Skip to content

deps: bump the production-dependencies group across 1 directory with 29 updates #311

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

deps: bump the production-dependencies group across 1 directory with 29 updates #311

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 10, 2025
edited
Loading

Bumps the production-dependencies group with 18 updates in the / directory:

Package From To
github.com/antinvestor/apis/go/common 1.45.1 1.47.12
github.com/antinvestor/apis/go/device 1.45.2 1.47.13
github.com/antinvestor/apis/go/notification 1.45.2 1.47.13
github.com/antinvestor/apis/go/partition 1.45.2 1.47.13
github.com/antinvestor/apis/go/profile 1.45.2 1.47.13
github.com/pitabwire/frame 1.60.0 1.65.0
go.mau.fi/util 0.9.1 0.9.2
golang.org/x/oauth2 0.32.0 0.33.0
golang.org/x/sync 0.17.0 0.18.0
maunium.net/go/mautrix 0.25.1 0.25.2
github.com/HdrHistogram/hdrhistogram-go 1.1.2 1.2.0
github.com/Workiva/go-datastructures 1.1.6 1.1.7
github.com/docker/docker 28.5.1+incompatible 28.5.2+incompatible
github.com/ebitengine/purego 0.9.0 0.9.1
github.com/go-openapi/jsonreference 0.21.2 0.21.3
github.com/testcontainers/testcontainers-go 0.39.0 0.40.0
go.opentelemetry.io/proto/otlp 1.8.0 1.9.0
golang.org/x/sys 0.37.0 0.38.0

Updates github.com/antinvestor/apis/go/common from 1.45.1 to 1.47.12

Release notes

Sourced from github.com/antinvestor/apis/go/common's releases.

v1.47.12 🌈

Changes

  • chore(deps): bump build.buf.gen:antinvestor_chat_connectrpc_kotlin from 0.7.4.1.20251103221429.70f7e115c3ff to 0.7.4.1.20251104075550.77efb5d15f59 in /java @dependabot[bot] (#828)
  • chore(deps): bump buf.build/gen/go/antinvestor/ledger/connectrpc/go from 1.19.1-20251103165736-4a77a1f3d3a0.2 to 1.19.1-20251104075628-61e6d212b51c.2 in /go/ledger @dependabot[bot] (#821)
  • feat: add files service proto @​pitabwire (#820)

v1.47.11 🌈

Changes

  • fix missing mocks on clients

v1.47.10 🌈

Changes

  • Full migration to bufbuild dependancies

v1.47.9 🌈

Changes

  • Adopt to use generated versions of dependancies from buf

v1.47.8 🌈

Changes

v1.47.7 🌈

Changes

  • more bugfixes

v1.47.6 🌈

Changes

  • bugfix error referencing common code

v1.47.5 🌈

Changes

v1.47.4 🌈

Changes

v1.47.3 🌈

... (truncated)

Commits
  • 94b8e6d Merge pull request #823 from antinvestor/dependabot/go_modules/go/ledger/buf....
  • 939507f Merge branch 'main' into dependabot/go_modules/go/ledger/buf.build/gen/go/ant...
  • 0b345e2 Merge pull request #826 from antinvestor/dependabot/go_modules/go/device/buf....
  • 6703869 Merge branch 'main' into dependabot/go_modules/go/device/buf.build/gen/go/ant...
  • 7715160 Merge pull request #824 from antinvestor/dependabot/github_actions/mikepenz/r...
  • d19ba0a Merge branch 'main' into dependabot/github_actions/mikepenz/release-changelog...
  • a5bcc8b Merge pull request #825 from antinvestor/dependabot/go_modules/go/common/buf....
  • 89c1340 Merge branch 'main' into dependabot/go_modules/go/common/buf.build/gen/go/ant...
  • 9c71d6d Merge pull request #827 from antinvestor/dependabot/go_modules/go/device/buf....
  • 37ee8c1 Merge branch 'main' into dependabot/go_modules/go/device/buf.build/gen/go/ant...
  • Additional commits viewable in compare view

Updates github.com/antinvestor/apis/go/device from 1.45.2 to 1.47.13

Release notes

Sourced from github.com/antinvestor/apis/go/device's releases.

v1.47.13 🌈

Changes

  • Only mock clients for golang not servers

v1.47.12 🌈

Changes

  • chore(deps): bump build.buf.gen:antinvestor_chat_connectrpc_kotlin from 0.7.4.1.20251103221429.70f7e115c3ff to 0.7.4.1.20251104075550.77efb5d15f59 in /java @dependabot[bot] (#828)
  • chore(deps): bump buf.build/gen/go/antinvestor/ledger/connectrpc/go from 1.19.1-20251103165736-4a77a1f3d3a0.2 to 1.19.1-20251104075628-61e6d212b51c.2 in /go/ledger @dependabot[bot] (#821)
  • feat: add files service proto @​pitabwire (#820)

v1.47.11 🌈

Changes

  • fix missing mocks on clients

v1.47.10 🌈

Changes

  • Full migration to bufbuild dependancies

v1.47.9 🌈

Changes

  • Adopt to use generated versions of dependancies from buf

v1.47.8 🌈

Changes

v1.47.7 🌈

Changes

  • more bugfixes

v1.47.6 🌈

Changes

  • bugfix error referencing common code

v1.47.5 🌈

Changes

v1.47.4 🌈

Changes

... (truncated)

Commits
  • a79fb29 only mock the clients in golang not servers
  • 94b8e6d Merge pull request #823 from antinvestor/dependabot/go_modules/go/ledger/buf....
  • 939507f Merge branch 'main' into dependabot/go_modules/go/ledger/buf.build/gen/go/ant...
  • 0b345e2 Merge pull request #826 from antinvestor/dependabot/go_modules/go/device/buf....
  • 6703869 Merge branch 'main' into dependabot/go_modules/go/device/buf.build/gen/go/ant...
  • 7715160 Merge pull request #824 from antinvestor/dependabot/github_actions/mikepenz/r...
  • d19ba0a Merge branch 'main' into dependabot/github_actions/mikepenz/release-changelog...
  • a5bcc8b Merge pull request #825 from antinvestor/dependabot/go_modules/go/common/buf....
  • 89c1340 Merge branch 'main' into dependabot/go_modules/go/common/buf.build/gen/go/ant...
  • 9c71d6d Merge pull request #827 from antinvestor/dependabot/go_modules/go/device/buf....
  • Additional commits viewable in compare view

Updates github.com/antinvestor/apis/go/notification from 1.45.2 to 1.47.13

Release notes

Sourced from github.com/antinvestor/apis/go/notification's releases.

v1.47.13 🌈

Changes

  • Only mock clients for golang not servers

v1.47.12 🌈

Changes

  • chore(deps): bump build.buf.gen:antinvestor_chat_connectrpc_kotlin from 0.7.4.1.20251103221429.70f7e115c3ff to 0.7.4.1.20251104075550.77efb5d15f59 in /java @dependabot[bot] (#828)
  • chore(deps): bump buf.build/gen/go/antinvestor/ledger/connectrpc/go from 1.19.1-20251103165736-4a77a1f3d3a0.2 to 1.19.1-20251104075628-61e6d212b51c.2 in /go/ledger @dependabot[bot] (#821)
  • feat: add files service proto @​pitabwire (#820)

v1.47.11 🌈

Changes

  • fix missing mocks on clients

v1.47.10 🌈

Changes

  • Full migration to bufbuild dependancies

v1.47.9 🌈

Changes

  • Adopt to use generated versions of dependancies from buf

v1.47.8 🌈

Changes

v1.47.7 🌈

Changes

  • more bugfixes

v1.47.6 🌈

Changes

  • bugfix error referencing common code

v1.47.5 🌈

Changes

v1.47.4 🌈

Changes

... (truncated)

Commits
  • a79fb29 only mock the clients in golang not servers
  • 94b8e6d Merge pull request #823 from antinvestor/dependabot/go_modules/go/ledger/buf....
  • 939507f Merge branch 'main' into dependabot/go_modules/go/ledger/buf.build/gen/go/ant...
  • 0b345e2 Merge pull request #826 from antinvestor/dependabot/go_modules/go/device/buf....
  • 6703869 Merge branch 'main' into dependabot/go_modules/go/device/buf.build/gen/go/ant...
  • 7715160 Merge pull request #824 from antinvestor/dependabot/github_actions/mikepenz/r...
  • d19ba0a Merge branch 'main' into dependabot/github_actions/mikepenz/release-changelog...
  • a5bcc8b Merge pull request #825 from antinvestor/dependabot/go_modules/go/common/buf....
  • 89c1340 Merge branch 'main' into dependabot/go_modules/go/common/buf.build/gen/go/ant...
  • 9c71d6d Merge pull request #827 from antinvestor/dependabot/go_modules/go/device/buf....
  • Additional commits viewable in compare view

Updates github.com/antinvestor/apis/go/partition from 1.45.2 to 1.47.13

Release notes

Sourced from github.com/antinvestor/apis/go/partition's releases.

v1.47.13 🌈

Changes

  • Only mock clients for golang not servers

v1.47.12 🌈

Changes

  • chore(deps): bump build.buf.gen:antinvestor_chat_connectrpc_kotlin from 0.7.4.1.20251103221429.70f7e115c3ff to 0.7.4.1.20251104075550.77efb5d15f59 in /java @dependabot[bot] (#828)
  • chore(deps): bump buf.build/gen/go/antinvestor/ledger/connectrpc/go from 1.19.1-20251103165736-4a77a1f3d3a0.2 to 1.19.1-20251104075628-61e6d212b51c.2 in /go/ledger @dependabot[bot] (#821)
  • feat: add files service proto @​pitabwire (#820)

v1.47.11 🌈

Changes

  • fix missing mocks on clients

v1.47.10 🌈

Changes

  • Full migration to bufbuild dependancies

v1.47.9 🌈

Changes

  • Adopt to use generated versions of dependancies from buf

v1.47.8 🌈

Changes

v1.47.7 🌈

Changes

  • more bugfixes

v1.47.6 🌈

Changes

  • bugfix error referencing common code

v1.47.5 🌈

Changes

v1.47.4 🌈

Changes

... (truncated)

Commits
  • a79fb29 only mock the clients in golang not servers
  • 94b8e6d Merge pull request #823 from antinvestor/dependabot/go_modules/go/ledger/buf....
  • 939507f Merge branch 'main' into dependabot/go_modules/go/ledger/buf.build/gen/go/ant...
  • 0b345e2 Merge pull request #826 from antinvestor/dependabot/go_modules/go/device/buf....
  • 6703869 Merge branch 'main' into dependabot/go_modules/go/device/buf.build/gen/go/ant...
  • 7715160 Merge pull request #824 from antinvestor/dependabot/github_actions/mikepenz/r...
  • d19ba0a Merge branch 'main' into dependabot/github_actions/mikepenz/release-changelog...
  • a5bcc8b Merge pull request #825 from antinvestor/dependabot/go_modules/go/common/buf....
  • 89c1340 Merge branch 'main' into dependabot/go_modules/go/common/buf.build/gen/go/ant...
  • 9c71d6d Merge pull request #827 from antinvestor/dependabot/go_modules/go/device/buf....
  • Additional commits viewable in compare view

Updates github.com/antinvestor/apis/go/profile from 1.45.2 to 1.47.13

Release notes

Sourced from github.com/antinvestor/apis/go/profile's releases.

v1.47.13 🌈

Changes

  • Only mock clients for golang not servers

v1.47.12 🌈

Changes

  • chore(deps): bump build.buf.gen:antinvestor_chat_connectrpc_kotlin from 0.7.4.1.20251103221429.70f7e115c3ff to 0.7.4.1.20251104075550.77efb5d15f59 in /java @dependabot[bot] (#828)
  • chore(deps): bump buf.build/gen/go/antinvestor/ledger/connectrpc/go from 1.19.1-20251103165736-4a77a1f3d3a0.2 to 1.19.1-20251104075628-61e6d212b51c.2 in /go/ledger @dependabot[bot] (#821)
  • feat: add files service proto @​pitabwire (#820)

v1.47.11 🌈

Changes

  • fix missing mocks on clients

v1.47.10 🌈

Changes

  • Full migration to bufbuild dependancies

v1.47.9 🌈

Changes

  • Adopt to use generated versions of dependancies from buf

v1.47.8 🌈

Changes

v1.47.7 🌈

Changes

  • more bugfixes

v1.47.6 🌈

Changes

  • bugfix error referencing common code

v1.47.5 🌈

Changes

v1.47.4 🌈

Changes

... (truncated)

Commits
  • a79fb29 only mock the clients in golang not servers
  • 94b8e6d Merge pull request #823 from antinvestor/dependabot/go_modules/go/ledger/buf....
  • 939507f Merge branch 'main' into dependabot/go_modules/go/ledger/buf.build/gen/go/ant...
  • 0b345e2 Merge pull request #826 from antinvestor/dependabot/go_modules/go/device/buf....
  • 6703869 Merge branch 'main' into dependabot/go_modules/go/device/buf.build/gen/go/ant...
  • 7715160 Merge pull request #824 from antinvestor/dependabot/github_actions/mikepenz/r...
  • d19ba0a Merge branch 'main' into dependabot/github_actions/mikepenz/release-changelog...
  • a5bcc8b Merge pull request #825 from antinvestor/dependabot/go_modules/go/common/buf....
  • 89c1340 Merge branch 'main' into dependabot/go_modules/go/common/buf.build/gen/go/ant...
  • 9c71d6d Merge pull request #827 from antinvestor/dependabot/go_modules/go/device/buf....
  • Additional commits viewable in compare view

Updates github.com/pitabwire/frame from 1.60.0 to 1.65.0

Release notes

Sourced from github.com/pitabwire/frame's releases.

v1.65.0 🌈

Changes

  • Avoid direct initialization with service name

v1.64.17 🌈

Changes

  • make search queries not so opinionated

v1.64.16 🌈

Changes

  • Separate search functionality from repository base

v1.64.15 🌈

Changes

  • Add ordering for query search on repositories

v1.64.14 🌈

Changes

  • extend frame scopes access to table

v1.64.13 🌈

Changes

  • bugfix missing repository interface extension

v1.64.12 🌈

Changes

  • Expose columns validation map in a repository

v1.64.11 🌈

Changes

v1.64.10 🌈

Changes

v1.64.9 🌈

Changes

  • Include missing functions in repository interfaces

... (truncated)

Commits
  • 672dc3f change how the service name is declared
  • c794633 move to making search query let user do the required queries
  • 2c42137 resolve separation of search function to decouple requests
  • eb1aa51 fix repository search ordering
  • 66153c5 preappend table name to tenancy scopes
  • 7b6e8d6 expose allowed field in repository interface
  • a29130e minor lint fixes
  • a99176a Merge branch 'main' of github.com:pitabwire/frame
  • 59e26aa expose the base repository fields that are allowed
  • 5c01f6b Merge pull request #594 from pitabwire/feature/jetstream-cache-v3
  • Additional commits viewable in compare view

Updates github.com/redis/go-redis/v9 from 9.14.0 to 9.16.0

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

9.16.0

🚀 Highlights

Maintenance Notifications Support

This release introduces comprehensive support for Redis maintenance notifications, enabling applications to handle server maintenance events gracefully. The new maintnotifications package provides:

  • RESP3 Push Notifications: Full support for Redis RESP3 protocol push notifications
  • Connection Handoff: Automatic connection migration during server maintenance with configurable retry policies and circuit breakers
  • Graceful Degradation: Configurable timeout relaxation during maintenance windows to prevent false failures
  • Event-Driven Architecture: Background workers with on-demand scaling for efficient handoff processing

For detailed usage examples and configuration options, see the maintenance notifications documentation.

✨ New Features

  • Trace Filtering: Add support for filtering traces for specific commands, including pipeline operations and dial operations (#3519, #3550)
    • New TraceCmdFilter option to selectively trace commands
    • Reduces overhead by excluding high-frequency or low-value commands from traces

🐛 Bug Fixes

  • Pipeline Error Handling: Fix issue where pipeline repeatedly sets the same error (#3525)
  • Connection Pool: Ensure re-authentication does not interfere with connection handoff operations (#3547)

🔧 Improvements

  • Hash Commands: Update hash command implementations (#3523)
  • OpenTelemetry: Use metric.WithAttributeSet to avoid unnecessary attribute copying in redisotel (#3552)

📚 Documentation

  • Cluster Client: Add explanation for why MaxRetries is disabled for ClusterClient (#3551)

🧪 Testing & Infrastructure

  • E2E Testing: Upgrade E2E testing framework with improved reliability and coverage (#3541)
  • Release Process: Improved resiliency of the release process (#3530)

📦 Dependencies

  • Bump rojopolis/spellcheck-github-actions from 0.51.0 to 0.52.0 (#3520)
  • Bump github/codeql-action from 3 to 4 (#3544)

👥 Contributors

We'd like to thank all the contributors who worked on this release!

@​ndyakov, @​htemelski-redis, @​Sovietaced, @​Udhayarajan, @​boekkooi-impossiblecloud, @​Pika-Gopher, @​cxljs, @​huiyifyj, @​omid-h70

... (truncated)

Changelog

Sourced from github.com/redis/go-redis/v9's changelog.

9.16.0 (2025-10-23)

🚀 Highlights

Maintenance Notifications Support

This release introduces comprehensive support for Redis maintenance notifications, enabling applications to handle server maintenance events gracefully. The new maintnotifications package provides:

  • RESP3 Push Notifications: Full support for Redis RESP3 protocol push notifications
  • Connection Handoff: Automatic connection migration during server maintenance with configurable retry policies and circuit breakers
  • Graceful Degradation: Configurable timeout relaxation during maintenance windows to prevent false failures
  • Event-Driven Architecture: Background workers with on-demand scaling for efficient handoff processing
  • Production-Ready: Comprehensive E2E testing framework and monitoring capabilities

For detailed usage examples and configuration options, see the maintenance notifications documentation.

✨ New Features

  • Trace Filtering: Add support for filtering traces for specific commands, including pipeline operations and dial operations (#3519, #3550)
    • New TraceCmdFilter option to selectively trace commands
    • Reduces overhead by excluding high-frequency or low-value commands from traces

🐛 Bug Fixes

  • Pipeline Error Handling: Fix issue where pipeline repeatedly sets the same error (#3525)
  • Connection Pool: Ensure re-authentication does not interfere with connection handoff operations (#3547)

🔧 Improvements

  • Hash Commands: Update hash command implementations (#3523)
  • OpenTelemetry: Use metric.WithAttributeSet to avoid unnecessary attribute copying in redisotel (#3552)

📚 Documentation

  • Cluster Client: Add explanation for why MaxRetries is disabled for ClusterClient (#3551)

🧪 Testing & Infrastructure

  • E2E Testing: Upgrade E2E testing framework with improved reliability and coverage (#3541)
  • Release Process: Improved resiliency of the release process (#3530)

📦 Dependencies

  • Bump rojopolis/spellcheck-github-actions from 0.51.0 to 0.52.0 (#3520)
  • Bump github/codeql-action from 3 to 4 (#3544)

👥 Contributors

We'd like to thank all the contributors who worked on this release!

... (truncated)

Commits
  • f195656 chore(release): 9.16.0 (#3557)
  • 70dfa38 feat(otel): add trace filter for process pipeline and dial operation (#3550)
  • a15e763 fix(pool): Pool ReAuth should not interfere with handoff (#3547)
  • 14a8814 chore(docs): explain why MaxRetries is disabled for ClusterClient (#3551)
  • 8ca21d2 chore(redisotel): use metric.WithAttributeSet to avoid copy (#3552)
  • 7aa4a60 update gomods to align them with the latest beta (#3539)
  • 1e6ee06 test(e2e): testing framework upgrade (#3541)
  • f7eed76 Add support for filtering traces for certain commands (#3519)
  • 3d68c7e chore(deps): bump github/codeql-action from 3 to 4 (#3544)
  • 3ad9f9c fix: add missing error variable for non-unix build constraints (#3538)
  • Additional commits viewable in compare view

Updates go.mau.fi/util from 0.9.1 to 0.9.2

Release notes

Sourced from go.mau.fi/util's releases.

v0.9.2

  • (progver) Added program version calculation utility like the one used by mautrix bridges and Meowlnir.
  • (dbutil) Added sqlite3-fk-wal-fullsync driver which is otherwise equivalent to sqlite3-fk-wal, but sets PRAGMA synchronous=FULL for better crash resistance.
  • (dbutil) Added explicit error if comment prefix (--) isn't at the start of the line when using dialect filters with the (lines commented) modifier.
  • (exsync) Added NewMapWithData, Clear, Len and CopyFrom methods for maps.
  • (exsync) Added iterators for maps and sets.
  • (jsontime) Changed Unix*() methods and jsontime.U*Int() functions to treat 0 and the zero time.Time value as the same.
Changelog

Sourced from go.mau.fi/util's changelog.

v0.9.2 (2025-10-16)

  • (progver) Added program version calculation utility like the one used by mautrix bridges and Meowlnir.
  • (dbutil) Added sqlite3-fk-wal-fullsync driver which is otherwise equivalent to sqlite3-fk-wal, but sets PRAGMA synchronous=FULL for better crash resistance.
  • (dbutil) Added explicit error if comment prefix (--) isn't at the start of the line when using dialect filters with the (lines commented) modifier.
  • (exsync) Added NewMapWithData, Clear, Len and CopyFrom methods for maps.
  • (exsync) Added iterators for maps and sets.
  • (jsontime) Changed Unix*() methods and jsontime.U*Int() functions to treat 0 and the zero time.Time value as the same.
Commits
  • c4bd996 Bump version to v0.9.2
  • c9ee13b jsontime: fix typo in UMicroInt
  • d29c14a jsontime: also make U*Int methods work with zero
  • f2b6212 jsontime: fix receiver names
  • 8805c50 jsontime: override Unix*() methods to return 0 on zero value
  • e4b6953 changelog: update
  • c13b662 exsync: add iterators for map and set
  • 2caa556 exsync/map: add more operations
  • 4c3cff1 dbutil/upgradetable: require comment prefix to be at beginning of line
  • d99877b exmaps: add utility for cloning without preserving nil
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.32.0 to 0.33.0

Commits

Updates golang.org/x/sync from 0.17.0 to 0.18.0

Commits

Updates gorm.io/gorm from 1.31.0 to 1.31.1

Release notes

Sourced from gorm.io/gorm's releases.

Release v1.31.1

Changes

Commits
  • eabca1f Allow Select/Omit for Generics Create, close #7638, #7633
  • a57abbe Add Namer-based column lookup to Schema.LookUpField (#7619)
  • 5eaf05a fix: Allow escaped double quotes in struct tag parser (#7631)
  • 2c3d109 Fix slog logger caller frame detection to output correct source file (#7610)
  • 4808ff5 Update README.md (#7635)
  • 141388f Fix AutoMigrate default value comparison for string fields (issue #7590) (#7591)
  • d9372f5 fix(UnixSecondSerializer.Value): Avoid panic when handling unsigned integer v...
  • d8cdb39 chore: fix some comment (#7615)
  • b881483 Rename IsValidDBNameChar to IsInvalidDBNameChar (#7582)
  • See full diff in compare view

Updates maunium.net/go/mautrix from 0.25.1 to 0.25.2

Release notes

Sourced from maunium.net/go/mautrix's releases.

v0.25.2

  • Breaking change (id) Split UserID.ParseAndValidate into ParseAndValidateRelaxed and ParseAndValidateStrict. Strict is the old behavior, but most users likely want the relaxed version, as there are real users whose user IDs aren't valid under the strict rules.
  • (crypto) Added helper methods for generating and verifying with recovery keys.
  • (bridgev2/matrix) Added config option to automatically generate a recovery key for the bridge bot and self-sign the bridge's device.
  • (bridgev2/matrix) Added initial support for using appservice/MSC3202 mode for encryption with standard servers like Synapse.
  • (bridgev2) Added optional support for implicit read receipts.
  • (bridgev2) Added interface for deleting chats on remote network.
  • (bridgev2) Added local enforcement of media duration and size limits.
  • (bridgev2) Extended event duration logging to log any event taking too long.
  • (bridgev2) Improved validation in group creation provisioning API.
  • (event) Added event type constant for poll end events.
  • (client) Added wrapper for searching user directory.
  • (client) Improved support for managing MSC4140 delayed events.
  • (crypto/helper) Changed default sync handling to not block on waiting for decryption keys. On initial sync, keys won't be requested at all by default.
  • (crypto) Fixed olm unwedging not working (regressed in v0.25.1).
  • (bridgev2) Fixed various bugs with migrating to split portals.
  • (event) Fixed poll start events having incorrect null m.relates_to.
  • (client) Fixed RespUserProfile losing standard fields when re-marshaling.
  • (federation) Fixed various bugs in event auth.
Changelog

Sourced from maunium.net/go/mautrix's changelog.

v0.25.2 (2025-10-16)

  • Breaking change (id) Split UserID.ParseAndValidate into ParseAndValidateRelaxed and ParseAndValidateStrict. Strict is the old behavior, but most users likely want the relaxed version, as there are real users whose user IDs aren't valid under the strict rules.
  • (crypto) Added helper methods for generating and verifying with recovery keys.
  • (bridgev2/matrix) Added config option to automatically generate a recovery key for the bridge bot and self-sign the bridge's device.
  • (bridgev2/matrix) Added initial support for using appservice/MSC3202 mode for encryption with standard servers like Synapse.
  • (bridgev2) Added optional support for implicit read receipts.
  • (bridgev2) Added interface for deleting chats on remote network.
  • (bridgev2) Added local enforcement of media duration and size limits.
  • (bridgev2) Extended event duration logging to log any event taking too long.
  • (bridgev2) Improved validation in group creation provisioning API.
  • (event) Added event type constant for poll end events.
  • (client) Added wrapper for searching user directory.
  • (client) Improved support for managing [MSC4140] delayed events.
  • (crypto/helper) Changed default sync handling to not block on waiting for decryption keys. On initial sync, keys won't be requested at all by default.
  • (crypto) Fixed olm unwedging not working (regressed in v0.25.1).
  • (bridgev2) Fixed various bugs with migrating to split portals.
  • (event) Fixed poll start events having incorrect null m.relates_to.
  • (client) Fixed RespUserProfile losing standard fields when re-marshaling.
  • (federation) Fixed various bugs in event auth.
Commits
  • 50a49e0 Bump version to v0.25.2
  • 22ea75d client,event: MSC4140: Delayed events
  • 080ad4c crypto: Allow decrypting message content without event id or ts
  • ab4a785 bridgev2/provisionutil: don't allow self in create group participants
  • 097813c bridgev2/provisionutil: validate user IDs in CreateGroup if network supports it
  • 5593d8a changelog: update
  • 91ea77b bridgev2/portal: don't send implicit read receipts for account data
  • 9654a0b bridgev2/portal: enforce media duration and size limits
  • d18142c bridgev2/errors: add reason for unsupported errors
  • 3a30024 id/userid: split validation into 2 functions
  • Additional commits viewable in compare view

Updates cel.dev/expr from 0.24.0 to 0.25.0

Release notes

Sourced from cel.dev/expr's releases.

Release v0.25.0

What's Changed

New Contributors

Full Changelog: google/cel-spec@v0.24.0...v0.25.0

Commits
  • 3c96c71 Remove remaining google.rpc.Status deps from cel-spec (#486)
  • 750024a Clarify formatting decimals, add %f formatting test cases around rounding (#485)
  • 9dd5f5c Remove int(enum) -> int signature (#483)
  • 808c918 Remove TOC from language definition (#482)
  • bad3928 Add a test case for lastIndexOf in string_ext against an empty string (#468)
  • 14cdd3f Tests for selector, function, and field names formerly defined as reserved (#...
  • 8a33394 Remove orphaned ToC entry for enums as ints from the specification (#476)
  • a8f582a Initial version of the policy specification (#477)
  • See full diff in compare view

Updates github.com/HdrHistogram/hdrhistogram-go from 1.1.2 to 1.2.0

Release notes

Sourced from github.com/HdrHistogram/hdrhistogram-go's releases.

Version 1.2.0

This release is backward compatible with no breaking API changes, but includes significant improvements beyond bug fixes: Go 1.23 support, modernized dependencies, and critical timestamp handling fixes. The Go version requirement has been updated to 1.23.0.

Update Urgency: High

High - Contains critical fixes for timestamp handling that may affect log accuracy. Users relying on HistogramLogWriter should update promptly.

Bug Fixes

  • Fix HistogramLogWriter.OutputStartTime nanosecond conversion (#54)
  • Fix Log writer: ensure histogram timestamps survive serialization roundtrip. (#51)

Maintenance

  • Update to Go 1.23, modernize dependencies, and fix linter issues (#55)
  • Modernize Go toolchain and CI GH actions (#53)

New Contributors

Full Changelog: HdrHistogram/hdrhistogram-go@v1.1.2...v1.2.0

Commits

@dependabot
deps: bump the production-dependencies group across 1 directory with …
064194c 
…29 updates

Bumps the production-dependencies group with 18 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/antinvestor/apis/go/common](https://github.com/antinvestor/apis) | `1.45.1` | `1.47.12` |
| [github.com/antinvestor/apis/go/device](https://github.com/antinvestor/apis) | `1.45.2` | `1.47.13` |
| [github.com/antinvestor/apis/go/notification](https://github.com/antinvestor/apis) | `1.45.2` | `1.47.13` |
| [github.com/antinvestor/apis/go/partition](https://github.com/antinvestor/apis) | `1.45.2` | `1.47.13` |
| [github.com/antinvestor/apis/go/profile](https://github.com/antinvestor/apis) | `1.45.2` | `1.47.13` |
| [github.com/pitabwire/frame](https://github.com/pitabwire/frame) | `1.60.0` | `1.65.0` |
| [go.mau.fi/util](https://github.com/mautrix/go-util) | `0.9.1` | `0.9.2` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.32.0` | `0.33.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.17.0` | `0.18.0` |
| [maunium.net/go/mautrix](https://github.com/mautrix/go) | `0.25.1` | `0.25.2` |
| [github.com/HdrHistogram/hdrhistogram-go](https://github.com/HdrHistogram/hdrhistogram-go) | `1.1.2` | `1.2.0` |
| [github.com/Workiva/go-datastructures](https://github.com/Workiva/go-datastructures) | `1.1.6` | `1.1.7` |
| [github.com/docker/docker](https://github.com/docker/docker) | `28.5.1+incompatible` | `28.5.2+incompatible` |
| [github.com/ebitengine/purego](https://github.com/ebitengine/purego) | `0.9.0` | `0.9.1` |
| [github.com/go-openapi/jsonreference](https://github.com/go-openapi/jsonreference) | `0.21.2` | `0.21.3` |
| [github.com/testcontainers/testcontainers-go](https://github.com/testcontainers/testcontainers-go) | `0.39.0` | `0.40.0` |
| [go.opentelemetry.io/proto/otlp](https://github.com/open-telemetry/opentelemetry-proto-go) | `1.8.0` | `1.9.0` |
| [golang.org/x/sys](https://github.com/golang/sys) | `0.37.0` | `0.38.0` |



Updates `github.com/antinvestor/apis/go/common` from 1.45.1 to 1.47.12
- [Release notes](https://github.com/antinvestor/apis/releases)
- [Commits](antinvestor/apis@v1.45.1...v1.47.12)

Updates `github.com/antinvestor/apis/go/device` from 1.45.2 to 1.47.13
- [Release notes](https://github.com/antinvestor/apis/releases)
- [Commits](antinvestor/apis@v1.45.2...v1.47.13)

Updates `github.com/antinvestor/apis/go/notification` from 1.45.2 to 1.47.13
- [Release notes](https://github.com/antinvestor/apis/releases)
- [Commits](antinvestor/apis@v1.45.2...v1.47.13)

Updates `github.com/antinvestor/apis/go/partition` from 1.45.2 to 1.47.13
- [Release notes](https://github.com/antinvestor/apis/releases)
- [Commits](antinvestor/apis@v1.45.2...v1.47.13)

Updates `github.com/antinvestor/apis/go/profile` from 1.45.2 to 1.47.13
- [Release notes](https://github.com/antinvestor/apis/releases)
- [Commits](antinvestor/apis@v1.45.2...v1.47.13)

Updates `github.com/pitabwire/frame` from 1.60.0 to 1.65.0
- [Release notes](https://github.com/pitabwire/frame/releases)
- [Commits](pitabwire/frame@v1.60.0...v1.65.0)

Updates `github.com/redis/go-redis/v9` from 9.14.0 to 9.16.0
- [Release notes](https://github.com/redis/go-redis/releases)
- [Changelog](https://github.com/redis/go-redis/blob/master/RELEASE-NOTES.md)
- [Commits](redis/go-redis@v9.14.0...v9.16.0)

Updates `go.mau.fi/util` from 0.9.1 to 0.9.2
- [Release notes](https://github.com/mautrix/go-util/releases)
- [Changelog](https://github.com/mautrix/go-util/blob/main/CHANGELOG.md)
- [Commits](mautrix/go-util@v0.9.1...v0.9.2)

Updates `golang.org/x/oauth2` from 0.32.0 to 0.33.0
- [Commits](golang/oauth2@v0.32.0...v0.33.0)

Updates `golang.org/x/sync` from 0.17.0 to 0.18.0
- [Commits](golang/sync@v0.17.0...v0.18.0)

Updates `gorm.io/gorm` from 1.31.0 to 1.31.1
- [Release notes](https://github.com/go-gorm/gorm/releases)
- [Commits](go-gorm/gorm@v1.31.0...v1.31.1)

Updates `maunium.net/go/mautrix` from 0.25.1 to 0.25.2
- [Release notes](https://github.com/mautrix/go/releases)
- [Changelog](https://github.com/mautrix/go/blob/main/CHANGELOG.md)
- [Commits](mautrix/go@v0.25.1...v0.25.2)

Updates `cel.dev/expr` from 0.24.0 to 0.25.0
- [Release notes](https://github.com/google/cel-spec/releases)
- [Commits](google/cel-spec@v0.24.0...v0.25.0)

Updates `github.com/HdrHistogram/hdrhistogram-go` from 1.1.2 to 1.2.0
- [Release notes](https://github.com/HdrHistogram/hdrhistogram-go/releases)
- [Commits](HdrHistogram/hdrhistogram-go@v1.1.2...v1.2.0)

Updates `github.com/Workiva/go-datastructures` from 1.1.6 to 1.1.7
- [Release notes](https://github.com/Workiva/go-datastructures/releases)
- [Commits](Workiva/go-datastructures@v1.1.6...v1.1.7)

Updates `github.com/docker/docker` from 28.5.1+incompatible to 28.5.2+incompatible
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v28.5.1...v28.5.2)

Updates `github.com/ebitengine/purego` from 0.9.0 to 0.9.1
- [Release notes](https://github.com/ebitengine/purego/releases)
- [Commits](ebitengine/purego@v0.9.0...v0.9.1)

Updates `github.com/go-openapi/jsonreference` from 0.21.2 to 0.21.3
- [Commits](go-openapi/jsonreference@v0.21.2...v0.21.3)

Updates `github.com/klauspost/compress` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.18.0...v1.18.1)

Updates `github.com/nats-io/nats.go` from 1.46.1 to 1.47.0
- [Release notes](https://github.com/nats-io/nats.go/releases)
- [Commits](nats-io/nats.go@v1.46.1...v1.47.0)

Updates `github.com/pitabwire/natspubsub` from 0.7.2 to 0.7.3
- [Release notes](https://github.com/pitabwire/natspubsub/releases)
- [Commits](pitabwire/natspubsub@v0.7.2...v0.7.3)

Updates `github.com/prometheus/common` from 0.67.1 to 0.67.2
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md)
- [Commits](prometheus/common@v0.67.1...v0.67.2)

Updates `github.com/prometheus/procfs` from 0.17.0 to 0.19.2
- [Release notes](https://github.com/prometheus/procfs/releases)
- [Commits](prometheus/procfs@v0.17.0...v0.19.2)

Updates `github.com/shirou/gopsutil/v4` from 4.25.9 to 4.25.10
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](shirou/gopsutil@v4.25.9...v4.25.10)

Updates `github.com/testcontainers/testcontainers-go` from 0.39.0 to 0.40.0
- [Release notes](https://github.com/testcontainers/testcontainers-go/releases)
- [Commits](testcontainers/testcontainers-go@v0.39.0...v0.40.0)

Updates `go.opentelemetry.io/proto/otlp` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-proto-go/releases)
- [Commits](open-telemetry/opentelemetry-proto-go@v1.8.0...v1.9.0)

Updates `golang.org/x/sys` from 0.37.0 to 0.38.0
- [Commits](golang/sys@v0.37.0...v0.38.0)

Updates `google.golang.org/api` from 0.252.0 to 0.254.0
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.252.0...v0.254.0)

Updates `google.golang.org/genproto/googleapis/rpc` from 0.0.0-20251007200510-49b9836ed3ff to 0.0.0-20251022142026-3a174f9686a8
- [Commits](https://github.com/googleapis/go-genproto/commits)

---
updated-dependencies:
- dependency-name: github.com/antinvestor/apis/go/common
  dependency-version: 1.47.12
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/antinvestor/apis/go/device
  dependency-version: 1.47.13
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/antinvestor/apis/go/notification
  dependency-version: 1.47.13
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/antinvestor/apis/go/partition
  dependency-version: 1.47.13
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/antinvestor/apis/go/profile
  dependency-version: 1.47.13
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/pitabwire/frame
  dependency-version: 1.65.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/redis/go-redis/v9
  dependency-version: 9.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: go.mau.fi/util
  dependency-version: 0.9.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: gorm.io/gorm
  dependency-version: 1.31.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: maunium.net/go/mautrix
  dependency-version: 0.25.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: cel.dev/expr
  dependency-version: 0.25.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/HdrHistogram/hdrhistogram-go
  dependency-version: 1.2.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/Workiva/go-datastructures
  dependency-version: 1.1.7
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/docker/docker
  dependency-version: 28.5.2+incompatible
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/ebitengine/purego
  dependency-version: 0.9.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/go-openapi/jsonreference
  dependency-version: 0.21.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.18.1
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/nats-io/nats.go
  dependency-version: 1.47.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/pitabwire/natspubsub
  dependency-version: 0.7.3
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/prometheus/common
  dependency-version: 0.67.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/prometheus/procfs
  dependency-version: 0.19.2
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: github.com/shirou/gopsutil/v4
  dependency-version: 4.25.10
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: github.com/testcontainers/testcontainers-go
  dependency-version: 0.40.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: go.opentelemetry.io/proto/otlp
  dependency-version: 1.9.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: golang.org/x/sys
  dependency-version: 0.38.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google.golang.org/api
  dependency-version: 0.254.0
  dependency-type: indirect
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: google.golang.org/genproto/googleapis/rpc
  dependency-version: 0.0.0-20251022142026-3a174f9686a8
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added auto-merge a dependabot label dependencies a dependabot label labels Nov 10, 2025
@github-actions
Copy link

github-actions bot commented Nov 10, 2025

❌ Auto-merge cancelled: Tests failed or are still pending. Please check the test results and merge manually if appropriate.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 17, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 24, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 24, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/production-dependencies-31124cac67 branch November 24, 2025 00:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

auto-merge a dependabot label dependencies a dependabot label

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants