcp-go from 0.54.0 to 0.54.1

Commits

• 481f056 fix(tools): print errors to stderr for invalid jsonschema tags (#894)
• 6e7859c perf(mcp): reduce content unmarshal allocations (#890)
• 018f190 Add Title and Size to ResourceLink (match Resource / spec) (#887)
• ca26738 cleanup
• 76ea91b refactor(server): collapse client-info and writeJSONRPCError duplication (#886)
• See full diff in compare view

Updates golang.org/x/sync from 0.20.0 to 0.21.0

Commits

• 5071ed6 all: fix some comments to improve readability
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 5 package(s) with unknown licenses.

See the Details below.

License Issues

go.mod

Package	Version	License	Issue Type
github.com/go-playground/validator/v10	10.30.3	Null	Unknown License
github.com/mark3labs/mcp-go	0.54.1	Null	Unknown License
golang.org/x/crypto	0.52.0	Null	Unknown License
golang.org/x/sync	0.21.0	Null	Unknown License
golang.org/x/sys	0.45.0	Null	Unknown License

Denied Licenses:

GPL-2.0, GPL-3.0, LGPL-2.1, LGPL-3.0, AGPL-3.0

OpenSSF Scorecard

Package	Version	Score	Details
gomod/github.com/go-playground/validator/v10	10.30.3	Unknown	Unknown
gomod/github.com/mark3labs/mcp-go	0.54.1	Unknown	Unknown
gomod/golang.org/x/crypto	0.52.0	Unknown	Unknown
gomod/golang.org/x/sync	0.21.0	Unknown	Unknown
gomod/golang.org/x/sys	0.45.0	Unknown	Unknown

Scanned Files

• go.mod

[pacphi]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.