Skip to content

Bump the gomod group across 1 directory with 8 updates#268

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/gomod-f9d420b6af
Open

Bump the gomod group across 1 directory with 8 updates#268
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/gomod-f9d420b6af

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2026

Bumps the gomod group with 7 updates in the / directory:

Package From To
github.com/charmbracelet/bubbles 0.21.1 1.0.0
github.com/klauspost/compress 1.18.3 1.18.5
github.com/mattn/go-sqlite3 1.14.33 1.14.38
github.com/pressly/goose/v3 3.26.0 3.27.0
github.com/tdewolff/minify/v2 2.24.8 2.24.11
github.com/yuin/goldmark 1.7.16 1.8.2
golang.org/x/image 0.36.0 0.38.0

Updates github.com/charmbracelet/bubbles from 0.21.1 to 1.0.0

Release notes

Sourced from github.com/charmbracelet/bubbles's releases.

v1.0.0

This is just an honorary release of Bubbles v1. Stay tuned for the next major version 🫧

Changelog

Fixed

  • d0166363eb8176b331de98dba1d6e997560f216f: fix: changed 'recieve' to 'receive' for 100% quality of Go Report Card (#881) (@​Atennop1)

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Commits
  • 4824eff chore(deps): bump github.com/charmbracelet/x/ansi in the all group (#859)
  • d016636 fix: changed 'recieve' to 'receive' for 100% quality of Go Report Card (#881)
  • See full diff in compare view

Updates github.com/klauspost/compress from 1.18.3 to 1.18.5

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.5

What's Changed

Full Changelog: klauspost/compress@v1.18.4...v1.18.5

v1.18.4

What's Changed

New Contributors

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

Commits

Updates github.com/mattn/go-sqlite3 from 1.14.33 to 1.14.38

Commits
  • edadafa Merge pull request #1381 from mattn/eliminate-bounds-checks
  • 8f9f86e Eliminate unnecessary bounds checks in hot paths
  • 0d23881 Merge pull request #1379 from theimpostor/pr-1322-missing-constraint-op-types
  • 84bdc43 add missing index constraint op types
  • 57e5007 Merge pull request #1313 from Jaculabilis/json-example
  • bb8d0b2 Bump Go test matrix versions from 1.23-1.25 to 1.24-1.26
  • bc7436e Bump GitHub Actions versions to latest
  • 0f12d4e Ensure Close always removes runtime finalizer to prevent memory leak
  • d71eda8 Fix upgrade.sh: add already-up-to-date check and fix changelog URL format
  • 4ea2a9f Upgrade SQLite to version 3051003
  • Additional commits viewable in compare view

Updates github.com/pressly/goose/v3 from 3.26.0 to 3.27.0

Release notes

Sourced from github.com/pressly/goose/v3's releases.

v3.27.0

What's Changed

Added

  • Preliminary Spanner dialect support (#966)

Changed

  • Minimum Go version is now 1.25
  • SQL migration templates no longer include StatementBegin and StatementEnd annotations. These are only needed for complex statements containing semicolons (e.g., stored procedures). See docs for details.
  • Various dependency upgrades

Other

  • Added formatting for YDB table names to include folder (#1007)
  • Fix tests for StarRocks 3.5 (#1024)
  • CI improvements (#1000, #1005, #1008)

Full Changelog: pressly/goose@v3.26.0...v3.27.0

Changelog

Sourced from github.com/pressly/goose/v3's changelog.

[v3.27.0] - 2026-02-22

Added

  • Preliminary Spanner dialect support (#966)

Changed

  • Minimum Go version is now 1.25
  • SQL migration templates no longer include StatementBegin and StatementEnd annotations. These are only needed for complex statements containing semicolons (e.g., stored procedures). See docs for details.
  • Various dependency upgrades
Commits
  • 7fb1461 release: v3.27.0
  • 0b651ba fix: downgrade go directive to 1.25.0 in internal/testing
  • aa8e825 build(deps): bump dependencies in internal/testing
  • 83743b6 chore: apply go fix modernizations and bump dependencies (#1034)
  • 5de4fb4 feat: add dockermanage package (#1029)
  • ac97ee0 build(deps): bump github.com/ydb-platform/ydb-go-sdk/v3 from 3.125.1 to 3.126...
  • 8a37350 build(deps): bump the gomod group across 1 directory with 2 updates (#1026)
  • bab893c Fix tests for StarRocks 3.5 (#1024)
  • 26e537d build(deps): bump the gomod group across 1 directory with 5 updates (#1020)
  • 7a98c89 docs: update ordering of CLI param help text
  • Additional commits viewable in compare view

Updates github.com/tdewolff/minify/v2 from 2.24.8 to 2.24.11

Release notes

Sourced from github.com/tdewolff/minify/v2's releases.

v2.24.11

v2.24.10

v2.24.9

Commits
  • ff2b550 SVG: add KeepNamespaces option, fixes #936
  • 585f8ad JS: suppress checking for duplicate private members in classes, fixes #932
  • 6055e37 JS: fix variable declaration reodering, fixes #926
  • c959c46 Merge branch 'master' of github.com:tdewolff/minify
  • 26b30e5 Small tweaks
  • 161ff00 CSS: remove empty rulesets, see #908
  • bb56ad0 Merge pull request #916 from VastBlast/fix-fail-on-warn-ci
  • 2ea2a79 disable fail on warn for ci
  • 9fb8080 JS: fix variable renaming inside objects within object-property-methods, fixe...
  • 25221ff Merge pull request #915 from tdewolff/dependabot/npm_and_yarn/bindings/js/rol...
  • Additional commits viewable in compare view

Updates github.com/yuin/goldmark from 1.7.16 to 1.8.2

Release notes

Sourced from github.com/yuin/goldmark's releases.

v1.8.2

fix: setext headings positions

v1.8.1

fix: block positions

v1.8.0

  • feat: add position information to all nodes
    • add position information to all nodes, including inline nodes and link reference definition nodes.
    • Now link reference definition nodes are represented as a new node type.
    • Link and image nodes have a new field Reference which is a pointer to the reference link if this link is a reference link. This field is nil for non-reference links.

v1.7.17 release

Full Changelog: yuin/goldmark@v1.7.16...v1.7.17

Commits
  • 379bf24 fix: setext headings positions
  • e8f2337 fix: block positions
  • dfa1ae1 feat: add position information to all nodes
  • cb46bbc fix: prevent XSS by escaping dangerous URLs in links and images
  • d8b123c refactor: simplify codes
  • db34c99 Merge pull request #535 from Sebbito/master
  • 5a2a2bf Merge pull request #545 from maxatome/fix-table-panic
  • 9aca462 fix(table): if table cell attribute is a string, a panic occurs
  • ea86b36 Fix doc error in markdown.go
  • See full diff in compare view

Updates golang.org/x/crypto from 0.47.0 to 0.48.0

Commits

Updates golang.org/x/image from 0.36.0 to 0.38.0

Commits
  • 23ae9ed tiff: cap buffer growth to prevent OOM from malicious IFD offset
  • e589e60 webp: allow VP8L + VP8X(with alpha)
  • fe7d73d go.mod: update golang.org/x dependencies
  • e3d762b all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gomod group across 1 directory with 8 updates
5e87934 
Bumps the gomod group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/charmbracelet/bubbles](https://github.com/charmbracelet/bubbles) | `0.21.1` | `1.0.0` |
| [github.com/klauspost/compress](https://github.com/klauspost/compress) | `1.18.3` | `1.18.5` |
| [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) | `1.14.33` | `1.14.38` |
| [github.com/pressly/goose/v3](https://github.com/pressly/goose) | `3.26.0` | `3.27.0` |
| [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) | `2.24.8` | `2.24.11` |
| [github.com/yuin/goldmark](https://github.com/yuin/goldmark) | `1.7.16` | `1.8.2` |
| [golang.org/x/image](https://github.com/golang/image) | `0.36.0` | `0.38.0` |



Updates `github.com/charmbracelet/bubbles` from 0.21.1 to 1.0.0
- [Release notes](https://github.com/charmbracelet/bubbles/releases)
- [Commits](charmbracelet/bubbles@v0.21.1...v1.0.0)

Updates `github.com/klauspost/compress` from 1.18.3 to 1.18.5
- [Release notes](https://github.com/klauspost/compress/releases)
- [Commits](klauspost/compress@v1.18.3...v1.18.5)

Updates `github.com/mattn/go-sqlite3` from 1.14.33 to 1.14.38
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.33...v1.14.38)

Updates `github.com/pressly/goose/v3` from 3.26.0 to 3.27.0
- [Release notes](https://github.com/pressly/goose/releases)
- [Changelog](https://github.com/pressly/goose/blob/main/CHANGELOG.md)
- [Commits](pressly/goose@v3.26.0...v3.27.0)

Updates `github.com/tdewolff/minify/v2` from 2.24.8 to 2.24.11
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](tdewolff/minify@v2.24.8...v2.24.11)

Updates `github.com/yuin/goldmark` from 1.7.16 to 1.8.2
- [Release notes](https://github.com/yuin/goldmark/releases)
- [Commits](yuin/goldmark@v1.7.16...v1.8.2)

Updates `golang.org/x/crypto` from 0.47.0 to 0.48.0
- [Commits](golang/crypto@v0.47.0...v0.48.0)

Updates `golang.org/x/image` from 0.36.0 to 0.38.0
- [Commits](golang/image@v0.36.0...v0.38.0)

---
updated-dependencies:
- dependency-name: github.com/charmbracelet/bubbles
  dependency-version: 1.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gomod
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.18.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.38
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/pressly/goose/v3
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: github.com/tdewolff/minify/v2
  dependency-version: 2.24.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gomod
- dependency-name: github.com/yuin/goldmark
  dependency-version: 1.8.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/crypto
  dependency-version: 0.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
- dependency-name: golang.org/x/image
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gomod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants