From 7f0a2c088bb64eb6645f0b0cf6efaeb5038c178b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Mar 2026 08:28:18 +0000 Subject: [PATCH 1/3] Build(deps): Bump the prod group with 2 updates Bumps the prod group with 2 updates: [github.com/code-gorilla-au/odize](https://github.com/code-gorilla-au/odize) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `github.com/code-gorilla-au/odize` from 1.3.4 to 1.3.5 - [Release notes](https://github.com/code-gorilla-au/odize/releases) - [Commits](https://github.com/code-gorilla-au/odize/compare/v1.3.4...v1.3.5) Updates `modernc.org/sqlite` from 1.44.3 to 1.46.1 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.44.3...v1.46.1) --- updated-dependencies: - dependency-name: github.com/code-gorilla-au/odize dependency-version: 1.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: prod - dependency-name: modernc.org/sqlite dependency-version: 1.46.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: prod ... Signed-off-by: dependabot[bot] --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 8d6e409..0f88e95 100644 --- a/go.mod +++ b/go.mod @@ -5,11 +5,11 @@ go 1.25.7 require ( github.com/code-gorilla-au/env v1.1.1 github.com/code-gorilla-au/fetch v1.1.0 - github.com/code-gorilla-au/odize v1.3.4 + github.com/code-gorilla-au/odize v1.3.5 github.com/go-co-op/gocron/v2 v2.19.1 github.com/google/uuid v1.6.0 github.com/wailsapp/wails/v2 v2.11.0 - modernc.org/sqlite v1.44.3 + modernc.org/sqlite v1.46.1 ) require ( diff --git a/go.sum b/go.sum index 7e563aa..920b194 100644 --- a/go.sum +++ b/go.sum @@ -4,8 +4,8 @@ github.com/code-gorilla-au/env v1.1.1 h1:4rkSwCnyymKh+KGAOPx3fEg9v2ZV5i9r92bSf7x github.com/code-gorilla-au/env v1.1.1/go.mod h1:KE4Ymfz5MhMi7SX3ZKH4iMFAHsDCvwOV8WTzgpwzzE4= github.com/code-gorilla-au/fetch v1.1.0 h1:nNITCG9zbF2v12wGxTT6YNW2l9u+XuL5heO4oPWmxiw= github.com/code-gorilla-au/fetch v1.1.0/go.mod h1:AqPp5RLOHc3nBZWwWG0zWelYVebj+2X6vET4cts3ZVk= -github.com/code-gorilla-au/odize v1.3.4 h1:QHEM7v8/qH9R0QO6tVWh0yKr+VMv3RGC3PcIADwDGVA= -github.com/code-gorilla-au/odize v1.3.4/go.mod h1:Q6uRMcQWCPldPNtlxiaWdA78vaPibTLZIO5owiM96Cw= +github.com/code-gorilla-au/odize v1.3.5 h1:Bjb0c1NXRkbEppsCs2PSN4DHWy3yWIggTXdroibWF54= +github.com/code-gorilla-au/odize v1.3.5/go.mod h1:+PtShsIEca9bAfxltU00OVD75aR5NvtkpOW/HGHdi9w= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= @@ -135,8 +135,8 @@ modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8= modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns= modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w= modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE= -modernc.org/sqlite v1.44.3 h1:+39JvV/HWMcYslAwRxHb8067w+2zowvFOUrOWIy9PjY= -modernc.org/sqlite v1.44.3/go.mod h1:CzbrU2lSB1DKUusvwGz7rqEKIq+NUd8GWuBBZDs9/nA= +modernc.org/sqlite v1.46.1 h1:eFJ2ShBLIEnUWlLy12raN0Z1plqmFX9Qe3rjQTKt6sU= +modernc.org/sqlite v1.46.1/go.mod h1:CzbrU2lSB1DKUusvwGz7rqEKIq+NUd8GWuBBZDs9/nA= modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0= modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A= modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= From 3804b2828e9714862a8c8b0e03c7c14d1567681b Mon Sep 17 00:00:00 2001 From: frag223 Date: Sat, 7 Mar 2026 19:38:16 +1100 Subject: [PATCH 2/3] update vulnerable deps --- .github/workflows/pull_request.yaml | 13 ------------- frontend/package.json.md5 | 2 +- 2 files changed, 1 insertion(+), 14 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 12d1916..21d6696 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -9,19 +9,6 @@ on: - ".github/*" jobs: - scans: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 - with: - fetch-depth: 0 - - - name: Run Trivy vulnerability scanner in fs mode - uses: aquasecurity/trivy-action@master - with: - scan-type: "fs" - scan-ref: "." - trivy-config: trivy.yaml golang: runs-on: ubuntu-latest diff --git a/frontend/package.json.md5 b/frontend/package.json.md5 index 576f5a8..4a56baf 100755 --- a/frontend/package.json.md5 +++ b/frontend/package.json.md5 @@ -1 +1 @@ -34b885aab73467de0f3179d2999a8e0e \ No newline at end of file +351bd3a9e8feba93c5b1bf2ef18d4459 \ No newline at end of file From 3100948ee676606fc6b088b488b7834e7bb8ba54 Mon Sep 17 00:00:00 2001 From: frag223 Date: Sat, 7 Mar 2026 19:46:03 +1100 Subject: [PATCH 3/3] bump go ver --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 0f88e95..971701b 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module watchtower -go 1.25.7 +go 1.26.1 require ( github.com/code-gorilla-au/env v1.1.1