fix(deps): resolve remaining 2 Dependabot advisories

- gnark-crypto 0.19.0 -> 0.19.2 (GHSA-fj2x-735w-74vq, HIGH: unchecked
  memory allocation during vector deserialization; indirect, uncalled)
- pgx/v5 5.9.0 -> 5.9.2 (GHSA-j88v-2chj-qfwx, LOW: SQL injection via
  dollar-quote placeholder confusion; indirect via gorm postgres driver)
This commit is contained in:
tinkle-community
2026-06-11 01:56:11 +08:00
parent 3a048876bd
commit bebe51bf89
2 changed files with 6 additions and 6 deletions

4
go.mod
View File

@@ -38,7 +38,7 @@ require (
github.com/bytedance/sonic v1.14.0 // indirect
github.com/bytedance/sonic/loader v0.3.0 // indirect
github.com/cloudwego/base64x v0.1.6 // indirect
github.com/consensys/gnark-crypto v0.19.0 // indirect
github.com/consensys/gnark-crypto v0.19.2 // indirect
github.com/crate-crypto/go-eth-kzg v1.5.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.4.0 // indirect
@@ -58,7 +58,7 @@ require (
github.com/holiman/uint256 v1.3.2 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
github.com/jackc/pgx/v5 v5.9.0 // indirect
github.com/jackc/pgx/v5 v5.9.2 // indirect
github.com/jackc/puddle/v2 v2.2.2 // indirect
github.com/jinzhu/inflection v1.0.0 // indirect
github.com/jinzhu/now v1.1.5 // indirect