Skip to content

chore(deps): bump github.com/gin-contrib/cors from 1.7.6 to 1.7.7#436

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/github.com/gin-contrib/cors-1.7.7
Open

chore(deps): bump github.com/gin-contrib/cors from 1.7.6 to 1.7.7#436
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/github.com/gin-contrib/cors-1.7.7

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 30, 2026
edited by cubic-dev-ai bot
Loading

Bumps github.com/gin-contrib/cors from 1.7.6 to 1.7.7.

Release notes

Sourced from github.com/gin-contrib/cors's releases.

v1.7.7

Changelog

Others

  • 2816d6da1754dae141f65310dfbf4a1600af782a: Add Go 1.26 to GitHub Actions test matrix (@​appleboy)
  • a92928f098c146faaa5e691399c0ab3c2b808d2f: Update golangci-lint version to v2.9 (@​appleboy)
  • b77776e77f9daaf63076e696016cf99340cdc79e: Fix Trivy badge URL in README.md (@​appleboy)

Bug fixes

  • 123928c03ce0b7336b4322d38d57bf7cf4e9b808: fix: allow ^ anchor in regex CORS origin patterns (#177) (@​brokenthumbs)
  • 3585a5e62daa3d1b40e134b6d2a8bf07b33b2d57: fix: resolve golangci-lint issues in tests (@​appleboy)

Enhancements

  • 21c982fe706deec13d8012eb66b8feaed5c1acd2: chore: update Go version and refresh dependencies to latest releases (@​appleboy)
  • 402233a7419c785098703756402484dae63f4417: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (@​appleboy)
  • 0c142794c2885f61c16db122c343da553801a9dd: chore(deps): bump actions/checkout from 4 to 6 (@​appleboy)
  • 3333b3d0d3ff5d3d6e5f715665a0920522e091ea: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
  • 754ef53f194ecb7faa198ca6c9365b8975217aba: chore(ci): update golangci-lint to v2.6 (@​appleboy)
  • c5dcea89610356ca36bd8bd2534943105f731b20: chore(deps): bump actions/cache from 4 to 5 (@​appleboy)
  • 139173a220a23bae1172280cfaaf86addd2c5248: chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0 (@​appleboy)
  • 9e6ec27fa96936d68a516d5367486e262812275b: chore(deps): upgrade gin to v1.12.0 and update CI Go versions (@​appleboy)
  • e19d20de2b561cdd642ed336fcca368fd8e251cf: chore(deps): upgrade golang.org/x/text to v0.35.0 (@​appleboy)

Build process updates

  • f46b87eacdb9f84a99136501d3e50873b9ebdb7a: ci: integrate Trivy vulnerability scanning into CI workflow (@​appleboy)
  • c4b4ccff788f6a1ec0d796054d870f1a432b4193: ci: broaden CI Go version testing (@​appleboy)
  • 33f131c7e60abbda06621e3db880ea3b87200c59: ci: add dedicated Trivy security scanning and status badge (@​appleboy)
  • fe8e9d050af48828d10c39a76c03b0ca91cf1061: ci: integrate automated Trivy security scanning via GitHub Actions (@​appleboy)
  • f20e310cdc56e1eabc1a247230e073cc11c1f134: ci: update CI tooling and refine supported Go versions (@​appleboy)
  • d94e4773a2a44fc8c0738ad4fa77d82dc7f57c5f: ci: modernize and consolidate CI workflows and security scanning (@​appleboy)
  • b16eb9fe4380bf20f4725be6714555203d347126: ci: rename Trivy workflow file for enhanced clarity (@​appleboy)
  • ec180b59ed3a195d28938bfa138627714a1316dc: ci(workflow): bump goreleaser/goreleaser-action from v6 to v7 (@​appleboy)
Commits
  • e19d20d chore(deps): upgrade golang.org/x/text to v0.35.0
  • ec180b5 ci(workflow): bump goreleaser/goreleaser-action from v6 to v7
  • 9e6ec27 chore(deps): upgrade gin to v1.12.0 and update CI Go versions
  • 139173a chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0
  • b77776e Fix Trivy badge URL in README.md
  • a92928f Update golangci-lint version to v2.9
  • 2816d6d Add Go 1.26 to GitHub Actions test matrix
  • c5dcea8 chore(deps): bump actions/cache from 4 to 5
  • 3585a5e fix: resolve golangci-lint issues in tests
  • 754ef53 chore(ci): update golangci-lint to v2.6
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by cubic

Upgrade github.com/gin-contrib/cors to 1.7.7 to fix regex CORS origin patterns (supports ^ anchors). Improves CORS origin matching in our API.

  • Dependencies
    • Set Go to 1.25.0.
    • Update github.com/gin-gonic/gin to 1.12.0.
    • Refresh indirect deps (examples): quic-go 0.59.0, golang.org/x/* (arch, net, text, tools, sync, mod), validator 10.30.1, mimetype 1.4.12, go-yaml 1.19.2, ugorji/codec 1.3.1.

Written for commit b0d65b6. Summary will update on new commits.

@dependabot
chore(deps): bump github.com/gin-contrib/cors from 1.7.6 to 1.7.7
b0d65b6 
Bumps [github.com/gin-contrib/cors](https://github.com/gin-contrib/cors) from 1.7.6 to 1.7.7.
- [Release notes](https://github.com/gin-contrib/cors/releases)
- [Commits](gin-contrib/cors@v1.7.6...v1.7.7)

---
updated-dependencies:
- dependency-name: github.com/gin-contrib/cors
  dependency-version: 1.7.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 30, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 30, 2026 03:04
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 30, 2026
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 30, 2026
View reviewed changes
Copy link
Copy Markdown

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 2 files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants