[🐸 Frogbot] Update version of github.com/go-git/go-git/v5 to 5.18.0 by github-actions[bot] · Pull Request #1283 · jfrog/frogbot

github-actions · 2026-04-19T01:01:28Z

Severity	ID	Contextual Analysis	Direct Dependencies	Impacted Dependency	Fixed Versions
Medium	-	Not Covered	github.com/jfrog/jfrog-cli-artifactory:v0.8.1-0.20260324142725-abee4f72970c github.com/jfrog/jfrog-cli-core/v2:v2.60.1-0.20260324124720-40db37833f61 github.com/go-git/go-git/v5:v5.16.5 github.com/jfrog/jfrog-cli-security:v1.26.6 github.com/jfrog/froggit-go:v1.21.1	github.com/go-git/go-git/v5 v5.16.5	[5.18.0]


Contextual Analysis:	Not Covered
Direct Dependencies:	github.com/jfrog/jfrog-cli-artifactory:v0.8.1-0.20260324142725-abee4f72970c, github.com/jfrog/jfrog-cli-core/v2:v2.60.1-0.20260324124720-40db37833f61, github.com/go-git/go-git/v5:v5.16.5, github.com/jfrog/jfrog-cli-security:v1.26.6, github.com/jfrog/froggit-go:v1.21.1
Impacted Dependency:	github.com/go-git/go-git/v5:v5.16.5
Fixed Versions:	[5.18.0]
CVSS V3:	4.7

go-git: Credential leak via cross-host redirect in smart HTTP transport

Upgrade github.com/go-git/go-git/v5 to 5.18.0

0e4beea

Provide feedback