chore(deps): bump the security group with 5 updates #1609

dependabot · 2024-09-09T23:11:26Z

Bumps the security group with 5 updates:

Package	From	To
github.com/jackc/pgx/v5	`5.6.0`	`5.7.0`
golang.org/x/mod	`0.20.0`	`0.21.0`
golang.org/x/net	`0.28.0`	`0.29.0`
golang.org/x/sys	`0.24.0`	`0.25.0`
golang.org/x/text	`0.17.0`	`0.18.0`

Updates github.com/jackc/pgx/v5 from 5.6.0 to 5.7.0

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.7.0 (September 2024)

Add support for sslrootcert=system (Yann Soubeyrand)

Add LoadTypes to load multiple types in a single SQL query (Nick Farrell)

Add XMLCodec supports encoding + scanning XML column type like json (nickcruess-soda)

Add MultiTrace (Stepan Rabotkin)

Add TraceLogConfig with customizable TimeKey (stringintech)

pgx.ErrNoRows wraps sql.ErrNoRows to aid in database/sql compatibility with native pgx functions (merlin)

Support scanning binary formatted uint32 into string / TextScanner (jennifersp)

Fix interval encoding to allow 0s and avoid extra spaces (Carlos Pérez-Aradros Herce)

Update pgservicefile - fixes panic when parsing invalid file

Better error message when reading past end of batch

Don't print url when url.Parse returns an error (Kevin Biju)

Fix snake case name normalization collision in RowToStructByName with db tag (nolandseigler)

Fix: Scan and encode types with underlying types of arrays

Commits

d1205a6 Release v5.7.0
97d20cc Merge pull request #2115 from ninedraft/sql-err-no-rows
e9bd382 Merge pull request #2114 from jennifersp/master
603f233 Merge pull request #2113 from mateuszkowalke/master
035bbbe Use sql.ErrNoRows as value for pgx.ErrNoRows
73bbced add byte length check to uint32
4171f55 Add additional info for nullable pgtype types
b197994 Merge pull request #2112 from jennifersp/master
57fd684 update struct name
926913a rm bound check
Additional commits viewable in compare view

Updates golang.org/x/mod from 0.20.0 to 0.21.0

Commits

46a3137 zip: set GIT_DIR in test when using bare repositories
3afcd4e go.mod: set go version to 1.22.0
b1d336c go.mod: update required go version to go1.22
See full diff in compare view

Updates golang.org/x/net from 0.28.0 to 0.29.0

Commits

35b4aba go.mod: update golang.org/x dependencies
9bf379f websocket: fix printf(var) mistake detected by latest printf checker
See full diff in compare view

Updates golang.org/x/sys from 0.24.0 to 0.25.0

Commits

a43b625 windows: add SIO_UDP_NETRESET constant
ed67b15 windows: add console codepage api
9cb830b unix: add missing import to syscall_hurd.go
71132f5 unix: add POLLRDHUP to FreeBSD
3283fc3 cpu: add support for detecting RISC-V extensions
29e55b2 unix: use os.Executable rather than os.Args[0] in tests
a8c5219 unix: rename XDPUmemReg field back to Size
59665e5 unix: add Connectx for darwin
a0c72ef unix: add f_flag member flags on z/OS
c64c51d unix: update riscv64 hwprobe to Linux kernel 6.10
Additional commits viewable in compare view

Updates golang.org/x/text from 0.17.0 to 0.18.0

Commits

1e3e9fd all: rename Example test functions to prevent vet errors
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the security group with 5 updates: | Package | From | To | | --- | --- | --- | | [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) | `5.6.0` | `5.7.0` | | [golang.org/x/mod](https://github.com/golang/mod) | `0.20.0` | `0.21.0` | | [golang.org/x/net](https://github.com/golang/net) | `0.28.0` | `0.29.0` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.24.0` | `0.25.0` | | [golang.org/x/text](https://github.com/golang/text) | `0.17.0` | `0.18.0` | Updates `github.com/jackc/pgx/v5` from 5.6.0 to 5.7.0 - [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md) - [Commits](jackc/pgx@v5.6.0...v5.7.0) Updates `golang.org/x/mod` from 0.20.0 to 0.21.0 - [Commits](golang/mod@v0.20.0...v0.21.0) Updates `golang.org/x/net` from 0.28.0 to 0.29.0 - [Commits](golang/net@v0.28.0...v0.29.0) Updates `golang.org/x/sys` from 0.24.0 to 0.25.0 - [Commits](golang/sys@v0.24.0...v0.25.0) Updates `golang.org/x/text` from 0.17.0 to 0.18.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: github.com/jackc/pgx/v5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: golang.org/x/mod dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor dependency-group: security ... Signed-off-by: dependabot[bot] <support@github.com>

replicated-ci

LGTM 👍

This PR was automatically approved and merged by the automated-prs-manager GitHub action

dependabot bot added dependencies go type::security labels Sep 9, 2024

replicated-ci approved these changes Sep 10, 2024

View reviewed changes

replicated-ci merged commit f662161 into main Sep 10, 2024
27 checks passed

replicated-ci deleted the dependabot/go_modules/security-b3a3f3232f branch September 10, 2024 00:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the security group with 5 updates #1609

chore(deps): bump the security group with 5 updates #1609

dependabot bot commented on behalf of github Sep 9, 2024

replicated-ci left a comment

chore(deps): bump the security group with 5 updates #1609

chore(deps): bump the security group with 5 updates #1609

Conversation

dependabot bot commented on behalf of github Sep 9, 2024

5.7.0 (September 2024)

replicated-ci left a comment

Choose a reason for hiding this comment