Skip to content

build(deps): bump the go-dependency group across 1 directory with 3 updates#201

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-dependency-4ca6390622
Open

build(deps): bump the go-dependency group across 1 directory with 3 updates#201
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/go-dependency-4ca6390622

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 5, 2026

Bumps the go-dependency group with 3 updates in the / directory: github.com/caarlos0/env/v11, github.com/mattn/go-sqlite3 and github.com/fxamacker/cbor/v2.

Updates github.com/caarlos0/env/v11 from 11.4.0 to 11.4.1

Release notes

Sourced from github.com/caarlos0/env/v11's releases.

v11.4.1

Changelog

Bug fixes

  • 6daeb06ac7e3c9532a7eaa5768d45917393b7480: fix: use Key instead of OwnKey in rawEnvVars to properly reference existing defaults in complex structs (#412) (@​AndrewChubatiuk)

Documentation updates

  • 1ff55e6c9733833ce75d62b345916a407dbe4158: docs: adaptive starchart (#416) (@​alexandear)

Other work

  • cf4a9682420b025e44b4773fd7ee0be48bb68b2f: ci(deps): bump the actions group with 3 updates (#411) (@​dependabot[bot])
  • 33faf6f333c2c3dacef2991825f8e03960a2c0cb: ci(deps): bump the actions group with 3 updates (#417) (@​dependabot[bot])
  • 0cb635b62488f4d310809a82a8832cedc9aa94eb: ci(deps): bump the actions group with 6 updates (#415) (@​dependabot[bot])
  • a72d89a8930fc800372a6a338a1acf33e5cc3a56: ci: update release config (@​caarlos0)

Released with GoReleaser Pro!

Commits
  • a72d89a ci: update release config
  • 6daeb06 fix: use Key instead of OwnKey in rawEnvVars to properly reference existing d...
  • 33faf6f ci(deps): bump the actions group with 3 updates (#417)
  • 1ff55e6 docs: adaptive starchart (#416)
  • 0cb635b ci(deps): bump the actions group with 6 updates (#415)
  • cf4a968 ci(deps): bump the actions group with 3 updates (#411)
  • See full diff in compare view

Updates github.com/mattn/go-sqlite3 from 1.14.42 to 1.14.44

Commits
  • 20826e8 Merge pull request #1394 from mattn/sqlite-amalgamation-3053000
  • 2d4d220 fix changelog URL when minor or patch version is zero
  • 3761cf7 Upgrade SQLite to version 3053000
  • 1aa7317 Merge pull request #1388 from mattn/stmt-cache-lru
  • c719e20 Merge pull request #1392 from mattn/fix-issue-1390-query-comment-panic
  • 869e516 fix panic when querying input with no SQL (only comments/whitespace)
  • 6690238 extract finalizeCachedStmt helper and drop redundant tail reset
  • 59e8e75 only set stmt cacheKey when cache is enabled
  • 2badb4c use slice len/cap for stmt cache instead of separate counters
  • 7716c20 evict LRU stmt when stmt cache is full
  • Additional commits viewable in compare view

Updates github.com/fxamacker/cbor/v2 from 2.9.1 to 2.9.2

Release notes

Sourced from github.com/fxamacker/cbor/v2's releases.

v2.9.2

This release refactors and hardens the streaming encoder by adding stricter checks for encoding CBOR indefinite-length data. Other changes include minor bugfixes, defensive checks, and more tests.

Projects that don't use CBOR indefinite-length data may also want to upgrade (summary of prior releases).

The stricter checks in the encoder prevent improper use of the library and bad inputs from producing malformed CBOR indefinite-length data that would be rejected by the decoder.

This release passed fuzz tests (billions of execs) and it is production quality.

What's Changed

CI / GitHub Actions and Docs

Full Changelog: fxamacker/cbor@v2.9.1...v2.9.2

Commits
  • 45589ab Merge pull request #769 from fxamacker/fxamacker/update-readme-release-status
  • 8e98ea5 Update README for v2.9.2 release
  • e501aca Merge pull request #768 from fxamacker/fxamacker/update-docs
  • e6af0aa Merge pull request #767 from fxamacker/fxamacker/refactor-indefinite-length-e...
  • 57f1601 Merge pull request #766 from fxamacker/fxamacker/no-opt-to-remove-nil-type-in...
  • 0cdb674 Fix indefinite-length string chunk validation
  • c0db60f Improve GitHub Workflow code coverage regex
  • 63937fe Fix panic message to print the unrecognized tag
  • f0352a5 Add more tests
  • 0c20a0f Refactor encoding of indefinite-length data item
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): bump the go-dependency group across 1 directory with 3 u…
0f6f701 
…pdates

Bumps the go-dependency group with 3 updates in the / directory: [github.com/caarlos0/env/v11](https://github.com/caarlos0/env), [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) and [github.com/fxamacker/cbor/v2](https://github.com/fxamacker/cbor).


Updates `github.com/caarlos0/env/v11` from 11.4.0 to 11.4.1
- [Release notes](https://github.com/caarlos0/env/releases)
- [Commits](caarlos0/env@v11.4.0...v11.4.1)

Updates `github.com/mattn/go-sqlite3` from 1.14.42 to 1.14.44
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.42...v1.14.44)

Updates `github.com/fxamacker/cbor/v2` from 2.9.1 to 2.9.2
- [Release notes](https://github.com/fxamacker/cbor/releases)
- [Commits](fxamacker/cbor@v2.9.1...v2.9.2)

---
updated-dependencies:
- dependency-name: github.com/caarlos0/env/v11
  dependency-version: 11.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependency
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependency
- dependency-name: github.com/fxamacker/cbor/v2
  dependency-version: 2.9.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-dependency
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 5, 2026
@dependabot dependabot Bot mentioned this pull request May 5, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants