Skip to content

chore(deps): bump golang.org/x/image from 0.32.0 to 0.38.0#32

Merged
ThatScalaGuy merged 1 commit intomainfrom
dependabot/go_modules/golang.org/x/image-0.38.0
Apr 15, 2026
Merged

chore(deps): bump golang.org/x/image from 0.32.0 to 0.38.0#32
ThatScalaGuy merged 1 commit intomainfrom
dependabot/go_modules/golang.org/x/image-0.38.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 14, 2026
edited
Loading

Bumps golang.org/x/image from 0.32.0 to 0.38.0.

Commits
  • 23ae9ed tiff: cap buffer growth to prevent OOM from malicious IFD offset
  • e589e60 webp: allow VP8L + VP8X(with alpha)
  • fe7d73d go.mod: update golang.org/x dependencies
  • e3d762b all: upgrade go directive to at least 1.25.0 [generated]
  • 833c6ed go.mod: update golang.org/x dependencies
  • bc7fe0b go.mod: update golang.org/x dependencies
  • c53c97f go.mod: update golang.org/x dependencies
  • 9032ff7 all: eliminate vet diagnostics
  • 9c9d08c go.mod: update golang.org/x dependencies
  • 742b1b7 all: fix some comments
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 14, 2026
@ThatScalaGuy
Copy link
Copy Markdown
Contributor

ThatScalaGuy commented Apr 14, 2026

@dependabot rebase

@dependabot dependabot bot force-pushed the dependabot/go_modules/golang.org/x/image-0.38.0 branch from 874a172 to 14568db Compare April 14, 2026 19:12
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 14, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ❌ 9 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 14568db.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

go.mod

PackageVersionLicenseIssue Type
golang.org/x/crypto0.48.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/mod0.33.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/net0.50.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/sync0.20.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/sys0.41.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/telemetry0.0.0-20260209163413-e7419c687ee4BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/term0.40.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/text0.35.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/tools0.42.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/image0.38.0NullUnknown License
Allowed Licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0, Unlicense, CC0-1.0

OpenSSF Scorecard

PackageVersionScoreDetails
gomod/golang.org/x/crypto 0.48.0 UnknownUnknown
gomod/golang.org/x/image 0.38.0 UnknownUnknown
gomod/golang.org/x/mod 0.33.0 UnknownUnknown
gomod/golang.org/x/net 0.50.0 UnknownUnknown
gomod/golang.org/x/sync 0.20.0 UnknownUnknown
gomod/golang.org/x/sys 0.41.0 UnknownUnknown
gomod/golang.org/x/telemetry 0.0.0-20260209163413-e7419c687ee4 UnknownUnknown
gomod/golang.org/x/term 0.40.0 UnknownUnknown
gomod/golang.org/x/text 0.35.0 UnknownUnknown
gomod/golang.org/x/tools 0.42.0 UnknownUnknown

Scanned Files

  • go.mod

@dependabot
chore(deps): bump golang.org/x/image from 0.32.0 to 0.38.0
1546028 
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.32.0 to 0.38.0.
- [Commits](golang/image@v0.32.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/image
  dependency-version: 0.38.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/golang.org/x/image-0.38.0 branch from 14568db to 1546028 Compare April 15, 2026 06:33
@ThatScalaGuy
Copy link
Copy Markdown
Contributor

ThatScalaGuy commented Apr 15, 2026

@dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 15, 2026

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@ThatScalaGuy ThatScalaGuy merged commit daca8d9 into main Apr 15, 2026
10 checks passed
@ThatScalaGuy ThatScalaGuy deleted the dependabot/go_modules/golang.org/x/image-0.38.0 branch April 15, 2026 06:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ThatScalaGuy