build(deps): bump the gomod group across 1 directory with 19 updates

[dependabot]

Bumps the gomod group with 15 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.41.7	1.41.8
github.com/aws/aws-sdk-go-v2/config	1.32.17	1.32.19
github.com/aws/aws-sdk-go-v2/feature/s3/manager	1.22.17	1.22.21
github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs	1.73.0	1.74.1
github.com/aws/aws-sdk-go-v2/service/kinesis	1.43.7	1.43.8
github.com/aws/aws-sdk-go-v2/service/sqs	1.42.27	1.42.28
github.com/getkin/kin-openapi	0.137.0	0.139.0
github.com/go-co-op/gocron/v2	2.21.1	2.21.2
github.com/prometheus/common	0.67.5	0.68.0
github.com/slack-go/slack	0.23.0	0.24.0
golang.org/x/crypto	0.50.0	0.52.0
golang.org/x/mod	0.35.0	0.36.0
google.golang.org/grpc	1.81.0	1.81.1
k8s.io/apiserver	0.36.0	0.36.1
modernc.org/sqlite	1.50.0	1.51.0

Updates github.com/aws/aws-sdk-go-v2 from 1.41.7 to 1.41.8

Commits

• 74c5011 Release 2026-05-28
• 7d82651 Regenerated Clients
• 79c63d9 Update endpoints model
• b15b3b8 Update API model
• 090e469 Feat tmv2 parity (#3424)
• d2133f0 credentials/logincreds: create new cache files with 0600 (#3425)
• 38fe976 Release 2026-05-27
• a7d5164 Regenerated Clients
• 5b79052 Update API model
• 5acd7b4 Add SHA-512 auto checksum calculation for S3 (#3422)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.17 to 1.32.19

Commits

• 74c5011 Release 2026-05-28
• 7d82651 Regenerated Clients
• 79c63d9 Update endpoints model
• b15b3b8 Update API model
• 090e469 Feat tmv2 parity (#3424)
• d2133f0 credentials/logincreds: create new cache files with 0600 (#3425)
• 38fe976 Release 2026-05-27
• a7d5164 Regenerated Clients
• 5b79052 Update API model
• 5acd7b4 Add SHA-512 auto checksum calculation for S3 (#3422)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.22.17 to 1.22.21

Commits

• 74c5011 Release 2026-05-28
• 7d82651 Regenerated Clients
• 79c63d9 Update endpoints model
• b15b3b8 Update API model
• 090e469 Feat tmv2 parity (#3424)
• d2133f0 credentials/logincreds: create new cache files with 0600 (#3425)
• 38fe976 Release 2026-05-27
• a7d5164 Regenerated Clients
• 5b79052 Update API model
• 5acd7b4 Add SHA-512 auto checksum calculation for S3 (#3422)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs from 1.73.0 to 1.74.1

Commits

• 676a8b1 Release 2025-01-24
• 1737386 Regenerated Clients
• 3bc09da Update API model
• cb98dee Fix flex checksum validation cfg (#2981)
• 9c76401 fix bad changelog type
• ed8a3ca Reduce fmt.Sprintf allocations in query encoding (#2919)
• d5773a9 Add FixUnmarshalIndividualSetValues option to DecoderOptions of dynamodb (#2896)
• 58e23dc fix codegen test failing in main
• 640d919 fix broken jmespath waiters in cloudwatch and autoscaling (#2984)
• 613a6cf Optimize/directory traversal (#2970)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/kinesis from 1.43.7 to 1.43.8

Commits

• 728f21f Release 2024-05-16
• 3dbd5ca Regenerated Clients
• c87adfd Update endpoints model
• e209d02 Update API model
• ef4a9a0 internal: capture user-agent in metrics (#2644)
• See full diff in compare view

Updates github.com/aws/aws-sdk-go-v2/service/s3 from 1.100.1 to 1.102.1

Commits

• 74c5011 Release 2026-05-28
• 7d82651 Regenerated Clients
• 79c63d9 Update endpoints model
• b15b3b8 Update API model
• 090e469 Feat tmv2 parity (#3424)
• d2133f0 credentials/logincreds: create new cache files with 0600 (#3425)
• 38fe976 Release 2026-05-27
• a7d5164 Regenerated Clients
• 5b79052 Update API model
• 5acd7b4 Add SHA-512 auto checksum calculation for S3 (#3422)
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/sqs from 1.42.27 to 1.42.28

Commits

• 74c5011 Release 2026-05-28
• 7d82651 Regenerated Clients
• 79c63d9 Update endpoints model
• b15b3b8 Update API model
• 090e469 Feat tmv2 parity (#3424)
• d2133f0 credentials/logincreds: create new cache files with 0600 (#3425)
• 38fe976 Release 2026-05-27
• a7d5164 Regenerated Clients
• 5b79052 Update API model
• 5acd7b4 Add SHA-512 auto checksum calculation for S3 (#3422)
• Additional commits viewable in compare view

Updates github.com/getkin/kin-openapi from 0.137.0 to 0.139.0

Release notes

Sourced from github.com/getkin/kin-openapi's releases.

v0.139.0

What's Changed

• feat(openapi3): batch-convert long-tail RequiredFieldError sites by @​reuvenharrison in getkin/kin-openapi#1170
• feat(openapi3): typed validation error clusters (combined: Improvement/crowdsec: add labels to decisions #1171-#1179) by @​reuvenharrison in getkin/kin-openapi#1180
• openapi3gen: skip component export for anonymous types by @​0-don in getkin/kin-openapi#1163
• feat: migrate to oasdiff/yaml v0.1.0 single Unmarshal API + enable DisableTimestamps by @​reuvenharrison in getkin/kin-openapi#1181
• openapi3: typed context errors for Validate() wrapper chain by @​reuvenharrison in getkin/kin-openapi#1183
• openapi3: track Origin on the document root (T) by @​reuvenharrison in getkin/kin-openapi#1184
• openapi3: tests flakiness corrected by @​fenollp in getkin/kin-openapi#1159
• openapi3: aggregate independent validation errors via EnableMultiError by @​reuvenharrison in getkin/kin-openapi#1185
• openapi3: fix validation of duplicated path templates by @​reuvenharrison in getkin/kin-openapi#1189
• openapi3: type the remaining bare-error validation sites by @​reuvenharrison in getkin/kin-openapi#1187

Full Changelog: getkin/kin-openapi@v0.138.0...v0.139.0

v0.138.0

What's Changed

• openapi3gen: clear nullable on exported component bodies by @​0-don in getkin/kin-openapi#1164
• openapi3: add test for issue #927 (nullable not respected on $ref schemas) by @​fenollp in getkin/kin-openapi#1165
• test: move public-API tests to external _test packages by @​fenollp in getkin/kin-openapi#1168
• feat(openapi3): add per-type validation errors with cluster wrappers by @​reuvenharrison in getkin/kin-openapi#1166
• feat(openapi3conv): canonicalization pass for 3.0 -> 3.x by @​reuvenharrison in getkin/kin-openapi#1162
• openapi3conv: test Upgrade on many documents by @​fenollp in getkin/kin-openapi#1169

Full Changelog: getkin/kin-openapi@v0.137.0...v0.138.0

Commits

• 8381bfc openapi3: type the remaining bare-error validation sites (#1187)
• d29b5c0 openapi3: fix validation of duplicated path templates (#1189)
• e56c2c7 openapi3: aggregate independent validation errors via EnableMultiError (#1185)
• 7ea1ac8 openapi3: tests flakiness corrected (#1159)
• dc70f84 openapi3: track Origin on the document root (T) (#1184)
• 69492df openapi3: typed context errors for Validate() wrapper chain (#1183)
• 0a89925 un-patch YAML serialization of dates (see issue #697)
• 55a4c72 openapi3: re-enable tests disabled due to YAML dates in map keys
• c61836c ci: fixup lint after modifications to marsh.go
• 7633481 feat: migrate to oasdiff/yaml v0.1.0 single Unmarshal API + enable DisableTim...
• Additional commits viewable in compare view

Updates github.com/go-co-op/gocron/v2 from 2.21.1 to 2.21.2

Release notes

Sourced from github.com/go-co-op/gocron/v2's releases.

v2.21.2

What's Changed

• fix: defer WithLimitedRuns job removal until task completes (#925) by @​SAY-5 in go-co-op/gocron#926

New Contributors

• @​SAY-5 made their first contribution in go-co-op/gocron#926

Full Changelog: go-co-op/gocron@v2.21.1...v2.21.2

Commits

• 629cfc5 fix: defer WithLimitedRuns job removal until task completes (#925) (#926)
• See full diff in compare view

Updates github.com/prometheus/common from 0.67.5 to 0.68.0

Release notes

Sourced from github.com/prometheus/common's releases.

v0.68.0

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#873
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#874
• build(deps): bump github.com/golang-jwt/jwt/v5 from 5.3.0 to 5.3.1 by @​dependabot[bot] in prometheus/common#879
• build(deps): bump golang.org/x/net from 0.48.0 to 0.49.0 by @​dependabot[bot] in prometheus/common#878
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#875
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#880
• Remove logic adding unit to metrics name by @​vesari in prometheus/common#877
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#881
• Update for Go 1.26 by @​SuperQ in prometheus/common#883
• build(deps): bump golang.org/x/net from 0.49.0 to 0.51.0 by @​dependabot[bot] in prometheus/common#882
• version: Add a slog helper by @​SuperQ in prometheus/common#886
• Remove Arthur from maintainers list by @​ArthurSens in prometheus/common#885
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#895
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus/common#896
• config: change NewOAuth2RoundTripper to accept variadic HTTPClientOption by @​alliasgher in prometheus/common#898
• config: guard against nil oauth2 credential in RoundTrip by @​alliasgher in prometheus/common#897
• build(deps): bump golang.org/x/net from 0.51.0 to 0.52.0 by @​dependabot[bot] in prometheus/common#890
• build(deps): bump go.yaml.in/yaml/v2 from 2.4.3 to 2.4.4 by @​dependabot[bot] in prometheus/common#891
• build(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.36.0 by @​dependabot[bot] in prometheus/common#892
• Move interface assertions to a test file by @​msiegen in prometheus/common#839
• fix(http_config): fix client cert rotation when no CA is configured by @​machine424 in prometheus/common#908
• Remove CircleCI by @​ArthurSens in prometheus/common#910
• Fix: apply DialContextFunc to OAuth2 token-fetch transport by @​yuri-tceretian in prometheus/common#911

New Contributors

• @​alliasgher made their first contribution in prometheus/common#898
• @​msiegen made their first contribution in prometheus/common#839
• @​machine424 made their first contribution in prometheus/common#908
• @​yuri-tceretian made their first contribution in prometheus/common#911

Full Changelog: prometheus/common@v0.67.5...v0.68.0

Commits

• 1e0ae83 config: apply DialContextFunc to OAuth2 token-fetch transport (#911)
• b51d01b Remove CircleCI (#910)
• 0f3c348 Merge pull request #908 from machine424/ttlsco
• 732a9cf fix(http_config): fix client cert rotation when no CA is configured
• ce9215c Move interface assertions to a test file (#839)
• 1ba5ed7 build(deps): bump golang.org/x/oauth2 from 0.34.0 to 0.36.0 (#892)
• 8f8ada6 build(deps): bump go.yaml.in/yaml/v2 from 2.4.3 to 2.4.4 (#891)
• 5bf00a4 build(deps): bump golang.org/x/net from 0.51.0 to 0.52.0 (#890)
• a4fac5c config: guard against nil oauth2 credential in RoundTrip (#897)
• 9e28363 Merge pull request #898 from alliasgher/fix/NewOAuth2RoundTripper-exported-op...
• Additional commits viewable in compare view

Updates github.com/slack-go/slack from 0.23.0 to 0.24.0

Release notes

Sourced from github.com/slack-go/slack's releases.

v0.24.0

What's Changed

• docs: format go get command in code block by @​akhil-ge0rge in slack-go/slack#1554
• feat: add new block kit block Data Table by @​nlopes in slack-go/slack#1555

[!IMPORTANT] NewTaskCardBlock and NewPlanBlock now guard against nil variadic options so if you were doing that (which you shouldn't) this is a breaking change.

New Contributors

• @​akhil-ge0rge made their first contribution in slack-go/slack#1554

Full Changelog: slack-go/slack@v0.23.1...v0.24.0

v0.23.1

[!IMPORTANT] Even though this is a [security] patch release, if you were using an empty secret, this is a breaking change due to a change in behaviour. That's on purpose, to ensure you fix your approach so that there are no footguns.

Fixed

• NewSecretsVerifier now rejects empty signing secrets to avoid accepting forged request signatures when applications are misconfigured.

Full Changelog: slack-go/slack@v0.23.0...v0.23.1

Changelog

Sourced from github.com/slack-go/slack's changelog.

[0.24.0]

Added

• Block Kit: DataTableBlock for the data_table block, with NewDataTableBlock, AddRow, raw-text/raw-number/rich-text cell constructors, and WithPageSize / WithRowHeaderColumnIndex builders.

Changed

• NewTaskCardBlock and NewPlanBlock nil-guard their variadic options, matching the other block constructors (#1236).

[0.23.1] - 2026-05-10

Fixed

• NewSecretsVerifier now rejects empty signing secrets to avoid accepting forged request signatures when applications are misconfigured.

Commits

• 0b30f31 chore: bump to v0.24.0
• 8c5ef3c feat: add new block kit block Data Table (#1555)
• ff3ada6 docs: format go get command in code block (#1554)
• 34ad5c0 security: reject empty signing secret for NewSecretsVerifier
• c6edc27 chore: bump go to 1.25.9
• See full diff in compare view

Updates golang.org/x/crypto from 0.50.0 to 0.52.0

Commits

• a1c0d99 go.mod: update golang.org/x dependencies
• 3c7c869 ssh: fix deadlock on unexpected channel responses
• 533fb3f ssh: fix source-address critical option bypass
• abbc44d ssh: fix incorrect operator order
• e052873 ssh: fix infinite loop on large channel writes due to integer overflow
• b61cf85 ssh: enforce user presence verification for security keys
• 9c2cd33 ssh: enforce strict limits on DSA key parameters
• 8907318 ssh: reject RSA keys with excessively large moduli
• ffd87b4 ssh: fix panic when authority callbacks are nil
• 4e7a738 ssh: fix deadlock on unexpected global responses
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.35.0 to 0.36.0

Commits

• 643da9b go.mod: update golang.org/x dependencies
• ccc3cdf zip: include 'but content has correct sum' note in TestVCS
• ab30318 zip: update zip hashes for new flate compression
• See full diff in compare view

Updates golang.org/x/net from 0.53.0 to 0.54.0

Commits

• b138e06 go.mod: update golang.org/x dependencies
• 689f70a quic: fix wrong final size being used for RESET_STREAM frame
• 208f306 http3: increase handshake timeout
• 49810da http2: enable net/http wrapping when go >= 1.27
• 5e11a5a quic: fix data race in streamForFrame
• 8c63081 http2: use empty Transport rather than DefaultTransport in http2wrap
• fc7b466 http2: add http2wrap test
• 15c2cb1 http2: avoid overflowing 32-bit int when http2wrap enabled
• 6465188 http2: add wrapped Server
• 72f419a http2: add wrapped ClientConn
• Additional commits viewable in compare view

Updates golang.org/x/sys from 0.44.0 to 0.45.0

Commits

• 397d5f8 unix: update to Linux kernel 7.0
• 0a387f7 cpu: detect zbc extension on riscv64
• 758f71c cpu: add LLACQ_SCREL, SCQ, DBAR_HINTS detection for loong64
• 99666ae unix: merge Linux readv/writev implementation with Darwin/OpenBSD
• e4444cb windows: add NtSetEaFile, NtQueryEaFile and NtQueryInformationFile
• 04396e8 unix: add Readv, Writev, Preadv, Pwritev for OpenBSD
• See full diff in compare view

Updates golang.org/x/text from 0.36.0 to 0.37.0

Commits

• 3ef517e go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates google.golang.org/grpc from 1.81.0 to 1.81.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.81.1

Security

• xds/rbac: Fix a potential authorization bypass caused by incorrectly falling through URI/DNS SANs to Subject Distinguished Name (DN) when matching the authenticated principal name. With this fix, only the first non-empty identity source will be used, as per gRFC A41. (#9111)
  • Special Thanks: @​al4an444

Bug Fixes

• otel: Segregate client and server RPC information used for metrics and traces, to avoid one overwriting the other. (#9081)

Commits

• caf0772 Change version from 1.81.1-dev to 1.81.1 (#9122)
• 6ccbeeb Cherry-pick #9111 into v1.81.x (#9121)
• b33c29e Cherry-pick #9081 into v1.81.x (#9102)
• c45fae6 Change version to 1.81.1-dev (#9063)
• See full diff in compare view

Updates k8s.io/apiserver from 0.36.0 to 0.36.1

Commits

• f5c87c5 Update dependencies to v0.36.1 tag
• See full diff in compare view

Updates modernc.org/sqlite from 1.50.0 to 1.51.0

Changelog

Sourced from modernc.org/sqlite's changelog.

Changelog

• 2026-05-28 v1.52.0:

  • Add Backup.Remaining and Backup.PageCount, thin wrappers around the existing sqlite3_backup_remaining and sqlite3_backup_pagecount C symbols. Together they expose the per-Step progress counters that the underlying backup object already maintains, enabling progress reporting during online backups without dropping to modernc.org/sqlite/lib directly.
  • See [GitLab merge request #122](https://gitlab.com/cznic/sqlite/-/merge_requests/122), thanks Ian Chechin!
  • Drop the redundant second copy in (*conn).columnText, the path that backs every Rows.Scan into a Go string for a TEXT column. The value's bytes are still copied once out of SQLite-owned memory into a fresh Go buffer; that buffer is then reinterpreted as the result string with unsafe.String rather than copied a second time by the implicit string([]byte) conversion. This removes one allocation per TEXT value per row and roughly halves the bytes allocated on that path; on the new BenchmarkColumnTextScan cases it is ~13–20% faster for payloads of 256 B and larger, with no measurable change for very short strings. Purely internal: no API or behavioral change, and the returned string never aliases SQLite's buffer.
  • See [GitLab merge request #123](https://gitlab.com/cznic/sqlite/-/merge_requests/123), thanks Ian Chechin!

• 2026-05-28 v1.51.0:

  • Pool the []driver.Value slice passed to scalar/aggregate UDF callbacks and to vtab Filter/Insert/Update callbacks, eliminating the dominant per-row allocation on UDF-heavy queries. Benchmarks on a 1000-row, 3-arg noop scalar UDF show ~40% fewer bytes/op and ~15% fewer allocs/op.
  • Document the matching "arguments are not valid past return" contract on vtab.Cursor.Filter and vtab.Updater.Insert/Update, consistent with the existing rule for FunctionImpl.Scalar / AggregateFunction.Step / WindowInverse.
  • Resolves [GitLab issue #226](https://gitlab.com/cznic/sqlite/-/issues/226). See [GitLab merge request #114](https://gitlab.com/cznic/sqlite/-/merge_requests/114), thanks Ian Chechin!
  • Add FileControl.FileControlDataVersion, a wrapper around SQLITE_FCNTL_DATA_VERSION for observing pager-cache data-version changes, including those made on the same connection. Useful as a primitive for application-level cache invalidation.
  • Exposed via the idiomatic database/sql escape hatch (*sql.Conn).Raw(), consistent with the existing FileControlPersistWAL.
  • See [GitLab merge request #115](https://gitlab.com/cznic/sqlite/-/merge_requests/115), thanks Ian Chechin!
  • Fix a regression where in-memory connections (:memory:, file::memory:, shared-cache memory URIs) were discarded by database/sql after a context-cancelled query, taking the entire in-memory store with them. The fix for #198 had added an sqlite3_is_interrupted check to the connection validator that mistakenly applied to in-memory connections too, re-introducing the bug originally fixed by !74. File-backed connections keep the existing behaviour and are still discarded after an interrupt.
  • Resolves [GitLab issue #196](https://gitlab.com/cznic/sqlite/-/issues/196). See [GitLab merge request #116](https://gitlab.com/cznic/sqlite/-/merge_requests/116), thanks Ian Chechin!
  • Add an opt-in FunctionImpl.VolatileArgs flag that hands TEXT and BLOB arguments to scalar and aggregate UDF callbacks as zero-copy views (unsafe.String/unsafe.Slice) over SQLite's own value buffers, eliminating the per-argument libc.GoString/make([]byte) copy that the #226 slice-pooling left as the remaining per-row allocation. On the same 1000-row, 3-arg (INTEGER/TEXT/BLOB) noop scalar UDF this removes a further ~35% of allocs/op and ~11% of bytes/op on top of #226.
  • The views are valid only for the duration of the callback and must not be retained past return or across rows; a callback that needs to keep a value must copy it. With VolatileArgs unset (the default) arguments keep the existing copied, caller-owned semantics, so the flag is fully backward compatible; it has no effect on integer, float, time, or NULL arguments.
  • See [GitLab merge request #120](https://gitlab.com/cznic/sqlite/-/merge_requests/120), thanks Ian Chechin!
  • Extend the opt-in VolatileArgs zero-copy TEXT/BLOB argument access from #120 to the virtual-table Cursor.Filter (xFilter) and Updater.Insert/Update (xUpdate) callbacks. A vtab.Module opts in by implementing the new optional vtab.VolatileArgsOpter interface (VolatileArgs() bool); the flag is read once at module registration and shared by every table created from it. On a vtab call carrying one TEXT and one BLOB argument this removes 2 allocs/op (one libc.GoString, one make([]byte)) on each of the Filter and Update paths.
  • The same safety contract as #120 applies: the views are valid only for the duration of the callback and must not be retained past return or across rows; a callback that needs to keep a value must copy it. Modules that do not implement VolatileArgsOpter (the default for all existing modules) are byte-for-byte unchanged, and the flag has no effect on integer, float, time, or NULL arguments.
  • See [GitLab merge request #121](https://gitlab.com/cznic/sqlite/-/merge_requests/121), thanks Ian Chechin!

• 2026-05-10 v1.50.1:

  • Upgrade to SQLite 3.53.1.

• 2026-04-24 v1.50.0:

  • Upgrade to sqlite-vec v0.1.9.
  • Introduce ColumnInfo, enabling dynamic query builders and ORMs to retrieve underlying SQLite C-API metadata (OriginName, TableName, DatabaseName, and DeclType).
  • This feature is exposed via the idiomatic database/sql escape hatch (*sql.Conn).Raw(), avoiding custom statement handles and keeping the standard library workflow intact.
  • See [GitLab merge request #113](https://gitlab.com/cznic/sqlite/-/merge_requests/113), thanks Josh Bleecher Snyder!

• 2026-04-17 v1.49.0: Upgrade to SQLite 3.53.0.

  • Added -DSQLITE_ENABLE_DBPAGE_VTAB to the transpilation. See "The SQLITE_DBPAGE Virtual Table" for details.

• 2026-04-06 v1.48.2:

  • Fix ABI mapping mismatch in the pre-update hook trampoline that caused silent truncation of large 64-bit RowIDs.
  • Ensure the Go trampoline signature correctly aligns with the public sqlite3_preupdate_hook C API, preventing data corruption for high-entropy keys (e.g., Snowflake IDs).
  • See [GitLab merge request #98](https://gitlab.com/cznic/sqlite/-/merge_requests/98), thanks Josh Bleecher Snyder!
  • Fix the memory allocator used in (*conn).Deserialize.
  • Replace tls.Alloc with sqlite3_malloc64 to prevent internal allocator corruption. This ensures the buffer is safely owned by SQLite, which may resize or free it due to the SQLITE_DESERIALIZE_RESIZEABLE and SQLITE_DESERIALIZE_FREEONCLOSE flags.
  • Prevent a memory leak by properly freeing the allocated buffer if fetching the main database name fails before handing ownership to SQLite.
  • See [GitLab merge request #100](https://gitlab.com/cznic/sqlite/-/merge_requests/100), thanks Josh Bleecher Snyder!
  • Fix (*conn).Deserialize to explicitly reject nil or empty byte slices.
  • Prevent silent database disconnection and connection pool corruption caused by SQLite's default behavior when sqlite3_deserialize receives a 0-length buffer.
  • See [GitLab merge request #101](https://gitlab.com/cznic/sqlite/-/merge_requests/101), thanks Josh Bleecher Snyder!
  • Fix commitHookTrampoline and rollbackHookTrampoline signatures by removing the unused pCsr parameter.
  • Aligns internal hook callbacks accurately with the underlying SQLite C API, cleaning up the code to prevent potential future confusion or bugs.
  • See [GitLab merge request #102](https://gitlab.com/cznic/sqlite/-/merge_requests/102), thanks Josh Bleecher Snyder!

... (truncated)

Commits

• a5f439b CHANGELOG.md: fix release tag
• 41e77be CHANGELOG.md: document #121
• 827df98 gofmt -l -s -w vtab/*.go
• 0d384cb Merge branch 'feat/vtab-volatile-args-opt-in' into 'master'
• 06e06d5 extend VolatileArgs opt-in to vtab Filter and Updater Insert/Update
• 2486abd HACKING.md, CLAUDE.md: this repo is not auto-tagged, tagging is manual
• d808a8f CHANGELOG.md: document #120
• fac1cab Merge branch 'feat/volatile-args-opt-in' into 'master'
• 569614c address review: empty-BLOB shape parity + re-entrancy note
• 905960c add FunctionImpl.VolatileArgs opt-in for zero-copy TEXT/BLOB args
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions