build(deps): bump the go_modules group across 9 directories with 6 updates

[dependabot]

Bumps the go_modules group with 2 updates in the /bindings directory: github.com/consensys/gnark-crypto and golang.org/x/crypto.
Bumps the go_modules group with 4 updates in the /common directory: github.com/consensys/gnark-crypto, golang.org/x/crypto, github.com/btcsuite/btcd and github.com/ethereum/go-ethereum.
Bumps the go_modules group with 3 updates in the /contracts directory: github.com/consensys/gnark-crypto, golang.org/x/crypto and github.com/golang-jwt/jwt/v4.
Bumps the go_modules group with 4 updates in the /node directory: github.com/consensys/gnark-crypto, golang.org/x/crypto, github.com/golang-jwt/jwt/v4 and google.golang.org/grpc.
Bumps the go_modules group with 3 updates in the /ops/l2-genesis directory: github.com/consensys/gnark-crypto, golang.org/x/crypto and github.com/golang-jwt/jwt/v4.
Bumps the go_modules group with 4 updates in the /ops/tools directory: github.com/consensys/gnark-crypto, golang.org/x/crypto, github.com/golang-jwt/jwt/v4 and google.golang.org/grpc.
Bumps the go_modules group with 4 updates in the /oracle directory: github.com/consensys/gnark-crypto, golang.org/x/crypto, github.com/golang-jwt/jwt/v4 and google.golang.org/grpc.
Bumps the go_modules group with 3 updates in the /token-price-oracle directory: github.com/consensys/gnark-crypto, golang.org/x/crypto and github.com/golang-jwt/jwt/v4.
Bumps the go_modules group with 4 updates in the /tx-submitter directory: github.com/consensys/gnark-crypto, golang.org/x/crypto, github.com/btcsuite/btcd and github.com/golang-jwt/jwt/v4.

Updates github.com/consensys/gnark-crypto from 0.16.0 to 0.18.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

v0.18.0

What's Changed

• perf: disable cobra bit reverse for small fields by @​gbotrel in Consensys/gnark-crypto#662
• perf: adds avx512 poseidon2 for small fields by @​gbotrel in Consensys/gnark-crypto#665
• GKR Gate Registry by @​Tabaie in Consensys/gnark-crypto#652
• chore: remove unused benchmark script by @​ivokub in Consensys/gnark-crypto#675
• Remove GKR from gnark-crypto by @​Tabaie in Consensys/gnark-crypto#670
• feat: make <31 bit field generated using uint32 by @​gbotrel in Consensys/gnark-crypto#676
• refactor: hash to curve by @​ivokub in Consensys/gnark-crypto#674
• fix: Eisenstein Half-GCD convergence by @​feltroidprime in Consensys/gnark-crypto#680
• feat/hashregistry by @​Tabaie in Consensys/gnark-crypto#687
• Feat/fftext by @​YaoJGalteland in Consensys/gnark-crypto#684
• Feat/vortex options by @​ThomasPiellard in Consensys/gnark-crypto#689
• [secp256k1]: replace outdated link to article by @​gap-editor in Consensys/gnark-crypto#690
• feat: remove dependency on internal package in ecc.go by @​gbotrel in Consensys/gnark-crypto#693

New Contributors

• @​feltroidprime made their first contribution in Consensys/gnark-crypto#680
• @​YaoJGalteland made their first contribution in Consensys/gnark-crypto#684
• @​gap-editor made their first contribution in Consensys/gnark-crypto#690

Full Changelog: Consensys/gnark-crypto@v0.17.0...v0.18.0

v0.17.0

What's Changed

• fix: missing Poseidon2 round keys by @​Tabaie in Consensys/gnark-crypto#621
• feat: Poseidon2 Hash Instantiation for BLS12-377 by @​Tabaie in Consensys/gnark-crypto#623
• feat: add Grumpkin elliptic curve (2-cycle with BN254) by @​yelhousni in Consensys/gnark-crypto#625
• Perf: Poseidon2 GKR circuit by @​Tabaie in Consensys/gnark-crypto#628
• feat: add sis avx512 and fft avx512 for koalabear by @​gbotrel in Consensys/gnark-crypto#622
• InterpolateOnRange refactor by @​Tabaie in Consensys/gnark-crypto#634
• chore: add auto close PR workflow by @​gbotrel in Consensys/gnark-crypto#638
• perf: subgroup membership by @​yelhousni in Consensys/gnark-crypto#635
• feat: poseidon2 for koala-bear, baby-bear and goldilocks by @​yelhousni in Consensys/gnark-crypto#629
• chore: generify poseidon2 parameters for other curves/fr by @​yelhousni in Consensys/gnark-crypto#636
• feat: baby-bear and koala-bear extensions of degree 4 by @​yelhousni in Consensys/gnark-crypto#643
• fix: ensure fast path is taken only with fixed bound and degree by @​gbotrel in Consensys/gnark-crypto#651
• Poseidon2 compression for small fields by @​Tabaie in Consensys/gnark-crypto#644
• fix: poseidon2 templates by @​yelhousni in Consensys/gnark-crypto#648
• test: improve NAF decomposition test coverage by @​DeVikingMark in Consensys/gnark-crypto#617
• refactor: generate code for poseidon2_test by @​yelhousni in Consensys/gnark-crypto#660
• test(bn254, bls12-381): test points intentionally not on sugroups G1/2 by @​yelhousni in Consensys/gnark-crypto#658
• refactor: generify small fields extensions by @​yelhousni in Consensys/gnark-crypto#647

New Contributors

• @​DeVikingMark made their first contribution in Consensys/gnark-crypto#617

... (truncated)

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.18.1] - 2025-10-28

Docs

• add CHANGELOG for 0.18.1

Perf

• limit memory allocation during Vector deserialization (#759)

[v0.18.0] - 2025-06-09

Build

• deps: bump golang.org/x/crypto from 0.33.0 to 0.35.0 (#677)

Chore

• remove unused benchmark script (#675)

Docs

• replace outdated link to article (#690)

Experiment

• vortex on koalabear (#645)

Feat

• remove dependency on internal package in ecc.go (#693)
• make <31 bit field generated using uint32 (#676)

Fix

• remove unimplemented path from fft ext
• Eisenstein Half-GCD convergence (#680)

Perf

• adds avx512 poseidon2 for small fields (#665)
• remove useless copies in e4 mul by elem (#667)
• disable cobra bit reverse for small fields (#662)

Refactor

• hash to curve (#674)

[v0.17.0] - 2025-03-11

Chore

• remove useless github workflow
• generify poseidon2 parameters for other curves/fr (#636)
• add auto close PR workflow (#638)

Feat

• baby-bear and koala-bear extensions of degree 4 (#643)
• poseidon2 for koala-bear, baby-bear and goldilocks (#629)
• add sis avx512 and fft avx512 for koalabear (#622)
• add Grumpkin elliptic curve (2-cycle with BN254) (#625)
• Poseidon2 Hash Instantiation for BLS12-377 (#623)

Fix

• poseidon2 templates (#648)
• ensure fast path is taken only with fixed bound and degree (#651)
• missing Poseidon2 round keys (#621)

Perf

• subgroup membership (#635)
• Poseidon2 GKR circuit (#628)

Refactor

• generify small fields extensions (#647)
• generate code for poseidon2_test (#660)

Style

... (truncated)

Commits

• fb04e95 docs: add CHANGELOG for 0.18.1
• 0a4d04a perf: limit memory allocation during Vector deserialization (#759)
• f8ab23a fix: remove unimplemented path from fft ext
• 2b70394 feat: remove dependency on internal package in ecc.go (#693)
• ca72a0f docs: replace outdated link to article (#690)
• 21614bd Feat/vortex options (#689)
• 0517915 Feat/fftext (#684)
• 404f8e5 feat/hashregistry (#687)
• 5660088 fix: Eisenstein Half-GCD convergence (#680)
• 1873045 build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0 (#677)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.45.0

Commits

• 4e0068c go.mod: update golang.org/x dependencies
• e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
• f91f7a7 ssh/agent: prevent panic on malformed constraint
• 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
• bcf6a84 acme: pass context to request
• b4f2b62 ssh: fix error message on unsupported cipher
• 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
• 122a78f go.mod: update golang.org/x dependencies
• c0531f9 all: eliminate vet diagnostics
• 0997000 all: fix some comments
• Additional commits viewable in compare view

Updates github.com/consensys/gnark-crypto from 0.16.0 to 0.18.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

v0.18.0

What's Changed

• perf: disable cobra bit reverse for small fields by @​gbotrel in Consensys/gnark-crypto#662
• perf: adds avx512 poseidon2 for small fields by @​gbotrel in Consensys/gnark-crypto#665
• GKR Gate Registry by @​Tabaie in Consensys/gnark-crypto#652
• chore: remove unused benchmark script by @​ivokub in Consensys/gnark-crypto#675
• Remove GKR from gnark-crypto by @​Tabaie in Consensys/gnark-crypto#670
• feat: make <31 bit field generated using uint32 by @​gbotrel in Consensys/gnark-crypto#676
• refactor: hash to curve by @​ivokub in Consensys/gnark-crypto#674
• fix: Eisenstein Half-GCD convergence by @​feltroidprime in Consensys/gnark-crypto#680
• feat/hashregistry by @​Tabaie in Consensys/gnark-crypto#687
• Feat/fftext by @​YaoJGalteland in Consensys/gnark-crypto#684
• Feat/vortex options by @​ThomasPiellard in Consensys/gnark-crypto#689
• [secp256k1]: replace outdated link to article by @​gap-editor in Consensys/gnark-crypto#690
• feat: remove dependency on internal package in ecc.go by @​gbotrel in Consensys/gnark-crypto#693

New Contributors

• @​feltroidprime made their first contribution in Consensys/gnark-crypto#680
• @​YaoJGalteland made their first contribution in Consensys/gnark-crypto#684
• @​gap-editor made their first contribution in Consensys/gnark-crypto#690

Full Changelog: Consensys/gnark-crypto@v0.17.0...v0.18.0

v0.17.0

What's Changed

• fix: missing Poseidon2 round keys by @​Tabaie in Consensys/gnark-crypto#621
• feat: Poseidon2 Hash Instantiation for BLS12-377 by @​Tabaie in Consensys/gnark-crypto#623
• feat: add Grumpkin elliptic curve (2-cycle with BN254) by @​yelhousni in Consensys/gnark-crypto#625
• Perf: Poseidon2 GKR circuit by @​Tabaie in Consensys/gnark-crypto#628
• feat: add sis avx512 and fft avx512 for koalabear by @​gbotrel in Consensys/gnark-crypto#622
• InterpolateOnRange refactor by @​Tabaie in Consensys/gnark-crypto#634
• chore: add auto close PR workflow by @​gbotrel in Consensys/gnark-crypto#638
• perf: subgroup membership by @​yelhousni in Consensys/gnark-crypto#635
• feat: poseidon2 for koala-bear, baby-bear and goldilocks by @​yelhousni in Consensys/gnark-crypto#629
• chore: generify poseidon2 parameters for other curves/fr by @​yelhousni in Consensys/gnark-crypto#636
• feat: baby-bear and koala-bear extensions of degree 4 by @​yelhousni in Consensys/gnark-crypto#643
• fix: ensure fast path is taken only with fixed bound and degree by @​gbotrel in Consensys/gnark-crypto#651
• Poseidon2 compression for small fields by @​Tabaie in Consensys/gnark-crypto#644
• fix: poseidon2 templates by @​yelhousni in Consensys/gnark-crypto#648
• test: improve NAF decomposition test coverage by @​DeVikingMark in Consensys/gnark-crypto#617
• refactor: generate code for poseidon2_test by @​yelhousni in Consensys/gnark-crypto#660
• test(bn254, bls12-381): test points intentionally not on sugroups G1/2 by @​yelhousni in Consensys/gnark-crypto#658
• refactor: generify small fields extensions by @​yelhousni in Consensys/gnark-crypto#647

New Contributors

• @​DeVikingMark made their first contribution in Consensys/gnark-crypto#617

... (truncated)

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.18.1] - 2025-10-28

Docs

• add CHANGELOG for 0.18.1

Perf

• limit memory allocation during Vector deserialization (#759)

[v0.18.0] - 2025-06-09

Build

• deps: bump golang.org/x/crypto from 0.33.0 to 0.35.0 (#677)

Chore

• remove unused benchmark script (#675)

Docs

• replace outdated link to article (#690)

Experiment

• vortex on koalabear (#645)

Feat

• remove dependency on internal package in ecc.go (#693)
• make <31 bit field generated using uint32 (#676)

Fix

• remove unimplemented path from fft ext
• Eisenstein Half-GCD convergence (#680)

Perf

• adds avx512 poseidon2 for small fields (#665)
• remove useless copies in e4 mul by elem (#667)
• disable cobra bit reverse for small fields (#662)

Refactor

• hash to curve (#674)

[v0.17.0] - 2025-03-11

Chore

• remove useless github workflow
• generify poseidon2 parameters for other curves/fr (#636)
• add auto close PR workflow (#638)

Feat

• baby-bear and koala-bear extensions of degree 4 (#643)
• poseidon2 for koala-bear, baby-bear and goldilocks (#629)
• add sis avx512 and fft avx512 for koalabear (#622)
• add Grumpkin elliptic curve (2-cycle with BN254) (#625)
• Poseidon2 Hash Instantiation for BLS12-377 (#623)

Fix

• poseidon2 templates (#648)
• ensure fast path is taken only with fixed bound and degree (#651)
• missing Poseidon2 round keys (#621)

Perf

• subgroup membership (#635)
• Poseidon2 GKR circuit (#628)

Refactor

• generify small fields extensions (#647)
• generate code for poseidon2_test (#660)

Style

... (truncated)

Commits

• fb04e95 docs: add CHANGELOG for 0.18.1
• 0a4d04a perf: limit memory allocation during Vector deserialization (#759)
• f8ab23a fix: remove unimplemented path from fft ext
• 2b70394 feat: remove dependency on internal package in ecc.go (#693)
• ca72a0f docs: replace outdated link to article (#690)
• 21614bd Feat/vortex options (#689)
• 0517915 Feat/fftext (#684)
• 404f8e5 feat/hashregistry (#687)
• 5660088 fix: Eisenstein Half-GCD convergence (#680)
• 1873045 build(deps): bump golang.org/x/crypto from 0.33.0 to 0.35.0 (#677)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.45.0

Commits

• 4e0068c go.mod: update golang.org/x dependencies
• e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
• f91f7a7 ssh/agent: prevent panic on malformed constraint
• 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
• bcf6a84 acme: pass context to request
• b4f2b62 ssh: fix error message on unsupported cipher
• 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
• 122a78f go.mod: update golang.org/x dependencies
• c0531f9 all: eliminate vet diagnostics
• 0997000 all: fix some comments
• Additional commits viewable in compare view

Updates github.com/btcsuite/btcd from 0.20.1-beta to 0.24.2-beta.rc1

Release notes

Sourced from github.com/btcsuite/btcd's releases.

v0.24.2-beta.rc1

What's Changed

• Fix some typos by @​Thabokani in btcsuite/btcd#2085
• Fix some typos by @​vuittont60 in btcsuite/btcd#2098
• support testmempoolaccept for both bitcoind and btcd by @​yyforyongyu in btcsuite/btcd#2053
• rpcclient: make sure batch requests are GCed by @​yyforyongyu in btcsuite/btcd#2105
• refactor: add make help to display the usage for project Makefile by @​Halimao in btcsuite/btcd#2107
• blockchain: set the lastflushtime when setting the lastflushhash by @​kcalvinalvin in btcsuite/btcd#2089
• Added 'include_unsafe' option to FundRawTransaction by @​nikicat in btcsuite/btcd#2119
• netsync: don't update mempool/fee estimator unless we're synced up by @​kcalvinalvin in btcsuite/btcd#2108
• feat: Expose newFutureError for developer friendliness by @​devlzcode in btcsuite/btcd#2112
• Add gettxspendingprevout for btcd and fix version check by @​yyforyongyu in btcsuite/btcd#2125
• addrmgr: fix intermittent addrmanager_internal_test bug by @​kcalvinalvin in btcsuite/btcd#2131
• blockchain: don't rely on BlockHeightByHash for prune height calculations by @​kcalvinalvin in btcsuite/btcd#2122
• fix ioutil deprecated function by @​theedtron in btcsuite/btcd#2133
• blockchain: fix inconsistent utxocache and database on reorg by @​kcalvinalvin in btcsuite/btcd#2123
• blockchain: fix a bug where a duplicate entry is possible in the mapslice by @​kcalvinalvin in btcsuite/btcd#2134
• blockchain: always relock chainLock for subscription callbacks by @​kcalvinalvin in btcsuite/btcd#2128
• rpcclient: add detailed error types by @​yyforyongyu in btcsuite/btcd#2138
• Add check for maximum signature length in ecdsa.ParseDERSignature by @​SulaimanAminuBarkindo in btcsuite/btcd#2135
• build: bump version to v0.24.2-beta.rc1 by @​Roasbeef in btcsuite/btcd#2136

New Contributors

• @​Thabokani made their first contribution in btcsuite/btcd#2085
• @​vuittont60 made their first contribution in btcsuite/btcd#2098
• @​Halimao made their first contribution in btcsuite/btcd#2107
• @​nikicat made their first contribution in btcsuite/btcd#2119
• @​devlzcode made their first contribution in btcsuite/btcd#2112
• @​theedtron made their first contribution in btcsuite/btcd#2133
• @​SulaimanAminuBarkindo made their first contribution in btcsuite/btcd#2135

Full Changelog: btcsuite/btcd@v0.24.0...v0.24.2-beta.rc1

btcd v0.24.0

This release is a major release that includes several general bug fixes, security bug fixes (please update!), and also a series of performance improvements that dramatically reduce the time for initial block download from ~45 hours+ to around 6 hours! With this release,btcd now also supports BIP 155 and has gained support for pruning (--prune=MiB).

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.24.0.sig and manifest-v0.24.0.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.24.0.sig manifest-v0.24.0.txt

... (truncated)

Commits

• 8b2f43e Merge pull request #2136 from Roasbeef/btcd-24-0-2-rc1
• a90d3d9 Merge pull request #2135 from SulaimanAminuBarkindo/improved-der-signature-va...
• 2fc99e0 Merge pull request #2138 from yyforyongyu/error-matching
• 8abf969 rpcserver: return the plain reject reason from btcd
• 36683e0 rpcclient: define specific errors for chain backends
• aee2705 build: bump version to v0.24.2-beta.rc1
• f0ec9fb Merge pull request #2128 from kcalvinalvin/2024-02-27-no-panic-for-subscripti...
• 8ed234b Merge pull request #2134 from kcalvinalvin/2024-03-07-make-duplicate-entries-...
• e63bf03 Merge pull request #2123 from kcalvinalvin/2024-02-15-no-utxocache-loading-on...
• b66f5b8 multi: fix ioutil deprecated function
• Additional commits viewable in compare view

Updates github.com/ethereum/go-ethereum from 1.10.26 to 1.17.0

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

Eezo-Inlaid Circuitry (v1.17.0)

This is a feature release, with all accumulated development from the last 3 months. See below for the highlights.

Note that this release contains multiple critical security fixes, as well as many bug fixes, and is recommended for all users. However, if you are cautious about upgrades, you can also install v1.16.9 which has just the critical security fixes. Specifically, this release fixes CVE-2026-26313, CVE-2026-26314, CVE-2026-26315.

We recommend recreating your p2p node key after installing this update, which you can do by removing the DATADIR/geth/nodekey file before restarting geth. Note this will cause a change in the p2p node ID, which may break static peering setups.

Highlights

Path-based Archive Node with Proofs

The path-based archive node can now serve proofs (via eth_getProof) for the state of older blocks.

You can configure the block range that supports proving independently from other archive state availability. Specifically, you can use the --history.trienode command-line flag to set the amount of blocks for which tree nodes will be tracked.

This feature is disabled by default. Note that state history cannot easily be recovered once deleted, as it can only be generated by processing blocks. However, you can enable trienode history (and/or state history) at any time to turn a full node into a partial archive node, keeping state from that point in time onwards.

#32727, #32621, #33551, #32981, #33399, #32913, #33303, #33584, #33329, #33681, #33103, #33098, #33515, #32247

EraE History Support

Geth now suports the EraE file format, an archival format for post-merge chain history.

#32157, #33827

OpenTelemetry Tracing

OpenTelemetry tracing is now supported by the RPC server, including support for distributed tracing. We have also added some tracing spans for block processing via the engine API, i.e. engine_newPayload.

#33599, #33452, #33780, #33521

All Changes

Geth CLI

• The geth version-check subcommand has been removed. This command checked the geth website for signed vulnerability notices, and would tell if updates are necessary (#33498)
• There is now a --miner.maxblobs command-line flag to set a limit on blobs included in built blocks (#33129, #33302)
• Geth now supports continuous profiling with Grafana Pyroscope (#33623)
• A rare bug that could halt block production in geth --dev mode was fixed (#33146)
• A new --rpc.rangelimit flag configures the maximum block range for eth_getLogs (#33163)
• geth --exitwhensynced will now set the finalized and safe block (#33038)
• geth --ethstats now reports the newPayload processing time to the stats server (#33395)
• A lot of minor issues in Geth's command-line flag processing have been fixed (#33379, #33338, #33330, #32999, #33279, #33252)
• The evm blocktest command can now read filenames from stdin when no path is provided (#32824)

Fork Implementation

... (truncated)

Commits

• 0cf3d3b version: release go-ethereum v1.17.0 stable
• 9b78f45 crypto/secp256k1: fix coordinate check
• c709c19 eth/catalyst: add initial OpenTelemetry tracing for newPayload (#33521)
• 550ca91 consensus/misc: hardening header verification (#33860)
• a4b3898 internal/telemetry: don't create internal spans without parents (#33780)
• 0cba803 eth/protocols/eth, eth/protocols/snap: delayed p2p message decoding (#33835)
• ad88b68 internal/download: show progress bar only if server gives length (#33842)
• c50e5ed cmd/geth, internal/telemetry: wire OpenTelemetry tracing via CLI flags (#33484)
• d8b92cb rpc,internal/telemetry: fix deferred spanEnd to capture errors via pointer (#...
• ac85a6f rlp: add back Iterator.Count, with fixes (#33841)
• Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.2

Release notes

Sourced from github.com/golang-jwt/jwt/v4's releases.

v4.5.2

See GHSA-mh63-6h87-95cp

Full Changelog: golang-jwt/jwt@v4.5.1...v4.5.2

v4.5.1

Security

Unclear documentation of the error behavior in ParseWithClaims in <= 4.5.0 could lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by ParseWithClaims return both error codes. If users only check for the jwt.ErrTokenExpired using error.Is, they will ignore the embedded jwt.ErrTokenSignatureInvalid and thus potentially accept invalid tokens.

This issue was documented in GHSA-29wx-vh33-7x7r and fixed in this release.

Note: v5 was not affected by this issue. So upgrading to this release version is also recommended.

What's Changed

• Back-ported error-handling logic in ParseWithClaims from v5 branch. This fixes GHSA-29wx-vh33-7x7r.

Full Changelog: golang-jwt/jwt@v4.5.0...v4.5.1

Commits

• 2f0e9ad Backporting 0951d18 to v4
• 7b1c1c0 Merge commit from fork
• See full diff in compare view

Updates github.com/consensys/gnark-crypto from 0.16.0 to 0.18.1

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

v0.18.0

What's Changed

• perf: disable cobra bit reverse for small fields by @​gbotrel in Consensys/gnark-crypto#662
• perf: adds avx512 poseidon2 for small fields by @​gbotrel in Consensys/gnark-crypto#665
• GKR Gate Registry by @​Tabaie in Consensys/gnark-crypto#652
• chore: remove unused benchmark script by @​ivokub in Consensys/gnark-crypto#675
• Remove GKR from gnark-crypto by @​Tabaie in Consensys/gnark-crypto#670
• feat: make <31 bit field generated using uint32 by @​gbotrel in Consensys/gnark-crypto#676
• refactor: hash to curve by @​ivokub in Consensys/gnark-crypto#674
• fix: Eisenstein Half-GCD convergence by @​feltroidprime in Consensys/gnark-crypto#680
• feat/hashregistry by @​Tabaie in Consensys/gnark-crypto#687
• Feat/fftext by @​YaoJGalteland in Consensys/gnark-crypto#684
• Feat/vortex options by @​ThomasPiellard in Consensys/gnark-crypto#689
• [secp256k1]: replace outdated link to article by @​gap-editor in Consensys/gnark-crypto#690
• feat: remove dependency on internal package in ecc.go by @​gbotrel in Consensys/gnark-crypto#693

New Contributors

• @​feltroidprime made their first contribution in Consensys/gnark-crypto#680
• @​YaoJGalteland made their first contribution in Consensys/gnark-crypto#684
• @​gap-editor made their first contribution in Consensys/gnark-crypto#690

Full Changelog: Consensys/gnark-crypto@v0.17.0...v0.18.0

v0.17.0

What's Changed

• fix: missing Poseidon2 round keys by @​Tabaie in Consensys/gnark-crypto#621
• feat: Poseidon2 Hash Instantiation for BLS12-377 by @​Tabaie in Consensys/gnark-crypto#623
• feat: add Grumpkin elliptic curve (2-cycle with BN254) by @​yelhousni in Consensys/gnark-crypto#625
• Perf: Poseidon2 GKR circuit by @​Tabaie in Consensys/gnark-crypto#628
• feat: add sis avx512 and fft avx512 for koalabear by @​gbotrel in Consensys/gnark-crypto#622
• InterpolateOnRange refactor by @​Tabaie in Consensys/gnark-crypto#634
• chore: add auto close PR workflow by @​gbotrel in

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.