build(deps): bump the golang group across 1 directory with 8 updates #27

dependabot · 2025-10-01T14:06:55Z

Bumps the golang group with 6 updates in the / directory:

Package	From	To
github.com/anacrolix/torrent	`1.58.0`	`1.59.1`
github.com/autobrr/go-qbittorrent	`1.11.0`	`1.14.0`
github.com/go-chi/chi/v5	`5.2.1`	`5.2.3`
github.com/rs/zerolog	`1.33.0`	`1.34.0`
github.com/spf13/cobra	`1.8.1`	`1.10.1`
github.com/stretchr/testify	`1.10.0`	`1.11.1`

Updates github.com/anacrolix/torrent from 1.58.0 to 1.59.1

Commits

d20466f Remove possum storage replace
4075ce4 Sync to tagged deps
7db746f Add TODO on SEEK_DATA
f74bfea Merge branch 'erigon'
0d2e31c Set default webseed host request concurrency to 25
8fe0dba Set default file IO implementation to mmap
55ef143 Small improvements to cmd/torrent2 metainfo pprint
edeb04d Block Torrent.Complete on hashing
f07faf2 Update webseed requests if queue is completely drained
b171419 Rebuke webseed peers for a minute on bad responses
Additional commits viewable in compare view

Updates github.com/autobrr/go-qbittorrent from 1.11.0 to 1.14.0

Release notes

Sourced from github.com/autobrr/go-qbittorrent's releases.

v1.14.0

What's Changed

feat(methods): add SetTorretName by @superturkey650 in autobrr/go-qbittorrent#58

refactor(methods): change Maindata ServerState FreeSpaceOnDisk to int64 by @superturkey650 in autobrr/go-qbittorrent#59

fix(methods): AppPreferences.MaxRatio type by @nnnewb in autobrr/go-qbittorrent#62

feat(methods): add Shutdown, get/set Limits and Logs by @superturkey650 in autobrr/go-qbittorrent#60

feat(methods): implement missing API endpoints and introduce unit tests for new methods by @nnnewb in autobrr/go-qbittorrent#65

feat(methods): add RenameFolder by @nnnewb in autobrr/go-qbittorrent#66

feat(methods): add GetTorrentsWebSeeds by @nnnewb in autobrr/go-qbittorrent#67

feat(methods): improve error handling and implement RemoveTrackers by @superturkey650 in autobrr/go-qbittorrent#63

New Contributors

@superturkey650 made their first contribution in autobrr/go-qbittorrent#58

@nnnewb made their first contribution in autobrr/go-qbittorrent#62

Full Changelog: autobrr/go-qbittorrent@v1.13.0...v1.14.0

v1.13.0

What's Changed

feat(methods): torrents setTags to upsert tags introduced in qbit v.5.1 by @zze0s in autobrr/go-qbittorrent#47

feat(methods): get torrent info includeTrackers introduced in qbit v.5.1 by @zze0s in autobrr/go-qbittorrent#46

Full Changelog: autobrr/go-qbittorrent@v1.12.0...v1.13.0

v1.12.0

What's Changed

fix(methods): SyncMainData leak by @KyleSanderson in autobrr/go-qbittorrent#41

feat(methods): implement MainData Update by @KyleSanderson in autobrr/go-qbittorrent#42

chore(deps): bump the golang group with 2 updates by @dependabot in autobrr/go-qbittorrent#43

chore(deps): bump golang.org/x/net from 0.31.0 to 0.33.0 in the golang group by @dependabot in autobrr/go-qbittorrent#45

feat(client): set custom http client by @thde in autobrr/go-qbittorrent#54

chore(deps): bump golang.org/x/net from 0.33.0 to 0.34.0 in the golang group by @dependabot in autobrr/go-qbittorrent#48

chore(deps): bump golang.org/x/net from 0.34.0 to 0.35.0 in the golang group by @dependabot in autobrr/go-qbittorrent#55

feat(methods): add AddTrackers and SetFilePriority by @daye-liu in autobrr/go-qbittorrent#50

feat(methods): add SetTorrentDownloadLimit and SetTorrentShareLimit by @le0m in autobrr/go-qbittorrent#56

New Contributors

@thde made their first contribution in autobrr/go-qbittorrent#54

@daye-liu made their first contribution in autobrr/go-qbittorrent#50

@le0m made their first contribution in autobrr/go-qbittorrent#56

Full Changelog: autobrr/go-qbittorrent@v1.11.0...v1.12.0

Commits

b9f8eda feat(methods): improve error handling and implement RemoveTrackers (#63)
8940e8c feat(methods): add GetTorrentsWebSeeds (#67)
58d374d feat(methods): add RenameFolder (#66)
5592245 feat(methods): implement missing API endpoints and introduce unit tests for n...
6be6a7f feat(methods): add Shutdown, get/set Limits and Logs (#60)
42a35a7 fix(methods): AppPreferences.MaxRatio type (#62)
db3fdf8 refactor(methods): change Maindata ServerState FreeSpaceOnDisk to int64 (#59)
da0c6e9 refactor(methods): change Maindata ServerState FreeSpaceOnDisk to int64 (#59)
182157f feat(methods): add SetTorretName (#58)
c23e8a2 feat(methods): get torrent info includeTrackers introduced in qbit v.5.1 (#46)
Additional commits viewable in compare view

Updates github.com/go-chi/chi/v5 from 5.2.1 to 5.2.3

Release notes

Sourced from github.com/go-chi/chi/v5's releases.

v5.2.3

What's Changed

Add pathvalue example to README and implement PathValue handler. by @catatsuy in go-chi/chi#985

Allow multiple whitespace between method & pattern by @JRaspass in go-chi/chi#1013

Avoid potential nil dereference by @ProjectMutilation in go-chi/chi#1008

feat(mux): support http.Request.Pattern in Go 1.23 by @Gusted in go-chi/chi#986

fix/608 - Fix flaky Throttle middleware test by synchronizing token usage by @OtavioBernardes in go-chi/chi#1016

Optimize throttle middleware by avoiding unnecessary timer creation by @vasayxtx in go-chi/chi#1011

Simplify wildcard replacement in route patterns by @srpvpn in go-chi/chi#1012

Replace methodTypString func with reverseMethodMap by @JRaspass in go-chi/chi#1018

New Contributors

@ProjectMutilation made their first contribution in go-chi/chi#1008

@Gusted made their first contribution in go-chi/chi#986

@OtavioBernardes made their first contribution in go-chi/chi#1016

@srpvpn made their first contribution in go-chi/chi#1012

Full Changelog: go-chi/chi@v5.2.2...v5.2.3

v5.2.2

What's Changed

Use strings.Cut in a few places by @JRaspass in go-chi/chi#971

Fix non-constant format strings in t.Fatalf by @JRaspass in go-chi/chi#972

Apply fieldalignment fixes to optimize struct memory layout by @pixel365 in go-chi/chi#974

go 1.24 by @pkieltyka in go-chi/chi#977

chore: delint ioutil usage by @costela in go-chi/chi#962

Fixed typo in Router interface definition by @mithileshgupta12 in go-chi/chi#958

Add support for TinyGo by @efraimbart in go-chi/chi#978

Exclude middleware/profiler.go in TinyGo, as there's no net/http/pprof pkg by @cxjava in go-chi/chi#982

Make use of strings.Cut by @scop in go-chi/chi#1005

Change install command format to code block by @sglkc in go-chi/chi#1001

Correct documentation by @mrdomino in go-chi/chi#992

Security fix

Fixes GHSA-vrw8-fxc6-2r93 - "Host Header Injection Leads to Open Redirect in RedirectSlashes" commit

a lower-severity Open Redirect that can't be exploited in browser or email client, as it requires manipulation of a Host header

reported by Anuraag Baishya, @anuraagbaishya. Thank you!

New Contributors

@pixel365 made their first contribution in go-chi/chi#974

@mithileshgupta12 made their first contribution in go-chi/chi#958

@efraimbart made their first contribution in go-chi/chi#978

@cxjava made their first contribution in go-chi/chi#982

@sglkc made their first contribution in go-chi/chi#1001

@mrdomino made their first contribution in go-chi/chi#992

Full Changelog: go-chi/chi@v5.2.1...v5.2.2

Commits

9b9fb55 Replace methodTypString func with reverseMethodMap (#1018)
0265fcd refactor: iterative wildcard collapsing and add test for consecutive wildcard...
cf537d4 Optimize throttle middleware by avoiding unnecessary timer creation (#1011)
9040e95 fix/608 - Fix flaky Throttle middleware test by synchronizing token usage (#1...
d12cc49 feat(mux): support http.Request.Pattern in Go 1.23 (#986)
1c2d011 Avoid potential nil dereference (#1008)
7859137 Allow multiple whitespace between method & pattern (#1013)
80d8da2 Add pathvalue example to README and implement PathValue handler. (#985)
23c395f Correct documentation (#992)
5516d14 docs: change install code to code block (#1001)
Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.33.0 to 1.34.0

Commits

db9d1be Update go versions covered by CI
5f4b880 Delete _config.yml
ffb2708 Remove CNAME file
cc4dde7 Create CONTRIBUTING.md
04ea0f4 Implement Close() for zerolog.FilteredLevelWriter (#715)
0398600 fix: reset condition in burst sampler (#711) (#712)
1869fa5 FormatPartValueByName for flexible custom formatting for ConsoleWriter (#541)
31e7995 remove unnecessary nil checks (#701)
582f820 Get BasicSampler(0), RandomSampler(0), and BurstSampler(0) to behave the same...
6abadab Bump github.com/rs/xid from 1.5.0 to 1.6.0 (#684)
See full diff in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.10.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.1

🐛 Fix

chore: upgrade pflags v1.0.9 by @jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

Bump pflag to 1.0.8 by @tomasaschan in spf13/cobra#2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`

or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

More details can be found here: spf13/cobra#2303

✨ Features

Flow context to command in SetHelpFunc by @Frassle in spf13/cobra#2241

The default ShellCompDirective can be customized for a command and its subcommands by @albers in spf13/cobra#2238

🐛 Fix

Upgrade golangci-lint to v2, address findings by @scop in spf13/cobra#2279

🪠 Testing

Test with Go 1.24 by @harryzcy in spf13/cobra#2236

chore: Rm GitHub Action PR size labeler by @jpmcb in spf13/cobra#2256

📝 Docs

Remove traling curlybrace by @yedayak in spf13/cobra#2237

Update command.go by @styee in spf13/cobra#2248

feat: Add security policy by @jpmcb in spf13/cobra#2253

Update Readme (Warp) by @ericdachen in spf13/cobra#2267

Add Periscope to the list of projects using Cobra by @anishathalye in spf13/cobra#2299

New Contributors

@harryzcy made their first contribution in spf13/cobra#2236

@yedayak made their first contribution in spf13/cobra#2237

@Frassle made their first contribution in spf13/cobra#2241

... (truncated)

Commits

7da941c chore: Bump pflag to v1.0.9 (#2305)
51d6751 Bump pflag to 1.0.8 (#2303)
3f3b818 Update README.md with new logo
dcaf42e Add Periscope to the list of projects using Cobra (#2299)
6dec1ae The default ShellCompDirective can be customized for a command and its subcom...
c8289c1 chore(golangci-lint): add some exclusion presets
4af7b64 refactor: apply golangci-lint autofixes, work around false positives
75790e4 chore(golangci-lint): upgrade to v2
db3ddb5 Adding sponsorship to README.md
67171d6 putting sponsorship below header
Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

Backport #1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @brackendawson in stretchr/testify#1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Call stack perf change for CallerInfo by @mikeauclair in stretchr/testify#1614

Lazily render mock diff output on successful match by @mikeauclair in stretchr/testify#1615

assert: check early in Eventually, EventuallyWithT, and Never by @cszczepaniak in stretchr/testify#1427

assert: add IsNotType by @bartventer in stretchr/testify#1730

assert.JSONEq: shortcut if same strings by @dolmen in stretchr/testify#1754

assert.YAMLEq: shortcut if same strings by @dolmen in stretchr/testify#1755

assert: faster and simpler isEmpty using reflect.Value.IsZero by @dolmen in stretchr/testify#1761

suite: faster methods filtering (internal refactor) by @dolmen in stretchr/testify#1758

Fixes

assert.ErrorAs: log target type by @craig65535 in stretchr/testify#1345

Fix failure message formatting for Positive and Negative asserts in stretchr/testify#1062

Improve ErrorIs message when error is nil but an error was expected by @tsioftas in stretchr/testify#1681

fix Subset/NotSubset when calling with mixed input types by @siliconbrain in stretchr/testify#1729

Improve ErrorAs failure message when error is nil by @ccoVeille in stretchr/testify#1734

mock.AssertNumberOfCalls: improve error msg by @3scalation in stretchr/testify#1743

Documentation, Build & CI

docs: Fix typo in README by @alexandear in stretchr/testify#1688

Replace deprecated io/ioutil with io and os by @alexandear in stretchr/testify#1684

Document consequences of calling t.FailNow() by @greg0ire in stretchr/testify#1710

chore: update docs for Unset #1621 by @techfg in stretchr/testify#1709

README: apply gofmt to examples by @alexandear in stretchr/testify#1687

refactor: use %q and %T to simplify fmt.Sprintf by @alexandear in stretchr/testify#1674

Propose Christophe Colombier (ccoVeille) as approver by @brackendawson in stretchr/testify#1716

Update documentation for the Error function in assert or require package by @architagr in stretchr/testify#1675

assert: remove deprecated build constraints by @alexandear in stretchr/testify#1671

assert: apply gofumpt to internal test suite by @ccoVeille in stretchr/testify#1739

CI: fix shebang in .ci.*.sh scripts by @dolmen in stretchr/testify#1746

assert,require: enable parallel testing on (almost) all top tests by @dolmen in stretchr/testify#1747

suite.Passed: add one more status test report by @Ararsa-Derese in stretchr/testify#1706

Add Helper() method in internal mocks and assert.CollectT by @dolmen in stretchr/testify#1423

assert.Same/NotSame: improve usage of Sprintf by @ccoVeille in stretchr/testify#1742

mock: enable parallel testing on internal testsuite by @dolmen in stretchr/testify#1756

suite: cleanup use of 'testing' internals at runtime by @dolmen in stretchr/testify#1751

assert: check test failure message for Empty and NotEmpty by @ccoVeille in stretchr/testify#1745

... (truncated)

Commits

2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
af8c912 Backport #1786 to release/1.11
b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
69831f3 build(deps): bump actions/checkout from 4 to 5
a53be35 Improve captureTestingT helper
aafb604 mock: improve formatting of error message
7218e03 improve error msg
929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
bc7459e suite: faster filtering of methods (-testify.m)
7d37b5c suite: refactor methodFilter
Additional commits viewable in compare view

Updates golang.org/x/net from 0.30.0 to 0.42.0

Commits

76358aa go.mod: update golang.org/x dependencies
6e41cae go.mod: update golang.org/x dependencies
15f7d40 http2: correctly wrap ErrFrameTooLarge in Framer.ReadFrame
ef33bc0 internal/http3: use bubbled context in synctest tests
919c6bc http2: use an array instead of a map in typeFrameParser
bae01a7 trace: add missing td tag
7d6e62a go.mod: update golang.org/x dependencies
ea0c1d9 internal/timeseries: use built-in max/min to simplify the code
3e7a445 quic: skip packet numbers for optimistic ack defense
3f563d3 quic: use an enum for sentPacket state
Additional commits viewable in compare view

Updates golang.org/x/sync from 0.11.0 to 0.16.0

Commits

7fad2c9 errgroup: revert propagation of panics
8a14946 errgroup: remove duplicated comment
1869c69 all: replace deprecated ioutil
d1ac909 sync/errgroup: PanicError.Error print stack trace
506c70f errgroup: propagate panic and Goexit through Wait
396f3a0 errgroup: document calling Go before Wait
b637f27 errgroup: drop support for Go versions before 1.20
960bf1f all: upgrade go directive to at least 1.23.0 [generated]
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the golang group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/anacrolix/torrent](https://github.com/anacrolix/torrent) | `1.58.0` | `1.59.1` | | [github.com/autobrr/go-qbittorrent](https://github.com/autobrr/go-qbittorrent) | `1.11.0` | `1.14.0` | | [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) | `5.2.1` | `5.2.3` | | [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.33.0` | `1.34.0` | | [github.com/spf13/cobra](https://github.com/spf13/cobra) | `1.8.1` | `1.10.1` | | [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.10.0` | `1.11.1` | Updates `github.com/anacrolix/torrent` from 1.58.0 to 1.59.1 - [Commits](anacrolix/torrent@v1.58.0...v1.59.1) Updates `github.com/autobrr/go-qbittorrent` from 1.11.0 to 1.14.0 - [Release notes](https://github.com/autobrr/go-qbittorrent/releases) - [Commits](autobrr/go-qbittorrent@v1.11.0...v1.14.0) Updates `github.com/go-chi/chi/v5` from 5.2.1 to 5.2.3 - [Release notes](https://github.com/go-chi/chi/releases) - [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md) - [Commits](go-chi/chi@v5.2.1...v5.2.3) Updates `github.com/rs/zerolog` from 1.33.0 to 1.34.0 - [Commits](rs/zerolog@v1.33.0...v1.34.0) Updates `github.com/spf13/cobra` from 1.8.1 to 1.10.1 - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.8.1...v1.10.1) Updates `github.com/stretchr/testify` from 1.10.0 to 1.11.1 - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](stretchr/testify@v1.10.0...v1.11.1) Updates `golang.org/x/net` from 0.30.0 to 0.42.0 - [Commits](golang/net@v0.30.0...v0.42.0) Updates `golang.org/x/sync` from 0.11.0 to 0.16.0 - [Commits](golang/sync@v0.11.0...v0.16.0) --- updated-dependencies: - dependency-name: github.com/anacrolix/torrent dependency-version: 1.59.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/autobrr/go-qbittorrent dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/go-chi/chi/v5 dependency-version: 5.2.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: golang - dependency-name: github.com/rs/zerolog dependency-version: 1.34.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/spf13/cobra dependency-version: 1.10.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: github.com/stretchr/testify dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: golang.org/x/net dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang - dependency-name: golang.org/x/sync dependency-version: 0.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: golang ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Oct 1, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Uh oh!

build(deps): bump the golang group across 1 directory with 8 updates #27

build(deps): bump the golang group across 1 directory with 8 updates #27

Uh oh!

dependabot bot commented on behalf of github Oct 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Uh oh!

build(deps): bump the golang group across 1 directory with 8 updates #27

Are you sure you want to change the base?

build(deps): bump the golang group across 1 directory with 8 updates #27

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 1, 2025

v1.14.0

What's Changed

New Contributors

v1.13.0

What's Changed

v1.12.0

What's Changed

New Contributors

v5.2.3

What's Changed

New Contributors

v5.2.2

What's Changed

Security fix

New Contributors

v1.10.1

🐛 Fix

v1.10.0

What's Changed

🚨 Attention!

✨ Features

🐛 Fix

🪠 Testing

📝 Docs

New Contributors

v1.11.1

What's Changed

v1.11.0

What's Changed

Functional Changes

Fixes

Documentation, Build & CI

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant