Skip to content

chore(deps): bump the go-dependencies group across 1 directory with 2 updates#5

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/server/go-dependencies-35bffc8300
Open

chore(deps): bump the go-dependencies group across 1 directory with 2 updates#5
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/server/go-dependencies-35bffc8300

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 23, 2026

Copy link
Copy Markdown

Bumps the go-dependencies group with 2 updates in the /server directory: github.com/gin-gonic/gin and github.com/lib/pq.

Updates github.com/gin-gonic/gin from 1.11.0 to 1.12.0

Release notes

Sourced from github.com/gin-gonic/gin's releases.

v1.12.0

Changelog

Features

  • 192ac89eefc1c30f7c97ae48a9ffb1c6f1c8c8bc: feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203) (@​takanuva15)
  • 53410d2e07054369e0960fbe2eed97e1b9966f12: feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502) (@​raju-mechatronics)
  • acc55e049e33b401e810dbd8c0d6dcb6b3ba2b05: feat(context): add Protocol Buffers support to content negotiation (#4423) (@​1911860538)
  • 38e765119241d990705169bedb5002a29ae0cbd1: feat(context): implemented Delete method (@​Spyder01)
  • 771dcc6476d7bc6abb9ec0235ecefa4d38fe6fb0: feat(gin): add option to use escaped path (#4420) (@​ldesauw)
  • 4dec17afdff48e8018c83618fbbe69fceeb2b41d: feat(logger): color latency (#4146) (@​wsyqn6)
  • d7776de7d444935ea4385999711bd6331a98fecb: feat(render): add bson protocol (#4145) (@​laurentcau)

Bug fixes

  • b917b14ff9d189f16a7492be79d123a47806ee19: fix(binding): empty value error (#2169) (@​guonaihong)
  • c3d1092b3b48addf6f9cd00fe274ec3bd14650eb: fix(binding): improve empty slice/array handling in form binding (#4380) (@​1911860538)
  • 9914178584e42458ff7d23891463a880f58c9d86: fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472) (@​Nurysso)
  • 2a794cd0b0faa7d829291375b27a3467ea972b0d: fix(debug): version mismatch (#4403) (@​zeek0x)
  • c3d5a28ed6d3849da820195b6774d212bcc038a9: fix(gin): close os.File in RunFd to prevent resource leak (#4422) (@​1911860538)
  • 5fad976b372e381312f8de69f0969f1284d229d3: fix(gin): literal colon routes not working with engine.Handler() (#4415) (@​pawannn)
  • 63dd3e60cab89c27fb66bce1423bd268d52abad1: fix(recover): suppress http.ErrAbortHandler in recover (#4336) (@​MondayCha)
  • 5c00df8afadd06cc5be530dde00fe6d9fa4a2e4a: fix(render): write content length in Data.Render (#4206) (@​dengaleev)
  • 234a6d4c00cb77af9852aca0b8289745d5529b4b: fix(response): refine hijack behavior for response lifecycle (#4373) (@​appleboy)
  • 472d086af2acd924cb4b9d7be0525f7d790f69bc: fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535) (@​veeceey)
  • 8e07d37c63e5536eb25f4af4c91eabeee4011fba: fix: Correct typos, improve documentation clarity, and remove dead code (#4511) (@​mahanadh)

Enhancements

  • ba093d19477b896ac89a7fc3246af23d290b8e26: chore(binding): upgrade bson dependency to mongo-driver v2 (#4549) (@​BobDu)
  • b2b489dbf4826c2c630717a77fd5e42774625410: chore(context): always trust xff headers from unix socket (#3359) (@​WeidiDeng)
  • ecb3f7b5e2f3915bf1db240ed5eee572f8dbea36: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (#4449) (@​appleboy)
  • af6e8b70b8261bb0c99ad094fe552ab92991620a: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
  • db309081bc5c137b2aa15701ef53f7f19788da25: chore(logger): allow skipping query string output (#4547) (@​USA-RedDragon)
  • 26c3a628655cad2388380cb8102d6ce7d4875f3b: chore(response): prevent Flush() panic when http.Flusher (#4479) (@​Twacqwq)
  • 5dd833f1f26de0eb30eae47b17e05ced2482dc41: chore: bump minimum Go version to 1.24 and update workflows (#4388) (@​appleboy)

Refactor

  • 39858a0859c914bd26948fa950477e11bd8d3823: refactor(binding): use maps.Copy for cleaner map handling (#4352) (@​russcoss)
  • c0048f645ee945c4db30593afdea10123e2c30a6: refactor(context): omit the return value names (#4395) (@​wanghaolong613)
  • 915e4c90d28ec4cffc6eb146e208ab5a65eac772: refactor(context): replace hardcoded localhost IPs with constants (#4481) (@​pauloappbr)
  • 414de60574449457f3192a7a1d5528940db2836d: refactor(context): using maps.Clone (#4333) (@​cuiweixie)
  • 59e9d4a794f12c4f9a6c7bed441b9644e5f6d99b: refactor(ginS): use sync.OnceValue to simplify engine function (#4314) (@​1911860538)
  • 3ab698dc5110af1977d57226e4995c57dd34c233: refactor(recovery): smart error comparison (#4142) (@​zeek0x)
  • d1a15347b1e45a8ee816193d3578a93bfd73b70f: refactor(utils): move util functions to utils.go (#4467) (@​zeek0x)
  • e3118cc378d263454098924ebbde7e8d1dd2e904: refactor: for loop can be modernized using range over int (#4392) (@​wanghaolong613)
  • 488f8c3ffa579a8d19beb2bae95ff8ef36b3d53f: refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529) (@​veeceey)
  • 9968c4bf9d5a99edc3eee2c068a4c9160ece8915: refactor: use b.Loop() to simplify the code and improve performance (#4389) (@​reddaisyy)
  • a85ef5ce4d0cda8834c59c855068ed48b51192d1: refactor: use b.Loop() to simplify the code and improve performance (#4432) (@​efcking)

Build process updates

  • 61b67de522a189b568aced4c5c16917c558e3387: ci(bot): increase frequency and group updates for dependencies (#4367) (@​appleboy)
  • fb27ef26c2fdfe25344b4c039d8a53551f9e912c: ci(lint): refactor test assertions and linter configuration (#4436) (@​appleboy)
  • 93ff771e6dbf10e432864b30f3719ac5c84a4d4a: ci(sec): improve type safety and server organization in HTTP middleware (#4437) (@​appleboy)
  • e88fc8927a52b74f55bec0351604a56ac0aa1c51: ci(sec): schedule Trivy security scans to run daily at midnight UTC (#4439) (@​appleboy)
  • 5e5ff3ace496a31b138b0820136a146bfb5de0ef: ci: replace vulnerability scanning workflow with Trivy integration (#4421) (@​appleboy)
  • 00900fb3e1ea9dde33985a0e4f6afec793d5e786: ci: update CI workflows and standardize Trivy config quotes (#4531) (@​appleboy)
  • ae3f524974fc4f55d18c9e7fae4614503c015226: ci: update Go version support to 1.25+ across CI and docs (#4550) (@​appleboy)

... (truncated)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.12.0

Features

  • feat(render): add bson protocol (#4145)
  • feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502)
  • feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203)
  • feat(gin): add option to use escaped path (#4420)
  • feat(context): add Protocol Buffers support to content negotiation (#4423)
  • feat(context): implemented Delete method (#38e7651)
  • feat(logger): color latency (#4146)

Enhancements

  • perf(tree): reduce allocations in findCaseInsensitivePath (#4417)
  • perf(recovery): optimize line reading in stack function (#4466)
  • perf(path): replace regex with custom functions in redirectTrailingSlash (#4414)
  • perf(tree): optimize path parsing using strings.Count (#4246)
  • chore(logger): allow skipping query string output (#4547)
  • chore(context): always trust xff headers from unix socket (#3359)
  • chore(response): prevent Flush() panic when the underlying ResponseWriter does not implement http.Flusher (#4479)
  • refactor(recovery): smart error comparison (#4142)
  • refactor(context): replace hardcoded localhost IPs with constants (#4481)
  • refactor(utils): move util functions to utils.go (#4467)
  • refactor(binding): use maps.Copy for cleaner map handling (#4352)
  • refactor(context): using maps.Clone (#4333)
  • refactor(ginS): use sync.OnceValue to simplify engine function (#4314)
  • refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529)
  • refactor: for loop can be modernized using range over int (#4392)

Bug Fixes

  • fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
  • fix(render): write content length in Data.Render (#4206)
  • fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472)
  • fix(binding): empty value error (#2169)
  • fix(recover): suppress http.ErrAbortHandler in recover (#4336)
  • fix(gin): literal colon routes not working with engine.Handler() (#4415)
  • fix(gin): close os.File in RunFd to prevent resource leak (#4422)
  • fix(response): refine hijack behavior for response lifecycle (#4373)
  • fix(binding): improve empty slice/array handling in form binding (#4380)
  • fix(debug): version mismatch (#4403)
  • fix: correct typos, improve documentation clarity, and remove dead code (#4511)

Build process updates / CI

  • ci: update Go version support to 1.25+ across CI and docs (#4550)
  • chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)
Commits
  • 73726dc docs: update documentation to reflect Go version changes (#4552)
  • e292e5c docs: document and finalize Gin v1.12.0 release (#4551)
  • ae3f524 ci: update Go version support to 1.25+ across CI and docs (#4550)
  • 38534e2 chore(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#4548)
  • 472d086 fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
  • fb25834 test(context): use http.StatusContinue constant instead of magic number 100 (...
  • 6f1d5fe test(render): add comprehensive error handling tests (#4541)
  • 5c00df8 fix(render): write content length in Data.Render (#4206)
  • db30908 chore(logger): allow skipping query string output (#4547)
  • ba093d1 chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)
  • Additional commits viewable in compare view

Updates github.com/lib/pq from 1.11.2 to 1.12.0

Release notes

Sourced from github.com/lib/pq's releases.

v1.12.0

  • The next release may change the default sslmode from require to prefer. See #1271 for details.

  • CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

    // Old
    tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
    

    // Replacement tx.Prepare(copy temp (num, text, blob, nothing) from stdin)

Features

  • Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

  • Support sslmode=prefer and sslmode=allow (#1270).

  • Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

  • Support connection service file to load connection details (#1285).

  • Support sslrootcert=system and use ~/.postgresql/root.crt as the default value of sslrootcert (#1280, #1281).

  • Add a new pqerror package with PostgreSQL error codes (#1275).

    For example, to test if an error is a UNIQUE constraint violation:

    if pqErr, ok := errors.AsType[*pq.Error](https://github.com/lib/pq/blob/HEAD/err); ok && pqErr.Code == pqerror.UniqueViolation {
        log.Fatalf("email %q already exsts", email)
    }
    

    To make this a bit more convenient, it also adds a pq.As() function:

    pqErr := pq.As(err, pqerror.UniqueViolation)
    if pqErr != nil {
        log.Fatalf("email %q already exsts", email)
    }
    

Fixes

  • Fix SSL key permission check to allow modes stricter than 0600/0640 (#1265).

  • Fix Hstore to work with binary parameters (#1278).

  • Clearer error when starting a new query while pq is still processing another query (#1272).

  • Send intermediate CAs with client certificates, so they can be signed by an intermediate CA (#1267).

  • Use time.UTC for UTC aliases such as Etc/UTC (#1283).

... (truncated)

Changelog

Sourced from github.com/lib/pq's changelog.

v1.12.0 (2026-03-18)

  • The next release may change the default sslmode from require to prefer. See #1271 for details.

  • CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

    // Old
    tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
    

    // Replacement tx.Prepare(copy temp (num, text, blob, nothing) from stdin)

Features

  • Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

  • Support sslmode=prefer and sslmode=allow (#1270).

  • Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

  • Support connection service file to load connection details (#1285).

  • Support sslrootcert=system and use ~/.postgresql/root.crt as the default value of sslrootcert (#1280, #1281).

  • Add a new pqerror package with PostgreSQL error codes (#1275).

    For example, to test if an error is a UNIQUE constraint violation:

    if pqErr, ok := errors.AsType[*pq.Error](https://github.com/lib/pq/blob/master/err); ok && pqErr.Code == pqerror.UniqueViolation {
        log.Fatalf("email %q already exsts", email)
    }
    

    To make this a bit more convenient, it also adds a pq.As() function:

    pqErr := pq.As(err, pqerror.UniqueViolation)
    if pqErr != nil {
        log.Fatalf("email %q already exsts", email)
    }
    

Fixes

  • Fix SSL key permission check to allow modes stricter than 0600/06400600 (#1265).

  • Fix Hstore to work with binary parameters (#1278).

... (truncated)

Commits
  • 42ab0ff Change default sslmode from "require" to "prefer"
  • 6d40f13 Release v1.12.0
  • 386fc0e Document NULL behaviour with COPY
  • a62682e Better staticcheck cache 2
  • 87ee06c Better staticcheck cache
  • 0962458 Rewrite tests to use pqerror, pq.As()
  • 0d20981 Don't move pq.Error to pqerror.Error
  • 4332138 Add pqerror package
  • 620d6d5 Make tests run faster
  • dc8ff5d Implement connection service file
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates

Bumps the go-dependencies group with 2 updates in the /server directory: [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) and [github.com/lib/pq](https://github.com/lib/pq).


Updates `github.com/gin-gonic/gin` from 1.11.0 to 1.12.0
- [Release notes](https://github.com/gin-gonic/gin/releases)
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md)
- [Commits](gin-gonic/gin@v1.11.0...v1.12.0)

Updates `github.com/lib/pq` from 1.11.2 to 1.12.0
- [Release notes](https://github.com/lib/pq/releases)
- [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md)
- [Commits](lib/pq@v1.11.2...v1.12.0)

---
updated-dependencies:
- dependency-name: github.com/gin-gonic/gin
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
- dependency-name: github.com/lib/pq
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 23, 2026
@vercel

vercel Bot commented Mar 23, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
fse-takehome-exercise-olivier-bacs Ready Ready Preview, Comment Mar 23, 2026 3:37am

Request Review

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants