(arrow-go) branch main updated: chore: Bump github.com/klauspost/compress from 1.18.2 to 1.18.3 (#640)

Tue, 20 Jan 2026 14:37:36 -0800 

This is an automated email from the ASF dual-hosted git repository.

zeroshade pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-go.git


The following commit(s) were added to refs/heads/main by this push:
     new f396842d chore: Bump github.com/klauspost/compress from 1.18.2 to 
1.18.3 (#640)
f396842d is described below

commit f396842d12c48ae0a0ce14e8c3a51554faca0dca
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Jan 20 17:37:20 2026 -0500

    chore: Bump github.com/klauspost/compress from 1.18.2 to 1.18.3 (#640)
    
    Bumps
    [github.com/klauspost/compress](https://github.com/klauspost/compress)
    from 1.18.2 to 1.18.3.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a
    
href="https://github.com/klauspost/compress/releases";>github.com/klauspost/compress's
    releases</a>.</em></p>
    <blockquote>
    <h2>v1.18.3</h2>
    <p>Downstream CVE-2025-61728</p>
    <p>See <a
    
href="https://redirect.github.com/golang/go/issues/77102";>golang/go#77102</a></p>
    <p><strong>Full Changelog</strong>: <a
    
href="https://github.com/klauspost/compress/compare/v1.18.2...v1.18.3";>https://github.com/klauspost/compress/compare/v1.18.2...v1.18.3</a></p>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a
    
href="https://github.com/klauspost/compress/commit/1d6cf28a9eac67b569bb334c04e1dcb8bf02cf17";><code>1d6cf28</code></a>
    Downstream CVE-2025-61728</li>
    <li>See full diff in <a
    
href="https://github.com/klauspost/compress/compare/v1.18.2...v1.18.3";>compare
    view</a></li>
    </ul>
    </details>
    <br />
    
    
    [![Dependabot compatibility
    
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/klauspost/compress&package-manager=go_modules&previous-version=1.18.2&new-version=1.18.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't
    alter it yourself. You can also trigger a rebase manually by commenting
    `@dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `@dependabot rebase` will rebase this PR
    - `@dependabot recreate` will recreate this PR, overwriting any edits
    that have been made to it
    - `@dependabot merge` will merge this PR after your CI passes on it
    - `@dependabot squash and merge` will squash and merge this PR after
    your CI passes on it
    - `@dependabot cancel merge` will cancel a previously requested merge
    and block automerging
    - `@dependabot reopen` will reopen this PR if it is closed
    - `@dependabot close` will close this PR and stop Dependabot recreating
    it. You can achieve the same result by closing it manually
    - `@dependabot show <dependency name> ignore conditions` will show all
    of the ignore conditions of the specified dependency
    - `@dependabot ignore this major version` will close this PR and stop
    Dependabot creating any more for this major version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this minor version` will close this PR and stop
    Dependabot creating any more for this minor version (unless you reopen
    the PR or upgrade to it yourself)
    - `@dependabot ignore this dependency` will close this PR and stop
    Dependabot creating any more for this dependency (unless you reopen the
    PR or upgrade to it yourself)
    
    
    </details>
    
    Signed-off-by: dependabot[bot] <[email protected]>
    Co-authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 02012334..7518b42d 100644
--- a/go.mod
+++ b/go.mod
@@ -29,7 +29,7 @@ require (
        github.com/google/uuid v1.6.0
        github.com/hamba/avro/v2 v2.31.0
        github.com/klauspost/asmfmt v1.3.2
-       github.com/klauspost/compress v1.18.2
+       github.com/klauspost/compress v1.18.3
        github.com/klauspost/cpuid/v2 v2.3.0
        github.com/minio/asm2plan9s v0.0.0-20200509001527-cdd76441f9d8
        github.com/minio/c2goasm v0.0.0-20190812172519-36a3d3bbc4f3
diff --git a/go.sum b/go.sum
index 303d594d..50a5ef50 100644
--- a/go.sum
+++ b/go.sum
@@ -77,8 +77,8 @@ github.com/json-iterator/go v1.1.12 
h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
 github.com/json-iterator/go v1.1.12/go.mod 
h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/klauspost/asmfmt v1.3.2 
h1:4Ri7ox3EwapiOjCki+hw14RyKk201CN4rzyCJRFLpK4=
 github.com/klauspost/asmfmt v1.3.2/go.mod 
h1:AG8TuvYojzulgDAMCnYn50l/5QV3Bs/tp6j0HLHbNSE=
-github.com/klauspost/compress v1.18.2 
h1:iiPHWW0YrcFgpBYhsA6D1+fqHssJscY/Tm/y2Uqnapk=
-github.com/klauspost/compress v1.18.2/go.mod 
h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
+github.com/klauspost/compress v1.18.3 
h1:9PJRvfbmTabkOX8moIpXPbMMbYN60bWImDDU7L+/6zw=
+github.com/klauspost/compress v1.18.3/go.mod 
h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4=
 github.com/klauspost/cpuid/v2 v2.0.9/go.mod 
h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.0.10/go.mod 
h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
 github.com/klauspost/cpuid/v2 v2.0.12/go.mod 
h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=

Reply via email to