go.mod: bump github.com/ulikunitz/xz for security warning

Doesn't look to affect us, but pacifies security scanners. See 88ddf1d0d9 It's for decoding. We only use this package for encoding (via github.com/google/rpmpack / github.com/goreleaser/nfpm/v2). Updates #8043 Change-Id: I87631aa5048f9514bb83baf1424f6abb34329c46 Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2025-10-27 20:19:31 +00:00 · 2025-08-28 19:05:57 -07:00
parent 3aea0e095a
commit 1a98943204
5 changed files with 6 additions and 6 deletions
--- a/shell.nix
+++ b/shell.nix
@@ -16,4 +16,4 @@
 ) {
  src =  ./.;
 }).shellNix
-# nix-direnv cache busting line: sha256-15aaW3lqRgXQxBKEWRJTEV1GPmG7Gc9XwsTTu+M5rTY=
+# nix-direnv cache busting line: sha256-8aE6dWMkTLdWRD9WnLVSzpOQQh61voEnjZAJHtbGCSs=