Skip to content

chore: bump golang.org/x/net from v0.48.0 to v0.55.0#39

Merged
dan-arpino merged 1 commit into
mainfrom
chore/bump-golang
Jun 5, 2026
Merged

chore: bump golang.org/x/net from v0.48.0 to v0.55.0#39
dan-arpino merged 1 commit into
mainfrom
chore/bump-golang

Conversation

@dan-arpino

@dan-arpino dan-arpino commented Jun 5, 2026

Copy link
Copy Markdown
Contributor

Description

Bumping golang.org/x/net from v0.48.0 to v0.55.0 because of the following SCA cortical issue:

Critical severity vulnerability found in golang.org/x/net/idna
Description: Improper Authentication
Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETIDNA-17116876
Introduced through: github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/analytics@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/ui@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/workflow@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/instrumentation@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/local_workflows@#24f6db41a35d
From: github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d > github.com/snyk/go-httpauth/pkg/httpauth@#eb445fea7530 > golang.org/x/net/idna@0.48.0
From: github.com/snyk/go-application-framework/pkg/analytics@#24f6db41a35d > github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d > github.com/snyk/go-httpauth/pkg/httpauth@#eb445fea7530 > golang.org/x/net/idna@0.48.0
From: github.com/snyk/go-application-framework/pkg/ui@#24f6db41a35d > github.com/snyk/go-application-framework/internal/presenters@#24f6db41a35d > github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d > github.com/snyk/go-httpauth/pkg/httpauth@#eb445fea7530 > golang.org/x/net/idna@0.48.0
and 3 more...
Fixed in: 0.54.0

Checklist

  • Tests added and all succeed
  • Regenerated mocks, etc. (make generate)
  • Linted (make lint-fix)
  • README.md updated, if user-facing
  • License file updated, if new 3rd-party dependency is introduced

Critical severity vulnerability found in golang.org/x/net/idna
  Description: Improper Authentication
  Info: https://security.snyk.io/vuln/SNYK-GOLANG-GOLANGORGXNETIDNA-17116876
  Introduced through: github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/analytics@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/ui@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/workflow@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/instrumentation@#24f6db41a35d, github.com/snyk/go-application-framework/pkg/local_workflows@#24f6db41a35d
  From: github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d > github.com/snyk/go-httpauth/pkg/httpauth@#eb445fea7530 > golang.org/x/net/idna@0.48.0
  From: github.com/snyk/go-application-framework/pkg/analytics@#24f6db41a35d > github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d > github.com/snyk/go-httpauth/pkg/httpauth@#eb445fea7530 > golang.org/x/net/idna@0.48.0
  From: github.com/snyk/go-application-framework/pkg/ui@#24f6db41a35d > github.com/snyk/go-application-framework/internal/presenters@#24f6db41a35d > github.com/snyk/go-application-framework/pkg/networking@#24f6db41a35d > github.com/snyk/go-httpauth/pkg/httpauth@#eb445fea7530 > golang.org/x/net/idna@0.48.0
  and 3 more...
  Fixed in: 0.54.0
@dan-arpino dan-arpino requested review from a team as code owners June 5, 2026 17:54
@snyk-io

snyk-io Bot commented Jun 5, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@dan-arpino dan-arpino merged commit 217d31b into main Jun 5, 2026
10 checks passed
@dan-arpino dan-arpino deleted the chore/bump-golang branch June 5, 2026 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants