Skip to content

chore(deps): update module github.com/go-chi/chi/v5 to v5.2.4 [security]#120

Merged
NumaryBot merged 1 commit intomainfrom
renovate/go-github.com-go-chi-chi-v5-vulnerability
Jan 26, 2026
Merged

chore(deps): update module github.com/go-chi/chi/v5 to v5.2.4 [security]#120
NumaryBot merged 1 commit intomainfrom
renovate/go-github.com-go-chi-chi-v5-vulnerability

Conversation

@NumaryBot
Copy link
Contributor

@NumaryBot NumaryBot commented Jan 24, 2026
edited
Loading

This PR contains the following updates:

Package Type Update Change
github.com/go-chi/chi/v5 require patch v5.2.3 -> v5.2.4

Open redirect vulnerability in the RedirectSlashes middleware in github.com/go-chi/chi

GHSA-mqqf-5wvp-8fh8 / GO-2026-4316

More information

Details

Open redirect vulnerability in the RedirectSlashes middleware in github.com/go-chi/chi

Severity

Unknown

References

This data is provided by OSV and the Go Vulnerability Database (CC-BY 4.0).

Release Notes

go-chi/chi (github.com/go-chi/chi/v5)

v5.2.4

Compare Source

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@NumaryBot NumaryBot enabled auto-merge (squash) January 24, 2026 02:36
@coderabbitai
Copy link

coderabbitai bot commented Jan 24, 2026
edited
Loading

📝 Walkthrough

Walkthrough

Updated the chi HTTP router dependency from v5.2.3 to v5.2.4 in go.mod. This is a minor version bump with no changes to control flow or error-handling logic.

Changes

Cohort / File(s) Summary
Dependency Updates
go.mod		 Version bump: github.com/go-chi/chi/v5 upgraded from v5.2.3 to v5.2.4

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A tiny hop, a patch so small,
Chi routes now flow more free,
Version bumped without a sprawl,
Dependencies dance merrily! 🌿✨

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: a dependency update of go-chi/chi/v5 to v5.2.4 for security purposes, which directly matches the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Warning

Review ran into problems

🔥 Problems

Errors were encountered while retrieving linked issues.

Errors (1)
  • GO-2026: Authentication required, not authenticated - You need to authenticate to access this operation.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

flemzord
flemzord approved these changes Jan 26, 2026
View reviewed changes
Copy link
Member

@flemzord flemzord left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto-approved by script

@NumaryBot NumaryBot merged commit 2ba6855 into main Jan 26, 2026
10 of 11 checks passed
@NumaryBot NumaryBot deleted the renovate/go-github.com-go-chi-chi-v5-vulnerability branch January 26, 2026 10:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@flemzord flemzord flemzord approved these changes

Assignees

No one assigned

Labels

security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@NumaryBot @flemzord