chore(deps): bump the go_modules group across 1 directory with 3 updates

[dependabot]

Bumps the go_modules group with 2 updates in the /prover directory: github.com/consensys/gnark and golang.org/x/crypto.

Updates github.com/consensys/gnark from 0.12.1-0.20250501002417-facdd9882b80 to 0.14.0

Release notes

Sourced from github.com/consensys/gnark's releases.

v0.14.0

What's Changed

• release: v0.13.0 by @​ivokub in Consensys/gnark#1516
• fix: enable fuzzing for multi-output-hint test by improving dvHint validation by @​ruslan0012 in Consensys/gnark#1517
• fix: update broken Ethereum precompile contract links by @​sewqasreedas in Consensys/gnark#1532
• ECDSA Signature: Add New Method IsVerified by @​ltp456 in Consensys/gnark#1454
• optimize paddingFixedWidth of sha3 using divmod hint by @​ggq89 in Consensys/gnark#1450
• Update KNOWN_USERS.md by @​p4u in Consensys/gnark#1534
• fix: update Zcash protocol specification link by @​lolkdsanyaw in Consensys/gnark#1535
• Update KNOWN_USERS.md by @​hussein-aitlahcen in Consensys/gnark#1536
• docs: add reclaim protocol by @​gap-editor in Consensys/gnark#1537
• refactor: crossfield hints in non-native by @​ivokub in Consensys/gnark#1539
• fix: optimize zero constant detection and assignment by @​ivokub in Consensys/gnark#1545
• fix: single constraint unsafe KZG SRS in tests by @​ivokub in Consensys/gnark#1544
• feat: add separate Bytes API in std/math/uints package for handling bytes (U8) directly by @​ivokub in Consensys/gnark#1541
• feat: add conversion utility to convert between bytes and elements by @​ivokub in Consensys/gnark#1542
• Feat/eip4844 precompile by @​ThomasPiellard in Consensys/gnark#1489
• refactor: BLS EVM precompile integration by @​ivokub in Consensys/gnark#1515
• fix: scalarmul by 0 on twisted edwards curves by @​ivokub in Consensys/gnark#1551
• fix: prevent early return in RegisterHint causing missing registrations by @​avorylli in Consensys/gnark#1552
• fix: bls12-381 edge cases by @​ivokub in Consensys/gnark#1559
• docs (KNOWN_USERS): add Celer Network by @​lechpzn in Consensys/gnark#1564
• docs: add doctest examples by @​ivokub in Consensys/gnark#1569
• Improve Registry Locking with Read Locks by @​dinitheth in Consensys/gnark#1571
• feat: addition of Trace constructor of plonk on koalabear by @​ThomasPiellard in Consensys/gnark#1514
• Migrate the golangci-lint config to v2 by @​Tabaie in Consensys/gnark#1583
• chore: update to latest gnark-crypto by @​gbotrel in Consensys/gnark#1586

New Contributors

• @​ruslan0012 made their first contribution in Consensys/gnark#1517
• @​sewqasreedas made their first contribution in Consensys/gnark#1532
• @​ltp456 made their first contribution in Consensys/gnark#1454
• @​p4u made their first contribution in Consensys/gnark#1534
• @​lolkdsanyaw made their first contribution in Consensys/gnark#1535
• @​hussein-aitlahcen made their first contribution in Consensys/gnark#1536
• @​gap-editor made their first contribution in Consensys/gnark#1537
• @​avorylli made their first contribution in Consensys/gnark#1552
• @​lechpzn made their first contribution in Consensys/gnark#1564
• @​dinitheth made their first contribution in Consensys/gnark#1571

Full Changelog: Consensys/gnark@v0.13.0...v0.14.0

v0.13.0

What's Changed

• fix: non-native zero IsZero edge case by @​ivokub in Consensys/gnark#1413
• feat: merkle damgard and poseidon2 by @​Tabaie in Consensys/gnark#1407
• Refac/groth16 mpc by @​Tabaie in Consensys/gnark#1372
• Feat: implement FixedLengthSum function for sha3 by @​liyue201 in Consensys/gnark#1379
• Perf: Poseidon2 GKR circuit by @​Tabaie in Consensys/gnark#1410
• Perf: optimize selector.Mux with recursive BinaryMux for various sizes by @​weijiguo in Consensys/gnark#1420

... (truncated)

Commits

• See full diff in compare view

Updates github.com/consensys/gnark-crypto from 0.17.1-0.20251006135912-abd34dcc6005 to 0.19.0

Release notes

Sourced from github.com/consensys/gnark-crypto's releases.

v0.19.0

What's Changed

• updating link to GLV.pdf in whole repo by @​kks-code in Consensys/gnark-crypto#696
• fix: fixes #697 by @​ThomasPiellard in Consensys/gnark-crypto#698
• feat: set default size for state by @​ThomasPiellard in Consensys/gnark-crypto#700
• fix: MerkleDamgardHasher IV by @​Tabaie in Consensys/gnark-crypto#701
• fix: MerkleDamgardHasher.Sum by @​Tabaie in Consensys/gnark-crypto#699
• perf: Legendre using Pornin20 by @​Tabaie in Consensys/gnark-crypto#704
• perf: small scalarmul by @​ivokub in Consensys/gnark-crypto#703
• perf: optimize Eisenstein arithmetic by @​yelhousni in Consensys/gnark-crypto#706
• Feat: Subgroup membership testing on Bandersnatch by @​yelhousni in Consensys/gnark-crypto#708
• Feat/iop koalabear by @​ThomasPiellard in Consensys/gnark-crypto#695
• perf: Doubling and mixed doubling in Jacobians and ext. Jacobians by @​yelhousni in Consensys/gnark-crypto#716
• fix: refactor asm code generation to avoid use of R15 with global memory accesses by @​gbotrel in Consensys/gnark-crypto#712
• Refector: Add feed-forward step to CompressPoseidon2 function by @​YaoJGalteland in Consensys/gnark-crypto#721
• CI: Upgrade linter by @​Tabaie in Consensys/gnark-crypto#726
• CI: update linter for the "push to master" flow by @​Tabaie in Consensys/gnark-crypto#728

New Contributors

• @​kks-code made their first contribution in Consensys/gnark-crypto#696

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.19.0

v0.18.2

Full Changelog: Consensys/gnark-crypto@v0.18.1...v0.18.2

v0.18.1

Full Changelog: Consensys/gnark-crypto@v0.18.0...v0.18.1

v0.18.0

What's Changed

• perf: disable cobra bit reverse for small fields by @​gbotrel in Consensys/gnark-crypto#662
• perf: adds avx512 poseidon2 for small fields by @​gbotrel in Consensys/gnark-crypto#665
• GKR Gate Registry by @​Tabaie in Consensys/gnark-crypto#652
• chore: remove unused benchmark script by @​ivokub in Consensys/gnark-crypto#675
• Remove GKR from gnark-crypto by @​Tabaie in Consensys/gnark-crypto#670
• feat: make <31 bit field generated using uint32 by @​gbotrel in Consensys/gnark-crypto#676
• refactor: hash to curve by @​ivokub in Consensys/gnark-crypto#674
• fix: Eisenstein Half-GCD convergence by @​feltroidprime in Consensys/gnark-crypto#680
• feat/hashregistry by @​Tabaie in Consensys/gnark-crypto#687
• Feat/fftext by @​YaoJGalteland in Consensys/gnark-crypto#684
• Feat/vortex options by @​ThomasPiellard in Consensys/gnark-crypto#689
• [secp256k1]: replace outdated link to article by @​gap-editor in Consensys/gnark-crypto#690
• feat: remove dependency on internal package in ecc.go by @​gbotrel in Consensys/gnark-crypto#693

New Contributors

• @​feltroidprime made their first contribution in Consensys/gnark-crypto#680
• @​YaoJGalteland made their first contribution in Consensys/gnark-crypto#684
• @​gap-editor made their first contribution in Consensys/gnark-crypto#690

... (truncated)

Changelog

Sourced from github.com/consensys/gnark-crypto's changelog.

[v0.19.0] - 2025-08-22

CI

• update linter for the "push to master" flow (#728)
• Upgrade linter (#726)

Feat

• Subgroup membership testing on Bandersnatch (#708)

Feat

• set default size for state (#700)

Fix

• refactor asm code generation to avoid use of R15 with global memory accesses (#712)
• MerkleDamgardHasher.Sum (#699)
• MerkleDamgardHasher IV (#701)
• fixes #697 (#698)

Perf

• Doubling and mixed doubling in Jacobians and ext. Jacobians (#716)
• optimize Eisenstein arithmetic (#706)
• small scalarmul (#703)
• Legendre symbol calculation using Pornin20 (#704)

Refector

• Add feed-forward step to CompressPoseidon2 function (#721)

[v0.18.1] - 2025-10-28

Docs

• add CHANGELOG for 0.18.1

Perf

• limit memory allocation during Vector deserialization (#759)

[v0.18.0] - 2025-06-09

Build

• deps: bump golang.org/x/crypto from 0.33.0 to 0.35.0 (#677)

Chore

• remove unused benchmark script (#675)

Docs

• replace outdated link to article (#690)

Experiment

• vortex on koalabear (#645)

... (truncated)

Commits

• See full diff in compare view

Updates golang.org/x/crypto from 0.42.0 to 0.45.0

Commits

• 4e0068c go.mod: update golang.org/x dependencies
• e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
• f91f7a7 ssh/agent: prevent panic on malformed constraint
• 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
• bcf6a84 acme: pass context to request
• b4f2b62 ssh: fix error message on unsupported cipher
• 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
• 122a78f go.mod: update golang.org/x dependencies
• c0531f9 all: eliminate vet diagnostics
• 0997000 all: fix some comments
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

---

Note

Updates prover dependencies, notably github.com/consensys/gnark to v0.14.0, github.com/consensys/gnark-crypto to v0.19.0, golang.org/x/crypto to v0.45.0, plus several other library bumps via go.mod/go.sum.

• Dependencies (prover/go.mod, prover/go.sum):
  • Major bumps:
    • github.com/consensys/gnark → v0.14.0
    • github.com/consensys/gnark-crypto → v0.19.0
    • golang.org/x/crypto → v0.45.0
  • Other direct updates:
    • github.com/bits-and-blooms/bitset → v1.24.0
    • github.com/fxamacker/cbor/v2 → v2.9.0
    • github.com/rs/zerolog → v1.34.0
    • golang.org/x/net → v0.47.0, golang.org/x/sync → v0.18.0
  • Indirect/tooling updates:
    • github.com/google/pprof (indirect), github.com/mattn/go-colorable, github.com/ronanh/intcomp, golang.org/x/text, golang.org/x/sys, golang.org/x/exp, and others.
  • Removes or supersedes some indirect entries; no source code changes.

^{Written by Cursor Bugbot for commit 6cd525f. This will update automatically on new commits. Configure here.}

[cla-assistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[cla-assistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	golang/​golang.org/​x/​crypto@​v0.42.0 ⏵ v0.45.0	+1
	golang/​github.com/​consensys/​gnark@​v0.12.1-0.20250501002417-facdd9882b80 ⏵ v0.14.0	-7	+40
	golang/​golang.org/​x/​net@​v0.43.0 ⏵ v0.47.0	+1
	golang/​github.com/​consensys/​gnark-crypto@​v0.17.1-0.20251006135912-abd34dcc6005 ⏵ v0.19.0
	golang/​github.com/​rs/​zerolog@​v1.33.0 ⏵ v1.34.0	+1
	golang/​golang.org/​x/​exp@​v0.0.0-20240823005443-9b4947da3948 ⏵ v0.0.0-20250819193227-8b4c13bb791b
	golang/​github.com/​fxamacker/​cbor/​v2@​v2.7.0 ⏵ v2.9.0	+1
	golang/​golang.org/​x/​sync@​v0.17.0 ⏵ v0.18.0
	golang/​github.com/​bits-and-blooms/​bitset@​v1.20.0 ⏵ v1.24.0	+1

View full report