bump direct go dependencies#2803
Conversation
Assisted-By: docker-agent
…patible Assisted-By: docker-agent
Assisted-By: docker-agent
docker-agent
left a comment
docker-agent
left a comment
There was a problem hiding this comment.
Assessment: 🟢 APPROVE
Routine dependency bump updating three direct Go modules:
github.com/anthropics/anthropic-sdk-gov1.42.0 → v1.43.0github.com/docker/cliv29.4.3+incompatible → v29.5.0+incompatiblegoogle.golang.org/genaiv1.56.0 → v1.57.0
Also promotes github.com/standard-webhooks/standard-webhooks/libraries from a pseudo-version to the tagged release v0.0.1. The go.mod hash for that module is identical between old and new entries, confirming content consistency; the h1 hash difference is expected for a different zip archive.
All go.sum entries are consistent with their corresponding go.mod changes. No source code modifications are present — only dependency metadata files are touched. No issues found.
| github.com/pb33f/jsonpath v0.8.2 // indirect | ||
| github.com/pb33f/ordered-map/v2 v2.3.1 // indirect | ||
| github.com/standard-webhooks/standard-webhooks/libraries v0.0.0-20260508151727-1282bb917829 // indirect | ||
| github.com/standard-webhooks/standard-webhooks/libraries v0.0.1 // indirect |
There was a problem hiding this comment.
Non-blocking: this transitive bump is pulled in by anthropic-sdk-go v1.43.0 (upstream commit "fix standard webhooks version", anthropic#842). The /go.mod hash is unchanged between the two entries — only the h1 archive hash differs, which is expected when the source switches from a pseudo-version archive to the tagged release. Worth calling out in the PR body so a future reader doesn't wonder where the fourth bump came from.
3 participants
Bumps direct Go module dependencies, validated individually with lint and tests.
Assisted-By: docker-agent