energy/p1-logger
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases 5 Packages 1 Wiki Activity Actions

Update module github.com/eclipse/paho.mqtt.golang to v1.5.1 #2

Merged
pieter merged 1 commit from renovate/github.com-eclipse-paho.mqtt.golang-1.x into main 2026-01-22 23:40:09 +01:00
Conversation 1 Commits 1 Files changed 2 +10 -4
renovate-bot commented 2026-01-22 20:02:20 +01:00
Collaborator
Copy link

This PR contains the following updates:

Package Change Age Confidence
github.com/eclipse/paho.mqtt.golang v1.5.0v1.5.1 age confidence

Release Notes

eclipse/paho.mqtt.golang (github.com/eclipse/paho.mqtt.golang)

v1.5.1

Compare Source

This is a minor release incorporating changes made in the 14 months since v1.5.0 (including updating dependencies, and raising the Go version to 1.24). The changes are relatively minor but address a potential security issue (CVE-2025-10543), possible panic, enable users to better monitor the connection status, and incorporate a few optimisations.

Thanks to those who have provided fixes/enhancements included in this release!

Special thanks to Paul Gerste at Sonar for reporting issue #​730 via the Eclipse security team (fix was implemented in PR #​714 in May, github issue created just prior to this release). This issue arose where a topic > 65535 bytes was passed to the Publish function, due to the way the data was encoded the topic could leak into the message body. Please see issue #​730 or CVE-2025-10543 for further details.

What's Changed

Full Changelog: https://github.com/eclipse-paho/paho.mqtt.golang/compare/v1.5.0...v1.5.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [github.com/eclipse/paho.mqtt.golang](https://github.com/eclipse/paho.mqtt.golang) | `v1.5.0` → `v1.5.1` | ![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2feclipse%2fpaho.mqtt.golang/v1.5.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2feclipse%2fpaho.mqtt.golang/v1.5.0/v1.5.1?slim=true) | --- ### Release Notes <details> <summary>eclipse/paho.mqtt.golang (github.com/eclipse/paho.mqtt.golang)</summary> ### [`v1.5.1`](https://github.com/eclipse-paho/paho.mqtt.golang/releases/tag/v1.5.1) [Compare Source](https://github.com/eclipse/paho.mqtt.golang/compare/v1.5.0...v1.5.1) This is a minor release incorporating changes made in the 14 months since v1.5.0 (including updating dependencies, and raising the Go version to 1.24). The changes are relatively minor but address a potential security issue ([CVE-2025-10543](https://www.cve.org/CVERecord?id=CVE-2025-10543)), possible panic, enable users to better monitor the connection status, and incorporate a few optimisations. Thanks to those who have provided fixes/enhancements included in this release! Special thanks to Paul Gerste at [Sonar](https://www.sonarsource.com/) for reporting issue [#&#8203;730](https://github.com/eclipse/paho.mqtt.golang/issues/730) via the Eclipse security team (fix was implemented in PR [#&#8203;714](https://github.com/eclipse/paho.mqtt.golang/issues/714) in May, github issue created just prior to this release). This issue arose where a topic > 65535 bytes was passed to the `Publish` function, due to the way the data was encoded the topic could leak into the message body. Please see issue [#&#8203;730](https://github.com/eclipse/paho.mqtt.golang/issues/730) or [CVE-2025-10543](https://www.cve.org/CVERecord?id=CVE-2025-10543) for further details. #### What's Changed - Updating go dependencies from pub and sub into the containers before building by [@&#8203;JefJrFigueiredo](https://github.com/JefJrFigueiredo) in [eclipse-paho#691](https://github.com/eclipse-paho/paho.mqtt.golang/pull/691) - Optimize TCP connection logic by [@&#8203;geekeryy](https://github.com/geekeryy) in [eclipse-paho#713](https://github.com/eclipse-paho/paho.mqtt.golang/pull/713) - Fields over 65535 bytes not encoded correctly by [@&#8203;MattBrittan](https://github.com/MattBrittan) in [eclipse-paho#714](https://github.com/eclipse-paho/paho.mqtt.golang/pull/714) - Reduce slice allocations in route dispatch by [@&#8203;alespour](https://github.com/alespour) in [eclipse-paho#710](https://github.com/eclipse-paho/paho.mqtt.golang/pull/710) - Add a ConnectionNotificationHandler by [@&#8203;RangelReale](https://github.com/RangelReale) in [eclipse-paho#727](https://github.com/eclipse-paho/paho.mqtt.golang/pull/727) - Potential panic when using manual ACK by [@&#8203;MattBrittan](https://github.com/MattBrittan) in [eclipse-paho#729](https://github.com/eclipse-paho/paho.mqtt.golang/pull/729) **Full Changelog**: <https://github.com/eclipse-paho/paho.mqtt.golang/compare/v1.5.0...v1.5.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44OS4yIiwidXBkYXRlZEluVmVyIjoiNDIuODkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->
Update module github.com/eclipse/paho.mqtt.golang to v1.5.1
All checks were successful
Build Docker image / build (pull_request) Successful in 1m7s
Details
Build Docker image / build (push) Successful in 1m25s
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Golang packages / release (push) Has been skipped
Details
5ae2933cef
renovate-bot commented 2026-01-22 20:02:21 +01:00
Author
Collaborator
Copy link

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 2 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.24 -> 1.24.0
golang.org/x/net v0.42.0 -> v0.44.0
golang.org/x/sync v0.16.0 -> v0.17.0
### ℹ️ Artifact update notice ##### File name: go.mod In order to perform the update(s) described in the table above, Renovate ran the `go get` command, which resulted in the following additional change(s): - 2 additional dependencies were updated - The `go` directive was updated for compatibility reasons Details: | **Package** | **Change** | | :------------------ | :--------------------- | | `go` | `1.24` -> `1.24.0` | | `golang.org/x/net` | `v0.42.0` -> `v0.44.0` | | `golang.org/x/sync` | `v0.16.0` -> `v0.17.0` |
renovate-bot force-pushed renovate/github.com-eclipse-paho.mqtt.golang-1.x from 5ae2933cef
All checks were successful
Build Docker image / build (pull_request) Successful in 1m7s
Details
Build Docker image / build (push) Successful in 1m25s
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Golang packages / release (push) Has been skipped
Details
to 0b7a31dc42
Some checks are pending
Build Docker image / build (push) Waiting to run
Details
Build Golang packages / release (push) Has been skipped
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Docker image / build (pull_request) Successful in 4m28s
Details
2026-01-22 21:16:40 +01:00 Compare
renovate-bot force-pushed renovate/github.com-eclipse-paho.mqtt.golang-1.x from 0b7a31dc42
Some checks are pending
Build Docker image / build (push) Waiting to run
Details
Build Golang packages / release (push) Has been skipped
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Docker image / build (pull_request) Successful in 4m28s
Details
to a056bf4025
Some checks are pending
Build Docker image / build (push) Waiting to run
Details
Build Golang packages / release (push) Has been skipped
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Docker image / build (pull_request) Successful in 1m13s
Details
2026-01-22 23:01:36 +01:00 Compare
renovate-bot force-pushed renovate/github.com-eclipse-paho.mqtt.golang-1.x from a056bf4025
Some checks are pending
Build Docker image / build (push) Waiting to run
Details
Build Golang packages / release (push) Has been skipped
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Docker image / build (pull_request) Successful in 1m13s
Details
to 59c9625f57
All checks were successful
Build Golang packages / release (push) Has been skipped
Details
Build Golang packages / release (pull_request) Has been skipped
Details
Build Docker image / build (push) Successful in 1m18s
Details
Build Docker image / build (pull_request) Successful in 1m13s
Details
2026-01-22 23:35:00 +01:00 Compare
pieter merged commit 1cbe412805 into main 2026-01-22 23:40:09 +01:00
pieter deleted branch renovate/github.com-eclipse-paho.mqtt.golang-1.x 2026-01-22 23:40:09 +01:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
energy/p1-logger!2
No description provided.