Skip to content

chore(deps): bump the everything-else group across 1 directory with 6 updates #197

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

chore(deps): bump the everything-else group across 1 directory with 6 updates #197

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 8, 2025
edited
Loading

Bumps the everything-else group with 5 updates in the / directory:

Package From To
github.com/99designs/gqlgen 0.17.56 0.17.78
github.com/go-chi/chi/v5 5.2.1 5.2.3
github.com/olahol/melody 1.2.1 1.3.0
github.com/stretchr/testify 1.10.0 1.11.1
golang.org/x/sync 0.16.0 0.17.0

Updates github.com/99designs/gqlgen from 0.17.56 to 0.17.78

Release notes

Sourced from github.com/99designs/gqlgen's releases.

v0.17.78

What's Changed

Full Changelog: 99designs/gqlgen@v0.17.77...v0.17.78

v0.17.77

What's Changed

New Contributors

Full Changelog: 99designs/gqlgen@v0.17.76...v0.17.77

v0.17.76

What's Changed

New Contributors

Full Changelog: 99designs/gqlgen@v0.17.75...v0.17.76

v0.17.75

What's Changed

... (truncated)

Commits
  • cf7d7fb release v0.17.78
  • 3983c9b Added benchmark for graph executor (#3776)
  • b6c685b Moving processArgField function to graphql package (#3777)
  • 071ab4b v0.17.77 postrelease bump
  • db1fddb release v0.17.77
  • 4267f95 Update github.com/go-viper/mapstructure/v2 from v2.3.0 to v2.4.0 (#3774)
  • d15f824 Reuse argument parsing function (#3773)
  • 758df78 Adjust executor to expose defaultRules GraphQL customization (#3772)
  • a245e6f Better document how to construct a Server (#3764)
  • 9fd1403 chore(deps): bump golang.org/x/tools from 0.34.0 to 0.35.0 (#3770)
  • Additional commits viewable in compare view

Updates github.com/go-chi/chi/v5 from 5.2.1 to 5.2.3

Release notes

Sourced from github.com/go-chi/chi/v5's releases.

v5.2.3

What's Changed

New Contributors

Full Changelog: go-chi/chi@v5.2.2...v5.2.3

v5.2.2

What's Changed

Security fix

  • Fixes GHSA-vrw8-fxc6-2r93 - "Host Header Injection Leads to Open Redirect in RedirectSlashes" commit
    • a lower-severity Open Redirect that can't be exploited in browser or email client, as it requires manipulation of a Host header
    • reported by Anuraag Baishya, @​anuraagbaishya. Thank you!

New Contributors

Full Changelog: go-chi/chi@v5.2.1...v5.2.2

Commits
  • 9b9fb55 Replace methodTypString func with reverseMethodMap (#1018)
  • 0265fcd refactor: iterative wildcard collapsing and add test for consecutive wildcard...
  • cf537d4 Optimize throttle middleware by avoiding unnecessary timer creation (#1011)
  • 9040e95 fix/608 - Fix flaky Throttle middleware test by synchronizing token usage (#1...
  • d12cc49 feat(mux): support http.Request.Pattern in Go 1.23 (#986)
  • 1c2d011 Avoid potential nil dereference (#1008)
  • 7859137 Allow multiple whitespace between method & pattern (#1013)
  • 80d8da2 Add pathvalue example to README and implement PathValue handler. (#985)
  • 23c395f Correct documentation (#992)
  • 5516d14 docs: change install code to code block (#1001)
  • Additional commits viewable in compare view

Updates github.com/olahol/melody from 1.2.1 to 1.3.0

Changelog

Sourced from github.com/olahol/melody's changelog.

2025-06-08 (v1.3.0)

2022-09-12 (v1.1.0)

  • Create Go module.
  • Update examples.
  • Fix concurrent panic (PR-65).
  • Add Sessions to get all sessions (PR-53).
  • Add LocalAddr and RemoteAddr (PR-55).

2017-05-18

  • Fix HandleSentMessageBinary.

2017-04-11

  • Allow any origin by default.
  • Add BroadcastMultiple.

2017-04-09

  • Add control message support.
  • Add IsClosed to Session.

2017-02-10

  • Return errors for some exposed methods.
  • Add HandleRequestWithKeys.
  • Add HandleSentMessage and HandleSentMessageBinary.

2017-01-20

  • Add Len() to fetch number of connected sessions.

2016-12-09

  • Add metadata management for sessions.

2016-05-09

  • Add method HandlePong to melody instance.

2015-10-07

  • Add broadcast methods for binary messages.

2015-09-03

... (truncated)

Commits

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

Fixes

Documentation, Build & CI

... (truncated)

Commits
  • 2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
  • af8c912 Backport #1786 to release/1.11
  • b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
  • 69831f3 build(deps): bump actions/checkout from 4 to 5
  • a53be35 Improve captureTestingT helper
  • aafb604 mock: improve formatting of error message
  • 7218e03 improve error msg
  • 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
  • bc7459e suite: faster filtering of methods (-testify.m)
  • 7d37b5c suite: refactor methodFilter
  • Additional commits viewable in compare view

Updates github.com/vektah/gqlparser/v2 from 2.5.19 to 2.5.30

Release notes

Sourced from github.com/vektah/gqlparser/v2's releases.

v2.5.30

What's Changed

Full Changelog: vektah/gqlparser@v2.5.29...v2.5.30

v2.5.29

What's Changed

Full Changelog: vektah/gqlparser@v2.5.28...v2.5.29

v2.5.28

What's Changed

New Contributors

Full Changelog: vektah/gqlparser@v2.5.27...v2.5.28

v2.5.27

What's Changed

Full Changelog: vektah/gqlparser@v2.5.26...v2.5.27

v2.5.26

What's Changed

Full Changelog: vektah/gqlparser@v2.5.25...v2.5.26

v2.5.25

What's Changed

New Contributors

... (truncated)

Commits
  • f638740 Ensure Validation order is deterministic (#383)
  • 46a464d BREAKING: Fix AddRule and ReplaceRule methods behavior and add documentat...
  • 22fa045 Refactoring: not to use global rule sets (part 2) (#380)
  • 8fe841e Refactoring: not to use global rule sets (part 1) (#379)
  • 9e14766 Bump brace-expansion from 1.1.11 to 1.1.12 in /validator/imported (#378)
  • a954d8d Bump prettier in /validator/imported in the actions-deps group (#377)
  • 895262c Fix formatter when schema uses a mix of custom and default root operation typ...
  • eadea45 fix: ErrorPosf() handle nil Position input (#376)
  • f7a3835 Bump @​babel/core in /validator/imported in the actions-deps group (#373)
  • 7defefa Bump the actions-deps group in /validator/imported with 2 updates (#372)
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.16.0 to 0.17.0

Commits
  • 04914c2 all: upgrade go directive to at least 1.24.0 [generated]
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot
chore(deps): bump the everything-else group across 1 directory with 6…
697f9ee 
… updates

Bumps the everything-else group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) | `0.17.56` | `0.17.78` |
| [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) | `5.2.1` | `5.2.3` |
| [github.com/olahol/melody](https://github.com/olahol/melody) | `1.2.1` | `1.3.0` |
| [github.com/stretchr/testify](https://github.com/stretchr/testify) | `1.10.0` | `1.11.1` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.16.0` | `0.17.0` |



Updates `github.com/99designs/gqlgen` from 0.17.56 to 0.17.78
- [Release notes](https://github.com/99designs/gqlgen/releases)
- [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md)
- [Commits](99designs/gqlgen@v0.17.56...v0.17.78)

Updates `github.com/go-chi/chi/v5` from 5.2.1 to 5.2.3
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](go-chi/chi@v5.2.1...v5.2.3)

Updates `github.com/olahol/melody` from 1.2.1 to 1.3.0
- [Changelog](https://github.com/olahol/melody/blob/master/CHANGELOG.md)
- [Commits](olahol/melody@v1.2.1...v1.3.0)

Updates `github.com/stretchr/testify` from 1.10.0 to 1.11.1
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](stretchr/testify@v1.10.0...v1.11.1)

Updates `github.com/vektah/gqlparser/v2` from 2.5.19 to 2.5.30
- [Release notes](https://github.com/vektah/gqlparser/releases)
- [Commits](vektah/gqlparser@v2.5.19...v2.5.30)

Updates `golang.org/x/sync` from 0.16.0 to 0.17.0
- [Commits](golang/sync@v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/99designs/gqlgen
  dependency-version: 0.17.78
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything-else
- dependency-name: github.com/go-chi/chi/v5
  dependency-version: 5.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything-else
- dependency-name: github.com/olahol/melody
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: everything-else
- dependency-name: github.com/stretchr/testify
  dependency-version: 1.11.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: everything-else
- dependency-name: github.com/vektah/gqlparser/v2
  dependency-version: 2.5.30
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: everything-else
- dependency-name: golang.org/x/sync
  dependency-version: 0.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: everything-else
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot-go_modules-main-everything-else-88b0a75690 branch from d3d4494 to 697f9ee Compare September 15, 2025 14:43
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 22, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Sep 22, 2025
@dependabot dependabot bot deleted the dependabot-go_modules-main-everything-else-88b0a75690 branch September 22, 2025 01:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zivkovicmilos zivkovicmilos Awaiting requested review from zivkovicmilos zivkovicmilos is a code owner

@ajnavarro ajnavarro Awaiting requested review from ajnavarro ajnavarro is a code owner

Assignees
No one assigned
Labels
dependencies
Projects
🧙‍♂️gno.land core team
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants