Skip to content

Bump github.com/onflow/flow-go-sdk from 1.9.13 to 1.9.16#2286

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/github.com/onflow/flow-go-sdk-1.9.16
Open

Bump github.com/onflow/flow-go-sdk from 1.9.13 to 1.9.16#2286
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/github.com/onflow/flow-go-sdk-1.9.16

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026

Bumps github.com/onflow/flow-go-sdk from 1.9.13 to 1.9.16.

Release notes

Sourced from github.com/onflow/flow-go-sdk's releases.

v1.9.16

What's Changed

🐞 Bug Fixes

Other Changes

Full Changelog: onflow/flow-go-sdk@v1.9.15...v1.9.16

v1.9.15

What's Changed

Other Changes

Full Changelog: onflow/flow-go-sdk@v1.9.14...v1.9.15

v1.9.14

What's Changed

Other Changes

Full Changelog: onflow/flow-go-sdk@v1.9.13...v1.9.14

Commits
  • 2992f32 Merge pull request #1005 from onflow/auto-update-onflow-cadence-v1.9.10
  • b8383d8 Update to Cadence v1.9.10
  • ef0ccba Merge pull request #994 from onflow/dependabot/go_modules/github.com/aws/aws-...
  • 47af65f Merge branch 'master' into dependabot/go_modules/github.com/aws/aws-sdk-go-v2...
  • 8e34795 Fix transaction ID encoding for system transactions (#998)
  • d8dd61d Add peterargue as codeowner (#1000)
  • 38a04c1 Bump github.com/aws/aws-sdk-go-v2/service/kms from 1.49.5 to 1.50.0
  • 28cdb4b Merge pull request #993 from onflow/dependabot/go_modules/google.golang.org/a...
  • 5bd9231 Bump google.golang.org/api from 0.264.0 to 0.266.0
  • 7fe5b90 Merge pull request #995 from onflow/dependabot/go_modules/google.golang.org/g...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/onflow/flow-go-sdk from 1.9.13 to 1.9.16
e6ebe73 
Bumps [github.com/onflow/flow-go-sdk](https://github.com/onflow/flow-go-sdk) from 1.9.13 to 1.9.16.
- [Release notes](https://github.com/onflow/flow-go-sdk/releases)
- [Commits](onflow/flow-go-sdk@v1.9.13...v1.9.16)

---
updated-dependencies:
- dependency-name: github.com/onflow/flow-go-sdk
  dependency-version: 1.9.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 2, 2026
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 2, 2026
@dependabot dependabot bot added the go Pull requests that update Go code label Mar 2, 2026
@dependabot dependabot bot requested review from jribbink and mfbz as code owners March 2, 2026 18:44
@github-actions
Copy link

github-actions bot commented Mar 2, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

go.mod

PackageVersionLicenseIssue Type
github.com/googleapis/enterprise-certificate-proxy0.3.11NullUnknown License
google.golang.org/genproto0.0.0-20260128011058-8636f8732409NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
gomod/cloud.google.com/go 0.123.0 UnknownUnknown
gomod/cloud.google.com/go/auth 0.18.1 🟢 8.2
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
gomod/cloud.google.com/go/kms 1.25.0 🟢 8.2
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
gomod/cloud.google.com/go/longrunning 0.8.0 🟢 8.2
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
gomod/github.com/googleapis/enterprise-certificate-proxy 0.3.11 UnknownUnknown
gomod/github.com/googleapis/gax-go/v2 2.17.0 🟢 7.2
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Maintained🟢 1017 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
Code-Review🟢 10all changesets reviewed
Token-Permissions⚠️ -1No tokens found
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ -1no dependencies found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 1SAST tool is not run on all commits -- score normalized to 1
gomod/github.com/onflow/cadence 1.9.10 🟢 6.9
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST🟢 10SAST tool is run on all commits
gomod/github.com/onflow/flow-go-sdk 1.9.16 🟢 6.9
Details
CheckScoreReason
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Packaging⚠️ -1packaging workflow not detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST🟢 10SAST tool is run on all commits
gomod/golang.org/x/crypto 0.47.0 UnknownUnknown
gomod/golang.org/x/net 0.49.0 UnknownUnknown
gomod/golang.org/x/oauth2 0.35.0 UnknownUnknown
gomod/golang.org/x/text 0.33.0 UnknownUnknown
gomod/google.golang.org/api 0.267.0 🟢 7.1
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Token-Permissions⚠️ -1No tokens found
Dangerous-Workflow⚠️ -1no workflows found
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ -1no dependencies found
gomod/google.golang.org/genproto 0.0.0-20260128011058-8636f8732409 UnknownUnknown
gomod/google.golang.org/genproto/googleapis/api 0.0.0-20260128011058-8636f8732409 UnknownUnknown
gomod/google.golang.org/genproto/googleapis/rpc 0.0.0-20260203192932-546029d2fa20 🟢 6.4
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1018 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Binary-Artifacts🟢 10no binaries found in the repo
SAST🟢 3SAST tool is not run on all commits -- score normalized to 3
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0

Scanned Files

  • go.mod

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Kay-Zee Kay-Zee Awaiting requested review from Kay-Zee Kay-Zee is a code owner

@janezpodhostnik janezpodhostnik Awaiting requested review from janezpodhostnik janezpodhostnik is a code owner

@chasefleming chasefleming Awaiting requested review from chasefleming chasefleming is a code owner

@nvdtf nvdtf Awaiting requested review from nvdtf nvdtf is a code owner

@bjartek bjartek Awaiting requested review from bjartek bjartek is a code owner

@jribbink jribbink Awaiting requested review from jribbink jribbink is a code owner

@mfbz mfbz Awaiting requested review from mfbz mfbz is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants