Skip to content

chore(deps): bump the minor-and-patch group with 5 updates#620

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/minor-and-patch-7d261d4e12
Open

chore(deps): bump the minor-and-patch group with 5 updates#620
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/minor-and-patch-7d261d4e12

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 7, 2026

Copy link
Copy Markdown

Bumps the minor-and-patch group with 5 updates:

Package From To
github.com/mattn/go-sqlite3 1.14.44 1.14.45
github.com/nats-io/nats-server/v2 2.14.1 2.14.2
github.com/pablodz/inotifywaitgo 0.0.9 0.0.12
github.com/prometheus/alertmanager 0.32.1 0.32.2
go.etcd.io/etcd/client/v3 3.6.11 3.6.12

Updates github.com/mattn/go-sqlite3 from 1.14.44 to 1.14.45

Commits
  • 7ca6a97 Merge pull request #1404 from mattn/sqlite-amalgamation-3053002
  • e2ab931 Upgrade SQLite to version 3053002
  • 75d8c60 Merge pull request #1403 from dxbjavid/bind-text64-length
  • d1ab49c bind via sqlite3_bind_text64/blob64 to avoid 32-bit length truncation
  • b3b5216 Merge pull request #1402 from dxbjavid/guard-resulttext-oversize
  • 2af23f7 guard oversized string length in ResultText
  • 1a7264c Merge pull request #1400 from calmh/unsafereflect
  • 9accb92 Merge pull request #1399 from calmh/uintsize
  • 9d6bf2c Merge pull request #1338 from calmh/dbstat
  • fed9970 modernise reflect.SliceHeader to unsafe.Slice
  • Additional commits viewable in compare view

Updates github.com/nats-io/nats-server/v2 from 2.14.1 to 2.14.2

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.14.2

Changelog

Refer to the 2.14 Upgrade Guide for backwards compatibility notes with 2.12.x. Please note that the 2.13.x version was skipped.

Go Version

  • 1.26.3

Dependencies

  • golang.org/x/crypto v0.52.0
  • golang.org/x/sys v0.45.0
  • github.com/nats-io/jwt/v2 v2.8.2
  • github.com/nats-io/nkeys v0.4.16

Improved

General

  • The client ID is now available through the embedded ClientAuthentication API (#8217)

Fixed

General

  • A race condition when handling subscription interest over routes has been fixed (#8235)
  • Potential protocol-level corruption from rewriting $JS.ACK subjects has been fixed (#8242)
  • Potential protocol-level corruption from buffer misuse in compressed WebSocket clients has been fixed (#8244)
  • The /accstatz monitoring endpoint no longer omits accounts with only leaf connections (#8252)

JetStream

  • Fixed a case where Raft peers were not correctly tracked after an inactivity stall during catchup (#8226)
  • Quorum needed is now calculated correctly when bootstrapping the metalayer when gateway URLs resolve to multiple IP addresses (#8238)
  • The filestore no longer performs a block skip check on streams with extremely high subject counts, as it could result in runaway CPU usage (#8227)
  • Fixed a case where the filestore would not release a lock after handling a write error (#8232)
  • Purge operations on both file and memory stores are now more consistent with each other (#8241)
  • Fixed a case where the consumer lock would not release a lock after handling a start sequence error (#8230)
  • Counter streams and message schedules now have configuration constraints applied to prevent incorrect usage patterns (#8240)
  • Improved stream and consumer scale down behaviour consistency (#8253)
  • Fixed an issue where the per-subject state last block was not stored correctly with a max messages per subject limit of 1 (#8254)
  • Fixed a drift that could occur in the peer sets after a peer remove of an online node (#8258)

Complete Changes

nats-io/nats-server@v2.14.1...v2.14.2

Release v2.14.2-RC.1

Changelog

... (truncated)

Commits
  • 1d06592 Release v2.14.2
  • 4e1aefa Cherry-picks for v2.14.2 (#8256)
  • ac092ff Update dependencies
  • 01e589d [FIXED] Peer set desync/re-add after stream peer-remove
  • 3d122e8 De-flake TestJetStreamConsumerPrioritized
  • 3836d96 [FIXED] Initial MaxMsgsPerSubject update not enforced
  • 92cf2e3 [FIXED] Filestore only stores last block when MaxMsgsPerSubject 1
  • 3288b4f (2.14) [IMPROVED] Remove redundant error check in filestore
  • 6ea46d5 [FIXED] Stream and consumer scale down consistency
  • 5edd91c [FIXED] AccountStatz omits accounts with only leaf connections
  • Additional commits viewable in compare view

Updates github.com/pablodz/inotifywaitgo from 0.0.9 to 0.0.12

Release notes

Sourced from github.com/pablodz/inotifywaitgo's releases.

v0.0.12

What's Changed

New Contributors

Full Changelog: pablodz/inotifywaitgo@v0.0.11...v0.0.12

v0.0.11

What's Changed

New Contributors

Full Changelog: pablodz/inotifywaitgo@v0.0.9...v0.0.11

Commits
  • c7175f1 Merge pull request #13 from opencloud-eu/sloglogger
  • 4300d22 Merge branch 'main' into sloglogger
  • 8997802 Merge pull request #12 from acrobatstick/remove-print-output
  • d7c8c4e remove unecessary println
  • a390bae Create a default logger if Log is nil in the settings
  • 60714ec Use slog to log events rather than to stdout
  • c34a969 Merge pull request #10 from pablodz/feat/alpine
  • 6ffb96b upgrade version and golang, fix errors.new
  • See full diff in compare view

Updates github.com/prometheus/alertmanager from 0.32.1 to 0.32.2

Release notes

Sourced from github.com/prometheus/alertmanager's releases.

0.32.2 / 2026-06-05

  • [BUGFIX] Fix dispatcher goroutine leaks on destroyed alertgroup swap. #5241
Changelog

Sourced from github.com/prometheus/alertmanager's changelog.

0.32.2 / 2026-06-05

  • [BUGFIX] Fix dispatcher goroutine leaks on destroyed alertgroup swap. #5241
Commits
  • ce33c59 email_test.go: check the error message with a regexp allowing an optional quo...
  • 8b9126c Fix VERSION and CHANGELOG.md
  • f40845b Remove post 0.32 eventrecorer from dispatcher test
  • 04ab3a5 Prep release v0.32.2-rc.0
  • 54b1aec dispatcher: fix goroutines leak on swap (#5241)
  • See full diff in compare view

Updates go.etcd.io/etcd/client/v3 from 3.6.11 to 3.6.12

Release notes

Sourced from go.etcd.io/etcd/client/v3's releases.

v3.6.12

Please check out CHANGELOG for a full list of changes. And make sure to read upgrade guide before upgrading etcd (there may be breaking changes).

For installation guides, please check out operating etcd. Latest support status for common architectures and operating systems can be found at supported platforms.

Linux
ETCD_VER=v3.6.12
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-linux-amd64.tar.gz -o /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
tar xzvf /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz -C /tmp/etcd-download-test --strip-components=1 --no-same-owner
rm -f /tmp/etcd-${ETCD_VER}-linux-amd64.tar.gz
/tmp/etcd-download-test/etcd --version
/tmp/etcd-download-test/etcdctl version
/tmp/etcd-download-test/etcdutl version
start a local etcd server
/tmp/etcd-download-test/etcd
write,read to etcd
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 put foo bar
/tmp/etcd-download-test/etcdctl --endpoints=localhost:2379 get foo

macOS (Darwin)
ETCD_VER=v3.6.12
choose either URL
GOOGLE_URL=https://storage.googleapis.com/etcd
GITHUB_URL=https://github.com/etcd-io/etcd/releases/download
DOWNLOAD_URL=${GOOGLE_URL}
rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
rm -rf /tmp/etcd-download-test && mkdir -p /tmp/etcd-download-test
curl -L ${DOWNLOAD_URL}/${ETCD_VER}/etcd-${ETCD_VER}-darwin-amd64.zip -o /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
unzip /tmp/etcd-${ETCD_VER}-darwin-amd64.zip -d /tmp && rm -f /tmp/etcd-${ETCD_VER}-darwin-amd64.zip
mv /tmp/etcd-${ETCD_VER}-darwin-amd64/* /tmp/etcd-download-test && rm -rf mv /tmp/etcd-${ETCD_VER}-darwin-amd64
</tr></table>

... (truncated)

Commits
  • 90b034a version: bump up to 3.6.12
  • 8b95963 Merge pull request #21811 from Deln0r/release-3.6-backport-21666
  • 576a6a0 server: allow non-admin maintenance status
  • 2286051 Merge pull request #21794 from vivekpatani/cherry-pick-21788-release-3.6
  • e1468c8 client/pkg/fileutil: use os.Getuid() to skip TestIsDirWriteable as root
  • aaf38f8 Merge pull request #21768 from silentred/release-3.6-etcdutl-invalid-datadir
  • 449e34b etcdutl: validate data file path and return consistent errors instead of pani...
  • 00e1b15 Merge pull request #21736 from silentred/release-3.6-bugfix-memberupdate-learner
  • 49cd4a4 bugfix: MemberUpdate implicitly and unexpectedly promotes a learner
  • 9bbe31b Merge pull request #21727 from silentred/release-3.6-bump-go-1.25.10
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the minor-and-patch group with 5 updates
3ad43cf 
Bumps the minor-and-patch group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) | `1.14.44` | `1.14.45` |
| [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server) | `2.14.1` | `2.14.2` |
| [github.com/pablodz/inotifywaitgo](https://github.com/pablodz/inotifywaitgo) | `0.0.9` | `0.0.12` |
| [github.com/prometheus/alertmanager](https://github.com/prometheus/alertmanager) | `0.32.1` | `0.32.2` |
| [go.etcd.io/etcd/client/v3](https://github.com/etcd-io/etcd) | `3.6.11` | `3.6.12` |


Updates `github.com/mattn/go-sqlite3` from 1.14.44 to 1.14.45
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](mattn/go-sqlite3@v1.14.44...v1.14.45)

Updates `github.com/nats-io/nats-server/v2` from 2.14.1 to 2.14.2
- [Release notes](https://github.com/nats-io/nats-server/releases)
- [Changelog](https://github.com/nats-io/nats-server/blob/main/RELEASES.md)
- [Commits](nats-io/nats-server@v2.14.1...v2.14.2)

Updates `github.com/pablodz/inotifywaitgo` from 0.0.9 to 0.0.12
- [Release notes](https://github.com/pablodz/inotifywaitgo/releases)
- [Commits](pablodz/inotifywaitgo@v0.0.9...v0.0.12)

Updates `github.com/prometheus/alertmanager` from 0.32.1 to 0.32.2
- [Release notes](https://github.com/prometheus/alertmanager/releases)
- [Changelog](https://github.com/prometheus/alertmanager/blob/main/CHANGELOG.md)
- [Commits](prometheus/alertmanager@v0.32.1...v0.32.2)

Updates `go.etcd.io/etcd/client/v3` from 3.6.11 to 3.6.12
- [Release notes](https://github.com/etcd-io/etcd/releases)
- [Commits](etcd-io/etcd@v3.6.11...v3.6.12)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-version: 1.14.45
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: github.com/nats-io/nats-server/v2
  dependency-version: 2.14.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: github.com/pablodz/inotifywaitgo
  dependency-version: 0.0.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: github.com/prometheus/alertmanager
  dependency-version: 0.32.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: go.etcd.io/etcd/client/v3
  dependency-version: 3.6.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jun 7, 2026
@kw-security

kw-security commented Jun 7, 2026
edited
Loading

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kw-security