dev: bump the safe group across 1 directory with 43 updates

[dependabot]

Bumps the safe group with 30 updates in the / directory:

Package	From	To
github.com/KimMachineGun/automemlimit	0.7.4	0.7.5
github.com/aws/aws-sdk-go	1.55.7	1.55.8
github.com/aws/aws-sdk-go-v2/config	1.29.12	1.32.16
github.com/aws/aws-sdk-go-v2/service/s3	1.78.2	1.99.1
github.com/coder/websocket	1.8.13	1.8.14
github.com/eclipse/paho.mqtt.golang	1.5.0	1.5.1
github.com/emersion/go-smtp	0.22.0	0.24.0
github.com/envoyproxy/protoc-gen-validate	1.2.1	1.3.3
github.com/getsentry/sentry-go	0.34.1	0.45.1
github.com/grpc-ecosystem/grpc-gateway/v2	2.28.0	2.29.0
github.com/jackc/pgx/v5	5.7.5	5.9.2
github.com/jarcoal/httpmock	1.4.0	1.4.1
github.com/klauspost/compress	1.18.0	1.18.5
github.com/lib/pq	1.10.9	1.12.3
github.com/nats-io/nats-server/v2	2.11.4	2.12.7
github.com/prometheus/client_golang	1.22.0	1.23.2
github.com/redis/go-redis/v9	9.11.0	9.18.0
github.com/spf13/cast	1.9.2	1.10.0
github.com/spf13/cobra	1.9.1	1.10.2
github.com/spf13/viper	1.20.1	1.21.0
github.com/throttled/throttled/v2	2.13.0	2.15.0
github.com/uptrace/bun	1.2.14	1.2.18
github.com/uptrace/bun/dialect/pgdialect	1.2.14	1.2.18
github.com/uptrace/bun/driver/pgdriver	1.2.14	1.2.18
go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux	0.62.0	0.68.0
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	0.62.0	0.68.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	0.62.0	0.68.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	1.37.0	1.43.0
go.thethings.network/lorawan-stack-legacy/v2	2.1.0	2.1.1
go.uber.org/zap	1.27.0	1.27.1

Updates github.com/KimMachineGun/automemlimit from 0.7.4 to 0.7.5

Release notes

Sourced from github.com/KimMachineGun/automemlimit's releases.

v0.7.5

What's Changed

• fix(memlimit): respect parent cgroup limits in v2 (KimMachineGun/automemlimit#31) by @​KimMachineGun in KimMachineGun/automemlimit@6d12049

Full Changelog: KimMachineGun/automemlimit@v0.7.4...v0.7.5

Commits

• 6d12049 fix(memlimit): respect parent cgroup limits in v2 (#31)
• See full diff in compare view

Updates github.com/aws/aws-sdk-go from 1.55.7 to 1.55.8

Release notes

Sourced from github.com/aws/aws-sdk-go's releases.

Release v1.55.8 (2025-07-31)

SDK Features

• Mark the module and all packages as deprecated.
  • This SDK has entered end-of-support.

Commits

• 070853e release v1.55.8 (2025-07-31)
• bb0168e Add deprecation warnings everywhere and remove some README content
• 7ce44f3 aws
• 6d9a26d remove doc issue tmpl
• 239002f deprecate service packages and HLLs
• 70c4177 deprecate main runtime packages
• bbdd4e9 deprecate
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.29.12 to 1.32.16

Commits

• 9bc9c51 Release 2026-04-17
• 2b41455 Regenerated Clients
• 2327a1b Update endpoints model
• 9225797 Update API model
• 7b6f675 Bump smithy-go to 1.25 (again) (#3390)
• c8b6a97 Release 2026-04-16
• 4a05c2b Regenerated Clients
• 6cd4cc9 Update endpoints model
• 3153bed Update API model
• fe3cef6 Make AccountIDEndpointRouting aware of bdd endpoints (#3387)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.78.2 to 1.99.1

Commits

• 9bc9c51 Release 2026-04-17
• 2b41455 Regenerated Clients
• 2327a1b Update endpoints model
• 9225797 Update API model
• 7b6f675 Bump smithy-go to 1.25 (again) (#3390)
• c8b6a97 Release 2026-04-16
• 4a05c2b Regenerated Clients
• 6cd4cc9 Update endpoints model
• 3153bed Update API model
• fe3cef6 Make AccountIDEndpointRouting aware of bdd endpoints (#3387)
• Additional commits viewable in compare view

Updates github.com/coder/websocket from 1.8.13 to 1.8.14

Release notes

Sourced from github.com/coder/websocket's releases.

v1.8.14

Changes

• fix: match Origin scheme if defined in OriginPatterns by @​mafredri in coder/websocket#536
• refactor: use context.AfterFunc to track timeouts instead of goroutine by @​ash2k in coder/websocket#532
• refactor: add ErrMessageTooBig sentinel error for limited reads by @​DanielleMaywood in coder/websocket#535
• build: update to Go 1.23 by @​mafredri in coder/websocket#524
• build: add Makefile by @​mafredri in coder/websocket#525
• chore: update LICENSE file by @​mtojek in coder/websocket#526
• chore: apply various modernisations by @​Jacalz in coder/websocket#531

New Contributors

• @​mtojek made their first contribution in coder/websocket#526
• @​ash2k made their first contribution in coder/websocket#532
• @​DanielleMaywood made their first contribution in coder/websocket#535

Full Changelog: coder/websocket@v1.8.13...v1.8.14

Commits

• 7d7c644 refactor: add ErrMessageTooBig sentinel error for limited reads (#535)
• c7846ea refactor: use context.AfterFunc to track timeouts instead of goroutine (#532)
• e11dd4e fix: match Origin scheme if defined in OriginPatterns (#536)
• 91013c1 chore: apply various modernisations (#531)
• efb626b chore: update LICENSE file (#526)
• 246891f build: add Makefile (#525)
• 778d161 build: update to Go 1.23 (#524)
• See full diff in compare view

Updates github.com/eclipse/paho.mqtt.golang from 1.5.0 to 1.5.1

Release notes

Sourced from github.com/eclipse/paho.mqtt.golang's releases.

v1.5.1

This is a minor release incorporating changes made in the 14 months since v1.5.0 (including updating dependencies, and raising the Go version to 1.24). The changes are relatively minor but address a potential security issue (CVE-2025-10543), possible panic, enable users to better monitor the connection status, and incorporate a few optimisations.

Thanks to those who have provided fixes/enhancements included in this release!

Special thanks to Paul Gerste at Sonar for reporting issue #730 via the Eclipse security team (fix was implemented in PR #714 in May, github issue created just prior to this release). This issue arose where a topic > 65535 bytes was passed to the Publish function, due to the way the data was encoded the topic could leak into the message body. Please see issue #730 or CVE-2025-10543 for further details.

What's Changed

• Updating go dependencies from pub and sub into the containers before building by @​JefJrFigueiredo in eclipse-paho/paho.mqtt.golang#691
• Optimize TCP connection logic by @​geekeryy in eclipse-paho/paho.mqtt.golang#713
• Fields over 65535 bytes not encoded correctly by @​MattBrittan in eclipse-paho/paho.mqtt.golang#714
• Reduce slice allocations in route dispatch by @​alespour in eclipse-paho/paho.mqtt.golang#710
• Add a ConnectionNotificationHandler by @​RangelReale in eclipse-paho/paho.mqtt.golang#727
• Potential panic when using manual ACK by @​MattBrittan in eclipse-paho/paho.mqtt.golang#729

Full Changelog: eclipse-paho/paho.mqtt.golang@v1.5.0...v1.5.1

Commits

• b305237 Update dependencies in docker examples
• 35ee03d Potential panic when using manual ACK
• 433bd22 address data race in test
• 4debe3a Potential panic when using manual ACK
• 601453b Resolve issues in fvt_client_test
• 439e2ab Dependency update (also rise Go version to 1.24)
• d276593 ConnectionNotificationHandler - generic callback for all types of connection ...
• 8a350a9 notifications
• 5620c5e notifications
• 45048cc notifications
• Additional commits viewable in compare view

Updates github.com/emersion/go-smtp from 0.22.0 to 0.24.0

Commits

• ab24fe7 Remove superfluous validateLine() calls in sendMail()
• 6944e33 Implement MT-PRIORITY (RFC 6710)
• 54dd31d Implement DELIVERBY (RFC 2852)
• See full diff in compare view

Updates github.com/envoyproxy/protoc-gen-validate from 1.2.1 to 1.3.3

Release notes

Sourced from github.com/envoyproxy/protoc-gen-validate's releases.

v1.3.3

One more release attempt to get Python published on PyPI. 😄

What's Changed

• Update Python 3.9 references to 3.10 by @​stefanvanburen in bufbuild/protoc-gen-validate#1370

Full Changelog: bufbuild/protoc-gen-validate@v1.3.2...v1.3.3

v1.3.2

Fixing the v1.3.1 release, which was fixing the v1.3.0 release 😄.

What's Changed

• Attempt to fix release by @​stefanvanburen in bufbuild/protoc-gen-validate#1368

Full Changelog: bufbuild/protoc-gen-validate@v1.3.1...v1.3.2

v1.3.1

This is a release to get out Python support for 3.13, which failed to publish to PyPI in v1.3.0.

What's Changed

• Bump the java group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1332
• Bump actions/checkout from 5 to 6 in the github-actions group by @​dependabot[bot] in bufbuild/protoc-gen-validate#1330
• Fix Java deployment by @​pkwarren in bufbuild/protoc-gen-validate#1335
• Update settings.xml to use SONATYPE_USERNAME env var by @​pkwarren in bufbuild/protoc-gen-validate#1336
• Run deployment with release profile by @​pkwarren in bufbuild/protoc-gen-validate#1337
• Remove maven settings.xml file by @​pkwarren in bufbuild/protoc-gen-validate#1338
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1334
• Bump the github-actions group with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1341
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1340
• Bump the go-tests group in /tests with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1339
• Bump the java group across 1 directory with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1343
• Support for latest setuptools by @​matejsp in bufbuild/protoc-gen-validate#1345
• Replace deprecated java_proto_library from rules_java by @​mmorel-35 in bufbuild/protoc-gen-validate#1349
• Bump golang.org/x/net from 0.48.0 to 0.49.0 in /tests in the go-tests group by @​dependabot[bot] in bufbuild/protoc-gen-validate#1350
• Bump the java group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1351
• Bump wheel from 0.45.1 to 0.46.2 by @​dependabot[bot] in bufbuild/protoc-gen-validate#1352
• Update go and deps by @​rodaine in bufbuild/protoc-gen-validate#1355
• Update python and deps by @​rodaine in bufbuild/protoc-gen-validate#1354
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1356
• Bump the python-root group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1357

Full Changelog: bufbuild/protoc-gen-validate@v1.3.0...v1.3.1

v1.3.0

What's Changed

• Update README.md by @​nicksnyder in bufbuild/protoc-gen-validate#1233
• Fix unreliable asset generation by @​nicksnyder in bufbuild/protoc-gen-validate#1235

... (truncated)

Commits

• 92b9a7d Update Python 3.9 references to 3.10 (#1370)
• e72f3dc Attempt to fix release (#1368)
• 39d950b Bump the python-root group across 1 directory with 4 updates (#1357)
• c4c1414 Bump the java group in /java with 2 updates (#1356)
• 05cc215 Update python and deps (#1354)
• 1a76a21 Update go and deps (#1355)
• 3212c98 Bump wheel from 0.45.1 to 0.46.2 (#1352)
• 4231822 Bump the java group across 1 directory with 4 updates (#1351)
• 187ff66 Bump golang.org/x/net from 0.48.0 to 0.49.0 in /tests in the go-tests group (...
• ae40bad Replace deprecated java_proto_library from rules_java (#1349)
• Additional commits viewable in compare view

Updates github.com/getsentry/sentry-go from 0.34.1 to 0.45.1

Release notes

Sourced from github.com/getsentry/sentry-go's releases.

0.45.1

Bug Fixes 🐛

• Add missing TracesSampler fields for SamplingContext by @​giortzisg in #1259

0.45.0

Breaking Changes 🛠

• Add support for Echo v5 by @​Scorfly in #1183

New Features ✨

• Add OTLP trace exporter via new otel/otlp sub-module by @​giortzisg in #1229
  • sentryotlp.NewTraceExporter sends OTel spans directly to Sentry's OTLP endpoint.
  • sentryotel.NewOtelIntegration links Sentry errors, logs, and metrics to the active OTel trace. Works with both direct-to-Sentry and collector-based setups.
  • NewSentrySpanProcessor, NewSentryPropagator, and SentrySpanMap are deprecated and will be removed in 0.47.0. To Migrate use sentryotlp.NewTraceExporter instead:

  // Before
  sentry.Init(sentry.ClientOptions{Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0})
  tp := sdktrace.NewTracerProvider(
  sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
  )
  otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
  otel.SetTracerProvider(tp)
  // After:
  sentry.Init(sentry.ClientOptions{
  Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0,
  Integrations: func(i []sentry.Integration) []sentry.Integration {
  return append(i, sentryotel.NewOtelIntegration())
  },
  })
  exporter, _ := sentryotlp.NewTraceExporter(ctx, dsn)
  tp := sdktrace.NewTracerProvider(sdktrace.WithBatcher(exporter))
  otel.SetTracerProvider(tp)

• Add IsSensitiveHeader helper to easily distinguish which headers to scrub for PII. by @​giortzisg in #1239

Bug Fixes 🐛

• (ci) Update validate-pr action to remove draft enforcement by @​stephanie-anderson in #1237
• (fiber) Use UserContext for transaction to enable OTel trace linking by @​giortzisg in #1252
• Race condition when getting envelope identifier by @​giortzisg in #1250

Internal Changes 🔧

Deps

... (truncated)

Changelog

Sourced from github.com/getsentry/sentry-go's changelog.

0.45.1

Bug Fixes 🐛

• Add missing TracesSampler fields for SamplingContext by @​giortzisg in #1259

0.45.0

Breaking Changes 🛠

• Add support for Echo v5 by @​Scorfly in #1183

New Features ✨

• Add OTLP trace exporter via new otel/otlp sub-module by @​giortzisg in #1229
  • sentryotlp.NewTraceExporter sends OTel spans directly to Sentry's OTLP endpoint.
  • sentryotel.NewOtelIntegration links Sentry errors, logs, and metrics to the active OTel trace. Works with both direct-to-Sentry and collector-based setups.
  • NewSentrySpanProcessor, NewSentryPropagator, and SentrySpanMap are deprecated and will be removed in 0.47.0. To Migrate use sentryotlp.NewTraceExporter instead:

  // Before
  sentry.Init(sentry.ClientOptions{Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0})
  tp := sdktrace.NewTracerProvider(
  sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
  )
  otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
  otel.SetTracerProvider(tp)
  // After:
  sentry.Init(sentry.ClientOptions{
  Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0,
  Integrations: func(i []sentry.Integration) []sentry.Integration {
  return append(i, sentryotel.NewOtelIntegration())
  },
  })
  exporter, _ := sentryotlp.NewTraceExporter(ctx, dsn)
  tp := sdktrace.NewTracerProvider(sdktrace.WithBatcher(exporter))
  otel.SetTracerProvider(tp)

• Add IsSensitiveHeader helper to easily distinguish which headers to scrub for PII. by @​giortzisg in #1239

Bug Fixes 🐛

• (ci) Update validate-pr action to remove draft enforcement by @​stephanie-anderson in #1237
• (fiber) Use UserContext for transaction to enable OTel trace linking by @​giortzisg in #1252
• Race condition when getting envelope identifier by @​giortzisg in #1250

Internal Changes 🔧

... (truncated)

Commits

• 17971f9 release: 0.45.1
• 284b2f6 fix: add missing TracesSampler fields for SamplingContext (#1259)
• e1ee192 Merge branch 'release/0.45.0'
• 0f536b1 release: 0.45.0
• c8ccbf3 feat: add OTLP integration support (#1229)
• e9ba5cb fix(fiber): Use UserContext for transaction to enable OTel trace linking (#1252)
• 18546ff test: add serialization panic reproduction (#1249)
• e507be6 fix: race when getting envelope identifier (#1250)
• 2cec51a feat!: add support for Echo v5 (#1183)
• 6ba0638 build(otel): Bump OpenTelemetry SDK to 1.40.0 (#1243)
• Additional commits viewable in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.28.0 to 2.29.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.29.0

What's Changed

• fix: use proto.Merge to avoid copylocks with use_opaque_api=true by @​emahiro in grpc-ecosystem/grpc-gateway#6383
• fix: allow proto3 optional fields in path parameters by @​susanachl in grpc-ecosystem/grpc-gateway#6416
• Add option to disable HTTP method override by @​achew22 in grpc-ecosystem/grpc-gateway#6447
• Add Go documentation badge to README by @​achew22 in grpc-ecosystem/grpc-gateway#6448
• fix: add missing return statements in error handler paths by @​jet-go in grpc-ecosystem/grpc-gateway#6561
• Deprecate fields and methods if file is deprecated by @​aidandj in grpc-ecosystem/grpc-gateway#6613
• Add edition 2024 support by @​printfn in grpc-ecosystem/grpc-gateway#6622

New Contributors

• @​emahiro made their first contribution in grpc-ecosystem/grpc-gateway#6383
• @​susanachl made their first contribution in grpc-ecosystem/grpc-gateway#6416
• @​jet-go made their first contribution in grpc-ecosystem/grpc-gateway#6561
• @​aidandj made their first contribution in grpc-ecosystem/grpc-gateway#6613
• @​printfn made their first contribution in grpc-ecosystem/grpc-gateway#6622

Full Changelog: grpc-ecosystem/grpc-gateway@v2.28.0...v2.29.0

Commits

• ba9b55c chore(deps): update dependency rules_shell to v0.8.0 (#6626)
• 284a82e chore(deps): update googleapis digest to bcfcbda (#6625)
• f74bc7f chore(deps): update google/oss-fuzz digest to d58fd64 (#6624)
• efb665d Add edition 2024 support (#6622)
• c58da15 chore(deps): update google/oss-fuzz digest to 32b8df7 (#6621)
• 42997a1 Deprecate fields and methods if file is deprecated (#6613)
• 6f4af8b chore(deps): update googleapis digest to bf85cad (#6620)
• 68fde5f chore(deps): update google/oss-fuzz digest to 7b814a1 (#6619)
• 6da2a46 chore(deps): update googleapis digest to 898f25c (#6617)
• c9c7ad4 chore(deps): update googleapis digest to fc96870 (#6616)
• Additional commits viewable in compare view

Updates github.com/jackc/pgx/v5 from 5.7.5 to 5.9.2

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.9.2 (April 18, 2026)

Fix SQL Injection via placeholder confusion with dollar quoted string literals (GHSA-j88v-2chj-qfwx)

SQL injection can occur when:

1. The non-default simple protocol is used.
2. A dollar quoted string literal is used in the SQL query.
3. That query contains text that would be would be interpreted outside as a placeholder outside of a string literal.
4. The value of that placeholder is controllable by the attacker.

e.g.

attackValue := `$tag$; drop table canary; --`
_, err = tx.Exec(ctx, `select $tag$ $1 $tag$, $1`, pgx.QueryExecModeSimpleProtocol, attackValue)

This is unlikely to occur outside of a contrived scenario.

5.9.1 (March 22, 2026)

• Fix: batch result format corruption when using cached prepared statements (reported by Dirkjan Bussink)

5.9.0 (March 21, 2026)

This release includes a number of new features such as SCRAM-SHA-256-PLUS support, OAuth authentication support, and PostgreSQL protocol 3.2 support.

It significantly reduces the amount of network traffic when using prepared statements (which are used automatically by default) by avoiding unnecessary Describe Portal messages. This also reduces local memory usage.

It also includes multiple fixes for potential DoS due to panic or OOM if connected to a malicious server that sends deliberately malformed messages.

• Require Go 1.25+
• Add SCRAM-SHA-256-PLUS support (Adam Brightwell)
• Add OAuth authentication support for PostgreSQL 18 (David Schneider)
• Add PostgreSQL protocol 3.2 support (Dirkjan Bussink)
• Add tsvector type support (Adam Brightwell)
• Skip Describe Portal for cached prepared statements reducing network round trips
• Make LoadTypes query easier to support on "postgres-like" servers (Jelte Fennema-Nio)
• Default empty user to current OS user matching libpq behavior (ShivangSrivastava)
• Optimize LRU statement cache with custom linked list and node pooling (Mathias Bogaert)
• Optimize date scanning by replacing regex with manual parsing (Mathias Bogaert)
• Optimize pgio append/set functions with direct byte shifts (Mathias Bogaert)
• Make RowsAffected faster (Abhishek Chanda)
• Fix: Pipeline.Close panic when server sends multiple FATAL errors (Varun Chawla)
• Fix: ContextWatcher goroutine leak (Hank Donnay)
• Fix: stdlib discard connections with open transactions in ResetSession (Jeremy Schneider)

... (truncated)

Commits

• 0aeabbc Release v5.9.2
• 60644f8 Fix SQL sanitizer bugs with dollar-quoted strings and placeholder overflow
• a5680bc Merge pull request #2531 from dolmen-go/godoc-add-links
• e34e452 doc: Add godoc links
• 08c9bb1 Fix Stringer types encoded as text instead of numeric value in composite fields
• 96b4dbd Remove unstable test
• acf88e0 Merge pull request #2526 from abrightwell/abrightwell-min-proto
• 2f81f1f Update max_protocol_version and min_protocol_version defaults
• 4e4eaed Release v5.9.1
• 6273188 Fix batch result format corruption when using cached prepared statements
• Additional commits viewable in compare view

Updates github.com/jarcoal/httpmock from 1.4.0 to 1.4.1

Release notes

Sourced from github.com/jarcoal/httpmock's releases.

v1.4.1

What's Changed

• test: also test with go v1.25 and use golangci-lint v2.4.0 by @​maxatome in jarcoal/httpmock#164
• Avoid data race when closing body by @​DavyJohnes in jarcoal/httpmock#165

New Contributors

• @​DavyJohnes made his first contribution in jarcoal/httpmock#165

Full Changelog: jarcoal/httpmock@v1.4.0...v1.4.1

Commits

• 314d58a fix: protect all body-related methods with mutext
• e482896 fix: avoid data race when closing body
• c977145 test: also test with go v1.25 and use golangci-lint v2.4.0
• See full diff in compare view

Updates github.com/klauspost/compress from 1.18.0 to 1.18.5

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.5

What's Changed

• zstd: Fix crash when changing encoder dictionary with same ID by @​klauspost in klauspost/compress#1135
• zstd: Default to full zero frames by @​klauspost in klauspost/compress#1134
• flate: Clean up histogram order by @​klauspost in klauspost/compress#1133

Full Changelog: klauspost/compress@v1.18.4...v1.18.5

v1.18.4

What's Changed

• gzhttp: Add zstandard to server handler wrapper by @​klauspost in klauspost/compress#1121
• zstd: Add ResetWithOptions to encoder/decoder by @​klauspost in klauspost/compress#1122
• gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @​analytically in klauspost/compress#1116

New Contributors

• @​analytically made their first contribution in klauspost/compress#1116
• @​ethaizone made their first contribution in klauspost/compress#1124
• @​zwass made their first contribution in klauspost/compress#1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

v1.18.3

Downstream CVE-2025-61728

See golang/go#77102

Full Changelog: klauspost/compress@v1.18.2...v1.18.3

v1.18.2

What's Changed

• flate: Fix invalid encoding on level 9 with single value input by @​klauspost in klauspost/compress#1115
• flate: reduce stateless allocations by @​RXamzin in klauspost/compress#1106
• build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 in the github-actions group by @​dependabot[bot] in klauspost/compress#1111

v1.18.1 is marked "retracted" due to invalid flate/zip/gzip encoding.

New Contributors

• @​RXamzin made their first contribution in klauspost/compress#1106

Full Changelog: klauspost/compress@v1.18.1...v1.18.2

v1.18.1

What's Changed

• zstd: Fix incorrect buffer size in dictionary encodes by @​klauspost in klauspost/compress#1059
• s2: check for cap, not len of buffer in EncodeBetter/Best by @​vdarulis in klauspost/compress#1080
• zstd: Add simple zstd EncodeTo/DecodeTo functions by @​klauspost in klauspost/compress#1079
• zlib: Avoiding extra allocation in zlib.reader.Reset by @​travelpolicy in klauspost/compress#1086
• gzhttp: remove redundant err check in zstdReader by @​ryanfowler in klauspost/compress#1090

... (truncated)

Commits

• c5e0077 zstd: Fix encoder changing dictionary with same ID (#1135)
• fd3f23e zstd: Default to full zero frames (#1134)
• 8233c58 flate: Clean up histogram order (#1133)
• bcf0d12 build(deps): bump the github-actions group with 3 updates (#1132)
• cf758fe ci: Upgrade Go versions, clean up (#1130)
• 77cc520 Add v1.18.4
• c03560f zstd: Add ResetWithOptions to encoder/decoder (#1122)
• 0874ab8 build(deps): bump the github-actions group with 3 updates (#1126)
• 4a36836 doc: Clarify documentation in readme (#1125)
• 4309644 zstd: document concurrency option handling in encoder (#1124)
• Additional commits viewable in compare view

Updates github.com/lib/pq from 1.10.9 to 1.12.3

Release notes

Sourced from github.com/lib/pq's releases.

v1.12.3

• Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2

• Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1

• Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

• Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

v1.12.0

• The next release may change the default sslmode from require to prefer. See #1271 for details.

• CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

  // Old
  tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
  // Replacement
  tx.Prepare(copy temp (num, text, blob, nothing) from stdin)
  

Features

• Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

• Support sslmode=prefer and sslmode=allow (#1270).

• Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

• Support connection service file to load connection details (#1285).

• Support sslrootcert=system and use ~/.postgresql/root.crt as the default value of sslrootcert (#1280, #1281).

• Add a new pqerror package with PostgreSQL error codes (#1275).

  For example, to test if an error is a UNIQUE constraint violation:

  if pqErr, ok := errors.AsType[*pq.Error](https://github.com/lib/pq/blob/HEAD/err); ok && pqErr.Code == pqerror.UniqueViolation {
      log.Fatalf("email %q already exsts", email)
  }
  

  To make this a bit more convenient, it also adds a pq.As() function:

Description has been truncated