Skip to content

fix(deps): vuln google.golang.org/protobuf (minor → v1.36.11) #50

Draft
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
mainfrom
engraver-auto-version-upgrade/minorpatch/go/0-1778179087
Draft

fix(deps): vuln google.golang.org/protobuf (minor → v1.36.11) #50
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
mainfrom
engraver-auto-version-upgrade/minorpatch/go/0-1778179087

Conversation

@gh-worker-campaigns-3e9aa4
Copy link
Copy Markdown

@gh-worker-campaigns-3e9aa4 gh-worker-campaigns-3e9aa4 Bot commented May 7, 2026

Summary: Security update — 1 package upgraded (MINOR changes included)

Manifests changed:

  • . (go)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.

Updates

Package From To Type Dep Type Vulnerabilities Fixed
google.golang.org/protobuf v1.28.1 v1.36.11 minor Transitive 2 MODERATE

Security Details

ℹ️ Other Vulnerabilities (2)
Package CVE Severity Summary Unsafe Version Fixed In
google.golang.org/protobuf GO-2024-2611 MODERATE Infinite loop in JSON unmarshaling in google.golang.org/protobuf v1.28.1 1.33.0
google.golang.org/protobuf GHSA-8r3f-844c-mc37 MODERATE Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON v1.28.1 1.33.0
⚠️ Dependencies that have Reached EOL (1)
Dependency Unsafe Version EOL Date New Version Path
google.golang.org/protobuf v1.28.1 Jul 28, 2025 v1.36.11 go.mod

Review Checklist

Standard review:

  • Review changes for compatibility with your code
  • Check for breaking changes in release notes
  • Run tests locally or wait for CI
  • Approve and merge this PR

Update Mode: Vulnerability Remediation

🤖 Generated by DataDog Automated Dependency Management System

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

adms-dependency-update adms-fixes-eol adms-go adms-medium-severity adms-minor-update adms-mode-all-vulns campaigner-automated-change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants