Skip to content

Bump the gomod-backward-compatible group across 1 directory with 3 updates #639

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the gomod-backward-compatible group across 1 directory with 3 updates #639

wants to merge 1 commit into from
+50 −62

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 1, 2025
edited
Loading

Bumps the gomod-backward-compatible group with 2 updates in the /db directory: github.com/meilisearch/meilisearch-go and github.com/pocketbase/pocketbase.

Updates github.com/meilisearch/meilisearch-go from 0.29.0 to 0.34.1

Release notes

Sourced from github.com/meilisearch/meilisearch-go's releases.

v0.34.1 🐹

🐛 Bug Fixes

⚙️ Maintenance/misc

  • Update dependabot and release template configuration (#720)
  • chore(deps): bump actions/setup-go from 5 to 6 (#721) @dependabot[bot]

Thanks again to @​ElyarSadig, @​dependabot[bot], @​ja7ad, and dependabot[bot]! 🎉

v0.34.0 🐹

⚠️ Breaking changes

  • feat: add renaming indexes & add queryVector field to searchResponse (#717) @​ElyarSadig

🚀 Enhancements

⚙️ Maintenance/misc

Thanks again to @​ElyarSadig and @​ja7ad! 🎉

v0.33.3 🐹

🚀 Enhancements

⚙️ Maintenance/misc

Thanks again to @​ElyarSadig, @​RISHABH4SAHNI, @​ja7ad, @​r-sahni and dependabot[bot]! 🎉

v0.33.2 🐹

🚀 Enhancements

... (truncated)

Commits
  • 9a4db78 chore: bump version to 0.34.1
  • 7521f85 test: improve typo tolerance test
  • 873bb99 update: remove omitempty from typo tolerance
  • dbe0e53 chore(deps): bump actions/setup-go from 5 to 6
  • dc9c6a4 Update .github/release-draft-template.yml
  • 919a827 Update .github/dependabot.yml
  • 0f62d15 Update version for the next release (v0.34.0)
  • 3b0d878 chore: add swap_index_2 to code-samples
  • c34e53d chore: fix updateIndex in code-samples
  • bf08c63 update: rename indexUID field & add tests
  • Additional commits viewable in compare view

Updates github.com/pocketbase/pocketbase from 0.30.0 to 0.31.0

Release notes

Sourced from github.com/pocketbase/pocketbase's releases.

v0.31.0 Release

To update the prebuilt executable you can run ./pocketbase update.

  • Display presentable multiple relation fields (#7260).

  • Support Ed25519 in the optional OIDC id_token signature validation (#7252; thanks @​shynome).

  • Added ApiScenario.DisableTestAppCleanup optional field to skip the auto test app cleanup and leave it up to the developers to do the cleanup manually (#7267).

  • Added FileDownloadRequestEvent.ThumbError field that is populated in case of a thumb generation failure (e.g. unsupported format, timing out, etc.), allowing developers to reject the thumb fallback and/or supply their own custom thumb generation (#7268).

  • ⚠️ Disallow client-side filtering and sorting of relations where the collection of the last targeted relation field has superusers-only List/Search API rule to further minimize the risk of eventual side-channel attack. This should be a non-breaking change for most users, but if you want the old behavior please open a Q&A discussion with details about your use case to evaluate making it configurable. Note also that as mentioned in the "Security and performance" section of #4417 and #5863, the easiest and recommended solution to protect security sensitive fields (tokens, codes, passwords, etc.) is to mark them as "Hidden" (aka. make them non-API filterable). A better out of the box handling will be available with the planned fields internals refactoring together with the already started UI rewrite and plugins support.

  • Regenerated JSVM types and updated npm and Go deps.

v0.30.4 Release

To update the prebuilt executable you can run ./pocketbase update.

  • Fixed json field CSS regression introduced with the overflow workaround in v0.30.3 (#7259).

v0.30.3 Release

To update the prebuilt executable you can run ./pocketbase update.

  • Fixed legacy identitity field priority check when a username is a valid email address (#7256).

  • Workaround autocomplete overflow issue in Firefox 144 (#7223).

  • Updated modernc.org/sqlite to 1.39.1 (SQLite 3.50.4).

v0.30.2 Release

To update the prebuilt executable you can run ./pocketbase update.

v0.30.1 Release

To update the prebuilt executable you can run ./pocketbase update.

  • ⚠️ Excluded the lost+found directory from the backups (#7208; thanks @​lbndev). If for some reason you want to keep it, you can restore it by editing the e.Exclude list of the OnBackupCreate and OnBackupRestore hooks.

  • Minor tests improvements (disabled initial superuser creation for the test app to avoid cluttering the std output, added more tests for the s3.Uploader.MaxConcurrency, etc.).

  • Updated modernc.org/sqlite and other Go dependencies.

Changelog

Sourced from github.com/pocketbase/pocketbase's changelog.

v0.31.0

  • Visualize presentable multiple relation fields (#7260).

  • Support Ed25519 in the optional OIDC id_token signature validation (#7252; thanks @​shynome).

  • Added ApiScenario.DisableTestAppCleanup optional field to skip the auto test app cleanup and leave it up to the developers to do the cleanup manually (#7267).

  • Added FileDownloadRequestEvent.ThumbError field that is populated in case of a thumb generation failure (e.g. unsupported format, timing out, etc.), allowing developers to reject the thumb fallback and/or supply their own custom thumb generation (#7268).

  • ⚠️ Disallow client-side filtering and sorting of relations where the collection of the last targeted relation field has superusers-only List/Search API rule to further minimize the risk of eventual side-channel attack. This should be a non-breaking change for most users, but if you want the old behavior, please open a new Q&A discussion with details about your use case to evaluate making it configurable. Note also that as mentioned in the "Security and performance" section of #4417 and #5863, the easiest and recommended solution to protect security sensitive fields (tokens, codes, passwords, etc.) is to mark them as "Hidden" (aka. make them non-API filterable).

  • Regenerated JSVM types and updated npm and Go deps.

v0.30.4

  • Fixed json field CSS regression introduced with the overflow workaround in v0.30.3 (#7259).

v0.30.3

  • Fixed legacy identitity field priority check when a username is a valid email address (#7256).

  • Workaround autocomplete overflow issue with Firefox 144 (#7223).

  • Updated modernc.org/sqlite to 1.39.1 (SQLite 3.50.4).

v0.30.2

v0.30.1

  • ⚠️ Excluded the lost+found directory from the backups (#7208; thanks @​lbndev). If for some reason you want to keep it, you can restore it by editing the e.Exclude list of the OnBackupCreate and OnBackupRestore hooks.

  • Minor tests improvements (disabled initial superuser creation for the test app to avoid cluttering the std output, added more tests for the s3.Uploader.MaxConcurrency, etc.).

  • Updated modernc.org/sqlite and other Go dependencies.

Commits
  • d5dcd01 updated ui/dist
  • 749bf78 updated changelog
  • ceae5e0 updated jsvm types and npm deps
  • 7b6b71e disallow client-side filtering and sorting of relations where the collection ...
  • 885d907 updated jsvm types
  • afb942b updated thumb error message
  • 83a26d4 #7268 added FileDownloadRequestEvent.ThumbError field
  • 7b52d0b #7267 added tests.ApiScenario.DisableTestAppCleanup optional field
  • 5a8eae7 add fallback in case the collection name in the response was stripped
  • 0bd7127 moved ValidateTokenSignature to jwk and added tests
  • Additional commits viewable in compare view

Updates golang.org/x/net from 0.44.0 to 0.46.0

Commits
  • 2002a06 go.mod: update golang.org/x dependencies
  • 59706cd html: impose open element stack size limit
  • 6ec8895 html: align in row insertion mode with spec
  • 5393563 http2: fix RFC 9218 write scheduler not being idempotent
  • b2ab371 internal/httpsfv: implement parsing support for date and display string
  • edb764c internal/httpsfv: add parsing functionality for types defined in RFC 8941
  • fbba2c2 internal/httpsfv: add support for consuming Display String and Date type
  • 47a241f http2: make the error channel pool per-Server
  • 51f657b webdav/internal/xml: use the built-in min function
  • f2e909b internal/httpsfv: implement parsing support for Dictionary and List type.
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gomod-backward-compatible group across 1 directory with 3 up…
1a1e0d1 
…dates

Bumps the gomod-backward-compatible group with 2 updates in the /db directory: [github.com/meilisearch/meilisearch-go](https://github.com/meilisearch/meilisearch-go) and [github.com/pocketbase/pocketbase](https://github.com/pocketbase/pocketbase).


Updates `github.com/meilisearch/meilisearch-go` from 0.29.0 to 0.34.1
- [Release notes](https://github.com/meilisearch/meilisearch-go/releases)
- [Commits](meilisearch/meilisearch-go@v0.29.0...v0.34.1)

Updates `github.com/pocketbase/pocketbase` from 0.30.0 to 0.31.0
- [Release notes](https://github.com/pocketbase/pocketbase/releases)
- [Changelog](https://github.com/pocketbase/pocketbase/blob/master/CHANGELOG.md)
- [Commits](pocketbase/pocketbase@v0.30.0...v0.31.0)

Updates `golang.org/x/net` from 0.44.0 to 0.46.0
- [Commits](golang/net@v0.44.0...v0.46.0)

---
updated-dependencies:
- dependency-name: github.com/meilisearch/meilisearch-go
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-backward-compatible
- dependency-name: github.com/pocketbase/pocketbase
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-backward-compatible
- dependency-name: golang.org/x/net
  dependency-version: 0.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod-backward-compatible
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Nov 1, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 1, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 1, 2025
@dependabot dependabot bot deleted the dependabot/go_modules/db/gomod-backward-compatible-958024c53c branch December 1, 2025 05:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant