deps: bump the deps group across 1 directory with 3 updates by dependabot[bot] · Pull Request #70 · AlienFamilyHub/reblog

dependabot · 2026-02-09T06:59:48Z

Bumps the deps group with 3 updates in the / directory: github.com/gofiber/fiber/v3, github.com/sirupsen/logrus and github.com/golang-jwt/jwt/v5.

Updates github.com/gofiber/fiber/v3 from 3.0.0-rc.3 to 3.0.0

Release notes

Sourced from github.com/gofiber/fiber/v3's releases.

v3.0.0

For a detailed view of all changes and the migration guide, visit: https://docs.gofiber.io/whats_new

Try our new migration tool to help you upgrade from v2 to v3:
go install github.com/gofiber/cli/fiber@latest
fiber migrate --to v3
What's Changed

🚀 New Features

🚀 App (Docs)

Rename WithTlsConfig method to WithTLSConfig in (#2570)

Use any as default Message type of Error struct in (#1925)

Add support for custom constraints in (#2807)

Add support for trusted origins in (#2910)

Add DialDualStack option for upstream IPv6 support in (#2900)

TrustedOrigins using https://*.example.com style subdomains in (#2925)

Add configuration support to c.SendFile() in (#3017)

Add CHIPS support to Cookie in (#3047)

Add TestConfig to app.Test() for configurable testing in (#3161)

Add buffered streaming support in (#3131)

Add support for AutoTLS / ACME in (#3201)

Add support for configuring TLS Min Version in (#3248)

Fix square bracket notation in Multipart FormData in (#3235)

Add support for application state management in (#3360)

Add support for NewErrorf in (#3463)

Add UNIX socket support in (#3535)

Add support for Msgpack in (#3565)

Add default UTF-8 charset in (#3583)

Support for SendEarlyHints in (#3483)

Add conditional copy helpers in (#3703)

Add request inspection helpers in (#3727)

Add support for redacting values in (#3759)

Add support for handling unsupported HTTP methods as HTTP 501 in (#3854)

Add support for ReloadViews() in (#3876)

Expose startup message customization hooks in (#3824)

Migrate from UUIDv4 to SecureToken for key generation in (#3946)

Add ExpirationFunc for dynamic expiration in (#3984)

Auto-enforce Secure=true for Partitioned cookies in Cookie() in (#3976)

📎 Binding (Docs)

Initial support for binding in (#1981)

Bind: add support for multipart file binding in (#3309)

Add All method to Bind in (#3373)

🌎 Client (Docs)

Client refactor in (#1986)

Add support for creating Fiber client from existing FastHTTP client in (#3214)

... (truncated)

Commits

f8f34f6 Merge pull request #4045 from gofiber/improve-documentation-in-whats_new.md
951bbf6 docs: update listen migration to ListenConfig
1b0f627 Merge remote-tracking branch 'origin/main'
1d83efc docs: remove outdated section on session middleware from whats_new.md
13ac7eb Merge pull request #4042 from gofiber/add-parallel-benchmarks-to-test-files
9be4804 Merge pull request #4044 from gofiber/copilot/sub-pr-4042
ca1bb6a Merge remote-tracking branch 'origin/main'
77e9e7a feat: add step to remove parallel benchmarks from output in benchmark workflow
16e596c Add nolint directives for benchmark error handling
c037939 Fix data races in parallel benchmarks
Additional commits viewable in compare view

Updates github.com/sirupsen/logrus from 1.9.3 to 1.9.4

Release notes

Sourced from github.com/sirupsen/logrus's releases.

v1.9.4

Notable changes

go.mod: update minimum supported go version to v1.17 sirupsen/logrus#1460

go.mod: bump up dependencies sirupsen/logrus#1460

Touch-up godoc and add "doc" links.

README: fix links, grammar, and update examples.

Add GNU/Hurd support sirupsen/logrus#1364

Add WASI wasip1 support sirupsen/logrus#1388

Remove uses of deprecated ioutil package sirupsen/logrus#1472

CI: update actions and golangci-lint sirupsen/logrus#1459

CI: remove appveyor, add macOS sirupsen/logrus#1460

Full Changelog: sirupsen/logrus@v1.9.3...v1.9.4

Commits

b61f268 Merge pull request #1472 from goldlinker/master
15c29db refactor: replace the deprecated function in the ioutil package
cb253f3 Merge pull request #1464 from thaJeztah/touchup_godoc
29b2337 Merge pull request #1468 from thaJeztah/touchup_readme
d916819 Merge pull request #1427 from dolmen/fix-testify-usage
135e482 README: small touch-ups
2c5fa36 Merge pull request #1467 from thaJeztah/rm_old_badge
877ecec README: remove travis badge
55cf256 Merge pull request #1393 from jsoref/grammar
21bae50 Merge pull request #1426 from dolmen/testing-fix-use-of-math-rand
Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.3.0 to 5.3.1

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.1

What's Changed

🔐 Features

Add spellcheck Github action to catch common spelling mistakes by @equalsgibson in golang-jwt/jwt#458

Add WithNotBeforeRequired parser option and add test coverage by @equalsgibson in golang-jwt/jwt#456

Update godoc example func to properly refer to NewWithClaims() by @equalsgibson in golang-jwt/jwt#459

Update github workflows by @mfridman in golang-jwt/jwt#462

Additional test for CustomClaims that validates unmarshalling behaviour by @equalsgibson in golang-jwt/jwt#457

Fix early file close in jwt cli by @mfridman in golang-jwt/jwt#472

Add TPM signature reference by @salrashid123 in golang-jwt/jwt#473

Remove misleading ParserOptions documentation in golang-jwt/jwt#484

Save signature to Token struct after successful signing by @EgorSheff in golang-jwt/jwt#417

Set token.Signature in ParseUnverified by @slickwilli in golang-jwt/jwt#414

👒 Dependencies

Bump crate-ci/typos from 1.34.0 to 1.35.3 by @dependabot[bot] in golang-jwt/jwt#461

Bump crate-ci/typos from 1.35.4 to 1.36.2 by @dependabot[bot] in golang-jwt/jwt#470

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in golang-jwt/jwt#478

Bump crate-ci/typos from 1.36.2 to 1.39.0 by @dependabot[bot] in golang-jwt/jwt#480

Bump golangci/golangci-lint-action from 8 to 9 by @dependabot[bot] in golang-jwt/jwt#481

Bump actions/setup-go from 5 to 6 by @dependabot[bot] in golang-jwt/jwt#469

Bump crate-ci/typos from 1.39.0 to 1.40.0 by @dependabot[bot] in golang-jwt/jwt#488

Bump actions/checkout from 5 to 6 by @dependabot[bot] in golang-jwt/jwt#487

Bump crate-ci/typos from 1.40.0 to 1.41.0 by @dependabot[bot] in golang-jwt/jwt#490

Bump crate-ci/typos from 1.41.0 to 1.42.1 by @dependabot[bot] in golang-jwt/jwt#492

New Contributors

@equalsgibson made their first contribution in golang-jwt/jwt#458

@salrashid123 made their first contribution in golang-jwt/jwt#473

@EgorSheff made their first contribution in golang-jwt/jwt#417

@slickwilli made their first contribution in golang-jwt/jwt#414

Full Changelog: golang-jwt/jwt@v5.3.0...v5.3.1

Commits

7ceae61 Add release.yml for changelog configuration
dce8e4d Set token.Signature in ParseUnverified (#414)
8889e20 Save signature to Token struct after successful signing (#417)
d237f82 ci: update github-actions schedule interval to monthly
d8dce95 Bump crate-ci/typos from 1.41.0 to 1.42.1 (#492)
e931803 Bump crate-ci/typos from 1.40.0 to 1.41.0 (#490)
e6a0afa Bump actions/checkout from 5 to 6 (#487)
9f85c9e Bump crate-ci/typos from 1.39.0 to 1.40.0 (#488)
60a8669 Bump actions/setup-go from 5 to 6 (#469)
76f5828 Remove misleading ParserOptions documentation (#484)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the deps group with 3 updates in the / directory: [github.com/gofiber/fiber/v3](https://github.com/gofiber/fiber), [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) and [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt). Updates `github.com/gofiber/fiber/v3` from 3.0.0-rc.3 to 3.0.0 - [Release notes](https://github.com/gofiber/fiber/releases) - [Commits](gofiber/fiber@v3.0.0-rc.3...v3.0.0) Updates `github.com/sirupsen/logrus` from 1.9.3 to 1.9.4 - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](sirupsen/logrus@v1.9.3...v1.9.4) Updates `github.com/golang-jwt/jwt/v5` from 5.3.0 to 5.3.1 - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Commits](golang-jwt/jwt@v5.3.0...v5.3.1) --- updated-dependencies: - dependency-name: github.com/gofiber/fiber/v3 dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: deps - dependency-name: github.com/sirupsen/logrus dependency-version: 1.9.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: deps - dependency-name: github.com/golang-jwt/jwt/v5 dependency-version: 5.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-04-06T06:44:08Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 9, 2026

dependabot Bot closed this Apr 6, 2026

dependabot Bot deleted the dependabot/go_modules/deps-a71f6fad17 branch April 6, 2026 06:44

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps: bump the deps group across 1 directory with 3 updates#70

deps: bump the deps group across 1 directory with 3 updates#70
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/deps-a71f6fad17

dependabot Bot commented on behalf of github Feb 9, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Apr 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Feb 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.0.0

What's Changed

🚀 New Features

v1.9.4

Notable changes

v5.3.1

What's Changed

🔐 Features

👒 Dependencies

New Contributors

Uh oh!

dependabot Bot commented on behalf of github Apr 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Feb 9, 2026 •

edited

Loading