Skip to content

Bump the all-deps group with 2 updates#172

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/all-deps-f67dd19479
Open

Bump the all-deps group with 2 updates#172
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/all-deps-f67dd19479

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps the all-deps group with 2 updates: github.com/caddyserver/certmagic and github.com/nats-io/nats-server/v2.

Updates github.com/caddyserver/certmagic from 0.25.2 to 0.25.3

Commits
  • c7496f1 More validation of delegated OCSP responders (#378)
  • cdc4eb2 fix: Normalization IPv6 addresses for ACME challenge (#376)
  • 2cf7e08 Revert "Fix HTTP-01 challenge for IPv6 literal addresses (#377)"
  • 3e3363f readme: add dark-mode banner for GitHub UI (#379)
  • 3229642 go.mod: Upgrade indirect dependencies
  • 60d9d8b Fix HTTP-01 challenge for IPv6 literal addresses (#377)
  • e03792e Modernize TLSConfig() (close #375)
  • fa1257f Unblock ManageAsync() by putting manageOne() in a goroutine (#374)
  • b9e85a9 Don't log nil errors when stapling OCSP (fix #362)
  • a7a8ce3 logging: Disable stack traces, fix logger name (#372)
  • See full diff in compare view

Updates github.com/nats-io/nats-server/v2 from 2.12.7 to 2.12.8

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.12.8

Changelog

Refer to the 2.12 Upgrade Guide for backwards compatibility notes with 2.11.x.

Go Version

  • 1.25.9

Dependencies

  • golang.org/x/crypto v0.50.0 (#8030)
  • golang.org/x/sys v0.43.0 (#8030)
  • github.com/nats-io/nats.go v1.51.0 (#8068)

Improved

JetStream

  • Refactored and simplified setting the pinned headers in consumers (#8032)
  • Scanning for the starting sequence for consumers is now an asynchronous operation which no longer pauses the metalayer (#8051)

Fixed

General

  • Reload logic on gateway pinned_certs configuration has been corrected
  • Repeated CONNECT messages on a connection now clear subscriptions
  • JWT claims with validity times that cross midnight are now validated correctly
  • The /connz monitoring endpoint no longer discloses bearer JWTs
  • Monitoring redaction of route and cluster URL secrets when passed in as command line arguments
  • Fixed a panic that could occur when negotiating compression on leafnode connections
  • Max control line enforcement for non-clients has been fixed
  • Fixed a bug where setting message headers could mutate the input message buffers

Leafnodes

  • Solicited leafnode connections now send a connect advisory, which was previously missing (#8015)

JetStream

  • Message roll-ups are now applied on interest-based streams where there is no interest over the subjects (#8019)
  • Stream leaders can now catch up from incoming snapshots, correcting an edge case when scaling up (#8021)
  • Fixed a Raft commit index reset when terms mismatch (#8023, contributed by @​thecitymouse)
  • Purging via scheduled Nats-Schedule-Next: purge now errors when message scheduling is not enabled (#8035)
  • Recovering with a legacy zero index Raft snapshot will no longer panic (#8039)
  • Messages with a deduplication Nats-Msg-Id header are no longer incorrectly deduplicated in mirrors (#8043)
  • Fixed a panic when scaling after a stream update when the assignment is not fully populated yet on recovery (#8049)
  • Stream info and consumer info requests will no longer return not found when the assignments are in-flight (#8054)
  • Streams and consumers now correctly reject path separators in asset names

... (truncated)

Commits
  • e9559e9 Release v2.12.8
  • 972a686 Release v2.12.8-RC.2
  • f17e974 Cherry-picks for v2.12.8-RC.2 (#98)
  • 82b57ae [FIXED] c.setHeader mutates input message
  • 2530117 [FIXED] Max control line for non-clients
  • dfd2abc [FIXED] retryDisconnectedSyncConsumers properly checks for closed clients
  • 61e8ea8 [IMPROVED] Refactor processInboundSourceMsg for simplicity
  • 03c87ea [FIXED] Source rolls sequence back on error reset
  • 83e3d37 [FIXED] Source does not duplicate messages after leaf reconnect
  • 2a0c5c7 Update dependencies
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the all-deps group with 2 updates
fdbf2cd 
Bumps the all-deps group with 2 updates: [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) and [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server).


Updates `github.com/caddyserver/certmagic` from 0.25.2 to 0.25.3
- [Release notes](https://github.com/caddyserver/certmagic/releases)
- [Commits](caddyserver/certmagic@v0.25.2...v0.25.3)

Updates `github.com/nats-io/nats-server/v2` from 2.12.7 to 2.12.8
- [Release notes](https://github.com/nats-io/nats-server/releases)
- [Changelog](https://github.com/nats-io/nats-server/blob/main/RELEASES.md)
- [Commits](nats-io/nats-server@v2.12.7...v2.12.8)

---
updated-dependencies:
- dependency-name: github.com/caddyserver/certmagic
  dependency-version: 0.25.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
- dependency-name: github.com/nats-io/nats-server/v2
  dependency-version: 2.12.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants