chore(deps): bump the golang group with 9 updates

[dependabot]

Bumps the golang group with 9 updates:

Package	From	To
github.com/gin-gonic/gin	1.11.0	1.12.0
github.com/lib/pq	1.11.1	1.11.2
github.com/prometheus-community/pro-bing	0.7.0	0.8.0
github.com/shirou/gopsutil/v4	4.26.1	4.26.2
golang.org/x/oauth2	0.34.0	0.35.0
golang.org/x/term	0.39.0	0.40.0
modernc.org/sqlite	1.44.3	1.46.1
tailscale.com	1.94.1	1.94.2
golang.org/x/crypto	0.47.0	0.48.0

Updates github.com/gin-gonic/gin from 1.11.0 to 1.12.0

Release notes

Sourced from github.com/gin-gonic/gin's releases.

v1.12.0

Changelog

Features

• 192ac89eefc1c30f7c97ae48a9ffb1c6f1c8c8bc: feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203) (@​takanuva15)
• 53410d2e07054369e0960fbe2eed97e1b9966f12: feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502) (@​raju-mechatronics)
• acc55e049e33b401e810dbd8c0d6dcb6b3ba2b05: feat(context): add Protocol Buffers support to content negotiation (#4423) (@​1911860538)
• 38e765119241d990705169bedb5002a29ae0cbd1: feat(context): implemented Delete method (@​Spyder01)
• 771dcc6476d7bc6abb9ec0235ecefa4d38fe6fb0: feat(gin): add option to use escaped path (#4420) (@​ldesauw)
• 4dec17afdff48e8018c83618fbbe69fceeb2b41d: feat(logger): color latency (#4146) (@​wsyqn6)
• d7776de7d444935ea4385999711bd6331a98fecb: feat(render): add bson protocol (#4145) (@​laurentcau)

Bug fixes

• b917b14ff9d189f16a7492be79d123a47806ee19: fix(binding): empty value error (#2169) (@​guonaihong)
• c3d1092b3b48addf6f9cd00fe274ec3bd14650eb: fix(binding): improve empty slice/array handling in form binding (#4380) (@​1911860538)
• 9914178584e42458ff7d23891463a880f58c9d86: fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472) (@​Nurysso)
• 2a794cd0b0faa7d829291375b27a3467ea972b0d: fix(debug): version mismatch (#4403) (@​zeek0x)
• c3d5a28ed6d3849da820195b6774d212bcc038a9: fix(gin): close os.File in RunFd to prevent resource leak (#4422) (@​1911860538)
• 5fad976b372e381312f8de69f0969f1284d229d3: fix(gin): literal colon routes not working with engine.Handler() (#4415) (@​pawannn)
• 63dd3e60cab89c27fb66bce1423bd268d52abad1: fix(recover): suppress http.ErrAbortHandler in recover (#4336) (@​MondayCha)
• 5c00df8afadd06cc5be530dde00fe6d9fa4a2e4a: fix(render): write content length in Data.Render (#4206) (@​dengaleev)
• 234a6d4c00cb77af9852aca0b8289745d5529b4b: fix(response): refine hijack behavior for response lifecycle (#4373) (@​appleboy)
• 472d086af2acd924cb4b9d7be0525f7d790f69bc: fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535) (@​veeceey)
• 8e07d37c63e5536eb25f4af4c91eabeee4011fba: fix: Correct typos, improve documentation clarity, and remove dead code (#4511) (@​mahanadh)

Enhancements

• ba093d19477b896ac89a7fc3246af23d290b8e26: chore(binding): upgrade bson dependency to mongo-driver v2 (#4549) (@​BobDu)
• b2b489dbf4826c2c630717a77fd5e42774625410: chore(context): always trust xff headers from unix socket (#3359) (@​WeidiDeng)
• ecb3f7b5e2f3915bf1db240ed5eee572f8dbea36: chore(deps): upgrade golang.org/x/crypto to v0.45.0 (#4449) (@​appleboy)
• af6e8b70b8261bb0c99ad094fe552ab92991620a: chore(deps): upgrade quic-go to v0.57.1 (@​appleboy)
• db309081bc5c137b2aa15701ef53f7f19788da25: chore(logger): allow skipping query string output (#4547) (@​USA-RedDragon)
• 26c3a628655cad2388380cb8102d6ce7d4875f3b: chore(response): prevent Flush() panic when http.Flusher (#4479) (@​Twacqwq)
• 5dd833f1f26de0eb30eae47b17e05ced2482dc41: chore: bump minimum Go version to 1.24 and update workflows (#4388) (@​appleboy)

Refactor

• 39858a0859c914bd26948fa950477e11bd8d3823: refactor(binding): use maps.Copy for cleaner map handling (#4352) (@​russcoss)
• c0048f645ee945c4db30593afdea10123e2c30a6: refactor(context): omit the return value names (#4395) (@​wanghaolong613)
• 915e4c90d28ec4cffc6eb146e208ab5a65eac772: refactor(context): replace hardcoded localhost IPs with constants (#4481) (@​pauloappbr)
• 414de60574449457f3192a7a1d5528940db2836d: refactor(context): using maps.Clone (#4333) (@​cuiweixie)
• 59e9d4a794f12c4f9a6c7bed441b9644e5f6d99b: refactor(ginS): use sync.OnceValue to simplify engine function (#4314) (@​1911860538)
• 3ab698dc5110af1977d57226e4995c57dd34c233: refactor(recovery): smart error comparison (#4142) (@​zeek0x)
• d1a15347b1e45a8ee816193d3578a93bfd73b70f: refactor(utils): move util functions to utils.go (#4467) (@​zeek0x)
• e3118cc378d263454098924ebbde7e8d1dd2e904: refactor: for loop can be modernized using range over int (#4392) (@​wanghaolong613)
• 488f8c3ffa579a8d19beb2bae95ff8ef36b3d53f: refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529) (@​veeceey)
• 9968c4bf9d5a99edc3eee2c068a4c9160ece8915: refactor: use b.Loop() to simplify the code and improve performance (#4389) (@​reddaisyy)
• a85ef5ce4d0cda8834c59c855068ed48b51192d1: refactor: use b.Loop() to simplify the code and improve performance (#4432) (@​efcking)

Build process updates

• 61b67de522a189b568aced4c5c16917c558e3387: ci(bot): increase frequency and group updates for dependencies (#4367) (@​appleboy)
• fb27ef26c2fdfe25344b4c039d8a53551f9e912c: ci(lint): refactor test assertions and linter configuration (#4436) (@​appleboy)
• 93ff771e6dbf10e432864b30f3719ac5c84a4d4a: ci(sec): improve type safety and server organization in HTTP middleware (#4437) (@​appleboy)
• e88fc8927a52b74f55bec0351604a56ac0aa1c51: ci(sec): schedule Trivy security scans to run daily at midnight UTC (#4439) (@​appleboy)
• 5e5ff3ace496a31b138b0820136a146bfb5de0ef: ci: replace vulnerability scanning workflow with Trivy integration (#4421) (@​appleboy)
• 00900fb3e1ea9dde33985a0e4f6afec793d5e786: ci: update CI workflows and standardize Trivy config quotes (#4531) (@​appleboy)
• ae3f524974fc4f55d18c9e7fae4614503c015226: ci: update Go version support to 1.25+ across CI and docs (#4550) (@​appleboy)

... (truncated)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.12.0

Features

• feat(render): add bson protocol (#4145)
• feat(context): add GetError and GetErrorSlice methods for error retrieval (#4502)
• feat(binding): add support for encoding.UnmarshalText in uri/query binding (#4203)
• feat(gin): add option to use escaped path (#4420)
• feat(context): add Protocol Buffers support to content negotiation (#4423)
• feat(context): implemented Delete method (#38e7651)
• feat(logger): color latency (#4146)

Enhancements

• perf(tree): reduce allocations in findCaseInsensitivePath (#4417)
• perf(recovery): optimize line reading in stack function (#4466)
• perf(path): replace regex with custom functions in redirectTrailingSlash (#4414)
• perf(tree): optimize path parsing using strings.Count (#4246)
• chore(logger): allow skipping query string output (#4547)
• chore(context): always trust xff headers from unix socket (#3359)
• chore(response): prevent Flush() panic when the underlying ResponseWriter does not implement http.Flusher (#4479)
• refactor(recovery): smart error comparison (#4142)
• refactor(context): replace hardcoded localhost IPs with constants (#4481)
• refactor(utils): move util functions to utils.go (#4467)
• refactor(binding): use maps.Copy for cleaner map handling (#4352)
• refactor(context): using maps.Clone (#4333)
• refactor(ginS): use sync.OnceValue to simplify engine function (#4314)
• refactor: replace magic numbers with named constants in bodyAllowedForStatus (#4529)
• refactor: for loop can be modernized using range over int (#4392)

Bug Fixes

• fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
• fix(render): write content length in Data.Render (#4206)
• fix(context): ClientIP handling for multiple X-Forwarded-For header values (#4472)
• fix(binding): empty value error (#2169)
• fix(recover): suppress http.ErrAbortHandler in recover (#4336)
• fix(gin): literal colon routes not working with engine.Handler() (#4415)
• fix(gin): close os.File in RunFd to prevent resource leak (#4422)
• fix(response): refine hijack behavior for response lifecycle (#4373)
• fix(binding): improve empty slice/array handling in form binding (#4380)
• fix(debug): version mismatch (#4403)
• fix: correct typos, improve documentation clarity, and remove dead code (#4511)

Build process updates / CI

• ci: update Go version support to 1.25+ across CI and docs (#4550)
• chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)

Commits

• 73726dc docs: update documentation to reflect Go version changes (#4552)
• e292e5c docs: document and finalize Gin v1.12.0 release (#4551)
• ae3f524 ci: update Go version support to 1.25+ across CI and docs (#4550)
• 38534e2 chore(deps): bump golang.org/x/net from 0.50.0 to 0.51.0 (#4548)
• 472d086 fix(tree): panic in findCaseInsensitivePathRec with RedirectFixedPath (#4535)
• fb25834 test(context): use http.StatusContinue constant instead of magic number 100 (...
• 6f1d5fe test(render): add comprehensive error handling tests (#4541)
• 5c00df8 fix(render): write content length in Data.Render (#4206)
• db30908 chore(logger): allow skipping query string output (#4547)
• ba093d1 chore(binding): upgrade bson dependency to mongo-driver v2 (#4549)
• Additional commits viewable in compare view

Updates github.com/lib/pq from 1.11.1 to 1.11.2

Release notes

Sourced from github.com/lib/pq's releases.

v1.11.2

This fixes two regressions:

• Don't send startup parameters if there is no value, improving compatibility with Supavisor (#1260).

• Don't send dbname as a startup parameter if database=[..] is used in the connection string. It's recommended to use dbname=, as database= is not a libpq option, and only worked by accident previously. (#1261)

#1260: lib/pq#1260 #1261: lib/pq#1261

Changelog

Sourced from github.com/lib/pq's changelog.

v1.11.2 (2026-02-10)

This fixes two regressions:

• Don't send startup parameters if there is no value, improving compatibility with Supavisor (#1260).

• Don't send dbname as a startup parameter if database=[..] is used in the connection string. It's recommended to use dbname=, as database= is not a libpq option, and only worked by accident previously. (#1261)

#1260: lib/pq#1260 #1261: lib/pq#1261

Commits

• 1412805 Don't send empty startup parameters
• 0c529db Don't send dbname= as a startup parameter when database= is used
• See full diff in compare view

Updates github.com/prometheus-community/pro-bing from 0.7.0 to 0.8.0

Release notes

Sourced from github.com/prometheus-community/pro-bing's releases.

v0.8.0

What's Changed

• Synchronize common files from prometheus/prometheus by @​prombot in prometheus-community/pro-bing#155
• Bump golang.org/x/net from 0.38.0 to 0.39.0 by @​dependabot[bot] in prometheus-community/pro-bing#154
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus-community/pro-bing#161
• Set ping traffic class to zero by default by @​floatingstatic in prometheus-community/pro-bing#168
• Bump golang.org/x/net from 0.39.0 to 0.44.0 by @​dependabot[bot] in prometheus-community/pro-bing#169
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus-community/pro-bing#167
• Update build by @​SuperQ in prometheus-community/pro-bing#172
• Bump golang.org/x/sync from 0.13.0 to 0.17.0 by @​dependabot[bot] in prometheus-community/pro-bing#170
• feat: support setting ICMP source address for outgoing packets by @​snormore in prometheus-community/pro-bing#171
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus-community/pro-bing#173
• Bump golang.org/x/net from 0.44.0 to 0.49.0 by @​dependabot[bot] in prometheus-community/pro-bing#183
• Bump golang.org/x/sync from 0.17.0 to 0.19.0 by @​dependabot[bot] in prometheus-community/pro-bing#181
• Synchronize common files from prometheus/prometheus by @​prombot in prometheus-community/pro-bing#179
• Optimize BPF code to reject non-Echo Reply ICMP packets by @​nvksie in prometheus-community/pro-bing#180

New Contributors

• @​snormore made their first contribution in prometheus-community/pro-bing#171

Full Changelog: prometheus-community/pro-bing@v0.7.0...v0.8.0

Commits

• 112c6d1 Merge pull request #180 from nvksie/main
• c0e523e Merge pull request #179 from prometheus-community/repo_sync
• dc59983 Merge pull request #181 from prometheus-community/dependabot/go_modules/golan...
• 3b320ae Bump golang.org/x/sync from 0.17.0 to 0.19.0
• df60cdb Merge pull request #183 from prometheus-community/dependabot/go_modules/golan...
• 22f264b Bump golang.org/x/net from 0.44.0 to 0.49.0
• 3e7f4fe optimize bpf filter, accept Echo Reply only
• 1327198 Update common Prometheus files
• 3b66532 Merge pull request #173 from prometheus-community/repo_sync
• 4d98d36 Update common Prometheus files
• Additional commits viewable in compare view

Updates github.com/shirou/gopsutil/v4 from 4.26.1 to 4.26.2

Release notes

Sourced from github.com/shirou/gopsutil/v4's releases.

v4.26.2

What's Changed

disk

• [disk][linux]: fix Device set to "none" for virtual filesystems by @​skartikey in shirou/gopsutil#2002
• fix(disk): skip drives returning ERROR_INVALID_FUNCTION or ERROR_NOT_SUPPORTED in IOCounters on Windows by @​jose-manuel-almaza in shirou/gopsutil#2003
• [linux][disk]: fix disk mountinfo parsing bug by @​shirou in shirou/gopsutil#2007

host

• refactor: move timeSince and timeSinceMillis to common package by @​Dylan-M in shirou/gopsutil#1998

process

• [common][process]: fix gosec lint by @​shirou in shirou/gopsutil#2006

Other Changes

• [doc]: Update 'golang' to 'Go' for consistency by @​alexandear in shirou/gopsutil#1993

New Contributors

• @​alexandear made their first contribution in shirou/gopsutil#1993
• @​jose-manuel-almaza made their first contribution in shirou/gopsutil#2003

Full Changelog: shirou/gopsutil@v4.26.1...v4.26.2

Commits

• 33fab7d Merge pull request #2009 from shirou/dependabot/github_actions/actions/setup-...
• 6320f9e Merge pull request #2007 from shirou/fix/fix_disk_mountinfo_parsing_bugs
• a69a8e2 chore(deps): bump actions/setup-go from 6.2.0 to 6.3.0
• 6a6e215 Merge pull request #2008 from shirou/dependabot/go_modules/github.com/ebiteng...
• e140450 chore(deps): bump github.com/ebitengine/purego from 0.9.1 to 0.10.0
• 2ef7eb7 [linux][disk]: fix disk mountinfo parsing bug
• 962bfd8 Merge pull request #2000 from shirou/dependabot/go_modules/golang.org/x/sys-0...
• 8de66e7 Merge pull request #2006 from shirou/fix/fix_gosec_lint
• a927423 fix: ignore s390x golangci-lint due to becoming always fail
• 4e9a8de [common][process]: fix gosec lint
• Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.34.0 to 0.35.0

Commits

• 89ff2e1 google: add safer credentials JSON loading options.
• See full diff in compare view

Updates golang.org/x/term from 0.39.0 to 0.40.0

Commits

• 3aff304 go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates modernc.org/sqlite from 1.44.3 to 1.46.1

Changelog

Sourced from modernc.org/sqlite's changelog.

Changelog

• 2026-02-17 v1.46.1:

  • Ensure connection state is reset if Tx.Commit fails. Previously, errors like SQLITE_BUSY during COMMIT could leave the underlying connection inside a transaction, causing errors when the connection was reused by the database/sql pool. The driver now detects this state and forces a rollback internally.
  • Fixes [GitHub issue #2](modernc-org/sqlite#2), thanks Edoardo Spadolini!

• 2026-02-17 v1.46.0:

  • Enable ColumnTypeScanType to report time.Time instead of string for TEXT columns declared as DATE, DATETIME, TIME, or TIMESTAMP via a new _texttotime URI parameter.
  • See [GitHub pull request #1](modernc-org/sqlite#1), thanks devhaozi!

• 2026-02-09 v1.45.0:

  • Introduce vtab subpackage (modernc.org/sqlite/vtab) exposing Module, Table, Cursor, and IndexInfo API for Go virtual tables.
  • Wire vtab registration into the driver: vtab.RegisterModule installs modules globally and each new connection calls sqlite3_create_module_v2.
  • Implement vtab trampolines for xCreate/xConnect/xBestIndex/xDisconnect/xDestroy/xOpen/xClose/xFilter/xNext/xEof/xColumn/xRowid.
  • Map SQLite’s sqlite3_index_info into vtab.IndexInfo, including constraints, ORDER BY terms, and constraint usage (ArgIndex → xFilter argv[]).
  • Add an in‑repo dummy vtab module and test (module_test.go) that validates registration, basic scanning, and constraint visibility.
  • See [GitLab merge request #90](https://gitlab.com/cznic/sqlite/-/merge_requests/90), thanks Adrian Witas!

• 2026-01-19 v1.44.3: Resolves [GitLab issue #243](https://gitlab.com/cznic/sqlite/-/issues/243).

• 2026-01-18 v1.44.2: Upgrade to SQLite 3.51.2.

• 2026-01-13 v1.44.0: Upgrade to SQLite 3.51.1.

• 2025-10-10 v1.39.1: Upgrade to SQLite 3.50.4.

• 2025-06-09 v1.38.0: Upgrade to SQLite 3.50.1.

• 2025-02-26 v1.36.0: Upgrade to SQLite 3.49.0.

• 2024-11-16 v1.34.0: Implement ResetSession and IsValid methods in connection

• 2024-07-22 v1.31.0: Support windows/386.

• 2024-06-04 v1.30.0: Upgrade to SQLite 3.46.0, release notes at https://sqlite.org/releaselog/3_46_0.html.

• 2024-02-13 v1.29.0: Upgrade to SQLite 3.45.1, release notes at https://sqlite.org/releaselog/3_45_1.html.

• 2023-12-14: v1.28.0: Add (*Driver).RegisterConnectionHook, ConnectionHookFn, ExecQuerierContext, RegisterConnectionHook.

• 2023-08-03 v1.25.0: enable SQLITE_ENABLE_DBSTAT_VTAB.

• 2023-07-11 v1.24.0: Add (*conn).{Serialize,Deserialize,NewBackup,NewRestore} methods, add Backup type.

• 2023-06-01 v1.23.0: Allow registering aggregate functions.

... (truncated)

Commits

• c777b90 add GOVERNANCE.md
• 806ed2d fix inconsistent transaction state on failed Commit
• e124c3e CHANGELOG.md: document v1.46.0
• ba0b20f manually merge modernc-org/sqlite#1
• b8975b7 CHANGELOG.md: document v1.45.0
• 394a108 attempt to fix test build broken by bc68721f
• bc68721 Merge branch 'branch' into 'master'
• c228a98 - Enable configurable vtab options and add MATCH coverage. Expose Context.Con...
• d3d9b0d Merge branch 'fix-_time_format-docs' into 'master'
• 17d0166 fix(docs): _time_format=sqlite corresponds to format 4
• See full diff in compare view

Updates tailscale.com from 1.94.1 to 1.94.2

Release notes

Sourced from tailscale.com's releases.

v1.94.2

Please refer to the changelog available at https://tailscale.com/changelog

Commits

• 2de4d31 VERSION.txt: this is v1.94.2
• bedef0e cmd/tailscale: add event bus queue depth debugging
• 29d0422 control/controlclient: fix canSkipStatus online conditions
• 9d877c3 cmd/containerboot: fix error handling for egress (#18657) (#18670)
• See full diff in compare view

Updates golang.org/x/crypto from 0.47.0 to 0.48.0

Commits

• e08b067 go.mod: update golang.org/x dependencies
• 7d0074c scrypt: fix panic on parameters <= 0
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions