Skip to content

Update dependency nginx/agent to v3.6.0 (#4425) #4427

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sjberman merged 2 commits into from
Dec 10, 2025
Merged

Update dependency nginx/agent to v3.6.0 (#4425) #4427

sjberman merged 2 commits into from
Dec 10, 2025

Conversation

@sjberman
Copy link
Collaborator

@sjberman sjberman commented Dec 9, 2025
edited
Loading

This PR contains the following updates:

Package Update Change
nginx/agent minor v3.5.1 -> v3.6.0

Release Notes

nginx/agent (nginx/agent)

v3.6.0

Compare Source

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate @sjberman
Update dependency nginx/agent to v3.6.0 (#4425)
2e7f3c8 
| datasource  | package     | from   | to     |
| ----------- | ----------- | ------ | ------ |
| github-tags | nginx/agent | v3.5.1 | v3.6.0 |

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

---------

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Saylor Berman <[email protected]>
@sjberman sjberman requested a review from a team as a code owner December 9, 2025 18:05
@github-actions github-actions bot added documentation Improvements or additions to documentation dependencies Pull requests that update a dependency file labels Dec 9, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Dec 9, 2025
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ❌ 12 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ✅ 0 package(s) with unknown licenses.
See the Details below.

License Issues

go.mod

PackageVersionLicenseIssue Type
golang.org/x/mod0.30.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/net0.47.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/sync0.18.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/sys0.38.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/term0.37.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/text0.31.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License

tests/go.mod

PackageVersionLicenseIssue Type
golang.org/x/mod0.30.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/net0.47.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/sync0.18.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/sys0.38.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/term0.37.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
golang.org/x/text0.31.0BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golangIncompatible License
Allowed Licenses: Apache-1.1, Apache-2.0, BSD-2-Clause, BSD-3-Clause, BSL-1.0, ISC, MIT, NCSA, OpenSSL, Python-2.0, X11, CC0-1.0, CC-BY-4.0
Excluded from license check: pkg:githubactions/fossas/fossa-action, pkg:githubactions/opentofu/setup-opentofu, pkg:golang/github.com/shoenig/go-m1cpu, pkg:pypi/pytest-metadata

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
gomod/github.com/nginx/agent/v3 3.6.0 🟢 7.5
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dependency-Update-Tool🟢 10update tool detected
Security-Policy🟢 10security policy file detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies🟢 7dependency not pinned by hash detected -- score normalized to 7
SAST🟢 9SAST tool is not run on all commits -- score normalized to 9
License🟢 10license file detected
Packaging🟢 10packaging workflow detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 4 contributing companies or organizations
gomod/golang.org/x/mod 0.30.0 UnknownUnknown
gomod/golang.org/x/net 0.47.0 UnknownUnknown
gomod/golang.org/x/sync 0.18.0 UnknownUnknown
gomod/golang.org/x/sys 0.38.0 UnknownUnknown
gomod/golang.org/x/term 0.37.0 UnknownUnknown
gomod/golang.org/x/text 0.31.0 UnknownUnknown
gomod/golang.org/x/mod 0.30.0 UnknownUnknown
gomod/golang.org/x/net 0.47.0 UnknownUnknown
gomod/golang.org/x/sync 0.18.0 UnknownUnknown
gomod/golang.org/x/sys 0.38.0 UnknownUnknown
gomod/golang.org/x/term 0.37.0 UnknownUnknown
gomod/golang.org/x/text 0.31.0 UnknownUnknown

Scanned Files

  • go.mod
  • tests/go.mod

@sjberman
Copy link
Collaborator Author

sjberman commented Dec 9, 2025

@salonichf5 How does that PR relate to this?

@salonichf5
Copy link
Contributor

salonichf5 commented Dec 9, 2025
edited
Loading

@salonichf5 How does that PR relate to this?

I thought the dependency update were correlated but i am wrong. They do not relate. Delete the first comment to remove reference

@sjberman sjberman removed the documentation Improvements or additions to documentation label Dec 9, 2025
@sjberman sjberman merged commit 1a46327 into release-2.2 Dec 10, 2025
70 of 76 checks passed
@sjberman sjberman deleted the deps/agent branch December 10, 2025 16:47
@github-project-automation github-project-automation bot moved this from 🆕 New to ✅ Done in NGINX Gateway Fabric Dec 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shaun-nx shaun-nx shaun-nx approved these changes

@salonichf5 salonichf5 salonichf5 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

NGINX Gateway Fabric
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sjberman @salonichf5 @shaun-nx