chore(deps): bump the go-modules group across 1 directory with 41 updates

[dependabot]

Bumps the go-modules group with 17 updates in the / directory:

Package	From	To
cloud.google.com/go/storage	1.57.0	1.59.2
github.com/aws/aws-sdk-go-v2/service/cloudwatch	1.51.4	1.53.1
github.com/aws/aws-sdk-go-v2/service/configservice	1.59.0	1.61.0
github.com/aws/aws-sdk-go-v2/service/s3	1.89.0	1.96.0
github.com/eko/gocache/lib/v4	4.2.2	4.2.3
github.com/eko/gocache/store/bigcache/v4	4.2.3	4.2.4
github.com/elastic/go-elasticsearch/v8	8.19.0	8.19.1
github.com/flanksource/commons	1.44.0	1.44.1
github.com/flanksource/duty	1.0.1166	1.0.1169
github.com/gocolly/colly/v2	2.2.0	2.3.0
github.com/google/cel-go	0.26.1	0.27.0
github.com/labstack/echo-contrib	0.17.4	0.50.0
github.com/lib/pq	1.10.9	1.11.1
github.com/prometheus/alertmanager	0.28.1	0.30.1
go.mongodb.org/mongo-driver	1.17.6	1.17.8
go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho	0.63.0	0.64.0
sigs.k8s.io/controller-runtime	0.22.3	0.23.1

Updates cloud.google.com/go/storage from 1.57.0 to 1.59.2

Release notes

Sourced from cloud.google.com/go/storage's releases.

storage 1.59.2

1.59.2 (2026-01-28)

Bug Fixes

• deadlock in event loop while coordinating channels (#13652) (ff6c8e78)

storage 1.59.1

1.59.1 (2026-01-14)

Bug Fixes

• remove mandatory attrs response in MRD (#13585) (6752a496)

• close attrsReady channel when metadata is missing (#13574) (712f5627)

• don't update global object's readhandle in MRD (#13575) (bc925001)

storage 1.59.0

1.59.0 (2026-01-09)

Features

• add default checksums for appendable writer (excludes appendable takeover writer) (#13379) (647baf32)

Bug Fixes

• refactor MultiRangeDownloader to resolve deadlock and race conditions (#13524) (1cfd100

storage 1.58.0

1.58.0 (2025-12-03)

Features

• add object contexts in Go GCS SDK (#13390) (079c4d96)

• calculate crc32c by default and pass checksum in trailing and per-chunk request (#13205) (2ab1c778)

• add support for partial success in ListBuckets (#13320) (d91e47f2)

Bug Fixes

• omit empty filter in http list object request (#13434) (377eb13b)

storage 1.57.2

1.57.2 (2025-11-14)

Features

Bug Fixes

... (truncated)

Commits

• cf3fbcb chore: librarian release pull request: 20260128T111026Z (#13737)
• ff6c8e7 fix(storage): deadlock in event loop while coordinating channels (#13652)
• 5cd8007 chore: librarian release pull request: 20260114T061057Z (#13597)
• 585cd82 feat(firestore): [PQ] add pipeline queries
• 6752a49 fix: remove mandatory attrs response in MRD (#13585)
• 1347004 chore: skip failing TestIntegration_WriterAppendEdgeCases (#13586)
• e7723a0 test(storage): add test for MRD with read handle (#13591)
• 7e730f1 test(datastore): fix flaky tests (#13587)
• d23326b chore(spanner): add gorm data type names for PG types (#13584)
• bc92500 fix: don't update global object's readhandle in MRD (#13575)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/cloudwatch from 1.51.4 to 1.53.1

Commits

• 0fde27c Release 2024-03-29
• 57e0d95 Regenerated Clients
• e114db5 Update SDK's smithy-go dependency to v1.20.2
• f456f07 Update endpoints model
• 96b431a Update API model
• 6a694c7 dep: upgrade to smithy 1.47.0 (#2587)
• 973665b Release 2024-03-28
• 8b24e40 Regenerated Clients
• 8788e04 Update endpoints model
• 0480396 Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/configservice from 1.59.0 to 1.61.0

Commits

• b4c0124 Release 2024-08-28
• 1cd39e0 Regenerated Clients
• 854f863 Update endpoints model
• 77152bc Update API model
• 9c621d1 Add a PresignPostObject to the PresignClient for s3.PutObject operation...
• 7e17fb5 Release 2024-08-27
• 8906cd2 Regenerated Clients
• 4acfe2e Update API model
• a6e48ac Release 2024-08-26
• 7d62062 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.89.0 to 1.96.0

Commits

• bdb98c5 Release 2026-01-28
• c878d57 Regenerated Clients
• 4f5d503 Update API model
• b7bf952 Feat release s3 transfer manager v2 (#3293)
• 0baa1dc Release 2026-01-27
• 11eae4b Regenerated Clients
• 297caa5 Update endpoints model
• 43d96e4 Update API model
• de58dc6 Release 2026-01-26
• dba39e6 Regenerated Clients
• Additional commits viewable in compare view

Updates github.com/eko/gocache/lib/v4 from 4.2.2 to 4.2.3

Release notes

Sourced from github.com/eko/gocache/lib/v4's releases.

store/memcache/v4.2.3

What's Changed

• Store memcache: moved from golang/mock to mockery by @​eko in eko/gocache#295

Full Changelog: eko/gocache@lib/v4.2.1...store/memcache/v4.2.3

store/bigcache/v4.2.3

What's Changed

• Hide mock interfaces from users by @​Neo2308 in eko/gocache#296

New Contributors

• @​Neo2308 made their first contribution in eko/gocache#296

Full Changelog: eko/gocache@store/memcache/v4.2.3...store/bigcache/v4.2.3

store/freecache/v4.2.3

What's Changed

• Hide mock interfaces from users by @​Neo2308 in eko/gocache#296

New Contributors

• @​Neo2308 made their first contribution in eko/gocache#296

Full Changelog: eko/gocache@store/memcache/v4.2.3...store/freecache/v4.2.3

store/go_cache/v4.2.3

What's Changed

• Hide mock interfaces from users by @​Neo2308 in eko/gocache#296

New Contributors

• @​Neo2308 made their first contribution in eko/gocache#296

Full Changelog: eko/gocache@store/memcache/v4.2.3...store/go_cache/v4.2.3

lib/v4.2.3

What's Changed

• chore(go-mod): bump outdated dependencies by @​geigerj0 in eko/gocache#300

New Contributors

• @​geigerj0 made their first contribution in eko/gocache#300

Full Changelog: eko/gocache@lib/v4.2.2...lib/v4.2.3

What's Changed

• chore(go-mod): bump outdated dependencies by @​geigerj0 in eko/gocache#300

New Contributors

• @​geigerj0 made their first contribution in eko/gocache#300

Full Changelog: eko/gocache@lib/v4.2.2...lib/v4.2.3

Commits

• 5654fdf Merge pull request #300 from geigerj0/bump-deps
• 3fabe46 bump all deps
• 7747003 bump deps
• b4334a5 bump deps
• f037427 bump deps
• See full diff in compare view

Updates github.com/eko/gocache/store/bigcache/v4 from 4.2.3 to 4.2.4

Commits

• 2caf9d9 feat: add TTL support for tags in Hazelcast store
• ba0ece2 chore: fix some comments
• 152feab Merge pull request #279 from pgcamus/bigcache-getwithttl
• 9cd53a8 Merge pull request #280 from semihbkgr/error-handling-in-chain-set
• 4cee0d8 Fix typo in comments
• 3f3df7c fix: improve error handling in ChainCache.Set method
• d7f4471 Add GetWithTTL() support to Bigcache store
• 2c3a5f4 Merge pull request #276 from dxtym/ft/tags-ttl
• d7bbad0 Merge pull request #277 from eko/dependabot/go_modules/store/pegasus/golang.o...
• 84a4a4f Bump golang.org/x/net from 0.33.0 to 0.36.0 in /store/pegasus
• Additional commits viewable in compare view

Updates github.com/elastic/go-elasticsearch/v8 from 8.19.0 to 8.19.1

Release notes

Sourced from github.com/elastic/go-elasticsearch/v8's releases.

v8.19.1

8.19.1 (2025-12-12)

Features

• Add Close method to BaseClient (#1056) (#1076) (e73cb92)
• Add queue size multiplier config to BulkIndexer (#1029) (#1055) (cdaf2aa)
• Add support for interceptors in Elasticsearch client (#1080) (#1086) (f4bda5f)

Bug Fixes

• Notify items if an error occurs in bulk indexer (#615) (#1057) (00b0ac1)

Changelog

Sourced from github.com/elastic/go-elasticsearch/v8's changelog.

8.19.1 (2025-12-12)

Features

• Add Close method to BaseClient (#1056) (#1076) (e73cb92)
• Add queue size multiplier config to BulkIndexer (#1029) (#1055) (cdaf2aa)
• Add support for interceptors in Elasticsearch client (#1080) (#1086) (f4bda5f)

Bug Fixes

• Notify items if an error occurs in bulk indexer (#615) (#1057) (00b0ac1)

9.2.0 (2025-10-29)

API

• Updated APIs to 9.2.0

Typed API

• Update TypedAPI to latest elasticsearch-specification 9.2.0

9.1.0 (2025-07-31)

API

• Updated APIs to 9.1.0

Typed API

• Update TypedAPI to latest elasticsearch-specification 9.1
• This release introduces a new MethodAPI used by the TypedClient which makes the client friendlier for dead code elimination. Reducing the size of the client when only a subset of the APIs are used. The old API structure remains available for backward compatibility, but it is now deprecated.

9.0.1 (2025-07-31)

API

• Updated APIs to 9.0.4

Typed API

• Update TypedAPI to latest elasticsearch-specification 9.0

Commits

• 3b4eb9f chore(8.19): release 8.19.1 (#1073)
• f427a27 ci: correct workflow branch filters (#1087)
• e73cb92 feat: add Close method to BaseClient (#1056) (#1076)
• f4bda5f feat: add support for interceptors in Elasticsearch client (#1080) (#1086)
• 89ba530 chore: migrate to new artifact api (#1077) (#1085)
• 7e52925 ci: add release please automation (#1065) (#1070)
• 00b0ac1 fix: Notify items if an error occurs in bulk indexer (#1057)
• cdaf2aa feat: Add queue size multiplier config to BulkIndexer (#1029) (#1055)
• 5983693 [Backport 8.19] ci: use ephemeral token for backport action (#1048)
• ef44da2 fix(buildkite): improve error handling for HTTP requests and add fallback for...
• Additional commits viewable in compare view

Updates github.com/flanksource/commons from 1.44.0 to 1.44.1

Release notes

Sourced from github.com/flanksource/commons's releases.

v1.44.1

1.44.1 (2026-01-06)

Commits

• 347389f chore: bump gomplate to v3.24.64 (#286)
• See full diff in compare view

Updates github.com/flanksource/duty from 1.0.1166 to 1.0.1169

Release notes

Sourced from github.com/flanksource/duty's releases.

v1.0.1169

1.0.1169 (2026-01-29)

v1.0.1168

1.0.1168 (2026-01-28)

Features

• shell: add powershell scripting (6c2fcb1)

v1.0.1167

1.0.1167 (2026-01-26)

Features

• connection: add custom headers to HTTPConnection (#1746) (15407cc)

Commits

• a28b266 refactor(schema): migrate JSON schema validation to kaptinlin/jsonschema
• 6c2fcb1 feat(shell): add powershell scripting
• 9461446 chore: add clicky pretty methods
• 15407cc feat(connection): add custom headers to HTTPConnection (#1746)
• See full diff in compare view

Updates github.com/go-git/go-git/v5 from 5.16.3 to 5.16.4

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.4

What's Changed

• backport plumbing: format/idxfile, prevent panic by @​swills in go-git/go-git#1732
• [backport] build: test, Fix build on Windows. by @​pjbgf in go-git/go-git#1734
• build: Update module golang.org/x/net to v0.38.0 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1742
• build: Update module github.com/cloudflare/circl to v1.6.1 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1741
• build: Update module github.com/go-git/go-git/v5 to v5.13.0 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1743

Full Changelog: go-git/go-git@v5.16.3...v5.16.4

Commits

• de8ecc3 Merge pull request #1743 from go-git/renovate/releases/v5.x-go-github.com-go-...
• 3e752f0 build: Update module github.com/go-git/go-git/v5 to v5.13.0 [SECURITY]
• 3a31754 Merge pull request #1741 from go-git/renovate/releases/v5.x-go-github.com-clo...
• acc28f1 build: Update module github.com/cloudflare/circl to v1.6.1 [SECURITY]
• 95f3880 Merge pull request #1742 from go-git/renovate/releases/v5.x-go-golang.org-x-n...
• 329f926 build: Update module golang.org/x/net to v0.38.0 [SECURITY]
• 399e04b Merge pull request #1734 from pjbgf/fix-ci
• 2025eae build: test, Fix build on Windows.
• fb6806f Merge pull request #1732 from swills/find-hash-panic-fix-backport
• 382530f plumbing: format/idxfile, prevent panic
• See full diff in compare view

Updates github.com/gocolly/colly/v2 from 2.2.0 to 2.3.0

Commits

• 157009d [enh] update dependencies
• 291f625 [doc] update example & install
• 629227c [doc] remove discontinued sponsorship
• a088c7d [doc] add sponsor description
• 66bbc9a Merge pull request #862 from cuiweixie/atomic.Uint32
• 468c427 fix: do not add
• c0c7a4c [doc] add CyberYozh as sponsor
• 8e8093b Merge pull request #864 from stemlaud/master
• 4829951 refactor: use the built-in max to simplify the code
• 8fabdcf [fix] update tests
• Additional commits viewable in compare view

Updates github.com/google/cel-go from 0.26.1 to 0.27.0

Release notes

Sourced from github.com/google/cel-go's releases.

Release v0.27.0

Release Summary

This release focuses on improving developer tooling and stability. Key highlights include significant enhancements to the REPL (YAML configuration support and parse-only evaluation), the addition of cost estimation for regex operations, and improved test coverage reporting.

On the stability front, this release addresses race conditions in reference types, improves namespace resolution, and ensures formatting directives align strictly with the CEL specification.

Note: This release includes a breaking change regarding how types are handled as variables. Please review the "Breaking Changes" section below.

⚠ Breaking Changes

Remove types as variables: The logic for handling types has been relaxed to support safe rollout of feature packages which introduce new types whose names may collide with existing variables. Please review your policies if you relied on types behaving strictly as variables in previous versions. [PR #1262](google/cel-go#1262)

Features & Enhancements

REPL & Tooling

• YAML Configuration: The REPL now supports reading and writing YAML environment configurations. [PR #1250](google/cel-go#1250)

• Parse-Only Mode: Added parse-only evaluation capabilities to the REPL. [PR #1254](google/cel-go#1254)

• Test Coverage: Introduced logic for CEL test coverage calculation and updated the reporter to handle error/unknown scenarios.[PR #1209](google/cel-go#1209) & [PR #1215](google/cel-go#1215)

Core Library

• Regex Costing: Added support for cost estimation and tracking within the regex library. [PR #1200](google/cel-go#1200)

• JSON Type Exposure: Exposed CEL JSON types to assist developers in converting to native values. [PR #1261](google/cel-go#1261)

• Policy Composition: Source information is now preserved during CEL policy composition, aiding in debugging. [PR #1253](google/cel-go#1253)

Extensibility:

• Updated extension option factory to resolve by ID (#1249).

• Refactored match output compiling to accept user-defined logic (#1246).

• Exposed Match source ID to callers (#1227).

Build & Maintenance

• Bazel: Migrated to use Bazel module only and improved configuration for dependent builds. [PR #1231](google/cel-go#1231) & [PR #1228](google/cel-go#1228)

• Cleanup: Removed strcase dependency, removed AppEngine code from REPL, and performed general linting. [PR #1230](google/cel-go#1230), #1216, #1251

Bug Fixes

• Concurrency: Fixed a race condition in the checker regarding reference types. [PR #1224](google/cel-go#1224)

• Namespace Resolution: Addressed an issue with namespace resolution. [PR #1256](google/cel-go#1256)

• Spec Compliance: Fixed formatting directives to fully support requirements documented in the cel-spec. [PR #1232](google/cel-go#1232)

... (truncated)

Commits

• 450089b Preserve source information during CEL policy composition. (#1253)
• c66b313 Remove types as variables to allow user-defined variables to shadow type decl...
• bff3a72 Expose the CEL JSON types to assist with conversion to native values (#1261)
• 559cbc9 Remove errant diff checked into a prior PR (#1260)
• fe26efa Simplify the disambiguation logic to a single boolean (#1263)
• 52280ba Clean up unused source info after checker rewrites the AST. (#1258)
• 3cb5705 Namespace resolution fix (#1256)
• 409bcbe Refactor match output compiling to accept user-defined logic. (#1246)
• e9f15ea Enable two var comprehension conformance tests. (#1255)
• 057fa1a Add parse only evaluation to REPL (#1254)
• Additional commits viewable in compare view

Updates github.com/jackc/pgx/v5 from 5.7.6 to 5.8.0

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.8.0 (December 26, 2025)

• Require Go 1.24+
• Remove golang.org/x/crypto dependency
• Add OptionShouldPing to control ResetSession ping behavior (ilyam8)
• Fix: Avoid overflow when MaxConns is set to MaxInt32
• Fix: Close batch pipeline after a query error (Anthonin Bonnefoy)
• Faster shutdown of pgxpool.Pool background goroutines (Blake Gentry)
• Add pgxpool ping timeout (Amirsalar Safaei)
• Fix: Rows.FieldDescriptions for empty query
• Scan unknown types into *any as string or []byte based on format code
• Optimize pgtype.Numeric (Philip Dubé)
• Add AfterNetConnect hook to pgconn.Config
• Fix: Handle for preparing statements that fail during the Describe phase
• Fix overflow in numeric scanning (Ilia Demianenko)
• Fix: json/jsonb sql.Scanner source type is []byte
• Migrate from math/rand to math/rand/v2 (Mathias Bogaert)
• Optimize internal iobufpool (Mathias Bogaert)
• Optimize stmtcache invalidation (Mathias Bogaert)
• Fix: missing error case in interval parsing (Maxime Soulé)
• Fix: invalidate statement/description cache in Exec (James Hartig)
• ColumnTypeLength method return the type length for varbit type (DengChan)
• Array and Composite codecs handle typed nils

Commits

• fe8740a Release v5.8.0
• e5dde5a Skip test on CockroachDB
• 06f2d82 Remove trailing space
• 2cf78dd Merge pull request #2448 from DengChan/column_type_lenth_varbit
• 2d1c4ef Skip tests on CockroachDB
• 1a5fa7f Array and Composite codecs handle typed nils
• 5736d09 ColumnTypeLength method return the type length for varbit type.
• 4c1308c Revert "stdlib matches native pgx scanning support"
• 14ce2b7 Skip test on CockroachDB
• 65b2724 Merge pull request #2443 from jameshartig/x-invalidate-cache-in-exec
• Additional commits viewable in compare view

Updates github.com/labstack/echo-contrib from 0.17.4 to 0.50.0

Release notes

Sourced from github.com/labstack/echo-contrib's releases.

V5 is out

See: https://github.com/labstack/echo/releases/tag/v5.0.0

Commits

• fb1b028 Use Echo v5 tag
• e5a435c Remove github.com/labstack/gommon dependency
• 16afb59 Echo V5 support
• 6c28e2b Update deps (#139)
• 109512b Update deps (last one did not update to latest) (#132)
• See full diff in compare view

Updates github.com/labstack/echo/v4 from 4.13.4 to 4.15.0

Release notes

Sourced from github.com/labstack/echo/v4's releases.

v4.15.0

Security

WARNING: If your application relies on cross-origin or same-site (same subdomain) requests do not blindly push this version to production

The CSRF middleware now supports the Sec-Fetch-Site header as a modern, defense-in-depth approach to CSRF protection, implementing the OWASP-recommended Fetch Metadata API alongside the traditional token-based mechanism.

How it works:

Modern browsers automatically send the Sec-Fetch-Site header with all requests, indicating the relationship between the request origin and the target. The middleware uses this to make security decisions:

• same-origin or none: Requests are allowed (exact origin match or direct user navigation)
• same-site: Falls back to token validation (e.g., subdomain to main domain)
• cross-site: Blocked by default with 403 error for unsafe methods (POST, PUT, DELETE, PATCH)

For browsers that don't send this header (older browsers), the middleware seamlessly falls back to traditional token-based CSRF protection.

New Configuration Options:

• TrustedOrigins []string: Allowlist specific origins for cross-site requests (useful for OAuth callbacks, webhooks)
• AllowSecFetchSiteFunc func(echo.Context) (bool, error): Custom logic for same-site/cross-site request validation

Example:

e.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
    // Allow OAuth callbacks from trusted provider
    TrustedOrigins: []string{"https://oauth-provider.com"},
// Custom validation for same-site requests
AllowSecFetchSiteFunc: func(c echo.Context) (bool, error) {
    // Your custom authorization logic here
    return validateCustomAuth(c), nil
    // return true, err  // blocks request with error
    // return true, nil  // allows CSRF request through
    // return false, nil // falls back to legacy token logic
},

}))

PR: labstack/echo#2858

Type-Safe Generic Parameter Binding

• Added generic functions for type-safe parameter extraction and context access by @​aldas in labstack/echo#2856

  Echo now provides generic functions for extracting path, query, and form parameters with automatic type conversion, eliminating manual string parsing and type assertions.

... (truncated)

Changelog

Sourced from github.com/labstack/echo/v4's changelog.

v4.15.0 - 2026-01-01

Security

NB: If your application relies on cross-origin or same-site (same subdomain) requests do not blindly push this version to production

The CSRF middleware now supports the Sec-Fetch-Site header as a modern, defense-in-depth approach to CSRF protection, implementing the OWASP-recommended Fetch Metadata API alongside the traditional token-based mechanism.

How it works:

Modern browsers automatically send the Sec-Fetch-Site header with all requests, indicating the relationship between the request origin and the target. The middleware uses this to make security decisions:

• same-origin or none: Requests are allowed (exact origin match or direct user navigation)
• same-site: Falls back to token validation (e.g., subdomain to main domain)
• cross-site: Blocked by default with 403 error for unsafe methods (POST, PUT, DELETE, PATCH)

For browsers that don't send this header (older browsers), the middleware seamlessly falls back to traditional token-based CSRF protection.

New Configuration Options:

• TrustedOrigins []string: Allowlist specific origins for cross-site requests (useful for OAuth callbacks, webhooks)
• AllowSecFetchSiteFunc func(echo.Context) (bool, error): Custom logic for same-site/cross-site request validation

Example:

e.Use(middleware.CSRFWithConfig(middleware.CSRFConfig{
    // Allow OAuth callbacks from trusted provider
    TrustedOrigins: []string{"https://oauth-provider.com"},
// Custom validation for same-site requests
AllowSecFetchSiteFunc: func(c echo.Context) (bool, error) {
    // Your custom authorization logic here
    return validateCustomAuth(c), nil
    // return true, err  // blocks request with error
    // return true, nil  // allows CSRF request through
    // return false, nil // falls back to legacy token logic
},

}))

PR: labstack/echo#2858

Type-Safe Generic Parameter Binding

• Added generic functions for type-safe parameter extraction and context access by @​aldas in labstack/echo#2856

  Echo now provides generic functions for extracting path, query, and form parameters with automatic type conversion,

... (truncated)

Commits

• 482bb46 v4.15.0 changelog
• d0f9d1e CRSF with Sec-Fetch-Site=same-site falls back to legacy token
• f3fc618 CRSF with Sec-Fetch-Site checks
• 4dcb9b4 licence headers
• cbc0ac1 Add PathParam(Or)/QueryParam(Or)/FormParam(Or) generic functions
• 6b14f4e Add Context.Get generic functions
• 321530d disable test - returns different error under Windows
• c8abd9f disable flaky test
• 9fe43f7 fix Rate limiter disallows fractional rates
• 1b5122a document things to reduce false positives
• Additional commits viewable in compare view

Updates github.com/lib/pq from 1.10.9 to 1.11.1

Release notes

Sourced from github.com/lib/pq's releases.

v1.11.1

This fixes two regressions present in the v1.11.0 release:

• Fix build on 32bit systems, Windows, and Plan 9 (#1253).

• Named []byte types and pointers to []byte (e.g. *[]byte, json.RawMessage) would be treated as an array instead of bytea (#1252).

#1252: lib/pq#1252 #1253: lib/pq#1253

v1.11.0

This version of pq requires Go 1.21 or newer.

pq now supports only maintained PostgreSQL releases, which is PostgreSQL 14 and newer. Previously PostgreSQL 8.4 and newer were supported.

Features

• The pq.Error.Error() text includes the position of the error (if reported by PostgreSQL) and SQLSTATE code (#1219, #1224):

  pq: column "columndoesntexist" does not exist at column 8 (42703)
  pq: syntax error at or near ")" at position 2:71 (42601)
  

• The pq.Error.ErrorWithDetail() method prints a more detailed multiline message, with the Detail, Hint, and error position (if any) (#1219):

  ERROR:   syntax error at or near ")" (42601)
  CONTEXT: line 12, column 1:
   10 |     name           varchar,
   11 |     version        varchar,
   12 | );
        ^
  
  

• Add Config, NewConfig(), and NewConnectorConfig() to supply connection details in a more structured way (#1240).

• Support hostaddr and $PGHOSTADDR (#1243).

• Support multiple values in host, port, and hostaddr, which are each tried in order, or randomly if load_balance_hosts=random is set (#1246).

• Support target_session_attrs connection parameter (#1246).

• Support [sslnegotiation] to use SSL without negotiation (#1180).

• Allow using a custom tls.Config, for example for encrypted keys (#1228).

• Add PQGO_DEBUG=1 print the communication with PostgreSQL to stderr, to aid in debugging, testing, and bug reports (#1223).

• Add support for NamedValueChecker interface (#1125, #1238).

Fixes

... (truncated)

Changelog

Sourced from github.com/lib/pq's changelog.

v1.11.1 (2025-01-29)

This fixes two regressions present in the v1.11.0 release:

• Fix build on 32bit systems, Windows, and Plan 9 (#1253).

...

Description has been truncated

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}