Skip to content

Bump github.com/cloudfoundry/bosh-cli/v7 from 7.9.13 to 7.10.3#124

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/master/github.com/cloudfoundry/bosh-cli/v7-7.10.3
Open

Bump github.com/cloudfoundry/bosh-cli/v7 from 7.9.13 to 7.10.3#124
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/master/github.com/cloudfoundry/bosh-cli/v7-7.10.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026

Bumps github.com/cloudfoundry/bosh-cli/v7 from 7.9.13 to 7.10.3.

Release notes

Sourced from github.com/cloudfoundry/bosh-cli/v7's releases.

v7.10.3

Fixed CVEs:

Assets

                                                          sha256  file
b3dddccb69e9f9de4f3f21c9c18aa748c647bb0e01aeb44c2edbb27afcd0ef57  bosh-cli-7.10.3-linux-amd64
3f99829ed758849fb336433c1950f5bb0cdfca7869c1692a959d4ac8aecd5b8b  bosh-cli-7.10.3-linux-arm64
b906777c06b99f4167df11767140d2c0acaf358771bead0c0709ed2cfc7ba56c  bosh-cli-7.10.3-darwin-amd64
63b7bb9d5532b32ca91cf3a0cc08203c8513b449165beaca1415097032137e2f  bosh-cli-7.10.3-darwin-arm64
9fb830123f67ba262231eaf316b22ef757c1eba86b900b825daa68963e86cb56  bosh-cli-7.10.3-windows-amd64.exe

v7.10.2

Fixed CVEs:

Assets

                                                          sha256  file
d9a52693994bdefc2fc73f1fe16042ffed48c6931308c6a9ae3520413d73065c  bosh-cli-7.10.2-linux-amd64
6ad843ca6725b7c50c1d2797a468c3911e192b98fa0ecf58402800d93697ca14  bosh-cli-7.10.2-linux-arm64
5c9df7a7127690bf7320508a1110b010a9a7db5124da101f02efef914e4295e7  bosh-cli-7.10.2-darwin-amd64
285f9d01c3c4eeb49ef7756972dd27ec85f9198f8344f9cc62add7c604feecf0  bosh-cli-7.10.2-darwin-arm64
559b86ecd95fb1fe5dfc81280d4f42f9be811e128444bbbb228d5d9b45743747  bosh-cli-7.10.2-windows-amd64.exe

v7.10.1

Fixed CVEs:

  • CVE-2026-33186: gRPC-Go has an authorization bypass via missing leading slash in :path

Assets

                                                          sha256  file
798bb0b2e36890e77aa823d1fb05c9a2abd6ec18045016ee748f6c81d180f51c  bosh-cli-7.10.1-linux-amd64
535ab9562133de8181bd32056932404a00c4f640218373d6b20920b9c006226c  bosh-cli-7.10.1-linux-arm64
5e67600faf2b9a26038d696d48d341697be1c003696184048414130e451ce66d  bosh-cli-7.10.1-darwin-amd64
fc698f487e0a83b84bf02ccaefd9d145ecd3e9102fc5ab1d9399c34e1a1e7d92  bosh-cli-7.10.1-darwin-arm64
1efb9916cb8d44262b94b54a5c7ba480e221a1bf2e417fd6e088b6908acaf286  bosh-cli-7.10.1-windows-amd64.exe

v7.10.0

Assets

... (truncated)

Commits
  • ceb06d5 Update vendored dependencies
  • 5d6f4e9 Update vendored dependencies
  • e803c02 Update vendored dependencies
  • a22fd64 Fix: update specs to match err string w/o case sensitivity
  • 27da0d5 Bump google.golang.org/grpc from 1.79.2 to 1.79.3
  • 9e93907 Merge pull request #714 from ay901246/task-heartbeat-logger
  • 6f192ee Add --with-heartbeat flag for heartbeat logging during long-running errands
  • 3d084d8 Update vendored dependencies
  • 67eaebd Update vendored dependencies
  • c5619f3 Merge pull request #709 from rubionic/rubionic/fix-ostruct-dependency-issue-229
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump github.com/cloudfoundry/bosh-cli/v7 from 7.9.13 to 7.10.3
2f52491 
Bumps [github.com/cloudfoundry/bosh-cli/v7](https://github.com/cloudfoundry/bosh-cli) from 7.9.13 to 7.10.3.
- [Release notes](https://github.com/cloudfoundry/bosh-cli/releases)
- [Commits](cloudfoundry/bosh-cli@v7.9.13...v7.10.3)

---
updated-dependencies:
- dependency-name: github.com/cloudfoundry/bosh-cli/v7
  dependency-version: 7.10.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 27, 2026
@dependabot dependabot Bot mentioned this pull request Apr 27, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants