Bump the all-gomod group across 3 directories with 16 updates by dependabot[bot] · Pull Request #100 · Thiht/transactor

dependabot · 2026-05-04T21:07:24Z

Bumps the all-gomod group with 2 updates in the /pgx directory: github.com/jackc/pgx/v5 and golang.org/x/text.
Bumps the all-gomod group with 1 update in the /sqlx directory: github.com/go-sql-driver/mysql.
Bumps the all-gomod group with 13 updates in the /tests directory:

Package	From	To
github.com/jackc/pgx/v5	`5.9.1`	`5.9.2`
golang.org/x/text	`0.35.0`	`0.36.0`
github.com/go-sql-driver/mysql	`1.9.3`	`1.10.0`
github.com/microsoft/go-mssqldb	`1.9.8`	`1.10.0`
github.com/testcontainers/testcontainers-go	`0.41.0`	`0.42.0`
github.com/testcontainers/testcontainers-go/modules/mysql	`0.41.0`	`0.42.0`
github.com/testcontainers/testcontainers-go/modules/postgres	`0.41.0`	`0.42.0`
modernc.org/sqlite	`1.48.1`	`1.50.0`
github.com/docker/go-connections	`0.6.0`	`0.7.0`
github.com/klauspost/compress	`1.18.5`	`1.18.6`
github.com/mattn/go-isatty	`0.0.20`	`0.0.22`
github.com/shirou/gopsutil/v4	`4.26.3`	`4.26.4`
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp	`0.67.0`	`0.68.0`

Updates github.com/jackc/pgx/v5 from 5.9.1 to 5.9.2

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.9.2 (April 18, 2026)

Fix SQL Injection via placeholder confusion with dollar quoted string literals (GHSA-j88v-2chj-qfwx)

SQL injection can occur when:

The non-default simple protocol is used.

A dollar quoted string literal is used in the SQL query.

That query contains text that would be would be interpreted outside as a placeholder outside of a string literal.

The value of that placeholder is controllable by the attacker.

e.g.
attackValue := `$tag$; drop table canary; --`
_, err = tx.Exec(ctx, `select $tag$ $1 $tag$, $1`, pgx.QueryExecModeSimpleProtocol, attackValue)
This is unlikely to occur outside of a contrived scenario.

Commits

0aeabbc Release v5.9.2
60644f8 Fix SQL sanitizer bugs with dollar-quoted strings and placeholder overflow
a5680bc Merge pull request #2531 from dolmen-go/godoc-add-links
e34e452 doc: Add godoc links
08c9bb1 Fix Stringer types encoded as text instead of numeric value in composite fields
96b4dbd Remove unstable test
acf88e0 Merge pull request #2526 from abrightwell/abrightwell-min-proto
2f81f1f Update max_protocol_version and min_protocol_version defaults
See full diff in compare view

Updates golang.org/x/text from 0.35.0 to 0.36.0

Commits

8577a70 go.mod: update golang.org/x dependencies
See full diff in compare view

Updates github.com/go-sql-driver/mysql from 1.9.3 to 1.10.0

Release notes

Sourced from github.com/go-sql-driver/mysql's releases.

v1.10.0

What's Changed

add Go 1.24 to the test matrix by @shogo82148 in go-sql-driver/mysql#1681

modernize for Go 1.22 by @methane in go-sql-driver/mysql#1695

test stability improvement. by @methane in go-sql-driver/mysql#1698

simplify collation tests by @methane in go-sql-driver/mysql#1700

fix bigint unsigned null column scan to err type int64 by @elonnzhang in go-sql-driver/mysql#1612

Transaction Commit/Rollback returns conn's cached error, if present by @brad-defined in go-sql-driver/mysql#1691

add BenchmarkReceive10kRowsCompress by @methane in go-sql-driver/mysql#1704

optimize readPacket by @methane in go-sql-driver/mysql#1705

MariaDB Metadata skipping and DEPRECATE_EOF by @rusher in go-sql-driver/mysql#1708

Optimization: statements reuse previous column name by @methane in go-sql-driver/mysql#1711

update outdated MySQL internals documentation links by @demouth in go-sql-driver/mysql#1714

fix PING on compressed connections by @methane in go-sql-driver/mysql#1721

add DeepWiki badge by @methane in go-sql-driver/mysql#1722

Update edwards25519 dependency to v1.1.1 by @williamhaw in go-sql-driver/mysql#1749

Configure Dependabot for Go modules by @methane in go-sql-driver/mysql#1755

Bump dominikh/staticcheck-action from 1.3.1 to 1.4.1 by @dependabot[bot] in go-sql-driver/mysql#1759

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in go-sql-driver/mysql#1760

Bump actions/setup-go from 5 to 6 by @dependabot[bot] in go-sql-driver/mysql#1757

fix staticcheck error by @methane in go-sql-driver/mysql#1761

Bump actions/checkout from 4 to 6 by @dependabot[bot] in go-sql-driver/mysql#1758

Fix getSystemVar buffer reuse by @morgo in go-sql-driver/mysql#1754

Consolidate Dependabot update noise by grouping weekly dependency PRs by @Copilot in go-sql-driver/mysql#1762

Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0 by @dependabot[bot] in go-sql-driver/mysql#1756

CI: Update GitHub Actions Go matrix to 1.24–1.26 by @Copilot in go-sql-driver/mysql#1763

Enhance interpolateParams to correctly handle placeholders by @rusher in go-sql-driver/mysql#1732

modernize by @methane in go-sql-driver/mysql#1764

release v1.10.0 by @methane in go-sql-driver/mysql#1765

New Contributors

@elonnzhang made their first contribution in go-sql-driver/mysql#1612

@brad-defined made their first contribution in go-sql-driver/mysql#1691

@rusher made their first contribution in go-sql-driver/mysql#1708

@demouth made their first contribution in go-sql-driver/mysql#1714

@williamhaw made their first contribution in go-sql-driver/mysql#1749

@dependabot[bot] made their first contribution in go-sql-driver/mysql#1759

@morgo made their first contribution in go-sql-driver/mysql#1754

@Copilot made their first contribution in go-sql-driver/mysql#1762

Full Changelog: go-sql-driver/mysql@v1.9.2...v1.10.0

Changelog

Sourced from github.com/go-sql-driver/mysql's changelog.

v1.10.0 (2026-04-28)

Fix getSystemVar("max_allowed_packet") potentially returned wrong value. (#1754) This affects only when maxAllowedPacket=0 is set.

Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0. (#1756) While older versions have reported CVEs, they do not affect go-mysql.

Update Go versions to 1.24-1.26. (#1763)

Enhance interpolateParams to correctly handle placeholders. (#1732) The question mark (?) within strings and comments will no longer be treated as a placeholder.

Commits

a065b60 release v1.10.0 (#1765)
09e4187 modernize (#1764)
6c44a9a Enhance interpolateParams to correctly handle placeholders (#1732)
688ce56 Update supported Go version to 1.24–1.26 (#1763)
118d07f Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0 (#1756)
d6b2d3e Consolidate Dependabot update noise by grouping weekly dependency PRs (#1762)
037dfd8 Fix getSystemVar buffer reuse (#1754)
900f330 Bump actions/checkout from 4 to 6 (#1758)
ab9e380 fix staticcheck error (#1761)
f298c66 Bump actions/setup-go from 5 to 6 (#1757)
Additional commits viewable in compare view

Updates github.com/jackc/pgx/v5 from 5.9.1 to 5.9.2

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.9.2 (April 18, 2026)

Fix SQL Injection via placeholder confusion with dollar quoted string literals (GHSA-j88v-2chj-qfwx)

SQL injection can occur when:

The non-default simple protocol is used.

A dollar quoted string literal is used in the SQL query.

That query contains text that would be would be interpreted outside as a placeholder outside of a string literal.

The value of that placeholder is controllable by the attacker.

e.g.
attackValue := `$tag$; drop table canary; --`
_, err = tx.Exec(ctx, `select $tag$ $1 $tag$, $1`, pgx.QueryExecModeSimpleProtocol, attackValue)
This is unlikely to occur outside of a contrived scenario.

Commits

0aeabbc Release v5.9.2
60644f8 Fix SQL sanitizer bugs with dollar-quoted strings and placeholder overflow
a5680bc Merge pull request #2531 from dolmen-go/godoc-add-links
e34e452 doc: Add godoc links
08c9bb1 Fix Stringer types encoded as text instead of numeric value in composite fields
96b4dbd Remove unstable test
acf88e0 Merge pull request #2526 from abrightwell/abrightwell-min-proto
2f81f1f Update max_protocol_version and min_protocol_version defaults
See full diff in compare view

Updates golang.org/x/text from 0.35.0 to 0.36.0

Commits

8577a70 go.mod: update golang.org/x dependencies
See full diff in compare view

Updates github.com/go-sql-driver/mysql from 1.9.3 to 1.10.0

Release notes

Sourced from github.com/go-sql-driver/mysql's releases.

v1.10.0

What's Changed

add Go 1.24 to the test matrix by @shogo82148 in go-sql-driver/mysql#1681

modernize for Go 1.22 by @methane in go-sql-driver/mysql#1695

test stability improvement. by @methane in go-sql-driver/mysql#1698

simplify collation tests by @methane in go-sql-driver/mysql#1700

fix bigint unsigned null column scan to err type int64 by @elonnzhang in go-sql-driver/mysql#1612

Transaction Commit/Rollback returns conn's cached error, if present by @brad-defined in go-sql-driver/mysql#1691

add BenchmarkReceive10kRowsCompress by @methane in go-sql-driver/mysql#1704

optimize readPacket by @methane in go-sql-driver/mysql#1705

MariaDB Metadata skipping and DEPRECATE_EOF by @rusher in go-sql-driver/mysql#1708

Optimization: statements reuse previous column name by @methane in go-sql-driver/mysql#1711

update outdated MySQL internals documentation links by @demouth in go-sql-driver/mysql#1714

fix PING on compressed connections by @methane in go-sql-driver/mysql#1721

add DeepWiki badge by @methane in go-sql-driver/mysql#1722

Update edwards25519 dependency to v1.1.1 by @williamhaw in go-sql-driver/mysql#1749

Configure Dependabot for Go modules by @methane in go-sql-driver/mysql#1755

Bump dominikh/staticcheck-action from 1.3.1 to 1.4.1 by @dependabot[bot] in go-sql-driver/mysql#1759

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in go-sql-driver/mysql#1760

Bump actions/setup-go from 5 to 6 by @dependabot[bot] in go-sql-driver/mysql#1757

fix staticcheck error by @methane in go-sql-driver/mysql#1761

Bump actions/checkout from 4 to 6 by @dependabot[bot] in go-sql-driver/mysql#1758

Fix getSystemVar buffer reuse by @morgo in go-sql-driver/mysql#1754

Consolidate Dependabot update noise by grouping weekly dependency PRs by @Copilot in go-sql-driver/mysql#1762

Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0 by @dependabot[bot] in go-sql-driver/mysql#1756

CI: Update GitHub Actions Go matrix to 1.24–1.26 by @Copilot in go-sql-driver/mysql#1763

Enhance interpolateParams to correctly handle placeholders by @rusher in go-sql-driver/mysql#1732

modernize by @methane in go-sql-driver/mysql#1764

release v1.10.0 by @methane in go-sql-driver/mysql#1765

New Contributors

@elonnzhang made their first contribution in go-sql-driver/mysql#1612

@brad-defined made their first contribution in go-sql-driver/mysql#1691

@rusher made their first contribution in go-sql-driver/mysql#1708

@demouth made their first contribution in go-sql-driver/mysql#1714

@williamhaw made their first contribution in go-sql-driver/mysql#1749

@dependabot[bot] made their first contribution in go-sql-driver/mysql#1759

@morgo made their first contribution in go-sql-driver/mysql#1754

@Copilot made their first contribution in go-sql-driver/mysql#1762

Full Changelog: go-sql-driver/mysql@v1.9.2...v1.10.0

Changelog

Sourced from github.com/go-sql-driver/mysql's changelog.

v1.10.0 (2026-04-28)

Fix getSystemVar("max_allowed_packet") potentially returned wrong value. (#1754) This affects only when maxAllowedPacket=0 is set.

Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0. (#1756) While older versions have reported CVEs, they do not affect go-mysql.

Update Go versions to 1.24-1.26. (#1763)

Enhance interpolateParams to correctly handle placeholders. (#1732) The question mark (?) within strings and comments will no longer be treated as a placeholder.

Commits

a065b60 release v1.10.0 (#1765)
09e4187 modernize (#1764)
6c44a9a Enhance interpolateParams to correctly handle placeholders (#1732)
688ce56 Update supported Go version to 1.24–1.26 (#1763)
118d07f Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0 (#1756)
d6b2d3e Consolidate Dependabot update noise by grouping weekly dependency PRs (#1762)
037dfd8 Fix getSystemVar buffer reuse (#1754)
900f330 Bump actions/checkout from 4 to 6 (#1758)
ab9e380 fix staticcheck error (#1761)
f298c66 Bump actions/setup-go from 5 to 6 (#1757)
Additional commits viewable in compare view

Updates github.com/microsoft/go-mssqldb from 1.9.8 to 1.10.0

Release notes

Sourced from github.com/microsoft/go-mssqldb's releases.

v1.10.0

1.10.0 (2026-04-25)

Features

add devcontainer for VS Code and GitHub Codespaces (#317) (b55beeb)

add FailoverPartnerSPN connection string parameter (#327) (ea77c2e)

add NewConnectorWithProcessQueryText for mssql driver compatibility (#341) (2be611f)

add nullable civil types for date/time parameters (#325) (c10fa99)

Bug Fixes

allow named pipe protocol support for ARM64 Windows (#232) (a82c058)

configure release-please with PAT and correct component mapping (#349) (23bac05)

detect server-aborted transactions to prevent silent auto-commit (XACT_ABORT) (#370) (586ea53)

expose TrustServerCertificate in msdsn.Config and URL round-trip (#312) (9937cfe)

handle COLINFO (0xA5) and TABNAME (0xA4) TDS tokens returned by tables with triggers (#343) (7c905ad)

implement driver.DriverContext interface (#365) (1b610a0), closes #236

make readCancelConfirmation respect context cancellation (#359) (65e137f)

replace broken AppVeyor badge with GitHub Actions badge (#334) (d3429f5)

return interface{} scanType for sql_variant instead of nil (#362) (296a83a), closes #186

sanitize credentials from connection string parsing errors (#319) (93f5ef0)

surface server errors from Rows.Close() during token drain (#361) (ea69792), closes #244

Changelog

Sourced from github.com/microsoft/go-mssqldb's changelog.

1.10.0 (2026-04-25)

Features

add devcontainer for VS Code and GitHub Codespaces (#317) (b55beeb)

add FailoverPartnerSPN connection string parameter (#327) (ea77c2e)

add NewConnectorWithProcessQueryText for mssql driver compatibility (#341) (2be611f)

add nullable civil types for date/time parameters (#325) (c10fa99)

Bug Fixes

allow named pipe protocol support for ARM64 Windows (#232) (a82c058)

configure release-please with PAT and correct component mapping (#349) (23bac05)

detect server-aborted transactions to prevent silent auto-commit (XACT_ABORT) (#370) (586ea53)

expose TrustServerCertificate in msdsn.Config and URL round-trip (#312) (9937cfe)

handle COLINFO (0xA5) and TABNAME (0xA4) TDS tokens returned by tables with triggers (#343) (7c905ad)

implement driver.DriverContext interface (#365) (1b610a0), closes #236

make readCancelConfirmation respect context cancellation (#359) (65e137f)

replace broken AppVeyor badge with GitHub Actions badge (#334) (d3429f5)

return interface{} scanType for sql_variant instead of nil (#362) (296a83a), closes #186

sanitize credentials from connection string parsing errors (#319) (93f5ef0)

surface server errors from Rows.Close() during token drain (#361) (ea69792), closes #244

1.9.6

Features

Added new serverCertificate connection parameter for byte-for-byte certificate validation, matching Microsoft.Data.SqlClient behavior. This parameter skips hostname validation, chain validation, and expiry checks, only verifying that the server's certificate exactly matches the provided file. This is useful when the server's hostname doesn't match the certificate CN/SAN. (#304)

The existing certificate parameter maintains backward compatibility with traditional X.509 chain validation including hostname checks, expiry validation, and chain-of-trust verification.

serverCertificate cannot be used with certificate or hostnameincertificate parameters to prevent conflicting validation methods.

1.9.3

Bug fixes

Fix parsing of ADO connection strings with double-quoted values containing semicolons (#282)

1.9.2

Bug fixes

Fix race condition in message queue query model (#277)

1.9.1

Bug fixes

Fix bulk insert failure with datetime values near midnight due to day overflow (#271)

... (truncated)

Commits

f92e6f0 chore(main): release 1.10.0 (#351)
03094d0 ci: add least-privilege permissions and pin actions to SHA (#354)
65e137f fix: make readCancelConfirmation respect context cancellation (#359)
c10fa99 feat: add nullable civil types for date/time parameters (#325)
9937cfe fix: expose TrustServerCertificate in msdsn.Config and URL round-trip (#312)
429c61d chore(deps): bump googleapis/release-please-action from 4.4.1 to 5.0.0 in the...
ea77c2e feat: add FailoverPartnerSPN connection string parameter (#327)
04d26c2 ci: add devcontainer build validation workflow (#355)
b55beeb feat: add devcontainer for VS Code and GitHub Codespaces (#317)
586ea53 fix: detect server-aborted transactions to prevent silent auto-commit (XACT_A...
Additional commits viewable in compare view

Updates github.com/testcontainers/testcontainers-go from 0.41.0 to 0.42.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go's releases.

v0.42.0

What's Changed

⚠️ Breaking Changes

chore!: migrate to moby modules (#3591) @thaJeztah

🔒 Security

chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @thaJeztah

🐛 Bug Fixes

fix: return an error when docker host cannot be retrieved (#3613) @ash2k

🧹 Housekeeping

chore: gitignore Gas Town agent artifacts (#3633) @mdelapenya

fix(usage-metrics): include last release in the legend pop over (#3630) @mdelapenya

chore: update usage metrics (2026-04) (#3621) @github-actions[bot]

fix(usage-metrics): order of actions matters (#3623) @mdelapenya

fix(usage-metrics): reduce rate-limit cascade errors (#3622) @mdelapenya

fix(usage-metrics): replace the per-version inline retry with a multi-pass approach (#3620) @mdelapenya

📦 Dependency updates

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.28.0 to 1.43.0 in /modules/grafana-lgtm (#3639) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.42.0 to 1.43.0 in /modules/compose (#3641) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.42.0 to 1.43.0 in /modules/compose (#3645) @dependabot[bot]

chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626) @dependabot[bot]

chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.2 to 1.97.3 in /modules/localstack (#3638) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.41.0 to 1.43.0 in /modules/grafana-lgtm (#3643) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/sdk from 1.41.0 to 1.43.0 in /modules/milvus (#3644) @dependabot[bot]

chore: update to Go 1.25.9, 1.26.9 (#3647) @thaJeztah

chore(deps): bump bump github.com/klauspost/compress v1.18.5, github.com/docker/compose v5.1.2 (#3646) @thaJeztah

chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @thaJeztah

chore(deps): bump golang.org/x/sys from 0.41.0 to 0.42.0 (#3629) @dependabot[bot]

chore(deps): bump github.com/moby/patternmatcher from 0.6.0 to 0.6.1 (#3628) @dependabot[bot]

chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.2 to 4.26.3 (#3627) @dependabot[bot]

fix(localstack): accept community-archive as a valid tag (#3601) @johnduhart

chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /modules/gcloud (#3632) @dependabot[bot]

chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#3625) @dependabot[bot]

chore(deps): bump pygments from 2.19.2 to 2.20.0 (#3615) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/milvus (#3612) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/etcd (#3611) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/ollama (#3610) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/pinecone (#3609) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/couchbase (#3608) @dependabot[bot]

chore(deps): bump requests from 2.32.4 to 2.33.0 (#3604) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/meilisearch (#3607) @dependabot[bot]

chore(deps): bump github.com/moby/buildkit from 0.27.1 to 0.28.1 in /modules/compose (#3605) @dependabot[bot]

... (truncated)

Commits

6e58418 chore: use new version (v0.42.0) in modules and examples
f713dc0 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetr...
300827a chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetr...
7a15ac1 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
5bae3d2 fix: return an error when docker host cannot be retrieved (#3613)
fc19484 chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626)
95bdc0c chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 (#3638)
75aa226 chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptrace...
2f59938 chore(deps): bump go.opentelemetry.io/otel/sdk in /modules/milvus (#3644)
580abf6 chore: update to Go 1.25.9, 1.26.9 (#3647)
Additional commits viewable in compare view

Updates github.com/testcontainers/testcontainers-go/modules/mysql from 0.41.0 to 0.42.0

Release notes

Sourced from github.com/testcontainers/testcontainers-go/modules/mysql's releases.

v0.42.0

What's Changed

⚠️ Breaking Changes

chore!: migrate to moby modules (#3591) @thaJeztah

🔒 Security

chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @thaJeztah

🐛 Bug Fixes

fix: return an error when docker host cannot be retrieved (#3613) @ash2k

🧹 Housekeeping

chore: gitignore Gas Town agent artifacts (#3633) @mdelapenya

fix(usage-metrics): include last release in the legend pop over (#3630) @mdelapenya

chore: update usage metrics (2026-04) (#3621) @github-actions[bot]

fix(usage-metrics): order of actions matters (#3623) @mdelapenya

fix(usage-metrics): reduce rate-limit cascade errors (#3622) @mdelapenya

fix(usage-metrics): replace the per-version inline retry with a multi-pass approach (#3620) @mdelapenya

📦 Dependency updates

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.28.0 to 1.43.0 in /modules/grafana-lgtm (#3639) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp from 1.42.0 to 1.43.0 in /modules/compose (#3641) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.42.0 to 1.43.0 in /modules/compose (#3645) @dependabot[bot]

chore(deps): bump mkdocs-include-markdown-plugin from 7.2.1 to 7.2.2 (#3626) @dependabot[bot]

chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.2 to 1.97.3 in /modules/localstack (#3638) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.41.0 to 1.43.0 in /modules/grafana-lgtm (#3643) @dependabot[bot]

chore(deps): bump go.opentelemetry.io/otel/sdk from 1.41.0 to 1.43.0 in /modules/milvus (#3644) @dependabot[bot]

chore: update to Go 1.25.9, 1.26.9 (#3647) @thaJeztah

chore(deps): bump bump github.com/klauspost/compress v1.18.5, github.com/docker/compose v5.1.2 (#3646) @thaJeztah

chore(deps): bump moby/client v0.4.0, moby/api v1.54.1 (#3634) @thaJeztah

chore(deps): bump golang.org/x/sys from 0.41.0 to 0.42.0 (#3629) @dependabot[bot]

chore(deps): bump github.com/moby/patternmatcher from 0.6.0 to 0.6.1 (#3628) @dependabot[bot]

chore(deps): bump github.com/shirou/gopsutil/v4 from 4.26.2 to 4.26.3 (#3627) @dependabot[bot]

fix(localstack): accept community-archive as a valid tag (#3601) @johnduhart

chore(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 in /modules/gcloud (#3632) @dependabot[bot]

chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (#3625) @dependabot[bot]

chore(deps): bump pygments from 2.19.2 to 2.20.0 (#3615) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/milvus (#3612) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/etcd (#3611) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/ollama (#3610) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/pinecone (#3609) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.67.0 to 1.79.3 in /modules/couchbase (#3608) @dependabot[bot]

chore(deps): bump requests from 2.32.4 to 2.33.0 (#3604) @dependabot[bot]

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3 in /modules/meilisearch (Description has been truncated

Bumps the all-gomod group with 2 updates in the /pgx directory: [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) and [golang.org/x/text](https://github.com/golang/text). Bumps the all-gomod group with 1 update in the /sqlx directory: [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql). Bumps the all-gomod group with 13 updates in the /tests directory: | Package | From | To | | --- | --- | --- | | [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) | `5.9.1` | `5.9.2` | | [golang.org/x/text](https://github.com/golang/text) | `0.35.0` | `0.36.0` | | [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) | `1.9.3` | `1.10.0` | | [github.com/microsoft/go-mssqldb](https://github.com/microsoft/go-mssqldb) | `1.9.8` | `1.10.0` | | [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) | `0.41.0` | `0.42.0` | | [github.com/testcontainers/testcontainers-go/modules/mysql](https://github.com/testcontainers/testcontainers-go) | `0.41.0` | `0.42.0` | | [github.com/testcontainers/testcontainers-go/modules/postgres](https://github.com/testcontainers/testcontainers-go) | `0.41.0` | `0.42.0` | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | `1.48.1` | `1.50.0` | | [github.com/docker/go-connections](https://github.com/docker/go-connections) | `0.6.0` | `0.7.0` | | [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.18.5` | `1.18.6` | | [github.com/mattn/go-isatty](https://github.com/mattn/go-isatty) | `0.0.20` | `0.0.22` | | [github.com/shirou/gopsutil/v4](https://github.com/shirou/gopsutil) | `4.26.3` | `4.26.4` | | [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.67.0` | `0.68.0` | Updates `github.com/jackc/pgx/v5` from 5.9.1 to 5.9.2 - [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md) - [Commits](jackc/pgx@v5.9.1...v5.9.2) Updates `golang.org/x/text` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.35.0...v0.36.0) Updates `github.com/go-sql-driver/mysql` from 1.9.3 to 1.10.0 - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.9.3...v1.10.0) Updates `github.com/jackc/pgx/v5` from 5.9.1 to 5.9.2 - [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md) - [Commits](jackc/pgx@v5.9.1...v5.9.2) Updates `golang.org/x/text` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/golang/text/releases) - [Commits](golang/text@v0.35.0...v0.36.0) Updates `github.com/go-sql-driver/mysql` from 1.9.3 to 1.10.0 - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md) - [Commits](go-sql-driver/mysql@v1.9.3...v1.10.0) Updates `github.com/microsoft/go-mssqldb` from 1.9.8 to 1.10.0 - [Release notes](https://github.com/microsoft/go-mssqldb/releases) - [Changelog](https://github.com/microsoft/go-mssqldb/blob/main/CHANGELOG.md) - [Commits](microsoft/go-mssqldb@v1.9.8...v1.10.0) Updates `github.com/testcontainers/testcontainers-go` from 0.41.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.41.0...v0.42.0) Updates `github.com/testcontainers/testcontainers-go/modules/mysql` from 0.41.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.41.0...v0.42.0) Updates `github.com/testcontainers/testcontainers-go/modules/postgres` from 0.41.0 to 0.42.0 - [Release notes](https://github.com/testcontainers/testcontainers-go/releases) - [Commits](testcontainers/testcontainers-go@v0.41.0...v0.42.0) Updates `modernc.org/sqlite` from 1.48.1 to 1.50.0 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.48.1...v1.50.0) Updates `github.com/docker/go-connections` from 0.6.0 to 0.7.0 - [Commits](docker/go-connections@v0.6.0...v0.7.0) Updates `github.com/klauspost/compress` from 1.18.5 to 1.18.6 - [Release notes](https://github.com/klauspost/compress/releases) - [Commits](klauspost/compress@v1.18.5...v1.18.6) Updates `github.com/mattn/go-isatty` from 0.0.20 to 0.0.22 - [Commits](mattn/go-isatty@v0.0.20...v0.0.22) Updates `github.com/shirou/gopsutil/v4` from 4.26.3 to 4.26.4 - [Release notes](https://github.com/shirou/gopsutil/releases) - [Commits](shirou/gopsutil@v4.26.3...v4.26.4) Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.67.0 to 0.68.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-go-contrib@zpages/v0.67.0...zpages/v0.68.0) Updates `golang.org/x/crypto` from 0.49.0 to 0.50.0 - [Commits](golang/crypto@v0.49.0...v0.50.0) Updates `golang.org/x/sys` from 0.42.0 to 0.43.0 - [Commits](golang/sys@v0.42.0...v0.43.0) Updates `modernc.org/libc` from 1.70.0 to 1.72.0 - [Commits](https://gitlab.com/cznic/libc/compare/v1.70.0...v1.72.0) --- updated-dependencies: - dependency-name: github.com/jackc/pgx/v5 dependency-version: 5.9.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-gomod - dependency-name: golang.org/x/text dependency-version: 0.36.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/go-sql-driver/mysql dependency-version: 1.10.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/jackc/pgx/v5 dependency-version: 5.9.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-gomod - dependency-name: golang.org/x/text dependency-version: 0.36.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/go-sql-driver/mysql dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/microsoft/go-mssqldb dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/testcontainers/testcontainers-go dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/testcontainers/testcontainers-go/modules/mysql dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/testcontainers/testcontainers-go/modules/postgres dependency-version: 0.42.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: modernc.org/sqlite dependency-version: 1.50.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/docker/go-connections dependency-version: 0.7.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: github.com/klauspost/compress dependency-version: 1.18.6 dependency-type: indirect update-type: version-update:semver-patch dependency-group: all-gomod - dependency-name: github.com/mattn/go-isatty dependency-version: 0.0.22 dependency-type: indirect update-type: version-update:semver-patch dependency-group: all-gomod - dependency-name: github.com/shirou/gopsutil/v4 dependency-version: 4.26.4 dependency-type: indirect update-type: version-update:semver-patch dependency-group: all-gomod - dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp dependency-version: 0.68.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: golang.org/x/crypto dependency-version: 0.50.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: golang.org/x/sys dependency-version: 0.43.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod - dependency-name: modernc.org/libc dependency-version: 1.72.0 dependency-type: indirect update-type: version-update:semver-minor dependency-group: all-gomod ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 4, 2026

dependabot Bot mentioned this pull request May 4, 2026

Bump the all-gomod group across 2 directories with 16 updates #99

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the all-gomod group across 3 directories with 16 updates#100

Bump the all-gomod group across 3 directories with 16 updates#100
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/pgx/all-gomod-6551f7e6aa

dependabot Bot commented on behalf of github May 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 4, 2026

5.9.2 (April 18, 2026)

v1.10.0

What's Changed

New Contributors

v1.10.0 (2026-04-28)

5.9.2 (April 18, 2026)

v1.10.0

What's Changed

New Contributors

v1.10.0 (2026-04-28)

v1.10.0

1.10.0 (2026-04-25)

Features

Bug Fixes

1.10.0 (2026-04-25)

Features

Bug Fixes

1.9.6

Features

1.9.3

Bug fixes

1.9.2

Bug fixes

1.9.1

Bug fixes

v0.42.0

What's Changed

⚠️ Breaking Changes

🔒 Security

🐛 Bug Fixes

🧹 Housekeeping

📦 Dependency updates

v0.42.0

What's Changed

⚠️ Breaking Changes

🔒 Security

🐛 Bug Fixes

🧹 Housekeeping

📦 Dependency updates

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants