Skip to content

Commit 8782002

Browse files
Shelnutt2Shelnutt2
authored
fix(go.mod): upgrade goldmark to v1.7.17 (CVE-2026-5160) (#25252)
## Summary Upgrades `github.com/yuin/goldmark` from v1.7.13 to v1.7.17 on the `release/2.29` branch to remediate **CVE-2026-5160** (XSS via improper ordering of URL validation and normalization). ## Changes - `go.mod`: bump `github.com/yuin/goldmark` v1.7.13 → v1.7.17 - `go.sum`: updated checksums ## References - [CVE-2026-5160 (NVD)](https://nvd.nist.gov/vuln/detail/CVE-2026-5160) - Fix on main: #23957 - Linear: ENT-41 > [!NOTE] > Generated by Coder Agents. Please review before merging.
1 parent c67fe2c commit 8782002

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -424,7 +424,7 @@ require (
424424
github.com/xeipuuv/gojsonschema v1.2.0 // indirect
425425
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
426426
github.com/yashtewari/glob-intersection v0.2.0 // indirect
427-
github.com/yuin/goldmark v1.7.13 // indirect
427+
github.com/yuin/goldmark v1.7.17 // indirect
428428
github.com/yuin/goldmark-emoji v1.0.6 // indirect
429429
github.com/yusufpapurcu/wmi v1.2.4 // indirect
430430
github.com/zclconf/go-cty v1.17.0

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1190,8 +1190,8 @@ github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
11901190
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
11911191
github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
11921192
github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
1193-
github.com/yuin/goldmark v1.7.13 h1:GPddIs617DnBLFFVJFgpo1aBfe/4xcvMc3SB5t/D0pA=
1194-
github.com/yuin/goldmark v1.7.13/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
1193+
github.com/yuin/goldmark v1.7.17 h1:p36OVWwRb246iHxA/U4p8OPEpOTESm4n+g+8t0EE5uA=
1194+
github.com/yuin/goldmark v1.7.17/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg=
11951195
github.com/yuin/goldmark-emoji v1.0.6 h1:QWfF2FYaXwL74tfGOW5izeiZepUDroDJfWubQI9HTHs=
11961196
github.com/yuin/goldmark-emoji v1.0.6/go.mod h1:ukxJDKFpdFb5x0a5HqbdlcKtebh086iJpI31LTKmWuA=
11971197
github.com/yusufpapurcu/wmi v1.2.4 h1:zFUKzehAFReQwLys1b/iSMl+JQGSCSjtVqQn9bBrPo0=

0 commit comments

Comments
 (0)