chore(deps): bump tailscale.com from 1.68.0 to 1.96.3#36
Conversation
Bumps [tailscale.com](https://github.com/tailscale/tailscale) from 1.68.0 to 1.96.3. - [Release notes](https://github.com/tailscale/tailscale/releases) - [Commits](tailscale/tailscale@v1.68.0...v1.96.3) --- updated-dependencies: - dependency-name: tailscale.com dependency-version: 1.96.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
PR SummaryMedium Risk Overview Bumps the module’s Go version to Written by Cursor Bugbot for commit 00e7564. This will update automatically on new commits. Configure here. |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.
| go 1.24.0 | ||
|
|
||
| toolchain go1.24.9 | ||
| go 1.26.1 |
There was a problem hiding this comment.
Go version bump breaks security workflow
High Severity
The go.mod now requires go 1.26.1, and ci.yml was correctly updated to use go-version-file: go.mod. However, .github/workflows/security.yml still hardcodes go-version: '1.24'. Go enforces the go directive as a minimum version, so the daily security scan workflow will fail because Go 1.24 cannot build a module requiring Go 1.26.1. The GO_VERSION env var was also removed from ci.yml, but security.yml was not updated alongside it.
Additional Locations (1)
1 participant
Bumps tailscale.com from 1.68.0 to 1.96.3.
Release notes
Sourced from tailscale.com's releases.
... (truncated)
Commits
bf309e4VERSION.txt: this is v1.96.341061fafeature/featuretags: skip TestAllOmitBuildTagsDeclared when not in a git repoa330ce9net/dns: use the correct separator for multiple servers in the same NRPT rule...044221bkube/certs: discover TLS domains from TCP TerminateTLS handlers (#19020) (#19...17a4f58VERISON.txt this is v1.96.2c25843ecmd/{containerboot,k8s-operator}: reissue auth keys for broken proxies (#1645...43ad51dutil/linuxfw: fix nil pointer panic in connmark rules without IPv6 (#18946) (...f2c3a67cmd/k8s-operator: use correct tailnet client for L7 & L3 ingresses (#18749) (...6af139fVERSION.txt: this is v1.96.1 (#18942)cf3f31fgo.mod: bump for internal/poll: move rsan to heap on windowsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)