chore(deps): bump github.com/ipld/go-ipld-prime from 0.23.0 to 0.24.0 by dependabot[bot] · Pull Request #70 · ipld/go-trustless-utils

dependabot · 2026-06-02T22:13:20Z

Bumps github.com/ipld/go-ipld-prime from 0.23.0 to 0.24.0.

Release notes

Sourced from github.com/ipld/go-ipld-prime's releases.

v0.24.0

What's Changed

build(deps): bump github.com/ipfs/boxo from 0.38.0 to 0.39.0 in /storage/bsadapter by @dependabot[bot] in ipld/go-ipld-prime#628

build(deps): bump github.com/ipfs/boxo from 0.38.0 to 0.39.0 in /storage/bsrvadapter by @dependabot[bot] in ipld/go-ipld-prime#627

build(deps): bump github.com/polydawn/refmt from 0.89.1-0.20231129105047-37766d95467a to 0.90.0 by @dependabot[bot] in ipld/go-ipld-prime#629

feat(dagcbor): enforce strict decode defaults by @rvagg in ipld/go-ipld-prime#630

Enable stricter DAG-CBOR decode checks by default using refmt's canonical-form options. Reject indefinite-length CBOR in all modes, and reject non-minimal CBOR heads, NaN, infinity, and duplicate map keys by default.

Add RelaxedDecode as an opt-out for legacy non-canonical inputs while leaving known remaining gaps explicit: map key order and non-64-bit float encodings are still accepted for now.

Full Changelog: ipld/go-ipld-prime@v0.23.0...v0.24.0

Commits

ac2cb1a chore: v0.24.0 bump (#631)
bc78773 feat(dagcbor): enforce strict decode defaults (#630)
bc7bf1b build(deps): bump github.com/polydawn/refmt (#629)
b6ff5a2 build(deps): bump github.com/ipfs/boxo in /storage/bsrvadapter (#627)
0d2c18d build(deps): bump github.com/ipfs/boxo in /storage/bsadapter (#628)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/ipld/go-ipld-prime](https://github.com/ipld/go-ipld-prime) from 0.23.0 to 0.24.0. - [Release notes](https://github.com/ipld/go-ipld-prime/releases) - [Changelog](https://github.com/ipld/go-ipld-prime/blob/master/CHANGELOG.md) - [Commits](ipld/go-ipld-prime@v0.23.0...v0.24.0) --- updated-dependencies: - dependency-name: github.com/ipld/go-ipld-prime dependency-version: 0.24.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 2, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump github.com/ipld/go-ipld-prime from 0.23.0 to 0.24.0#70

chore(deps): bump github.com/ipld/go-ipld-prime from 0.23.0 to 0.24.0#70
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/ipld/go-ipld-prime-0.24.0

dependabot Bot commented on behalf of github Jun 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 2, 2026

v0.24.0

What's Changed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants