chore(deps): bump the go-deps group across 1 directory with 14 updates

[dependabot]

Bumps the go-deps group with 10 updates in the /api directory:

Package	From	To
github.com/alicebob/miniredis/v2	2.35.0	2.38.0
github.com/coreos/go-oidc/v3	3.16.0	3.18.0
github.com/gin-gonic/gin	1.9.1	1.12.0
github.com/golang-jwt/jwt/v5	5.2.2	5.3.1
github.com/lib/pq	1.10.9	1.12.3
github.com/redis/go-redis/v9	9.16.0	9.20.0
github.com/rs/zerolog	1.34.0	1.35.1
k8s.io/apimachinery	0.34.2	0.36.1
k8s.io/client-go	0.34.2	0.36.1
k8s.io/metrics	0.34.2	0.36.1

Updates github.com/alicebob/miniredis/v2 from 2.35.0 to 2.38.0

Release notes

Sourced from github.com/alicebob/miniredis/v2's releases.

DELEX and fixes

• XADD TRIM (thanks @​evan-choi)
• update XINFO STREAM (thanks @​TomBailey167)
• lua fix (thanks @​infastin)
• partial support for DELEX

HEXPIRE

• support HEXPIRE (thanks @​mojixcoder)

support CLUSTER SHARDS

• support CLUSTER SHARDS (thanks @​dadrus)

redis 8.4.0, DUMP/RESTORE, EVALRO, WAIT

• return actual server address by CLUSTER NODES (thanks @​nastik-kum)
• support DUMP and RESTORE (thanks @​alyssaruth)
• support EVALRO (thanks @​max-frank)
• add WAIT command as no-op (thanks @​aroullet)
• support info stats (thanks @​destinyoooo)
• add "-*" keys
• compare against Redis 8.4.0

Changelog

Sourced from github.com/alicebob/miniredis/v2's changelog.

v2.38.0

• XADD TRIM (thanks @​evan-choi)
• update XINFO STREAM (thanks @​TomBailey167)
• lua fix (thanks @​infastin)
• partial support for DELEX

v2.37.0

• support HEXPIRE (thanks @​mojixcoder)

v2.36.1

• support CLUSTER SHARDS (thanks @​dadrus)

v2.36.0

• return actual server address by CLUSTER NODES (thanks @​nastik-kum)
• support DUMP and RESTORE (thanks @​alyssaruth)
• support EVALRO (thanks @​max-frank)
• add WAIT command as no-op (thanks @​aroullet)
• support info stats (thanks @​destinyoooo)
• add "-*" keys
• compare against Redis 8.4.0

Commits

• d67bfae update changelog for v2.38.0
• 2b1abd8 DELEX (partly) (#442)
• 452dd37 Merge pull request #440 from infastin/server-alias
• b5b8ec2 feat: add 'server' alias to 'redis' in lua scripts
• ecc4af1 Merge pull request #439 from TomBailey167/xinfo-stream-last-generated-id
• 4a2a33e Merge pull request #435 from evan-choi/fix/xadd-equals-trim-modifier
• d6261ef feat: add last-generated-id to XINFO STREAM response
• f4d8aa3 fix: accept = trim modifier in xadd
• c1b59bf feat: implement HEXPIRE command (#424)
• 64de52d changelog for v2.36.1
• Additional commits viewable in compare view

Updates github.com/coreos/go-oidc/v3 from 3.16.0 to 3.18.0

Release notes

Sourced from github.com/coreos/go-oidc/v3's releases.

v3.18.0

What's Changed

• .github: configure dependabot by @​ericchiang in coreos/go-oidc#477
• .github: update go versions in CI by @​ericchiang in coreos/go-oidc#480
• build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.36.0 by @​dependabot[bot] in coreos/go-oidc#478
• build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4 by @​dependabot[bot] in coreos/go-oidc#479

Full Changelog: coreos/go-oidc@v3.17.0...v3.18.0

v3.17.0

What's Changed

• oidc: improve error message for mismatched issuer URLs by @​ericchiang in coreos/go-oidc#469

Full Changelog: coreos/go-oidc@v3.16.0...v3.17.0

Commits

• da6b3bf build(deps): bump github.com/go-jose/go-jose/v4 from 4.1.3 to 4.1.4
• 7f80694 build(deps): bump golang.org/x/oauth2 from 0.28.0 to 0.36.0
• 7271de5 .github: update go versions in CI
• 3ccf20f .github: configure dependabot
• 35b8e03 oidc: improve error message for mismatched issuer URLs
• See full diff in compare view

Updates github.com/gin-gonic/gin from 1.9.1 to 1.12.0

Release notes

Sourced from github.com/gin-gonic/gin's releases.

v1.12.0

Changelog

Features

• 192ac89eefc1c30f7c97ae48a9ffb1c6f1c8c8bc: feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203) (@​takanuva15)
• 53410d2e07054369e0960fbe2eed97e1b9966f12: feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502) (@​raju-mechatronics)
• acc55e049e33b401e810dbd8c0d6dcb6b3ba2b05: feat(context): add Protocol Buffers support to content negotiation (#4423) (@​1911860538)
• 38e765119241d990705169bedb5002a29ae0cbd1: feat(context): implemented Delete method (@​Spyder01)
• 771dcc6476d7bc6abb9ec0235ecefa4d38fe6fb0: feat(gin): add option to use escaped path (#4420) (@​ldesauw)
• 4dec17afdff48e8018c83618fbbe69fceeb2b41d: feat(logger): color latency (#4146) (@​wsyqn6)
• d7776de7d444935ea4385999711bd6331a98fecb: feat(render): add bson protocol (#4145) (@​laurentcau)

Bug fixes

• b917b14ff9d189f16a7492be79d123a47806ee19: fix(binding): empty value error (#2169) (@​guonaihong)
• c3d1092b3b48addf6f9cd00fe274ec3bd14650eb: fix(binding): improve empty slice/array handling in form binding (#4380) (@​1911860538)
• 9914178584e42458ff7d23891463a880f58c9d86: fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472) (@​Nurysso)
• 2a794cd0b0faa7d829291375b27a3467ea972b0d: fix(debug): version mismatch (#4403) (@​zeek0x)
• c3d5a28ed6d3849da820195b6774d212bcc038a9: fix(gin): close os.File in RunFd to prevent resource leak (#4422) (@​1911860538)
• 5fad976b372e381312f8de69f0969f1284d229d3: fix(gin): literal colon routes not working with engine.Handler() (#4415) (@​pawannn)
• 63dd3e60cab89c27fb66bce1423bd268d52abad1: fix(recover): suppress http.ErrAbortHandler in recover (#4336) (@​MondayCha)
• 5c00df8afadd06cc5be530dde00fe6d9fa4a2e4a: fix(render): write content length in Data.Render (#4206) (@​dengaleev)
• 234a6d4c00cb77af9852aca0b8289745d5529b4b: fix(response): refine hijack behavior for response lifecycle (#4373) (@​appleboy)
• 472d086af2acd924cb4b9d7be0525f7d790f69bc: fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535) (@​veeceey)
• 8e07d37c63e5536eb25f4af4c91eabeee4011fba: fix: Correct typos, improve documentation clarity, and remove dead code (#4511) (@​mahanadh)

Enhancements

• ba093d19477b896ac89a7fc3246af23d290b8e26: chore(binding): upgrade bson dependency to mongo-driver v2 (#4549) (@​BobDu)
• b2b489dbf4826c2c630717a77fd5e42774625410: chore(context): always trust xff headers from unix socket (#3359) (@​WeidiDeng)
• ecb3f7b5e2f3915bf1db240ed5eee572f8dbea36: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (#4449) (@​appleboy)
• af6e8b70b8261bb0c99ad094fe552ab92991620a: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
• db309081bc5c137b2aa15701ef53f7f19788da25: chore(logger): allow skipping query string output (#4547) (@​USA-RedDragon)
• 26c3a628655cad2388380cb8102d6ce7d4875f3b: chore(response): prevent Flush() panic when http.Flusher (#4479) (@​Twacqwq)
• 5dd833f1f26de0eb30eae47b17e05ced2482dc41: chore: bump minimum Go version to 1.24 and update workflows (#4388) (@​appleboy)

Refactor

• 39858a0859c914bd26948fa950477e11bd8d3823: refactor(binding): use maps.Copy for cleaner map handling (#4352) (@​russcoss)
• c0048f645ee945c4db30593afdea10123e2c30a6: refactor(context): omit the return value names (#4395) (@​wanghaolong613)
• 915e4c90d28ec4cffc6eb146e208ab5a65eac772: refactor(context): replace hardcoded localhost IPs with constants (#4481) (@​pauloappbr)
• 414de60574449457f3192a7a1d5528940db2836d: refactor(context): using maps.Clone (#4333) (@​cuiweixie)
• 59e9d4a794f12c4f9a6c7bed441b9644e5f6d99b: refactor(ginS): use sync.OnceValue to simplify engine function (#4314) (@​1911860538)
• 3ab698dc5110af1977d57226e4995c57dd34c233: refactor(recovery): smart error comparison (#4142) (@​zeek0x)
• d1a15347b1e45a8ee816193d3578a93bfd73b70f: refactor(utils): move util functions to utils.go (#4467) (@​zeek0x)
• e3118cc378d263454098924ebbde7e8d1dd2e904: refactor: for loop can be modernized using range over int (#4392) (@​wanghaolong613)
• 488f8c3ffa579a8d19beb2bae95ff8ef36b3d53f: refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529) (@​veeceey)
• 9968c4bf9d5a99edc3eee2c068a4c9160ece8915: refactor: use b.Loop() to simplify the code and improve performance (#4389) (@​reddaisyy)
• a85ef5ce4d0cda8834c59c855068ed48b51192d1: refactor: use b.Loop() to simplify the code and improve performance (#4432) (@​efcking)

Build process updates

• 61b67de522a189b568aced4c5c16917c558e3387: ci(bot): increase frequency and group updates for dependencies (#4367) (@​appleboy)
• fb27ef26c2fdfe25344b4c039d8a53551f9e912c: ci(lint): refactor test assertions and linter configuration (#4436) (@​appleboy)
• 93ff771e6dbf10e432864b30f3719ac5c84a4d4a: ci(sec): improve type safety and server organization in HTTP middleware (#4437) (@​appleboy)
• e88fc8927a52b74f55bec0351604a56ac0aa1c51: ci(sec): schedule Trivy security scans to run daily at midnight UTC (#4439) (@​appleboy)
• 5e5ff3ace496a31b138b0820136a146bfb5de0ef: ci: replace vulnerability scanning workflow with Trivy integration (#4421) (@​appleboy)
• 00900fb3e1ea9dde33985a0e4f6afec793d5e786: ci: update CI workflows and standardize Trivy config quotes (#4531) (@​appleboy)
• ae3f524974fc4f55d18c9e7fae4614503c015226: ci: update Go version support to 1.25+ across CI and docs (#4550) (@​appleboy)

... (truncated)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.12.0

Features

• feat(render): add bson protocol (#4145)
• feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502)
• feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203)
• feat(gin): add option to use escaped path (#4420)
• feat(context): add Protocol Buffers support to content negotiation (#4423)
• feat(context): implemented Delete method (#38e7651)
• feat(logger): color latency (#4146)

Enhancements

• perf(tree): reduce allocations in findCaseInsensitivePath (#4417)
• perf(recovery): optimize line reading in stack function (#4466)
• perf(path): replace regex with custom functions in redirectTrailingSlash (#4414)
• perf(tree): optimize path parsing using strings.Count (#4246)
• chore(logger): allow skipping query string output (#4547)
• chore(context): always trust xff headers from unix socket (#3359)
• chore(response): prevent Flush() panic when the underlying ResponseWriter does not implement http.Flusher (#4479)
• refactor(recovery): smart error comparison (#4142)
• refactor(context): replace hardcoded localhost IPs with constants (#4481)
• refactor(utils): move util functions to utils.go (#4467)
• refactor(binding): use maps.Copy for cleaner map handling (#4352)
• refactor(context): using maps.Clone (#4333)
• refactor(ginS): use sync.OnceValue to simplify engine function (#4314)
• refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529)
• refactor: for loop can be modernized using range over int (#4392)

Bug Fixes

• fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
• fix(render): write content length in Data.Render (#4206)
• fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472)
• fix(binding): empty value error (#2169)
• fix(recover): suppress http.ErrAbortHandler in recover (#4336)
• fix(gin): literal colon routes not working with engine.Handler() (#4415)
• fix(gin): close os.File in RunFd to prevent resource leak (#4422)
• fix(response): refine hijack behavior for response lifecycle (#4373)
• fix(binding): improve empty slice/array handling in form binding (#4380)
• fix(debug): version mismatch (#4403)
• fix: correct typos, improve documentation clarity, and remove dead code (#4511)

Build process updates / CI

• ci: update Go version support to 1.25+ across CI and docs (#4550)
• chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)

Gin v1.11.0

... (truncated)

Commits

• 73726dc docs: update documentation to reflect Go version changes (#4552)
• e292e5c docs: document and finalize Gin v1.12.0 release (#4551)
• ae3f524 ci: update Go version support to 1.25+ across CI and docs (#4550)
• 38534e2 chore(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#4548)
• 472d086 fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
• fb25834 test(context): use http.StatusContinue constant instead of magic number 100 (...
• 6f1d5fe test(render): add comprehensive error handling tests (#4541)
• 5c00df8 fix(render): write content length in Data.Render (#4206)
• db30908 chore(logger): allow skipping query string output (#4547)
• ba093d1 chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)
• Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.14.0 to 10.30.1

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

Release 10.30.1

What's Changed

• Feat: uds_exists validator by @​barash-asenov in go-playground/validator#1482
• fix: Revert min limit of e164 regex by @​zemzale in go-playground/validator#1516
• Fix 1513 update ISO 3166-2 codes by @​xyz27900 in go-playground/validator#1514

New Contributors

• @​barash-asenov made their first contribution in go-playground/validator#1482
• @​xyz27900 made their first contribution in go-playground/validator#1514

Full Changelog: go-playground/validator@v10.30.0...v10.30.1

Release 10.30.0

What's Changed

• Bump golang.org/x/crypto from 0.45.0 to 0.46.0 by @​dependabot[bot] in go-playground/validator#1504
• Bump github.com/gabriel-vasile/mimetype from 1.4.11 to 1.4.12 by @​dependabot[bot] in go-playground/validator#1505
• docs: document omitzero by @​minoritea in go-playground/validator#1509
• fix: add missing translations for alpha validators by @​shindonghwi in go-playground/validator#1510
• fix: resolve panic when using aliases with OR operator by @​shindonghwi in go-playground/validator#1507
• fix: resolve panic when using cross-field validators with ValidateMap by @​shindonghwi in go-playground/validator#1508

New Contributors

• @​minoritea made their first contribution in go-playground/validator#1509
• @​shindonghwi made their first contribution in go-playground/validator#1510

Full Changelog: go-playground/validator@v10.29.0...v10.30.0

v10.29.0

What's Changed

• fix: minor spelling fix in docs by @​Perfect5th in go-playground/validator#1472
• Bump golang.org/x/text from 0.29.0 to 0.30.0 by @​dependabot[bot] in go-playground/validator#1473
• Bump golang.org/x/crypto from 0.42.0 to 0.43.0 by @​dependabot[bot] in go-playground/validator#1474
• Fix integer overflows in test when run on 32bit systems by @​gibmat in go-playground/validator#1479
• fix: exclude modernize linter by @​nodivbyzero in go-playground/validator#1487
• Bump golangci/golangci-lint-action from 8 to 9 by @​dependabot[bot] in go-playground/validator#1490
• Bump github.com/gabriel-vasile/mimetype from 1.4.10 to 1.4.11 by @​dependabot[bot] in go-playground/validator#1485
• Support for ISO 9362:2022 BIC (SWIFT) codes by @​fira42073 in go-playground/validator#1478
• Bump golang.org/x/crypto from 0.43.0 to 0.44.0 by @​dependabot[bot] in go-playground/validator#1492
• Fix: validation now rejects phone codes starting with +0 by @​nodivbyzero in go-playground/validator#1476
• Bump golang.org/x/crypto from 0.44.0 to 0.45.0 by @​dependabot[bot] in go-playground/validator#1495
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in go-playground/validator#1497
• fix/1500:Update Sierra Leone currency code from SLL to SLE by @​princekm096 in go-playground/validator#1501
• Fix/1481 skip invalid type validations by @​KaranLathiya in go-playground/validator#1498
• Fix 1502 update ccy codes by @​princekm096 in go-playground/validator#1503
• Added alphanumspace string validator by @​haribabuk113 in go-playground/validator#1484
• excluded_unless bug fix by @​chargraves85 in go-playground/validator#1307

New Contributors

• @​Perfect5th made their first contribution in go-playground/validator#1472
• @​gibmat made their first contribution in go-playground/validator#1479

... (truncated)

Commits

• 5010f83 Fix 1513 update ISO 3166-2 codes (#1514)
• e8627a1 fix: Revert min limit of e164 regex (#1516)
• 65b1bcc Feat: uds_exists validator (#1482)
• e9b900c fix: resolve panic when using cross-field validators with ValidateMap (#1508)
• 7aba81c fix: resolve panic when using aliases with OR operator (#1507)
• 4d600be fix: add missing translations for alpha validators (#1510)
• b0e4ba2 docs: document omitzero (#1509)
• 79fba72 Bump github.com/gabriel-vasile/mimetype from 1.4.11 to 1.4.12 (#1505)
• c3c9084 Bump golang.org/x/crypto from 0.45.0 to 0.46.0 (#1504)
• afce000 excluded_unless bug fix (#1307)
• Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.3.1

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.1

What's Changed

🔐 Features

• Add spellcheck Github action to catch common spelling mistakes by @​equalsgibson in golang-jwt/jwt#458
• Add WithNotBeforeRequired parser option and add test coverage by @​equalsgibson in golang-jwt/jwt#456
• Update godoc example func to properly refer to NewWithClaims() by @​equalsgibson in golang-jwt/jwt#459
• Update github workflows by @​mfridman in golang-jwt/jwt#462
• Additional test for CustomClaims that validates unmarshalling behaviour by @​equalsgibson in golang-jwt/jwt#457
• Fix early file close in jwt cli by @​mfridman in golang-jwt/jwt#472
• Add TPM signature reference by @​salrashid123 in golang-jwt/jwt#473
• Remove misleading ParserOptions documentation in golang-jwt/jwt#484
• Save signature to Token struct after successful signing by @​EgorSheff in golang-jwt/jwt#417
• Set token.Signature in ParseUnverified by @​slickwilli in golang-jwt/jwt#414

👒 Dependencies

• Bump crate-ci/typos from 1.34.0 to 1.35.3 by @​dependabot[bot] in golang-jwt/jwt#461
• Bump crate-ci/typos from 1.35.4 to 1.36.2 by @​dependabot[bot] in golang-jwt/jwt#470
• Bump github/codeql-action from 3 to 4 by @​dependabot[bot] in golang-jwt/jwt#478
• Bump crate-ci/typos from 1.36.2 to 1.39.0 by @​dependabot[bot] in golang-jwt/jwt#480
• Bump golangci/golangci-lint-action from 8 to 9 by @​dependabot[bot] in golang-jwt/jwt#481
• Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in golang-jwt/jwt#469
• Bump crate-ci/typos from 1.39.0 to 1.40.0 by @​dependabot[bot] in golang-jwt/jwt#488
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in golang-jwt/jwt#487
• Bump crate-ci/typos from 1.40.0 to 1.41.0 by @​dependabot[bot] in golang-jwt/jwt#490
• Bump crate-ci/typos from 1.41.0 to 1.42.1 by @​dependabot[bot] in golang-jwt/jwt#492

New Contributors

• @​equalsgibson made their first contribution in golang-jwt/jwt#458
• @​salrashid123 made their first contribution in golang-jwt/jwt#473
• @​EgorSheff made their first contribution in golang-jwt/jwt#417
• @​slickwilli made their first contribution in golang-jwt/jwt#414

Full Changelog: golang-jwt/jwt@v5.3.0...v5.3.1

v5.3.0

This release is almost identical to to v5.2.3 but now correctly indicates Go 1.21 as minimum requirement.

What's Changed

• Create CODEOWNERS by @​oxisto in golang-jwt/jwt#449
• Bump Go version to indicate correct minimum requirement by @​oxisto in golang-jwt/jwt#452

Full Changelog: golang-jwt/jwt@v5.2.3...v5.3.0

v5.2.3

What's Changed

• Bump GitHub workflows and Go versions by @​mfridman in golang-jwt/jwt#438
• Implementing validation of multiple audiences by @​oxisto in golang-jwt/jwt#433
• Bump golangci/golangci-lint-action from 7 to 8 by @​dependabot[bot] in golang-jwt/jwt#440

... (truncated)

Commits

• 7ceae61 Add release.yml for changelog configuration
• dce8e4d Set token.Signature in ParseUnverified (#414)
• 8889e20 Save signature to Token struct after successful signing (#417)
• d237f82 ci: update github-actions schedule interval to monthly
• d8dce95 Bump crate-ci/typos from 1.41.0 to 1.42.1 (#492)
• e931803 Bump crate-ci/typos from 1.40.0 to 1.41.0 (#490)
• e6a0afa Bump actions/checkout from 5 to 6 (#487)
• 9f85c9e Bump crate-ci/typos from 1.39.0 to 1.40.0 (#488)
• 60a8669 Bump actions/setup-go from 5 to 6 (#469)
• 76f5828 Remove misleading ParserOptions documentation (#484)
• Additional commits viewable in compare view

Updates github.com/lib/pq from 1.10.9 to 1.12.3

Release notes

Sourced from github.com/lib/pq's releases.

v1.12.3

• Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2

• Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1

• Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

• Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

v1.12.0

• The next release may change the default sslmode from require to prefer. See #1271 for details.

• CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

  // Old
  tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
  // Replacement
  tx.Prepare(copy temp (num, text, blob, nothing) from stdin)
  

Features

• Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

• Support sslmode=prefer and sslmode=allow (#1270).

• Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

• Support connection service file to load connection details (#1285).

• Support sslrootcert=system and use ~/.postgresql/root.crt as the default value of sslrootcert (#1280, #1281).

• Add a new pqerror package with PostgreSQL error codes (#1275).

  For example, to test if an error is a UNIQUE constraint violation:

  if pqErr, ok := errors.AsType[*pq.Error](https://github.com/lib/pq/blob/HEAD/err); ok && pqErr.Code == pqerror.UniqueViolation {
      log.Fatalf("email %q already exsts", email)
  }
  

  To make this a bit more convenient, it also adds a pq.As() function:

... (truncated)

Changelog

Sourced from github.com/lib/pq's changelog.

v1.12.3 (2026-04-03)

• Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2 (2026-04-02)

• Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1 (2026-03-30)

• Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

• Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

v1.12.0 (2026-03-18)

• The next release may change the default sslmode from require to prefer. See #1271 for details.

• CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

  // Old
  tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
  // Replacement
  tx.Prepare(copy temp (num, text, blob, nothing) from stdin)
  

Features

• Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

• Support sslmode=prefer and sslmode=allow (#1270).

• Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

... (truncated)

Commits

• 1f3e3d9 Send datestyle as a startup parameter (#1312)
• 32ba56b Expand tests for multiple result sets
• c2cfac1 Release v1.12.2
• 859f104 Test CockroachDB
• 12e464c Allow multiple matches and regexps in pqtest.ErrorContains()
• 6d77ced Treat io.ErrUnexpectedEOF as driver.ErrBadConn in handleError
• 71daecb Ensure transactions are closed in pqtest
• 8f44823 Set PGAPPNAME for tests
• 4af2196 Fix healthcheck
• 38a54e4 Split out testdata/init a bit
• Additional commits viewable in compare view

Updates github.com/redis/go-redis/v9 from 9.16.0 to 9.20.0

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

9.20.0

🚀 Highlights

Redis 8.8 Support

This release adds support for Redis 8.8. The README's supported-versions list now includes Redis 8.8 alongside 8.0/8.2/8.4, and CI exercises the 8.8 client-libs-test image across the full suite (Makefile, build workflow, doctests, run-tests action, and docker-compose).

Coverage for the new commands that ship in the 8.x line, rounded out in this release:

• AR* array data type (#3813) — new array data structure, exposed via the ArrayCmdable interface (see the experimental-features highlight below).
• INCREX (#3816) — atomic increment with expiration in a single round-trip.
• XNACK (#3790) — explicit negative-acknowledge of pending stream entries.
• XAUTOCLAIM PEL deletes (#3798) — XAUTOCLAIM/XAUTOCLAIMJUSTID now return the list of deleted message IDs from the pending entries list.
• TS.RANGE multiple aggregators (#3791) — TS.RANGE/TS.REVRANGE/TS.MRANGE/TS.MREVRANGE accept multiple aggregators in a single call.
• Z(UNION|INTER|DIFF) COUNT aggregator (#3802) — COUNT reducer for sorted-set set operations.
• JSON.SET FPHA (#3797) — new FPHA argument that specifies the floating-point type for homogeneous FP arrays.

CI image bump (#3814) by @​ofekshenawa. Command coverage contributions by @​cxljs, @​elena-kolevska, @​Khukharr, @​ndyakov, and @​ofekshenawa.

Stable RESP3 for RediSearch (UnstableResp3 deprecated)

FT.SEARCH, FT.AGGREGATE, FT.INFO, FT.SPELLCHECK, and FT.SYNDUMP now parse RESP3 (map) responses into the same typed result objects as RESP2 — Val() and Result() work uniformly on both protocols, no flag required. Previously, RESP3 search responses required UnstableResp3: true and were returned as opaque maps accessible only via RawResult() / RawVal().

As a result, the UnstableResp3 option is now a no-op across every options struct (Options, ClusterOptions, UniversalOptions, FailoverOptions, RingOptions) and has been marked // Deprecated:. The field is retained for backwards compatibility — existing code that sets UnstableResp3: true will continue to compile and behave identically — but it will be removed in a future release and new code should not set it. RawResult() / RawVal() continue to work for callers that prefer the raw RESP payload.

(#3741) by @​ndyakov

Experimental Array Data Structure Commands

Adds an experimental ArrayCmdable interface with the AR* command family (ARSet, ARGet, ARGetRange, ARMSet, ARMGet, ARDel, ARDelRange, ARScan, ARSeek, ARNext, ARLastItems, ARGrep, ARGrepWithValues, ARInfo/ARInfoFull, and typed reducers AROpSum/AROpMin/AROpMax/AROpAnd/AROpOr/AROpXor/AROpMatch/AROpUsed) for working with Redis 8.8's new array data type. API is experimental and may change in a future release.

(#3813) by @​cxljs

✨ New Features

• RESP3 search parser: First-class RESP3 parsing for FT.SEARCH/FT.AGGREGATE/FT.INFO/FT.SPELLCHECK/FT.SYNDUMP responses with backwards compatibility for RESP2 (#3741) by @​ndyakov
• INCREX: New INCREX command support — atomic increment with expiration (#3816) by @​ndyakov
• XNACK: Client support for the XNACK stream command for explicitly negative-acknowledging pending entries (#3790) by @​elena-kolevska
• TS range multiple aggregators: TS.RANGE/TS.REVRANGE/TS.MRANGE/TS.MREVRANGE now accept multiple aggregators in a single call (#3791) by @​elena-kolevska
• XAutoClaim deleted IDs: XAUTOCLAIM/XAUTOCLAIMJUSTID now return the list of deleted message IDs from the PEL (#3798) by