chore(deps): bump the ipfs-ecosystem group with 2 updates

[dependabot]

Bumps the ipfs-ecosystem group with 2 updates: github.com/ipld/go-car/v2 and github.com/ipld/go-ipld-prime.

Updates github.com/ipld/go-car/v2 from 2.16.1-0.20260428045700-c4b9f366f20c to 2.17.0

Release notes

Sourced from github.com/ipld/go-car/v2's releases.

v2.17.0

What's Changed

• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.10.1 to 1.10.2 in /cmd by @​dependabot[bot] in ipld/go-car#620
• chore(deps): bump github.com/multiformats/go-multicodec from 0.9.2 to 0.10.0 in /v2 by @​dependabot[bot] in ipld/go-car#627
• chore(deps): bump github.com/multiformats/go-multicodec from 0.9.2 to 0.10.0 in /cmd by @​dependabot[bot] in ipld/go-car#628
• Add car put-block command by @​parkan in ipld/go-car#629
• chore(deps): bump github.com/ipfs/go-cid from 0.5.0 to 0.6.0 in /cmd by @​dependabot[bot] in ipld/go-car#633
• chore(deps): bump github.com/ipfs/boxo from 0.35.0 to 0.35.1 by @​dependabot[bot] in ipld/go-car#632
• chore(deps): bump github.com/ipfs/go-cid from 0.5.0 to 0.6.0 in /v2 by @​dependabot[bot] in ipld/go-car#630
• chore(deps): bump github.com/ipfs/go-cid from 0.5.0 to 0.6.0 by @​dependabot[bot] in ipld/go-car#631
• chore(deps): bump github.com/ipfs/boxo from 0.35.1 to 0.35.2 by @​dependabot[bot] in ipld/go-car#634
• chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.45.0 in /v2 by @​dependabot[bot] in ipld/go-car#635
• chore(deps): bump golang.org/x/crypto from 0.42.0 to 0.45.0 in /cmd by @​dependabot[bot] in ipld/go-car#637
• chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 by @​dependabot[bot] in ipld/go-car#636
• chore(deps): bump actions/checkout from 5 to 6 by @​dependabot[bot] in ipld/go-car#638
• chore(deps): bump github.com/ipfs/boxo from 0.35.2 to 0.36.0 by @​dependabot[bot] in ipld/go-car#641
• chore(deps): bump github.com/ipld/go-ipld-prime from 0.21.0 to 0.22.0 in /v2 by @​dependabot[bot] in ipld/go-car#647
• chore(deps): bump github.com/ipld/go-ipld-prime from 0.21.0 to 0.22.0 by @​dependabot[bot] in ipld/go-car#648
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.10.2 to 1.10.3 in /cmd by @​dependabot[bot] in ipld/go-car#650
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.10.2 to 1.10.3 in /v2 by @​dependabot[bot] in ipld/go-car#649
• Allow the car binary to provide a version. by @​willscott in ipld/go-car#645
• fix: remove broken trailing data check in "inspect --full" for CARv1 by @​rvagg in ipld/go-car#654
• ci: uci/update-go by @​web3-bot in ipld/go-car#655
• chore(deps): bump goreleaser/goreleaser-action from 6 to 7 by @​dependabot[bot] in ipld/go-car#657
• fix: use %w when wrapping errors to preserve error chain by @​ChayanDass in ipld/go-car#658
• feat(cmd): Make "extract" more user-friendly, matching common archive tools by @​davidebeatrici in ipld/go-car#653
• chore(deps): bump github.com/ipfs/go-cid from 0.6.0 to 0.6.1 in /cmd by @​dependabot[bot] in ipld/go-car#663
• chore(deps): bump github.com/ipfs/boxo from 0.36.0 to 0.38.0 by @​dependabot[bot] in ipld/go-car#662
• chore(deps): bump github.com/ipfs/go-cid from 0.6.0 to 0.6.1 in /v2 by @​dependabot[bot] in ipld/go-car#661
• chore(deps): bump github.com/ipfs/go-cid from 0.6.0 to 0.6.1 by @​dependabot[bot] in ipld/go-car#660
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.10.3 to 1.10.4 in /cmd by @​dependabot[bot] in ipld/go-car#670
• chore(deps): bump github.com/ipld/go-ipld-prime from 0.22.0 to 0.23.0 in /cmd by @​dependabot[bot] in ipld/go-car#669
• chore(deps): bump github.com/ipfs/go-unixfsnode from 1.10.3 to 1.10.4 in /v2 by @​dependabot[bot] in ipld/go-car#668
• chore(deps): bump github.com/ipfs/boxo from 0.38.0 to 0.39.0 by @​dependabot[bot] in ipld/go-car#667
• chore(deps): bump github.com/ipld/go-ipld-prime from 0.22.0 to 0.23.0 by @​dependabot[bot] in ipld/go-car#666
• chore(deps): bump github.com/ipld/go-ipld-prime from 0.22.0 to 0.23.0 in /v2 by @​dependabot[bot] in ipld/go-car#665
• chore(deps): bump github.com/polydawn/refmt from 0.89.1-0.20231129105047-37766d95467a to 0.90.0 in /cmd by @​dependabot[bot] in ipld/go-car#671

New Contributors

• @​parkan made their first contribution in ipld/go-car#629
• @​ChayanDass made their first contribution in ipld/go-car#658
• @​davidebeatrici made their first contribution in ipld/go-car#653

Full Changelog: ipld/go-car@v0.6.3...v2.17.0

Commits

• See full diff in compare view

Updates github.com/ipld/go-ipld-prime from 0.23.0 to 0.24.0

Release notes

Sourced from github.com/ipld/go-ipld-prime's releases.

v0.24.0

What's Changed

• build(deps): bump github.com/ipfs/boxo from 0.38.0 to 0.39.0 in /storage/bsadapter by @​dependabot[bot] in ipld/go-ipld-prime#628
• build(deps): bump github.com/ipfs/boxo from 0.38.0 to 0.39.0 in /storage/bsrvadapter by @​dependabot[bot] in ipld/go-ipld-prime#627
• build(deps): bump github.com/polydawn/refmt from 0.89.1-0.20231129105047-37766d95467a to 0.90.0 by @​dependabot[bot] in ipld/go-ipld-prime#629
• feat(dagcbor): enforce strict decode defaults by @​rvagg in ipld/go-ipld-prime#630
  • Enable stricter DAG-CBOR decode checks by default using refmt's canonical-form options. Reject indefinite-length CBOR in all modes, and reject non-minimal CBOR heads, NaN, infinity, and duplicate map keys by default.
  • Add RelaxedDecode as an opt-out for legacy non-canonical inputs while leaving known remaining gaps explicit: map key order and non-64-bit float encodings are still accepted for now.

Full Changelog: ipld/go-ipld-prime@v0.23.0...v0.24.0

Commits

• ac2cb1a chore: v0.24.0 bump (#631)
• bc78773 feat(dagcbor): enforce strict decode defaults (#630)
• bc7bf1b build(deps): bump github.com/polydawn/refmt (#629)
• b6ff5a2 build(deps): bump github.com/ipfs/boxo in /storage/bsrvadapter (#627)
• 0d2c18d build(deps): bump github.com/ipfs/boxo in /storage/bsadapter (#628)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions