Skip to content

chore(deps): bump github.com/anchore/stereoscope from 0.2.1 to 0.2.2#538

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/anchore/stereoscope-0.2.2
Closed

chore(deps): bump github.com/anchore/stereoscope from 0.2.1 to 0.2.2#538
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/anchore/stereoscope-0.2.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/anchore/stereoscope from 0.2.1 to 0.2.2.

Release notes

Sourced from github.com/anchore/stereoscope's releases.

v0.2.2

Dependencies

28 dependency changes (26 updated, 2 removed). 6 vulnerabilities remediated.

🟢 Remediated (6)

Toolchains (1)

  • Go minimum version: 1.26.21.26.3
  • github.com/anchore/go-collections v0.1.0v0.1.1
  • github.com/anchore/go-homedir v0.1.0v0.1.1
  • github.com/anchore/go-logger v0.1.0v0.1.1
  • github.com/containerd/containerd/api v1.11.0v1.11.1
  • github.com/containerd/containerd/v2 v2.3.0v2.3.2 (🟢 remediated GHSA-33vj-92qq-66hc, GHSA-cvxm-645q-p574, GHSA-fqw6-gf59-qr4w, GHSA-jpcc-p29g-p8mq, GHSA-rgh6-rfwx-v388, GHSA-xhf5-7wjv-pqxp)
  • github.com/docker/cli v29.4.3+incompatiblev29.5.3+incompatible
  • github.com/docker/go-connections v0.6.0v0.7.0
  • github.com/gkampitakis/ciinfo v0.3.2v0.3.4
  • github.com/gkampitakis/go-snaps v0.5.21v0.5.22
  • github.com/go-test/deep v1.0.8v1.1.1
  • github.com/goccy/go-yaml v1.18.0v1.19.2
  • github.com/google/go-containerregistry v0.21.5v0.21.7
  • github.com/klauspost/compress v1.18.5v1.18.6
  • github.com/maruel/natural v1.1.1v1.3.0
  • github.com/moby/moby/api v1.54.1v1.54.2
  • github.com/moby/moby/client v0.4.0v0.4.1
  • github.com/sylabs/sif/v2 v2.24.0v2.24.1
  • github.com/tidwall/gjson v1.18.0v1.19.0
  • golang.org/x/crypto v0.50.0v0.53.0
  • golang.org/x/mod v0.35.0v0.37.0
  • golang.org/x/net v0.52.0v0.56.0
  • golang.org/x/sync v0.20.0v0.21.0
  • golang.org/x/sys v0.43.0v0.46.0
  • golang.org/x/term v0.42.0v0.44.0
  • golang.org/x/text v0.36.0v0.38.0
  • golang.org/x/tools v0.44.0v0.46.0

... (truncated)

Commits
  • 2d7c4a9 chore(deps): bump github.com/google/go-containerregistry (#618)
  • 566349c chore(deps): bump github.com/sylabs/sif/v2 from 2.24.0 to 2.24.1 (#626)
  • 18d3722 chore(deps): update anchore dependencies (#577)
  • fe34d2b Update go-make to v0.8.0 (#628)
  • 31354bc chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.21 to 0.5.22 (#624)
  • c373c16 chore(deps): bump github.com/containerd/containerd/v2 (#627)
  • 2eceb55 chore(deps): bump golang.org/x/tools from 0.45.0 to 0.46.0 (#620)
  • a59230e chore(deps): bump github.com/docker/cli (#621)
  • 6bd68d3 chore(deps): bump github.com/go-test/deep from 1.0.8 to 1.1.1 (#622)
  • 4bd618d refactor release pipeline: TAG_TOKEN, skip-checks gate, go-make bump, dependa...
  • Additional commits viewable in compare view

@dependabot dependabot Bot added the dependencies dealing with project dependencies label Jul 2, 2026
@oss-auto-merger oss-auto-merger Bot enabled auto-merge (squash) July 2, 2026 20:06
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/anchore/stereoscope-0.2.2 branch from d028e93 to 7740244 Compare July 2, 2026 20:13
Bumps [github.com/anchore/stereoscope](https://github.com/anchore/stereoscope) from 0.2.1 to 0.2.2.
- [Release notes](https://github.com/anchore/stereoscope/releases)
- [Changelog](https://github.com/anchore/stereoscope/blob/main/RELEASE.md)
- [Commits](anchore/stereoscope@v0.2.1...v0.2.2)

---
updated-dependencies:
- dependency-name: github.com/anchore/stereoscope
  dependency-version: 0.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/anchore/stereoscope-0.2.2 branch from 7740244 to 835834d Compare July 2, 2026 20:22
@dependabot @github

dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor Author

Looks like github.com/anchore/stereoscope is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 2, 2026
auto-merge was automatically disabled July 2, 2026 20:29

Pull request was closed

@dependabot dependabot Bot deleted the dependabot/go_modules/github.com/anchore/stereoscope-0.2.2 branch July 2, 2026 20:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies dealing with project dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants