chore(deps): bump the go-modules group with 14 updates

[dependabot]

Bumps the go-modules group with 14 updates:

Package	From	To
github.com/clipperhouse/displaywidth	0.9.0	0.10.0
github.com/clipperhouse/uax29/v2	2.5.0	2.6.0
github.com/go-git/go-git/v5	5.16.4	5.16.5
github.com/googleapis/enterprise-certificate-proxy	0.3.11	0.3.12
github.com/klauspost/compress	1.18.3	1.18.4
golang.org/x/crypto	0.47.0	0.48.0
golang.org/x/mod	0.32.0	0.33.0
golang.org/x/net	0.49.0	0.50.0
golang.org/x/oauth2	0.34.0	0.35.0
golang.org/x/sys	0.40.0	0.41.0
golang.org/x/term	0.39.0	0.40.0
golang.org/x/text	0.33.0	0.34.0
golang.org/x/tools	0.41.0	0.42.0
modernc.org/sqlite	1.44.3	1.45.0

Updates github.com/clipperhouse/displaywidth from 0.9.0 to 0.10.0

Changelog

Sourced from github.com/clipperhouse/displaywidth's changelog.

[0.10.0]

Compare

Added

• New ControlSequences option to treat ECMA-48/ANSI escape sequences as zero-width. (#20)
• TruncateString and TruncateBytes now preserve trailing ANSI escape sequences (such as SGR resets) when ControlSequences is true, preventing color bleed in terminal output.

Changed

• Removed stringish dependency; generic type constraints are now inline ~string | []byte.
• Upgraded uax29 dependency to v2.6.0 for ANSI escape sequence support in the grapheme iterator.

Commits

• 154f35a Subsequent escapes included in Truncate (#21)
• a8c4d02 Update CHANGELOG.md
• 3f6299a reduce stringish dependency
• 21f4a99 update actions
• 41280f9 Option to treat control sequences as 0 width (#20)
• See full diff in compare view

Updates github.com/clipperhouse/uax29/v2 from 2.5.0 to 2.6.0

Commits

• 18e08f6 Reduce stringish dependency
• 4a5d8ea ANSI escape sequences as grapheme clusters (#47)
• bc4e08d Simpler ASCII conditional & benchmarks
• See full diff in compare view

Updates github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.5

What's Changed

• build: Update module golang.org/x/crypto to v0.45.0 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1744
• build: Bump Go test versions to 1.23-1.25 (v5) by @​pjbgf in go-git/go-git#1746
• [v5] git: worktree, Don't delete local untracked files when resetting worktree by @​Ch00k in go-git/go-git#1800
• Expand packfile checks by @​pjbgf in go-git/go-git#1836

Full Changelog: go-git/go-git@v5.16.4...v5.16.5

Commits

• 48a1ae0 Merge pull request #1836 from go-git/check-v5
• 42bdf1f storage: filesystem, Verify idx matches pack file
• 4146a56 plumbing: format/idxfile, Verify idxfile's checksum
• 63d78ec plumbing: format/packfile, Add new ErrMalformedPackFile
• 25f1624 Merge pull request #1800 from Ch00k/no-delete-untracked-v5
• 600fb13 git: worktree, Don't delete local untracked files when resetting worktree
• 390a569 Merge pull request #1746 from pjbgf/bump-go
• 61c8b85 build: Bump Go test versions to 1.23-1.25 (v5)
• e5a05ec Merge pull request #1744 from go-git/renovate/releases/v5.x-go-golang.org-x-c...
• 1495930 plumbing: Remove use of non-constant format strings
• Additional commits viewable in compare view

Updates github.com/googleapis/enterprise-certificate-proxy from 0.3.11 to 0.3.12

Release notes

Sourced from github.com/googleapis/enterprise-certificate-proxy's releases.

v0.3.12

What's Changed

• chore: Update go.mod to upgrade the go version to 1.24.11 by @​agrawalradhika-cell in googleapis/enterprise-certificate-proxy#180

Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.11...v0.3.12

Commits

• fb4bf8a chore: Update go.mod to upgrade the go version to 1.24.11 (#180)
• See full diff in compare view

Updates github.com/klauspost/compress from 1.18.3 to 1.18.4

Release notes

Sourced from github.com/klauspost/compress's releases.

v1.18.4

What's Changed

• gzhttp: Add zstandard to server handler wrapper by @​klauspost in klauspost/compress#1121
• zstd: Add ResetWithOptions to encoder/decoder by @​klauspost in klauspost/compress#1122
• gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @​analytically in klauspost/compress#1116

New Contributors

• @​analytically made their first contribution in klauspost/compress#1116
• @​ethaizone made their first contribution in klauspost/compress#1124
• @​zwass made their first contribution in klauspost/compress#1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

Commits

• c03560f zstd: Add ResetWithOptions to encoder/decoder (#1122)
• 0874ab8 build(deps): bump the github-actions group with 3 updates (#1126)
• 4a36836 doc: Clarify documentation in readme (#1125)
• 4309644 zstd: document concurrency option handling in encoder (#1124)
• c262ec6 Update README.md
• 861ca97 Downstream CVE-2025-61728 (#1123)
• 03de960 gzhttp: Add zstandard to server handler wrapper (#1121)
• bb1ab3b build(deps): bump the github-actions group with 2 updates (#1120)
• 986a51e fix(gzhttp): preserve qvalue when extra parameters follow in Accept-Encoding ...
• fbe3b12 build(deps): bump the github-actions group with 3 updates (#1118)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.47.0 to 0.48.0

Commits

• e08b067 go.mod: update golang.org/x dependencies
• 7d0074c scrypt: fix panic on parameters <= 0
• See full diff in compare view

Updates golang.org/x/mod from 0.32.0 to 0.33.0

Commits

• 27761a2 go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates golang.org/x/net from 0.49.0 to 0.50.0

Commits

• ebddb99 go.mod: update golang.org/x dependencies
• 4a490d4 internal/http3: add Expect: 100-continue support to ClientConn
• 73fe701 internal/http3: add Expect: 100-continue support to Server
• af0c9df html: add NodeType.String() method
• e02fb33 internal/http3: make responseWriter.Flush write headers if not done yet
• da558ff internal/http3: ensure bodyReader cannot be read after being closed
• d7c76fa internal/http3: make responseWriter behave closer to other http.ResponseWriter
• 64b3af9 http2: prevent transport deadlock due to WINDOW_UPDATE that exceeds limit
• 1973e8d internal/http3: add Server support for handling HEAD requests
• 57ea86d icmp, internal/socket, ipv4, ipv6: use binary.NativeEndian
• Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.34.0 to 0.35.0

Commits

• 89ff2e1 google: add safer credentials JSON loading options.
• See full diff in compare view

Updates golang.org/x/sys from 0.40.0 to 0.41.0

Commits

• fc646e4 cpu: use IsProcessorFeaturePresent to calculate ARM64 on windows
• f11c7bb windows: add IsProcessorFeaturePresent and processor feature consts
• d25a7aa unix: add IoctlSetString on all platforms
• 6fb913b unix: return early on error in Recvmsg
• See full diff in compare view

Updates golang.org/x/term from 0.39.0 to 0.40.0

Commits

• 3aff304 go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates golang.org/x/text from 0.33.0 to 0.34.0

Commits

• 817fba9 go.mod: update golang.org/x dependencies
• 3264de9 all: clean up old Go hacks
• 74af298 all: fix tags in remaining Unicode tables
• 117e03b all: delete old Unicode tables
• 9463ea4 all: update to Unicode 17
• 7278b25 internal/export/idna: update for post-Unicode 10 idna changes
• f964ad8 internal/export/idna: delete old code
• 678d34e unicode/norm: preserve QC Maybe bit in packed forminfo
• See full diff in compare view

Updates golang.org/x/tools from 0.41.0 to 0.42.0

Commits

• 009367f go.mod: update golang.org/x dependencies
• 2182926 go/ast/inspector: add Cursor.ParentEdge{Kind,Index} methods
• 27020ac internal/server: add module upgrade pathway after vulncheck scanning
• c4ec0f5 internal/server: list vulnerabilities within vulncheck prompt
• 80d1715 gopls/internal/protocol: add document uri field type
• 0e23509 gopls/doc: update link to Acme LSP plugin
• 7b3ed75 gopls/internal/server: respect SemanticTokens option during initialization
• fddd4a6 gopls/filecache: prevent premature CAS file eviction
• e3a69ff gopls/internal/golang: refactor.inline.variable: add parens
• 955d132 gopls/internal/golang: migrate pkgdoc to cursor
• Additional commits viewable in compare view

Updates modernc.org/sqlite from 1.44.3 to 1.45.0

Changelog

Sourced from modernc.org/sqlite's changelog.

Changelog

• 2026-02-09 v1.45.0:

• Introduce vtab subpackage (modernc.org/sqlite/vtab) exposing Module, Table, Cursor, and IndexInfo API for Go virtual tables.

• Wire vtab registration into the driver: vtab.RegisterModule installs modules globally and each new connection calls sqlite3_create_module_v2.

• Implement vtab trampolines for xCreate/xConnect/xBestIndex/xDisconnect/xDestroy/xOpen/xClose/xFilter/xNext/xEof/xColumn/xRowid.

• Map SQLite’s sqlite3_index_info into vtab.IndexInfo, including constraints, ORDER BY terms, and constraint usage (ArgIndex → xFilter argv[]).

• Add an in‑repo dummy vtab module and test (module_test.go) that validates registration, basic scanning, and constraint visibility.

• See merge request 90, thanks Adrian Witas!

• 2026-01-19 v1.44.3: Resolves issue 243.

• 2026-01-18 v1.44.2: Upgrade to SQLite 3.51.2.

• 2026-01-13 v1.44.0: Upgrade to SQLite 3.51.1.

• 2025-10-10 v1.39.1: Upgrade to SQLite 3.50.4.

• 2025-06-09 v1.38.0: Upgrade to SQLite 3.50.1.

• 2025-02-26 v1.36.0: Upgrade to SQLite 3.49.0.

• 2024-11-16 v1.34.0: Implement ResetSession and IsValid methods in connection

• 2024-07-22 v1.31.0: Support windows/386.

• 2024-06-04 v1.30.0: Upgrade to SQLite 3.46.0, release notes at https://sqlite.org/releaselog/3_46_0.html.

• 2024-02-13 v1.29.0: Upgrade to SQLite 3.45.1, release notes at https://sqlite.org/releaselog/3_45_1.html.

• 2023-12-14: v1.28.0: Add (*Driver).RegisterConnectionHook, ConnectionHookFn, ExecQuerierContext, RegisterConnectionHook.

• 2023-08-03 v1.25.0: enable SQLITE_ENABLE_DBSTAT_VTAB.

• 2023-07-11 v1.24.0: Add (*conn).{Serialize,Deserialize,NewBackup,NewRestore} methods, add Backup type.

• 2023-06-01 v1.23.0: Allow registering aggregate functions.

• 2023-04-22 v1.22.0: Support linux/s390x.

• 2023-02-23 v1.21.0: Upgrade to SQLite 3.41.0, release notes at https://sqlite.org/releaselog/3_41_0.html.

• 2022-11-28 v1.20.0: Support linux/ppc64le.

... (truncated)

Commits

• b8975b7 CHANGELOG.md: document v1.45.0
• 394a108 attempt to fix test build broken by bc68721f
• bc68721 Merge branch 'branch' into 'master'
• c228a98 - Enable configurable vtab options and add MATCH coverage. Expose Context.Con...
• d3d9b0d Merge branch 'fix-_time_format-docs' into 'master'
• 17d0166 fix(docs): _time_format=sqlite corresponds to format 4
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions