Skip to content

build(deps): bump the go-mod group across 1 directory with 12 updates#706

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-mod-34f3334202
Open

build(deps): bump the go-mod group across 1 directory with 12 updates#706
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-mod-34f3334202

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the go-mod group with 10 updates in the / directory:

Package From To
github.com/authzed/authzed-go 1.9.0 1.10.0
github.com/authzed/spicedb 1.53.1-0.20260612201921-1d5d2c81ab70 1.54.0
github.com/ccoveille/go-safecast/v2 2.0.0 2.0.1
github.com/gookit/color 1.6.0 1.6.1
github.com/mark3labs/mcp-go 0.46.0 0.55.1
github.com/rs/zerolog 1.34.0 1.35.1
github.com/schollz/progressbar/v3 3.19.0 3.19.1
golang.org/x/mod 0.35.0 0.37.0
golang.org/x/net 0.55.0 0.56.0
google.golang.org/grpc 1.80.0 1.82.0

Updates github.com/authzed/authzed-go from 1.9.0 to 1.10.0

Release notes

Sourced from github.com/authzed/authzed-go's releases.

v1.10.0

What's Changed

Full Changelog: authzed/authzed-go@v1.9.0...v1.10.0

Commits
  • 9f795e9 Merge pull request #418 from authzed/add-zedtoken-to-download-api
  • 2d81536 chore: vendor at_revision zedtoken on DownloadPermissionSetsResponse
  • See full diff in compare view

Updates github.com/authzed/spicedb from 1.53.1-0.20260612201921-1d5d2c81ab70 to 1.54.0

Release notes

Sourced from github.com/authzed/spicedb's releases.

v1.54.0

Security

  • Prevent cache poisoning. The dispatch Check cache key now incorporates check hints. See GHSA-4vrg-r928-h5vv

Added

Changed

  • Cache: switch to otter as the primary cache implementation (authzed/spicedb#3112)
  • Server handles: GRPCDialContext as a handle on the server used deprecated gRPC methods. We modernized it and renamed it to NewClient (authzed/spicedb#3147)

Fixed

  • The watching schema cache (--enable-experimental-watchable-schema-cache) no longer enters permanent fallback on transient watch errors. A new supervisor restarts the watch cycle with bounded exponential backoff and only treats caller-driven cancellation or unsupported-watch as terminal (authzed/spicedb#3134)
  • Watch consumers that request WatchCheckpoints now eventually observe every revision returned by WriteRelationships as a checkpoint. MemDB regressed this in authzed/spicedb#2578 for no-op writes and MySQL never emitted checkpoints at all prior to now. Both now emit a checkpoint at the new revision. (authzed/spicedb#3114)
  • When Query Planner evaluates a union, short-circuit if one of the branches yields a positive un-caveated result (authzed/spicedb#3120)
  • DispatchQueryPlan previously did not try to use the singleflight middleware for check calls. (authzed/spicedb#3119)
  • Fixed regression introduced in 1.53.0. Postgres HeadRevision no longer allocates a new transaction ID on every call (authzed/spicedb#3127)
  • Fixed regression introduced in 1.53.0 for MySQL migration scripts (authzed/spicedb#3129)
  • Query Planner: LookupSubjects no longer returns a subject excluded from a wildcard (e.g. viewer:* - banned) when the exclusion feeds an intersection (experimental --experimental-query-plan ls) (authzed/spicedb#3136)
  • Tracing: When server is shutting down, flush traces. Also, elide the need for setting OTEL_EXPORTER_OTLP_ENDPOINT. (authzed/spicedb#3108)
  • Fixed a LookupSubjects issue in the query planner around the handling of wildcards in compound permissions (authzed/spicedb#3140)
  • MySQL: identifiers (object/subject IDs and relationship counter names) are now stored with a case-sensitive (binary) collation, matching the Postgres, CockroachDB, and Spanner datastores. Previously, identifiers differing only in letter case (e.g. Foo and foo) incorrectly collided in unique indexes and lookups. ⚠️ The migration rebuilds the relation_tuple table in place via ALTER TABLE, which can hold a metadata/table lock for a long time on large datasets — run the upgrade in a low-traffic window, or apply it with an online schema-change tool (e.g. gh-ost). (authzed/spicedb#3161)
  • server.NewConfigWithOptionsAndDefaults now populates Config and its embedded structs with the same defaults as the CLI flags, fixing zero-value behavior when embedding SpiceDB as a library. (authzed/spicedb#3156)

What's Changed

... (truncated)

Changelog

Sourced from github.com/authzed/spicedb's changelog.

[1.54.0] - 2026-06-18

Added

Changed

  • Cache: switch to otter as the primary cache implementation (authzed/spicedb#3112)
  • Server handles: GRPCDialContext as a handle on the server used deprecated gRPC methods. We modernized it and renamed it to NewClient (authzed/spicedb#3147)

Fixed

  • The watching schema cache (--enable-experimental-watchable-schema-cache) no longer enters permanent fallback on transient watch errors. A new supervisor restarts the watch cycle with bounded exponential backoff and only treats caller-driven cancellation or unsupported-watch as terminal (authzed/spicedb#3134)
  • Watch consumers that request WatchCheckpoints now eventually observe every revision returned by WriteRelationships as a checkpoint. MemDB regressed this in authzed/spicedb#2578 for no-op writes and MySQL never emitted checkpoints at all prior to now. Both now emit a checkpoint at the new revision. (authzed/spicedb#3114)
  • When Query Planner evaluates a union, short-circuit if one of the branches yields a positive un-caveated result (authzed/spicedb#3120)
  • DispatchQueryPlan previously did not try to use the singleflight middleware for check calls. (authzed/spicedb#3119)
  • Fixed regression introduced in 1.53.0. Postgres HeadRevision no longer allocates a new transaction ID on every call (authzed/spicedb#3127)
  • Fixed regression introduced in 1.53.0 for MySQL migration scripts (authzed/spicedb#3129)
  • Query Planner: LookupSubjects no longer returns a subject excluded from a wildcard (e.g. viewer:* - banned) when the exclusion feeds an intersection (experimental --experimental-query-plan ls) (authzed/spicedb#3136)
  • Tracing: When server is shutting down, flush traces. Also, elide the need for setting OTEL_EXPORTER_OTLP_ENDPOINT. (authzed/spicedb#3108)
  • Fixed a LookupSubjects issue in the query planner around the handling of wildcards in compound permissions (authzed/spicedb#3140)
  • MySQL: identifiers (object/subject IDs and relationship counter names) are now stored with a case-sensitive (binary) collation, matching the Postgres, CockroachDB, and Spanner datastores. Previously, identifiers differing only in letter case (e.g. Foo and foo) incorrectly collided in unique indexes and lookups. ⚠️ The migration rebuilds the relation_tuple table in place via ALTER TABLE, which can hold a metadata/table lock for a long time on large datasets — run the upgrade in a low-traffic window, or apply it with an online schema-change tool (e.g. gh-ost). (authzed/spicedb#3161)
  • server.NewConfigWithOptionsAndDefaults now populates Config and its embedded structs with the same defaults as the CLI flags, fixing zero-value behavior when embedding SpiceDB as a library. (authzed/spicedb#3156, authzed/spicedb#3170)

Security

  • Prevent cache poisoning. The dispatch Check cache key now incorporates check hints. See GHSA-4vrg-r928-h5vv

[1.53.0] - 2026-05-13

Added

  • Add DispatchExecutor, a query plan executor that is Dispatch-aware and sends subproblems on Alias boundaries (authzed/spicedb#3074)

  • Implement Dispatch caching for query plan execution (authzed/spicedb#3079)

  • Add new optimizer to query planner based on set theory laws for simplifications (authzed/spicedb#3051)

  • Experimental: Add unified schema storage with ReadStoredSchema/WriteStoredSchema APIs for improved schema read performance (authzed/spicedb#2924)

    This feature stores the entire schema as a single serialized proto rather than reading individual namespace and caveat definitions separately, significantly improving schema read performance.

    Migration to unified schema storage is controlled by the --experimental-schema-mode flag, which supports a 4-phase rolling migration:

    1. read-legacy-write-legacy (default) - No change; reads and writes use legacy per-definition storage.
    2. read-legacy-write-both - Reads from legacy storage, writes to both legacy and unified storage. This is the first migration step and backfills the unified schema table.
    3. read-new-write-both - Reads from unified storage, writes to both. Validates the new read path while maintaining backward compatibility.
    4. read-new-write-new - Reads and writes only unified storage. This is the final migration target.

    Deployment:

    • With the SpiceDB Operator:* Configure the operator to roll through stages 1 through 4 in sequence. The operator handles the rolling update of SpiceDB instances at each stage.
    • Without the operator:* Progress through the stages manually by updating the --experimental-schema-mode flag and performing a rolling restart at each stage. You can also take the system down briefly and move directly from stage 1 to stage 4, which runs the full migration in one step.

Changed

Fixed

  • Query plan contexts are written to during recursive calls -- for now, disble dispatch inside recursive calls (authzed/spicedb#3078)

... (truncated)

Commits

Updates github.com/ccoveille/go-safecast/v2 from 2.0.0 to 2.0.1

Release notes

Sourced from github.com/ccoveille/go-safecast/v2's releases.

v2.0.1

What's Changed

Fixes

Minor

New Contributors

Full Changelog: ccoVeille/go-safecast@v2.0.0...v2.0.1

Commits
  • edf6347 chore: add tests for floats rounding to zero
  • bc04d2b chore: move tiny floats test to the right place
  • f57f503 chore: simplify sign check for small negative floats
  • 51825a0 fix type in test
  • 36013fd Fix issue #144: Small floats are incorrectly rejected
  • a401ef5 build(deps): bump crate-ci/typos from 1.46.2 to 1.46.3 in the all group
  • ce6b413 build(deps): bump the all group with 2 updates
  • e591b21 docs: Fix typo in comment
  • 38b4891 build(deps): bump the all group with 2 updates
  • 7569636 build(deps): bump crate-ci/typos from 1.45.0 to 1.45.1 in the all group
  • Additional commits viewable in compare view

Updates github.com/gookit/color from 1.6.0 to 1.6.1

Release notes

Sourced from github.com/gookit/color's releases.

v1.6.1

Change Log

Fixed

Other

Commits
  • d232e11 ci(release): remove Go version matrix and simplify build steps in release action
  • 1245572 fix(convert): incorrect conversion between integer types
  • 2bb27a5 fix(detect): should enable VTP on windows CMD,PWSH
  • e58a899 fix: re-apply color after nested reset in RenderString (#119)
  • de1e243 Add 'stable' to Go version matrix and update action
  • ed1b9cc build(deps): bump actions/checkout from 5 to 6 (#115)
  • 2e18426 build(deps): bump github/codeql-action from 3 to 4 (#113)
  • See full diff in compare view

Updates github.com/mark3labs/mcp-go from 0.46.0 to 0.55.1

Release notes

Sourced from github.com/mark3labs/mcp-go's releases.

Release v0.55.1

No release notes provided.

Release v0.55.0

No release notes provided.

Release v0.54.1

No release notes provided.

Release v0.54.0

What's Changed

New Contributors

Full Changelog: mark3labs/mcp-go@v0.53.0...v0.54.0

Release v0.53.0

What's Changed

New Contributors

Full Changelog: mark3labs/mcp-go@v0.52.0...v0.53.0

Release v0.52.0

What's Changed

... (truncated)

Commits
  • b6e6224 fix(client): avoid forwarding inbound request headers (#909)
  • 6d28e6d fix: avoid full filter scans on call hot paths (#908)
  • 43c2ca0 oauth: return error instead of (nil, nil) from getServerMetadata (#903) (#904)
  • 3b66aa7 mcptest: add SetSamplingHandler and SetElicitationHandler (#902)
  • 42bc0b2 feat(otel): WithServerLogging — OTEL slog bridge for server structured logs (...
  • d972f3f docs(prompts): add review-pr kit prompt for Go PRs
  • d5c0727 feat(server): WithLogger consolidates structured logging onto *slog.Logger (#...
  • 3f1c760 feat(tracing): add MetaPropagator for W3C trace context via MCP _meta (SEP-41...
  • 2cacbe7 fix: enforce tool/prompt filters at call time, not just list time (#898)
  • 481f056 fix(tools): print errors to stderr for invalid jsonschema tags (#894)
  • Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.34.0 to 1.35.1

Commits
  • 116c806 event: restore Err() logging when ErrorStackMarshaler returns nil (#763)
  • 1396655 Bump CI Go matrix minimum from 1.21 to 1.23
  • 4b65a2f Bump actions/cache from 4 to 5 (#741)
  • b835796 Bump actions/setup-go from 5 to 6 (#742)
  • 134caf8 Added sanitization of journald keys (#751)
  • e133b6a Added variadic StrsV, ObjectsV, and StringersV (#752)
  • 82017d8 Bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0 (#753)
  • 2f5b8a9 fix: UpdateContext skips Nop and zero-value loggers (#754)
  • d64c9a7 Add slog.Handler implementation for zerolog (#755)
  • a0d61dc fix: return dict to Event pool (#749)
  • Additional commits viewable in compare view

Updates github.com/schollz/progressbar/v3 from 3.19.0 to 3.19.1

Release notes

Sourced from github.com/schollz/progressbar/v3's releases.

v3.19.1

What's Changed

Full Changelog: schollz/progressbar@v3.19.0...v3.19.1

Commits
  • 28775d4 Merge pull request #230 from schollz/zack/fix-progressbar
  • 5532003 fix: width issues
  • 4f72a65 Merge pull request #227 from polymorcodeus/main
  • bbedc95 Don't add colorstring if EnableColorCodes is not enabled.
  • c6fe7bc Added OptionSetSpinnerColorCode to support color codes for spinners.
  • See full diff in compare view

Updates golang.org/x/mod from 0.35.0 to 0.37.0

Commits
  • deb1dfc go.mod: update golang.org/x dependencies
  • 087f651 modfile: use slices.Backward
  • 343ee60 x/mod: allow for aggressively conslidating requires
  • 643da9b go.mod: update golang.org/x dependencies
  • ccc3cdf zip: include 'but content has correct sum' note in TestVCS
  • ab30318 zip: update zip hashes for new flate compression
  • See full diff in compare view

Updates golang.org/x/net from 0.55.0 to 0.56.0

Commits
  • 9e7fdbf internal/http3: fix wrong argument being given when validating header value
  • b686e5f internal/http3: add gzip support to transport
  • 8a34885 go.mod: update golang.org/x dependencies
  • 72eaf98 dns/dnsmessage: correctly validate SVCB record parameter order
  • 82e7868 dns/dnsmessage: avoid panic when parsing SVCB record with truncated data
  • b64f1fa internal/http3: add server support for "Trailer:" magic prefix
  • 2707ee2 internal/http3: implement HTTP/3 clientConn methods
  • 31358cc internal/http3: snapshot response headers at WriteHeader time
  • 8ecbaa9 html: don't adjust xml:base
  • 8ae811a html: properly handle end script tag in fragment mode
  • Additional commits viewable in compare view

Updates golang.org/x/sync from 0.20.0 to 0.21.0

Commits

Updates golang.org/x/term from 0.43.0 to 0.44.0

Commits

Updates google.golang.org/grpc from 1.80.0 to 1.82.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.82.0

Behavior Changes

  • server: Remove support for GRPC_GO_EXPERIMENTAL_DISABLE_STRICT_PATH_CHECKING environment varibale. Strict incoming RPC path validation (which has been the default since v1.79.3) can no longer be disabled. (#9112)
  • transport: Add environment variable to change the default max header list size from 16MB to 8KB. This may be enabled by setting GRPC_GO_EXPERIMENTAL_ENABLE_8KB_DEFAULT_HEADER_LIST_SIZE=true. This will be enabled by default in a subsequent release. (#9019)
  • balancer: Load Balancing policy registry is now case-sensitive. Set GRPC_GO_EXPERIMENTAL_CASE_SENSITIVE_BALANCER_REGISTRIES=false (and file an issue) to revert to case-insensitive behavior. (#9017)

New Features

  • experimental/stats: Expose a new API, NewContextWithLabelCallback, to register a callback that is invoked when telemetry labels are added. (#8877)
  • client: Return a portion of the response body in the error message, when the client receives an unexpected non-gRPC HTTP response, to make debugging easier. (#8929)
  • server: Add environment variable GRPC_GO_SERVER_GOROUTINE_LABELS that controls setting runtime/pprof.Labels on goroutines spawned by the server. Set GRPC_GO_SERVER_GOROUTINE_LABELS=grpc.method=true to add the grpc.method label on goroutines spawned to handle incoming requests. (#9082)

Bug Fixes

  • xds/server: Fix a memory leak of HTTP filter instances occurring when route configurations are updated in-place during a Route Discovery Service (RDS) update. (#9138)
  • grpc: In the deprecated gzip Compressor (used via the deprecated WithCompressor dial option), enforce the MaxRecvMsgSize limit on the decompressed message buffer, preventing excessive memory allocation from highly compressed payloads. (#9114)
  • stats/opentelemetry: Record retry attempts, grpc.previous-rpc-attempts, at the call level and not the attempt level. (#8923)
  • encoding: Ensure Close() is always called on readers returned from Compressor.Decompress if possible. (#9135)
  • channelz: Fix the LastMessageSentTimestamp and LastMessageReceivedTimestamp fields in SocketMetrics to ensure they contain correct timestamp values. (#9109)

Release 1.81.1

Security

  • xds/rbac: Fix a potential authorization bypass caused by incorrectly falling through URI/DNS SANs to Subject Distinguished Name (DN) when matching the authenticated principal name. With this fix, only the first non-empty identity source will be used, as per gRFC A41. (#9111)

Bug Fixes

  • otel: Segregate client and server RPC information used for metrics and traces, to avoid one overwriting the other. (#9081)

Release 1.81.0

Behavior Changes

  • balancer/rls: Switch gauge metrics to asynchronous emission (once per collection cycle) to reduce telemetry noise and align with other gRPC language implementations. (#8808)

Dependencies

  • Minimum supported Go version is now 1.25. (#8969)

Bug Fixes

  • xds: Use the leaf cluster's security config for the TLS handshake instead of the aggregate cluster's config. (#8956)
  • transport: Send a RST_STREAM when receiving an END_STREAM when the stream is not already half-closed. (#8832)
  • xds: Fix ADS resource name validation to prevent a panic. (#8970)

... (truncated)

Commits
  • bd23985 Change version to 1.82.0 (#9170)
  • 0f3086d Fix minor issues not covered by PR #9137 (#9147)
  • fef07fb internal: Split v3procservicepb import into pb and grpc for extproc (#9163)
  • 91dd64f transport: surface subsequent data when receiving non-gRPC header (#8929)
  • adc97de test/kokoro: add config for regional-td test (#9158)
  • 57c9ff1 xds: ensure full-string matching for RBAC Filter rules (#9148)
  • b58f32d server: Set a pprof label on new stream goroutines (#9082)
  • 6c98be3 refactor(transport): extract shared stream state handling logic in `loopyWrit...
  • bcaa6f4 rls: only reset backoff on recovery from TRANSIENT_FAILURE (#9137)
  • 429e6e0 balancer: expose endpoint weight and hostname as experimental APIs (#9074)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-mod group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/authzed/authzed-go](https://github.com/authzed/authzed-go) | `1.9.0` | `1.10.0` |
| [github.com/authzed/spicedb](https://github.com/authzed/spicedb) | `1.53.1-0.20260612201921-1d5d2c81ab70` | `1.54.0` |
| [github.com/ccoveille/go-safecast/v2](https://github.com/ccoveille/go-safecast) | `2.0.0` | `2.0.1` |
| [github.com/gookit/color](https://github.com/gookit/color) | `1.6.0` | `1.6.1` |
| [github.com/mark3labs/mcp-go](https://github.com/mark3labs/mcp-go) | `0.46.0` | `0.55.1` |
| [github.com/rs/zerolog](https://github.com/rs/zerolog) | `1.34.0` | `1.35.1` |
| [github.com/schollz/progressbar/v3](https://github.com/schollz/progressbar) | `3.19.0` | `3.19.1` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.35.0` | `0.37.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.55.0` | `0.56.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.80.0` | `1.82.0` |



Updates `github.com/authzed/authzed-go` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/authzed/authzed-go/releases)
- [Commits](authzed/authzed-go@v1.9.0...v1.10.0)

Updates `github.com/authzed/spicedb` from 1.53.1-0.20260612201921-1d5d2c81ab70 to 1.54.0
- [Release notes](https://github.com/authzed/spicedb/releases)
- [Changelog](https://github.com/authzed/spicedb/blob/main/CHANGELOG.md)
- [Commits](https://github.com/authzed/spicedb/commits/v1.54.0)

Updates `github.com/ccoveille/go-safecast/v2` from 2.0.0 to 2.0.1
- [Release notes](https://github.com/ccoveille/go-safecast/releases)
- [Commits](ccoVeille/go-safecast@v2.0.0...v2.0.1)

Updates `github.com/gookit/color` from 1.6.0 to 1.6.1
- [Release notes](https://github.com/gookit/color/releases)
- [Commits](gookit/color@v1.6.0...v1.6.1)

Updates `github.com/mark3labs/mcp-go` from 0.46.0 to 0.55.1
- [Release notes](https://github.com/mark3labs/mcp-go/releases)
- [Commits](mark3labs/mcp-go@v0.46.0...v0.55.1)

Updates `github.com/rs/zerolog` from 1.34.0 to 1.35.1
- [Commits](rs/zerolog@v1.34.0...v1.35.1)

Updates `github.com/schollz/progressbar/v3` from 3.19.0 to 3.19.1
- [Release notes](https://github.com/schollz/progressbar/releases)
- [Commits](schollz/progressbar@v3.19.0...v3.19.1)

Updates `golang.org/x/mod` from 0.35.0 to 0.37.0
- [Commits](golang/mod@v0.35.0...v0.37.0)

Updates `golang.org/x/net` from 0.55.0 to 0.56.0
- [Commits](golang/net@v0.55.0...v0.56.0)

Updates `golang.org/x/sync` from 0.20.0 to 0.21.0
- [Commits](golang/sync@v0.20.0...v0.21.0)

Updates `golang.org/x/term` from 0.43.0 to 0.44.0
- [Commits](golang/term@v0.43.0...v0.44.0)

Updates `google.golang.org/grpc` from 1.80.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.80.0...v1.82.0)

---
updated-dependencies:
- dependency-name: github.com/authzed/authzed-go
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/authzed/spicedb
  dependency-version: 1.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/ccoveille/go-safecast/v2
  dependency-version: 2.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-mod
- dependency-name: github.com/gookit/color
  dependency-version: 1.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-mod
- dependency-name: github.com/mark3labs/mcp-go
  dependency-version: 0.55.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/rs/zerolog
  dependency-version: 1.35.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: github.com/schollz/progressbar/v3
  dependency-version: 3.19.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-mod
- dependency-name: golang.org/x/mod
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: golang.org/x/net
  dependency-version: 0.56.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: golang.org/x/sync
  dependency-version: 0.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: golang.org/x/term
  dependency-version: 0.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
- dependency-name: google.golang.org/grpc
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-mod
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the area/dependencies Affects dependencies label Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/dependencies Affects dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants