From edf4e0f0380b6662ba88cfa00d2d2ff5a43032de Mon Sep 17 00:00:00 2001
From: James O'Doherty <james@theodohertyfamily.com>
Date: Fri, 29 May 2026 19:33:07 -0400
Subject: security: upgrade dependencies to remediate transitive
 vulnerabilities

Upgrades several indirect and direct dependencies to their latest safe versions,
successfully resolving 26 dormant vulnerabilities identified by govulncheck.

- Upgraded golang.org/x/crypto from v0.37.0 to v0.52.0 (remediating 13 CVEs)
- Upgraded golang.org/x/net from v0.39.0 to v0.55.0 (remediating 12 CVEs)
- Upgraded golang.org/x/sys from v0.32.0 to v0.45.0 (remediating 1 CVE)
- Upgraded golang.zx2c4.com/wireguard to v0.0.0-20260522210424-ecfc5a8d5446

Ran `go mod tidy` and verified that all unit, integration, and E2E
data-plane tests continue to compile and pass successfully.
---
 go.mod | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

(limited to 'go.mod')

diff --git a/go.mod b/go.mod
index b877235..95c9ca6 100644
--- a/go.mod
+++ b/go.mod
@@ -3,9 +3,12 @@ module git.theodohertyfamily.com/tools/wg-wrap
 go 1.26.3
 
 require (
-	golang.org/x/crypto v0.37.0 // indirect
-	golang.org/x/net v0.39.0 // indirect
-	golang.org/x/sys v0.32.0 // indirect
+	golang.org/x/sys v0.45.0
+	golang.zx2c4.com/wireguard v0.0.0-20260522210424-ecfc5a8d5446
+)
+
+require (
+	golang.org/x/crypto v0.52.0 // indirect
+	golang.org/x/net v0.55.0 // indirect
 	golang.zx2c4.com/wintun v0.0.0-20230126152724-0fa3db229ce2 // indirect
-	golang.zx2c4.com/wireguard v0.0.0-20250521234502-f333402bd9cb // indirect
 )
-- 
cgit v1.2.3