Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 6 commits
- 6 files changed
- 1 contributor
Commits on Mar 22, 2026
-
-
all: replace Dependabot with govulncheck and latest-deps CI
Remove Dependabot configuration and add two targeted GitHub Actions workflows, as recommended by Filippo Valsorda [1]: - vuln.yml: runs govulncheck daily to check for vulnerabilities in symbols actually reachable by this module, rather than flooding with alerts for unused transitive dependencies. - latest-deps.yml: runs the test suite daily against the latest upstream dependency versions, catching breakage early without auto-updating go.mod on every release. Both workflows support manual triggering via workflow_dispatch. The existing govulncheck step in go.yml is kept as a PR gate. [1] https://words.filippo.io/dependabot/
-
all: use latest stable Go in latest-deps workflow
Updated dependencies may require a newer Go version than what's in go.mod, causing spurious failures. Use the latest stable Go toolchain instead.
-
go1.24.13 is the latest minor release with a number of security fixes.
-
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v1.0.0...v1.0.1