fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
actions/setup-go	action	minor	v6.4.0 → v6.5.0
alpine	final	minor	3.23.4 → 3.24.1
github.com/aws/aws-sdk-go-v2	require	minor	v1.41.12 → v1.42.0
github.com/aws/aws-sdk-go-v2/config	require	patch	v1.32.23 → v1.32.26
github.com/aws/aws-sdk-go-v2/service/sts	require	patch	v1.43.2 → v1.43.4
github.com/minio/minio-go/v7	require	patch	v7.2.0 → v7.2.1
github.com/redis/go-redis/v9	require	minor	v9.20.0 → v9.21.0
github.com/urfave/cli/v3	require	minor	v3.9.0 → v3.10.1
go.starlark.net	require	digest	ec58d4b → 8ba36cc
golang.org/x/crypto	require	minor	v0.52.0 → v0.53.0
gorm.io/gorm	require	patch	v1.31.1 → v1.31.2
k8s.io/apimachinery	require	patch	v0.36.1 → v0.36.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

actions/setup-go (actions/setup-go)

v6.5.0

Compare Source

aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2)

v1.42.0

Compare Source

General Highlights

• Dependency Update: Bump smithy-go to 1.25.0 to support endpointBdd trait
• Dependency Update: Updated to the latest SDK module versions

Module Highlights

• github.com/aws/aws-sdk-go-v2/service/cleanrooms: v1.43.0
  • Feature: This release adds support for configurable spark properties for Cleanrooms PySpark workloads.
• github.com/aws/aws-sdk-go-v2/service/connect: v1.171.0
  • Feature: Fixes in SDK for customers using TestCase APIs
• github.com/aws/aws-sdk-go-v2/service/connectcampaignsv2: v1.12.0
  • Feature: This release adds support for campaign entry limits configuration and hourly refresh frequency in Amazon Connect Outbound Campaigns.
• github.com/aws/aws-sdk-go-v2/service/groundstation: v1.41.0
  • Feature: Adds support for updating contacts, listing antennas, and listing ground station reservations. New API operations - UpdateContact, ListContactVersions, DescribeContactVersion, ListAntennas, and ListGroundStationReservations.
• github.com/aws/aws-sdk-go-v2/service/imagebuilder: v1.53.0
  • Feature: ImportDiskImage API adds registerImageOptions for Secure Boot control and custom UEFI data. It adds windowsConfiguration for selecting a specific edition from multi-image .wim files during ISO import.
• github.com/aws/aws-sdk-go-v2/service/neptune: v1.44.4
  • Documentation: Improving Documentation for Neptune
• github.com/aws/aws-sdk-go-v2/service/quicksight: v1.107.0
  • Feature: Public release of dashboard customization summary, S3 Tables data source type, Athena cross-account connector, custom sorting for controls, and AI-powered analysis generation.
• github.com/aws/aws-sdk-go-v2/service/sagemaker: v1.241.0
  • Feature: Adds support for providing NetworkInterface for efa enabled instances and Simplified cluster creation for Slurm-orchestrated clusters with optional Lifecycle Script (LCS) configuration.
• github.com/aws/aws-sdk-go-v2/service/sts: v1.42.0
  • Feature: The STS client now supports configuring SigV4a through the auth scheme preference setting. SigV4a uses asymmetric cryptography, enabling customers using long-term IAM credentials to continue making STS API calls even when a region is isolated from the partition leader.

minio/minio-go (github.com/minio/minio-go/v7)

v7.2.1

Compare Source

redis/go-redis (github.com/redis/go-redis/v9)

v9.21.0

Compare Source

v9.20.1: 9.20.1

Compare Source

This is a patch release containing bug fixes only. There are no new features or breaking changes; upgrading from 9.20.0 is a drop-in replacement.

🚀 Highlights

RESP3 pub/sub message loss fixed

PeekPushNotificationName previously inspected only the bytes already buffered by bufio, so when a push frame header straddled a buffer fill boundary it could return a truncated notification name (e.g. "messa" instead of "message"). The push processor then mis-routed the frame and ReadReply silently dropped it, causing intermittent RESP3 pub/sub message loss. The peek now grows its window (36 bytes → up to 4 KiB) and reads more from the connection until the header is complete, cleanly separating incomplete prefixes from corrupt frames (including overflow-safe bulk-length handling). Fixes #​3839.

(#​3842) by @​ndyakov

🐛 Bug Fixes

• RESP3 push peeking: PeekPushNotificationName no longer returns a truncated notification name when a push frame header spans a buffer boundary, preventing silent RESP3 pub/sub message loss (fixes #​3839) (#​3842) by @​ndyakov
• FT.HYBRID vector params: Vector data is now always sent via PARAMS with auto-generated param names (__vector_param_N, with collision avoidance) when VectorParamName is omitted, since Redis no longer accepts inline vector blobs; the FTHybridOptions.Params map is no longer mutated, so the same options struct can be reused across calls (#​3844) by @​ndyakov
• CLUSTER SHARDS forward compatibility: Unknown shard- and node-level attributes in the CLUSTER SHARDS reply are now skipped via DiscardNext() instead of erroring, so clients keep working when the server introduces new fields (#​3843) by @​madolson
• PubSub double reconnect: PubSub.releaseConn no longer reconnects twice when a connection is both unusable (or pending handoff) and reports a bad-connection error, avoiding a wasted connection establish-then-close cycle (#​3833) by @​cxljs

👥 Contributors

We'd like to thank all the contributors who worked on this release!

@​cxljs, @​madolson, @​ndyakov

---

Full Changelog: redis/go-redis@v9.20.0...v9.20.1

urfave/cli (github.com/urfave/cli/v3)

v3.10.1

Compare Source

v3.10.0

Compare Source

What's Changed

• feat: add Flag.SchemaType() and Flag.SchemaItemsType() for JSON Schema introspection by @​dearchap in #​2368
• feat: add Command.Walk() and Command.Path() convenience methods by @​dearchap in #​2353
• fix: let --help flag take precedence over parse errors by @​dearchap in #​2360
• fix: resolve remaining help invocation inconsistencies by @​dearchap in #​2361
• fix: skip After hook when help is displayed on subcommand by @​dearchap in #​2363
• fix: show GLOBAL OPTIONS in SubcommandHelpTemplate by @​dearchap in #​2359
• fix: resolve broken links in CHANGELOG.md by @​dearchap in #​2357
• docs: document what happened to build tags in v3 migration guide by @​dearchap in #​2358
• Various docs updates and dependency bumps

Full Changelog: urfave/cli@v3.9.1...v3.10.0

v3.9.1

Compare Source

What's Changed

• fix: inherit Reader/Writer/ErrWriter from parent on subcommand setup by @​c-tonneslan in #​2329
• fix: correct greedy colon parsing in bash completion script by @​TimSoethout in #​2336
• fix: Honor env sources on duplicated flags by @​ibobgunardi in #​2355
• fix: Remove incorrect flag check by @​MohitPanchariya in #​2280
• fix: let completion command use normal flag parsing pipeline by @​suzuki-shunsuke in #​2279
• fix: bash completion spacing by @​cyphercodes in #​2337
• fix: fish custom completion arguments by @​puneetdixit200 in #​2338
• fix: empty positional arg after a flag regression test by @​c-tonneslan in #​2328
• docs: document build tags in v3 migration guide by @​dearchap in #​2358
• chore(deps): bump mkdocs-git-revision-date-localized-plugin by @​dependabot in #​2347
• Fix typos by @​myfloss in #​2339

Full Changelog: urfave/cli@v3.9.0...v3.9.1

go-gorm/gorm (gorm.io/gorm)

v1.31.2

Compare Source

Changes

• Fix potential rows leak on panic by deferring rows.Close() @​omer-cengel (#​7798)
• perf: replace fmt.Sprintf with strconv in ExplainSQL numeric formatting @​alpardfm (#​7796)
• Document NowFunc timezone behavior @​morning-verlu (#​7799)
• correct typo and rename fileType to fieldType in AlterColumn @​cragone (#​7748)
• fix: panic when using clause.Returning with CreateInBatches @​Truongquangkhang (#​7768)
• fix(migrator): add nil guards to ColumnType methods to prevent panic @​lihan3238 (#​7767)
• ci: switch tests Go matrix to stable/oldstable and update setup-go @​smf-h (#​7726)
• chore(ci): bump actions/stale to v9 @​Olexandr88 (#​7696)
• fix(migrator): don't clear alterColumn when defaults match @​qqxhb (#​7728)
• Add package comments to fix ST1000 warnings @​twocs (#​7708)
• generics: populate WithResult error @​qqxhb (#​7723)
• fix(utils): restore FileWithLineNum caller depth and add regression test @​smf-h (#​7717)
• tests: skip customized foreign key many2many on MySQL 8.4+ @​smf-h (#​7727)
• fix tiny typo in error message @​snelg (#​7738)
• Add unit test verifying chainable query methods mutate statement @​miladev95 (#​7684)
• fix: Close connection after ping failure to prevent goroutine leak @​liang09255 (#​7689)
• fix: Row() and Rows() functions should automaticaly apply the generic type as model @​hakanakyurek (#​7664)
• internal/lru: improve concurrency with RWMutex @​miladev95 (#​7668)
• Fix nil pointer panic in serializer for nil any-type fields @​doraemonkeys (#​7634)
• staticcheck QF1001 @​miladev95 (#​7648)
• Support array/slice expansion for named SQL parameters in parentheses @​bafflingbug (#​7614)

kubernetes/apimachinery (k8s.io/apimachinery)

v0.36.2

Compare Source

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 11 additional dependencies were updated

Details:

Package	Change
github.com/aws/aws-sdk-go-v2/credentials	v1.19.22 -> v1.19.25
github.com/aws/aws-sdk-go-v2/feature/ec2/imds	v1.18.28 -> v1.18.29
github.com/aws/aws-sdk-go-v2/internal/configsources	v1.4.28 -> v1.4.29
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2	v2.7.28 -> v2.7.29
github.com/aws/aws-sdk-go-v2/internal/v4a	v1.4.29 -> v1.4.30
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url	v1.13.28 -> v1.13.29
github.com/aws/aws-sdk-go-v2/service/signin	v1.1.4 -> v1.2.1
github.com/aws/aws-sdk-go-v2/service/sso	v1.31.2 -> v1.31.4
github.com/aws/aws-sdk-go-v2/service/ssooidc	v1.36.5 -> v1.36.7
golang.org/x/sys	v0.45.0 -> v0.46.0
golang.org/x/text	v0.37.0 -> v0.38.0

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.02%. Comparing base (b62ee14) to head (0ced11d).

❌ Your project check has failed because the head coverage (58.02%) is below the target coverage (90.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1470   +/-   ##
=======================================
  Coverage   58.02%   58.02%           
=======================================
  Files         663      663           
  Lines       25625    25625           
=======================================
  Hits        14868    14868           
  Misses      10052    10052           
  Partials      705      705           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.