chore(deps): update bump go dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/gin-contrib/cors	v1.7.6 → v1.7.7
github.com/gin-contrib/gzip	v1.2.5 → v1.2.6
github.com/go-playground/validator/v10	v10.30.1 → v10.30.2
github.com/mattn/go-isatty	v0.0.20 → v0.0.21
github.com/zitadel/oidc/v3	v3.45.5 → v3.47.2
golang.org/x/crypto	v0.48.0 → v0.50.0

---

Release Notes

gin-contrib/cors (github.com/gin-contrib/cors)

v1.7.7

Compare Source

Changelog

Others

• 2816d6d: Add Go 1.26 to GitHub Actions test matrix (@​appleboy)
• a92928f: Update golangci-lint version to v2.9 (@​appleboy)
• b77776e: Fix Trivy badge URL in README.md (@​appleboy)

Bug fixes

• 123928c: fix: allow ^ anchor in regex CORS origin patterns (#​177) (@​brokenthumbs)
• 3585a5e: fix: resolve golangci-lint issues in tests (@​appleboy)

Enhancements

• 21c982f: chore: update Go version and refresh dependencies to latest releases (@​appleboy)
• 402233a: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (@​appleboy)
• 0c14279: chore(deps): bump actions/checkout from 4 to 6 (@​appleboy)
• 3333b3d: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
• 754ef53: chore(ci): update golangci-lint to v2.6 (@​appleboy)
• c5dcea8: chore(deps): bump actions/cache from 4 to 5 (@​appleboy)
• 139173a: chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0 (@​appleboy)
• 9e6ec27: chore(deps): upgrade gin to v1.12.0 and update CI Go versions (@​appleboy)
• e19d20d: chore(deps): upgrade golang.org/x/text to v0.35.0 (@​appleboy)

Build process updates

• f46b87e: ci: integrate Trivy vulnerability scanning into CI workflow (@​appleboy)
• c4b4ccf: ci: broaden CI Go version testing (@​appleboy)
• 33f131c: ci: add dedicated Trivy security scanning and status badge (@​appleboy)
• fe8e9d0: ci: integrate automated Trivy security scanning via GitHub Actions (@​appleboy)
• f20e310: ci: update CI tooling and refine supported Go versions (@​appleboy)
• d94e477: ci: modernize and consolidate CI workflows and security scanning (@​appleboy)
• b16eb9f: ci: rename Trivy workflow file for enhanced clarity (@​appleboy)
• ec180b5: ci(workflow): bump goreleaser/goreleaser-action from v6 to v7 (@​appleboy)

gin-contrib/gzip (github.com/gin-contrib/gzip)

v1.2.6

Compare Source

Changelog

Enhancements

• 873bbb8: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (@​appleboy)
• ade6e24: chore: update indirect dependencies to latest minor versions (@​appleboy)
• fb05b2a: chore: remove bearer.yml workflow (@​appleboy)
• 941d83d: chore(deps): bump actions/checkout from 4 to 6 (@​appleboy)
• 992c35f: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
• 728cc31: chore(ci): update golangci-lint to v2.6 (@​appleboy)
• 7dab3cb: chore: add WithMinLength option to control when responses are gzipped (#​106) (@​takanuva15)
• 1984bfc: chore(deps): bump actions/cache from 4 to 5 (@​appleboy)
• 4fdf19e: chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0 (@​appleboy)
• c65ba86: chore(deps): upgrade gin to v1.12.0 and update CI Go versions (@​appleboy)
• 68f826a: chore(deps): upgrade golang.org/x/text to v0.35.0 (@​appleboy)

Build process updates

• 4c6db59: ci: integrate Trivy security scanning workflow and badge (@​appleboy)
• 68ed7ff: ci(workflow): bump goreleaser/goreleaser-action from v6 to v7 (@​appleboy)

Others

• db4e3d0: Add Go 1.26 to GitHub Actions test matrix (@​appleboy)
• 05b2770: Update golangci-lint version to v2.9 (@​appleboy)

go-playground/validator (github.com/go-playground/validator/v10)

v10.30.2

Compare Source

What's Changed

• chore(deps): bump golang.org/x/crypto from 0.46.0 to 0.47.0 by @​dependabot[bot] in #​1523
• feat: add translations for alphaspace and alphanumspace tags in indonesian by @​savioruz in #​1522
• chore(deps): bump github.com/gabriel-vasile/mimetype from 1.4.12 to 1.4.13 by @​dependabot[bot] in #​1526
• feat: add cmyk(color) to validator by @​thenicolau in #​1528
• chore(deps): bump golang.org/x/text from 0.33.0 to 0.34.0 by @​dependabot[bot] in #​1534
• chore(deps): bump golang.org/x/crypto from 0.47.0 to 0.48.0 by @​dependabot[bot] in #​1533
• Go 1.26 support by @​nodivbyzero in #​1535
• fix: prevent panic in unique validation with nil pointer elements by @​nodivbyzero in #​1532
• docs: fix typos by @​alexandear in #​1527
• feat: implement ValidatorValuer interface feature by @​thommeo in #​1416
• docs: add Valuer interface documentation and example by @​wofiporia in #​1540
• chore(deps): bump golang.org/x/text from 0.34.0 to 0.35.0 by @​dependabot[bot] in #​1545
• chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.49.0 by @​dependabot[bot] in #​1546
• feat: add postcode patterns for Colombia (CO) and British Virgin Islands (VG) by @​j-ibarra in #​1547
• fix(fqdn): allow hyphens in last domain label by @​alihasan070707 in #​1548

New Contributors

• @​savioruz made their first contribution in #​1522
• @​thenicolau made their first contribution in #​1528
• @​thommeo made their first contribution in #​1416
• @​wofiporia made their first contribution in #​1540
• @​j-ibarra made their first contribution in #​1547
• @​alihasan070707 made their first contribution in #​1548

Full Changelog: go-playground/validator@v10.30.1...v10.30.2

mattn/go-isatty (github.com/mattn/go-isatty)

v0.0.21

Compare Source

zitadel/oidc (github.com/zitadel/oidc/v3)

v3.47.2

Compare Source

Bug Fixes

• tolerate string amr claims from external providers (#​855) (5f70eff)

v3.47.1

Compare Source

Bug Fixes

• oidc server error to http status mapping (#​865) (d118dd7)

v3.47.0

Compare Source

This release adds signing of opaque tokens. By secure default, all existing opaque access tokens emitted by OP implementations, will be invalid. Users will need to re-login. If you want a more gradual upgrade use the op.WithCrypto() option to pass a op.NewCompositeCrypto(). Use aop.NewAESCrypto() in the Decrypter slice with the existing master key.

This change does not affect client / RP / RS libraries.

What's Changed

• feat: use jose for bearer-token encryption by @​wim07101993 in b4cf422
• chore: package upgrades by @​wim07101993 in #​866

Full Changelog: zitadel/oidc@v3.46.0...v3.47.0

v3.46.0

Compare Source

Features

• Allow for reuse of cookie creation + decouple creation from http writer (#​848) (4fae59b), closes #​847

v3.45.6

Compare Source

Bug Fixes

• fixed a bunch of typos in both docs, tests and code (#​861) (cab66d5)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 11 additional dependencies were updated

Details:

Package	Change
github.com/gabriel-vasile/mimetype	v1.4.12 -> v1.4.13
github.com/go-jose/go-jose/v4	v4.0.5 -> v4.1.4
go.opentelemetry.io/otel	v1.40.0 -> v1.43.0
go.opentelemetry.io/otel/metric	v1.40.0 -> v1.43.0
go.opentelemetry.io/otel/trace	v1.40.0 -> v1.43.0
golang.org/x/arch	v0.22.0 -> v0.23.0
golang.org/x/net	v0.51.0 -> v0.52.0
golang.org/x/oauth2	v0.35.0 -> v0.36.0
golang.org/x/sync	v0.19.0 -> v0.20.0
golang.org/x/sys	v0.41.0 -> v0.43.0
golang.org/x/text	v0.34.0 -> v0.36.0

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.69%. Comparing base (81699f7) to head (24eb7e5).

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #932   +/-   ##
=======================================
  Coverage   75.69%   75.69%           
=======================================
  Files          61       61           
  Lines        2786     2786           
=======================================
  Hits         2109     2109           
  Misses        523      523           
  Partials      154      154           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.