Skip to content

build(go): bump github.com/traefik/traefik/v3 from 3.4.5 to 3.6.8#213

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/github.com/traefik/traefik/v3-3.6.8
Open

build(go): bump github.com/traefik/traefik/v3 from 3.4.5 to 3.6.8#213
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/github.com/traefik/traefik/v3-3.6.8

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 12, 2026

Bumps github.com/traefik/traefik/v3 from 3.4.5 to 3.6.8.

Release notes

Sourced from github.com/traefik/traefik/v3's releases.

v3.6.8

CVE fixed:

Bug fixes:

  • [acme] Remove invalid private key in log (#12574 by juliens)
  • [acme] Alter TLS renewal period (#12479 by LtHummus)
  • [healthcheck] Reject absolute URL in healthcheck path configuration (#12653 by rtribotte)
  • [http3] Bump github.com/quic-go/quic-go to v0.59.0 (#12553 by jnoordsij)
  • [metrics,tracing,accesslogs] Fix ObservabilityConfig SetDefaults (#12636 by mmatur)
  • [server] Remove conn deadline after STARTTLS negociation (#12639 by rtribotte)
  • [tls] Fix verifyServerCertMatchesURI function behavior (#12575 by kevinpollet)
  • [tracing,otel] Use ParentBased sampler to respect parent span sampling decision (#12403 by xe-leon)
  • [webui] Use url.Parse to validate X-Forwarded-Prefix value (#12643 by kevinpollet)
  • [healthcheck] Validate healthcheck path configuration (#12642 by @​rtribotte)
  • [tls, server] Cap TLS record length to RFC 8446 limit in ClientHello peeking (#12638 by @​mmatur)
  • [service] Avoid recursion with services (#12591 by juliens)
  • [webui] Bump dependencies of documentation and webui (#12581 by gndz07)

Documentation:

Misc:

v3.6.7

⚠️ Breaking change ⚠️ As explained in the comment left on the CVE-2025-66490 fix, this new hotfix version makes the behavior opt-in. As a result, this release is breaking compared to the previous hotfix versions since v3.6.4, but it restores by default the behavior that existed before that hotfix. Please, read the migration guide to enable the feature.

CVE fixed:

... (truncated)

Changelog

Sourced from github.com/traefik/traefik/v3's changelog.

v3.6.8 (2026-02-11)

All Commits

Bug fixes:

  • [acme] Remove invalid private key in log (#12574 by juliens)
  • [acme] Alter TLS renewal period (#12479 by LtHummus)
  • [healthcheck] Reject absolute URL in healthcheck path configuration (#12653 by rtribotte)
  • [http3] Bump github.com/quic-go/quic-go to v0.59.0 (#12553 by jnoordsij)
  • [metrics,tracing,accesslogs] Fix ObservabilityConfig SetDefaults (#12636 by mmatur)
  • [server] Remove conn deadline after STARTTLS negociation (#12639 by rtribotte)
  • [tls] Fix verifyServerCertMatchesURI function behavior (#12575 by kevinpollet)
  • [tracing,otel] Use ParentBased sampler to respect parent span sampling decision (#12403 by xe-leon)
  • [webui] Use url.Parse to validate X-Forwarded-Prefix value (#12643 by kevinpollet)
  • [healthcheck] Validate healthcheck path configuration (#12642 by @​rtribotte)
  • [tls, server] Cap TLS record length to RFC 8446 limit in ClientHello peeking (#12638 by @​mmatur)
  • [service] Avoid recursion with services (#12591 by juliens)
  • [webui] Bump dependencies of documentation and webui (#12581 by gndz07)

Documentation:

Misc:

v2.11.37 (2026-02-11)

All Commits

Bug fixes:

  • [healthcheck] Validate healthcheck path configuration (#12642 by @​rtribotte)
  • [tls, server] Cap TLS record length to RFC 8446 limit in ClientHello peeking (#12638 by @​mmatur)

v2.11.36 (2026-02-02)

All Commits

... (truncated)

Commits
  • 2f215ab Prepare release v3.6.8
  • f6ce751 Reject absolute URL in healthcheck path configuration
  • a28da8a Merge v2.11 into v3.6
  • 7747b40 Prepare release v2.11.37
  • 31e566e Remove conn deadline after STARTTLS negociation
  • 72e2454 Cap TLS record length to RFC 8446 limit in ClientHello peeking
  • 256fcbe Merge v2.11 into v3.6
  • 0beed10 Validate healthcheck path configuration
  • 4b3c971 Use url.Parse to validate X-Forwarded-Prefix value
  • d337748 Fix ObservabilityConfig SetDefaults
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [github.com/traefik/traefik/v3](https://github.com/traefik/traefik) from 3.4.5 to 3.6.8.
- [Release notes](https://github.com/traefik/traefik/releases)
- [Changelog](https://github.com/traefik/traefik/blob/v3.6.8/CHANGELOG.md)
- [Commits](traefik/traefik@v3.4.5...v3.6.8)

---
updated-dependencies:
- dependency-name: github.com/traefik/traefik/v3
  dependency-version: 3.6.8
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from borchero as a code owner February 12, 2026 15:55
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 12, 2026
@github-actions
Copy link

Thank you for opening this pull request! 👋🏼

This repository requires pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details
The subject "bump github.com/traefik/traefik/v3 from 3.4.5 to 3.6.8" found in pull request title "build(go): bump github.com/traefik/traefik/v3 from 3.4.5 to 3.6.8" doesn't match the configured pattern "^[A-Z].+[^. ]$".

@github-actions github-actions bot added the build label Feb 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

build dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants

Comments