Skip to content

Bump github.com/labstack/gommon from 0.4.2 to 0.5.0#15

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/labstack/gommon-0.5.0
Closed

Bump github.com/labstack/gommon from 0.4.2 to 0.5.0#15
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/labstack/gommon-0.5.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 11, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/labstack/gommon from 0.4.2 to 0.5.0.

Release notes

Sourced from github.com/labstack/gommon's releases.

v0.5.0

Highlights

  • email: SMTPS / implicit TLS on port 465. smtp.SendMail only speaks plain + STARTTLS, so Resend/SendGrid/etc. on :465 hang on the handshake. Detect port 465 and dial TLS directly. Added Email.TLSConfig (custom root pool / ServerName; always cloned per send) and Email.DialTimeout (scoped to the TCP/TLS connect phase).
  • email: no silent cleartext downgrade. Drive Hello() explicitly so a failed EHLO can't be swallowed and mis-read as "STARTTLS not advertised".
  • log: silence 14 go vet printf warnings. Split the internal log() method; public signatures unchanged. TestCallerFile guards the runtime.Caller skip.
  • random: fix sync.Pool copy in New(). Construct the pool directly on the struct — sync.Pool must not be copied after first use.

Toolchain (breaking)

  • Go directive bumped 1.181.23.0 to align with labstack/echo. Consumers on Go <1.23 should stay on v0.4.2.
  • CI matrix: 1.23 / 1.24 / 1.25 / 1.26 × ubuntu / macos / windows.
  • Deps refreshed: testify 1.8.4 → 1.11.1, go-colorable 0.1.13 → 0.1.14, go-isatty 0.0.20 → 0.0.21, x/sys 0.15.0 → 0.29.0 (highest that still supports Go 1.23).

Non-breaking code changes

  • bytes/bytes_test.go: replaced Parse(\"8EiB\") assertions with Parse(\"7EiB\") — 2^63 overflowed int64 and relied on implementation-defined float-to-int behavior.

Full diff

labstack/gommon#62

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 11, 2026
@donbagger

Copy link
Copy Markdown
Contributor

@dependabot rebase

Bumps [github.com/labstack/gommon](https://github.com/labstack/gommon) from 0.4.2 to 0.5.0.
- [Release notes](https://github.com/labstack/gommon/releases)
- [Commits](labstack/gommon@v0.4.2...v0.5.0)

---
updated-dependencies:
- dependency-name: github.com/labstack/gommon
  dependency-version: 0.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/labstack/gommon-0.5.0 branch from 433307c to a8ca3e1 Compare May 11, 2026 11:26
@dependabot @github

dependabot Bot commented on behalf of github May 11, 2026

Copy link
Copy Markdown
Contributor Author

Looks like github.com/labstack/gommon is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this May 11, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/github.com/labstack/gommon-0.5.0 branch May 11, 2026 11:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant