Skip to content

chore(deps): bump the gomod group with 2 updates#83

Merged
Xe merged 1 commit intomainfrom
dependabot/go_modules/gomod-01a1860392
Mar 9, 2026
Merged

chore(deps): bump the gomod group with 2 updates#83
Xe merged 1 commit intomainfrom
dependabot/go_modules/gomod-01a1860392

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps the gomod group with 2 updates: golang.org/x/mod and mvdan.cc/sh/v3.

Updates golang.org/x/mod from 0.29.0 to 0.33.0

Commits
  • 27761a2 go.mod: update golang.org/x dependencies
  • 4c04067 go.mod: update golang.org/x dependencies
  • d271cf3 go.mod: update golang.org/x dependencies
  • 269c237 sumdb/note: delete chop
  • 3f03020 x/mod: apply go fix and go vet
  • 7416265 go.mod: update golang.org/x dependencies
  • 5517a71 all: fix some comments
  • b6cdd1a modfile: use reflect.TypeFor instead of reflect.TypeOf
  • See full diff in compare view

Updates mvdan.cc/sh/v3 from 3.12.0 to 3.13.0

Release notes

Sourced from mvdan.cc/sh/v3's releases.

v3.13.0

This release introduces support for Zsh in the parser and formatter, which was tracked in issue #120 alongside the label https://github.com/mvdan/sh/labels/zsh. While support is not complete, it should be far enough for many use cases.

This release also drops support for Go 1.24 and includes many other enhancements:

  • cmd/shfmt
    • Exit with a non-zero status when -l prints any filenames
  • syntax
    • New nodes types and node fields are introduced alongside LangZsh
    • LangVariant is now a bitset, allowing the use of sets like "Bash-like"
    • Add InteractiveSeq and StmtsSeq iterator methods for Parser
    • Stop exposing the internal buffer in Printer via struct embedding
    • Support the use of brace expansions like declare {a,b}_c=value
    • Fix a bug where POSIX and Bash incorrectly allowed empty command lists
  • interp
    • Add support for shopt -s dotglob and shopt -s extglob
    • Add support for simple uses of !(expr) extended glob patterns
    • Support more builtin flags for declare, type, read
    • Fix various bugs relating to nulls, errors, and arrays
  • expand
    • Add Config.DotGlob and Config.ExtGlob for the interpreter
    • Add Variable.Flags to get the one-character declare flags
    • Do not force env vars on Windows to be uppercase
    • Fix various bugs relating to glob pattern matching
  • pattern
    • Add GlobLeadingDot and ExtendedOperators for the interpreter
    • Add NegExtGlobError to mark the use of !(expr) negation patterns

Consider becoming a sponsor if you benefit from the work that went into this release!

Binaries built on go version go1.26.1 linux/amd64 with:

CGO_ENABLED=0 go build -trimpath -ldflags="-w -s"

Changelog

Sourced from mvdan.cc/sh/v3's changelog.

Changelog

Commits
  • 5c4d285 cmd/shfmt: bump Go and Alpine in the Dockerfile
  • 1ae455b update golang.org/x/sys
  • cb484d3 syntax: apply gopls warning suggestion
  • 64d9126 syntax: gofmt -w
  • 55d279f syntax: simplify zsh logic on left parentheses
  • 1cf3c19 syntax: support alternations in zsh test expressions
  • 0f0636e syntax: support parsing extended globs in zsh
  • a173247 syntax: parse and format zsh >! redirects as >|
  • d6bf6c9 syntax: rename ParamExp.Plus to IsSet
  • b612daa cmd/shfmt: simplify flag value code
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the gomod group with 2 updates
236e2e0 
Bumps the gomod group with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [mvdan.cc/sh/v3](https://github.com/mvdan/sh).


Updates `golang.org/x/mod` from 0.29.0 to 0.33.0
- [Commits](golang/mod@v0.29.0...v0.33.0)

Updates `mvdan.cc/sh/v3` from 3.12.0 to 3.13.0
- [Release notes](https://github.com/mvdan/sh/releases)
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md)
- [Commits](mvdan/sh@v3.12.0...v3.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: mvdan.cc/sh/v3
  dependency-version: 3.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 9, 2026
@Xe Xe merged commit 7a93cda into main Mar 9, 2026
16 checks passed
@dependabot dependabot bot deleted the dependabot/go_modules/gomod-01a1860392 branch March 9, 2026 14:30
@techarobot
Copy link

techarobot commented Mar 21, 2026

🎉 This PR is included in version 0.11.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@techarobot @Xe