Merge master into V6.1 by reinkrul · Pull Request #3989 · nuts-foundation/nuts-node

reinkrul · 2026-02-06T09:00:07Z

Needs to be kept up-to-date

(not sure why we have V6.1 while v6.1.x is the latest version?)

* release v6.0.11 * add release notes for v6.1.1

* Bump go.uber.org/mock from 0.5.0 to 0.5.1 Bumps [go.uber.org/mock](https://github.com/uber/mock) from 0.5.0 to 0.5.1. - [Release notes](https://github.com/uber/mock/releases) - [Changelog](https://github.com/uber-go/mock/blob/main/CHANGELOG.md) - [Commits](uber-go/mock@v0.5.0...v0.5.1) --- updated-dependencies: - dependency-name: go.uber.org/mock dependency-version: 0.5.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * regen mocks --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gerard Snaauw <gerard.snaauw@nedap.com>

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.21.1 to 1.22.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.21.1...v1.22.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-version: 1.22.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/Azure/azure-sdk-for-go/sdk/azidentity](https://github.com/Azure/azure-sdk-for-go) from 1.8.2 to 1.9.0. - [Release notes](https://github.com/Azure/azure-sdk-for-go/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md) - [Commits](Azure/azure-sdk-for-go@sdk/azidentity/v1.8.2...sdk/azcore/v1.9.0) --- updated-dependencies: - dependency-name: github.com/Azure/azure-sdk-for-go/sdk/azidentity dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server) from 2.11.0 to 2.11.1. - [Release notes](https://github.com/nats-io/nats-server/releases) - [Changelog](https://github.com/nats-io/nats-server/blob/main/.goreleaser.yml) - [Commits](nats-io/nats-server@v2.11.0...v2.11.1) --- updated-dependencies: - dependency-name: github.com/nats-io/nats-server/v2 dependency-version: 2.11.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/nats-io/nats.go](https://github.com/nats-io/nats.go) from 1.41.0 to 1.41.1. - [Release notes](https://github.com/nats-io/nats.go/releases) - [Commits](nats-io/nats.go@v1.41.0...v1.41.1) --- updated-dependencies: - dependency-name: github.com/nats-io/nats.go dependency-version: 1.41.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/prometheus/client_model](https://github.com/prometheus/client_model) from 0.6.1 to 0.6.2. - [Release notes](https://github.com/prometheus/client_model/releases) - [Commits](prometheus/client_model@v0.6.1...v0.6.2) --- updated-dependencies: - dependency-name: github.com/prometheus/client_model dependency-version: 0.6.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Add index on subject with org credential

* Add index on subject with org credential (#3802) * Add index on subject with org credential * Add release notes for 6.1.1 * Fix version number Co-authored-by: Steven van der Vegt <steven.vandervegt@nedap.com>

Bumps [github.com/knadh/koanf/parsers/yaml](https://github.com/knadh/koanf) from 0.1.0 to 1.0.0. - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@v0.1.0...v1.0.0) --- updated-dependencies: - dependency-name: github.com/knadh/koanf/parsers/yaml dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/knadh/koanf/providers/file](https://github.com/knadh/koanf) from 1.1.2 to 1.2.0. - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@providers/file/v1.1.2...v1.2.0) --- updated-dependencies: - dependency-name: github.com/knadh/koanf/providers/file dependency-version: 1.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/knadh/koanf/providers/env](https://github.com/knadh/koanf) from 1.0.0 to 1.1.0. - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@v1.0.0...v1.1.0) --- updated-dependencies: - dependency-name: github.com/knadh/koanf/providers/env dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [github.com/knadh/koanf/providers/structs](https://github.com/knadh/koanf) from 0.1.0 to 1.0.0. - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@v0.1.0...v1.0.0) --- updated-dependencies: - dependency-name: github.com/knadh/koanf/providers/structs dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [go.uber.org/mock](https://github.com/uber/mock) from 0.5.1 to 0.5.2. - [Release notes](https://github.com/uber/mock/releases) - [Changelog](https://github.com/uber-go/mock/blob/main/CHANGELOG.md) - [Commits](uber-go/mock@v0.5.1...v0.5.2) --- updated-dependencies: - dependency-name: go.uber.org/mock dependency-version: 0.5.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/lestrrat-go/jwx/v2](https://github.com/lestrrat-go/jwx) from 2.1.4 to 2.1.6. - [Release notes](https://github.com/lestrrat-go/jwx/releases) - [Changelog](https://github.com/lestrrat-go/jwx/blob/v2.1.6/Changes) - [Commits](lestrrat-go/jwx@v2.1.4...v2.1.6) --- updated-dependencies: - dependency-name: github.com/lestrrat-go/jwx/v2 dependency-version: 2.1.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) Bumps [github.com/knadh/koanf/providers/posflag](https://github.com/knadh/koanf) from 0.1.0 to 1.0.0. - [Release notes](https://github.com/knadh/koanf/releases) - [Commits](knadh/koanf@v0.1.0...v1.0.0) --- updated-dependencies: - dependency-name: github.com/knadh/koanf/providers/posflag dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.71.1 to 1.72.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.71.1...v1.72.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-version: 1.72.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps golang from 1.24.2-alpine to 1.24.3-alpine. --- updated-dependencies: - dependency-name: golang dependency-version: 1.24.3-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](slackapi/slack-github-action@v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: slackapi/slack-github-action dependency-version: 2.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump github.com/redis/go-redis/v9 from 9.7.3 to 9.8.0 Bumps [github.com/redis/go-redis/v9](https://github.com/redis/go-redis) from 9.7.3 to 9.8.0. - [Release notes](https://github.com/redis/go-redis/releases) - [Changelog](https://github.com/redis/go-redis/blob/master/CHANGELOG.md) - [Commits](redis/go-redis@v9.7.3...v9.8.0) --- updated-dependencies: - dependency-name: github.com/redis/go-redis/v9 dependency-version: 9.8.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * adjust error check --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wout Slakhorst <wout.slakhorst@nedap.com>

* Bump github.com/nuts-foundation/go-did from 0.15.0 to 0.17.0 Bumps [github.com/nuts-foundation/go-did](https://github.com/nuts-foundation/go-did) from 0.15.0 to 0.17.0. - [Release notes](https://github.com/nuts-foundation/go-did/releases) - [Commits](nuts-foundation/go-did@v0.15.0...v0.17.0) --- updated-dependencies: - dependency-name: github.com/nuts-foundation/go-did dependency-version: 0.17.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix test fixtures to changed credentialSubject type --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Wout Slakhorst <wout.slakhorst@nedap.com>

Bumps golang from 1.25.0-alpine to 1.25.1-alpine. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.1-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps golang from 1.25.1-alpine to 1.25.3-alpine. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.3-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…ent (#3936) * Set deployment strategy to "Recreate" in nuts-node Helm chart deployment. strategy: Recreate - Prevents two pods running simultaneously (important for stateful apps like nuts-node with persistent volumes) * Bump chart version to 0.0.6 in Chart.yaml.

* update Go to v1.25.3 * update release notes * also update circleci image --------- Co-authored-by: Wout Slakhorst <wout.slakhorst@nedap.com>

Bumps golang from 1.25.3-alpine to 1.25.4-alpine. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.4-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: add pod labels to helm chart values. * update chart version to 0.0.7

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.41.0 to 0.45.0. - [Commits](golang/crypto@v0.41.0...v0.45.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-version: 0.45.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps alpine from 3.22.2 to 3.23.0. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps alpine from 3.23.0 to 3.23.2. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/chromedp/chromedp](https://github.com/chromedp/chromedp) from 0.14.0 to 0.14.2. - [Release notes](https://github.com/chromedp/chromedp/releases) - [Commits](chromedp/chromedp@v0.14.0...v0.14.2) --- updated-dependencies: - dependency-name: github.com/chromedp/chromedp dependency-version: 0.14.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.9.1 to 1.10.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](spf13/cobra@v1.9.1...v1.10.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-version: 1.10.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update x/crypto dependency: * gomodtidy

#3969)

Bumps golang from 1.25.5-alpine to 1.25.6-alpine. --- updated-dependencies: - dependency-name: golang dependency-version: 1.25.6-alpine dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps alpine from 3.23.2 to 3.23.3. --- updated-dependencies: - dependency-name: alpine dependency-version: 3.23.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* #3986: Pass correct wallet DID in OpenID4VCI proofs * feedback

qltysh · 2026-02-06T09:01:47Z

❌ 13 blocking issues (13 total)

Tool	Category	Rule	Count
zizmor	Vulnerability	credential persistence through GitHub Actions artifacts	7	❌
zizmor	Vulnerability	overly broad permissions	4	❌
zizmor	Vulnerability	runtime artifacts potentially vulnerable to a cache poisoning attack	1	❌
zizmor	Vulnerability	unpinned action reference	1	❌

qltysh · 2026-02-06T09:09:43Z

Coverage Impact

⬇️ Merging this pull request will decrease total coverage on V6.1 by 0.03%.

Modified Files with Diff Coverage (13)

File	% Diff	Uncovered Line #s
auth/api/iam/user.go	100.0%
vcr/credential/util.go	100.0%
discovery/client.go	100.0%
vcr/api/vcr/v2/api.go	75.0%	262-263
auth/api/iam/openid4vci.go	75.0%	141
auth/services/selfsigned/types/types.go	100.0%
vcr/revocation/types.go	100.0%
vcr/issuer/sql_store.go	100.0%
vcr/issuer/leia_store.go	77.8%	159-160
vcr/issuer/issuer.go	89.2%	107-108, 121-122
vcr/revocation/statuslist2021_issuer.go	95.2%	479
vdr/didsubject/manager.go	100.0%
vdr/didsubject/did_document.go	100.0%
Total	90.0%

🤖 Increase coverage with AI coding...

In the `V6.1-master-merge` branch, add test coverage for this new code:

- `auth/api/iam/openid4vci.go` -- Line 141
- `vcr/api/vcr/v2/api.go` -- Line 262-263
- `vcr/issuer/issuer.go` -- Lines 107-108 and 121-122
- `vcr/issuer/leia_store.go` -- Line 159-160
- `vcr/revocation/statuslist2021_issuer.go` -- Line 479

🚦 See full report on Qlty Cloud »

🛟 Help

Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.
Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.
File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)
- Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.

gerardsn and others added 30 commits April 9, 2025 13:09

all fixes on master (#3783)

f9af50f

* release v6.0.11 * add release notes for v6.1.1

Use root user in performace analyzer (#3775)

b9f5f01

add V6.1 to the govulncheck-cron-schedule (#3778)

e417a97

Add index on subject with org credential (#3802)

45fb172

* Add index on subject with org credential

Update CODEOWNERS (#3809)

60c9731

dropped support for v6.0 and add support for 6.1 (#3804)

8160960

update Releasing Nuts Node documentation (#3808)

40d7ff3

Updates for 6.1.2 (#3805) (#3807)

0bd15af

* Add index on subject with org credential (#3802) * Add index on subject with org credential * Add release notes for 6.1.1 * Fix version number Co-authored-by: Steven van der Vegt <steven.vandervegt@nedap.com>

fix links in docs (#3810)

879e659

disable e2e tests for PRs from forks (#3803)

4d02382

set redis to v7 for cluster test (#3818)

1f282ac

VDR: Use join instead of N+1 query for one-to-X relations (#3815)

cf54265

dependabot bot and others added 25 commits September 11, 2025 10:53

feat: add extraEnv to helm chart values (#3924)

d62b658

Bump chart version to 0.0.5 in Chart.yaml. (#3934)

9cdb154

Update Go to v1.25.3 (#3939)

202bfe1

* update Go to v1.25.3 * update release notes * also update circleci image --------- Co-authored-by: Wout Slakhorst <wout.slakhorst@nedap.com>

feat: add pod labels to helm chart values. (#3935)

6a3a562

* feat: add pod labels to helm chart values. * update chart version to 0.0.7

Update Go to 1.25.5 for CVE (#3955)

bcf5fc8

Fix expired test cert (#3963)

2ca14c5

Update x/crypto dependency (#3964)

ad48160

* Update x/crypto dependency: * gomodtidy

#3967: get credential status from local store for issued VCs (did:web) (

d99a8bc

#3969)

Address GO-2026-4340 (#3985)

d8c1a9e

#3986: Pass correct wallet DID in OpenID4VCI proofs (#3987)

08fe526

* #3986: Pass correct wallet DID in OpenID4VCI proofs * feedback

Merge branch 'master' into V6.1

e6dddfb

reinkrul requested review from gerardsn, stevenvegt and woutslakhorst as code owners February 6, 2026 09:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Merge master into V6.1#3989

Merge master into V6.1#3989
reinkrul wants to merge 128 commits intoV6.1from
V6.1-master-merge

reinkrul commented Feb 6, 2026 •

edited

Loading

Uh oh!

qltysh bot commented Feb 6, 2026

Uh oh!

qltysh bot commented Feb 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants

Conversation

reinkrul commented Feb 6, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

qltysh bot commented Feb 6, 2026

❌ 13 blocking issues (13 total)

Uh oh!

qltysh bot commented Feb 6, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

8 participants

reinkrul commented Feb 6, 2026 •

edited

Loading