fix(deps): update gin framework

[guided-traffic-bot]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/gin-contrib/cors	v1.7.6 → v1.7.7
github.com/gin-gonic/gin	v1.11.0 → v1.12.0

---

Release Notes

gin-contrib/cors (github.com/gin-contrib/cors)

v1.7.7

Compare Source

Changelog

Others

• 2816d6d: Add Go 1.26 to GitHub Actions test matrix (@​appleboy)
• a92928f: Update golangci-lint version to v2.9 (@​appleboy)
• b77776e: Fix Trivy badge URL in README.md (@​appleboy)

Bug fixes

• 123928c: fix: allow ^ anchor in regex CORS origin patterns (#​177) (@​brokenthumbs)
• 3585a5e: fix: resolve golangci-lint issues in tests (@​appleboy)

Enhancements

• 21c982f: chore: update Go version and refresh dependencies to latest releases (@​appleboy)
• 402233a: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (@​appleboy)
• 0c14279: chore(deps): bump actions/checkout from 4 to 6 (@​appleboy)
• 3333b3d: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
• 754ef53: chore(ci): update golangci-lint to v2.6 (@​appleboy)
• c5dcea8: chore(deps): bump actions/cache from 4 to 5 (@​appleboy)
• 139173a: chore(ci): upgrade trivy-action from 0.33.1 to 0.35.0 (@​appleboy)
• 9e6ec27: chore(deps): upgrade gin to v1.12.0 and update CI Go versions (@​appleboy)
• e19d20d: chore(deps): upgrade golang.org/x/text to v0.35.0 (@​appleboy)

Build process updates

• f46b87e: ci: integrate Trivy vulnerability scanning into CI workflow (@​appleboy)
• c4b4ccf: ci: broaden CI Go version testing (@​appleboy)
• 33f131c: ci: add dedicated Trivy security scanning and status badge (@​appleboy)
• fe8e9d0: ci: integrate automated Trivy security scanning via GitHub Actions (@​appleboy)
• f20e310: ci: update CI tooling and refine supported Go versions (@​appleboy)
• d94e477: ci: modernize and consolidate CI workflows and security scanning (@​appleboy)
• b16eb9f: ci: rename Trivy workflow file for enhanced clarity (@​appleboy)
• ec180b5: ci(workflow): bump goreleaser/goreleaser-action from v6 to v7 (@​appleboy)

gin-gonic/gin (github.com/gin-gonic/gin)

v1.12.0

Compare Source

Features

• feat(render): add bson protocol (#​4145)
• feat(context): add GetError and GetErrorSlice methods for error retrieval (#​4502)
• feat(binding): add support for encoding.UnmarshalText in uri/query binding (#​4203)
• feat(gin): add option to use escaped path (#​4420)
• feat(context): add Protocol Buffers support to content negotiation (#​4423)
• feat(context): implemented Delete method (#​38e7651)
• feat(logger): color latency (#​4146)

Enhancements

• perf(tree): reduce allocations in findCaseInsensitivePath (#​4417)
• perf(recovery): optimize line reading in stack function (#​4466)
• perf(path): replace regex with custom functions in redirectTrailingSlash (#​4414)
• perf(tree): optimize path parsing using strings.Count (#​4246)
• chore(logger): allow skipping query string output (#​4547)
• chore(context): always trust xff headers from unix socket (#​3359)
• chore(response): prevent Flush() panic when the underlying ResponseWriter does not implement http.Flusher (#​4479)
• refactor(recovery): smart error comparison (#​4142)
• refactor(context): replace hardcoded localhost IPs with constants (#​4481)
• refactor(utils): move util functions to utils.go (#​4467)
• refactor(binding): use maps.Copy for cleaner map handling (#​4352)
• refactor(context): using maps.Clone (#​4333)
• refactor(ginS): use sync.OnceValue to simplify engine function (#​4314)
• refactor: replace magic numbers with named constants in bodyAllowedForStatus (#​4529)
• refactor: for loop can be modernized using range over int (#​4392)

Bug Fixes

• fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#​4535)
• fix(render): write content length in Data.Render (#​4206)
• fix(context): ClientIP handling for multiple X-Forwarded-For header values (#​4472)
• fix(binding): empty value error (#​2169)
• fix(recover): suppress http.ErrAbortHandler in recover (#​4336)
• fix(gin): literal colon routes not working with engine.Handler() (#​4415)
• fix(gin): close os.File in RunFd to prevent resource leak (#​4422)
• fix(response): refine hijack behavior for response lifecycle (#​4373)
• fix(binding): improve empty slice/array handling in form binding (#​4380)
• fix(debug): version mismatch (#​4403)
• fix: correct typos, improve documentation clarity, and remove dead code (#​4511)

Build process updates / CI

• ci: update Go version support to 1.25+ across CI and docs (#​4550)
• chore(binding): upgrade bson dependency to mongo-driver v2 (#​4549)

---

Configuration

📅 Schedule: (in timezone Europe/Berlin)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[guided-traffic-bot]

ℹ️ Artifact update notice

File name: backend/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 13 additional dependencies were updated

Details:

Package	Change
github.com/bytedance/sonic	v1.14.0 -> v1.15.0
github.com/bytedance/sonic/loader	v0.3.0 -> v0.5.0
github.com/gabriel-vasile/mimetype	v1.4.9 -> v1.4.12
github.com/go-playground/validator/v10	v10.27.0 -> v10.30.1
github.com/goccy/go-yaml	v1.18.0 -> v1.19.2
github.com/quic-go/quic-go	v0.57.1 -> v0.59.0
github.com/ugorji/go/codec	v1.3.0 -> v1.3.1
golang.org/x/arch	v0.20.0 -> v0.23.0
golang.org/x/crypto	v0.46.0 -> v0.48.0
golang.org/x/net	v0.47.0 -> v0.51.0
golang.org/x/sys	v0.39.0 -> v0.41.0
golang.org/x/text	v0.32.0 -> v0.35.0
google.golang.org/protobuf	v1.36.9 -> v1.36.10