Skip to content

Update gomod dependencies#4545

Merged
renovate[bot] merged 5 commits into
mainfrom
renovate/gomod
Jul 6, 2026
Merged

Update gomod dependencies#4545
renovate[bot] merged 5 commits into
mainfrom
renovate/gomod

Conversation

@renovate

@renovate renovate Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence Type Update Pending
github.com/ClickHouse/clickhouse-go/v2 v2.46.0v2.47.0 age confidence require minor
github.com/aws/aws-sdk-go-v2/config v1.32.25v1.32.26 age confidence require patch v1.32.28 (+1)
github.com/aws/aws-sdk-go-v2/credentials v1.19.24v1.19.25 age confidence require patch v1.19.27 (+1)
github.com/aws/aws-sdk-go-v2/service/kms v1.53.4v1.53.5 age confidence require patch v1.54.0 (+1)
github.com/aws/aws-sdk-go-v2/service/s3 v1.104.0v1.104.1 age confidence require patch v1.105.0 (+1)
github.com/aws/aws-sdk-go-v2/service/ses v1.35.2v1.35.3 age confidence require patch v1.36.0 (+1)
github.com/aws/aws-sdk-go-v2/service/sts v1.43.3v1.43.4 age confidence require patch v1.44.0 (+1)
github.com/aws/smithy-go v1.27.2v1.27.3 age confidence require patch
github.com/go-mysql-org/go-mysql 35ca5c6a57884f require digest
github.com/slack-go/slack v0.26.0v0.27.0 age confidence require minor
github.com/urfave/cli/v3 v3.10.0v3.10.1 age confidence require patch
golang.org/x/tools v0.46.0v0.47.0 age confidence require minor

Release Notes

ClickHouse/clickhouse-go (github.com/ClickHouse/clickhouse-go/v2)

v2.47.0

Compare Source

What's Changed

Improvements 🚀
Bug fixes 🐛
Other Changes 🛠

New Contributors

Full Changelog: ClickHouse/clickhouse-go@v2.46.0...v2.47.0

aws/aws-sdk-go-v2 (github.com/aws/aws-sdk-go-v2/service/kms)

v1.53.5

Module Highlights

  • github.com/aws/aws-sdk-go-v2/service/iam: v1.53.5
    • Documentation: Added support for CloudWatch Logs long-term API keys, currently available in Preview
  • github.com/aws/aws-sdk-go-v2/service/mgn: v1.40.0
    • Feature: Adds support for new storeSnapshotOnLocalZone field in ReplicationConfiguration and updateReplicationConfiguration
  • github.com/aws/aws-sdk-go-v2/service/opensearch: v1.60.0
    • Feature: This change enables cross-account and cross-region access for DataSources. Customers can now define access policies on their datasources to allow other AWS accounts to access and query their data.
  • github.com/aws/aws-sdk-go-v2/service/route53globalresolver: v1.1.0
    • Feature: Adds support for dual stack Global Resolvers and Dictionary-based Domain Generation Firewall Advanced Protection.
aws/smithy-go (github.com/aws/smithy-go)

v1.27.3

Compare Source

General Highlights

  • Dependency Update: Updated to the latest SDK module versions

Module Highlights

  • github.com/aws/smithy-go: v1.27.3
    • Bug Fix: Fix bug in JSON doc encoder and endpoint host label format validation
slack-go/slack (github.com/slack-go/slack)

v0.27.0

Compare Source

Added
  • Support for data_visualization block through DataVisualizationBlock.
  • Teamnow preservesenterprise_idandenterprise_namewhen Slack includes Enterprise org details in interaction payloadteam` objects.

Full Changelog: slack-go/slack@v0.26.0...v0.27.0

urfave/cli (github.com/urfave/cli/v3)

v3.10.1

Compare Source

What's Changed
New Contributors

Full Changelog: urfave/cli@v3.10.0...v3.10.1


Configuration

📅 Schedule: (in timezone Etc/UTC)

  • Branch creation
    • "after 5pm on monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from a team as a code owner July 6, 2026 18:10
@renovate renovate Bot added the dependencies Pull requests that update a dependency file label Jul 6, 2026
@renovate renovate Bot enabled auto-merge (squash) July 6, 2026 18:10
@renovate

renovate Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: flow/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 12 additional dependencies were updated

Details:

Package Change
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.29 -> v1.19.30
github.com/aws/aws-sdk-go-v2/service/signin v1.2.0 -> v1.2.1
github.com/aws/aws-sdk-go-v2/service/sso v1.31.3 -> v1.31.4
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.36.6 -> v1.36.7
github.com/docker/go-connections v0.6.0 -> v0.7.0
github.com/ebitengine/purego v0.10.0 -> v0.10.1
github.com/moby/moby/api v1.54.2 -> v1.55.0
github.com/moby/moby/client v0.4.0 -> v0.5.0
github.com/tklauser/go-sysconf v0.3.16 -> v0.4.0
github.com/tklauser/numcpus v0.11.0 -> v0.12.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 -> v0.69.0
golang.org/x/telemetry v0.0.0-20260610154732-fb80ec83bdd9 -> v0.0.0-20260625142307-59b4966ccb57
File name: flow/pkg/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 9 additional dependencies were updated

Details:

Package Change
github.com/andybalholm/brotli v1.2.0 -> v1.2.1
github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.19.29 -> v1.19.30
github.com/paulmach/orb v0.12.0 -> v0.13.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.67.0 -> v0.69.0
golang.org/x/crypto v0.52.0 -> v0.53.0
golang.org/x/net v0.54.0 -> v0.56.0
golang.org/x/sync v0.20.0 -> v0.21.0
golang.org/x/sys v0.45.0 -> v0.46.0
golang.org/x/text v0.37.0 -> v0.38.0

@claude

claude Bot commented Jul 6, 2026

Copy link
Copy Markdown

Dependency Bump Review

Reviewed all upstream release notes and commit logs for the bumped range of each dependency. No regressions identified.

Direct dependency changes

Package Bump Risk Notes
clickhouse-go/v2 v2.46.0 → v2.47.0 Low Bug fixes only: DateTime/DateTime64 timezone handling for synthetic Fixed/UTC±HH:MM:SS offsets (#1882), connection eviction on wrapped net.OpErrors, debug logging restoration, placeholder/backtick handling. No behavioral changes for normal IANA timezones.
aws/smithy-go v1.27.2 → v1.27.3 Low Patch: fix bug in JSON doc encoder and endpoint host label format validation.
go-mysql-org/go-mysql 35ca5c6 → a57884f Low Two server-side changes only (#1163: add CLIENT_LOCAL_FILES capability, #1166: fix OOB panic in handshake parsing). PeerDB uses the client/replication packages, so neither change is in PeerDB's code path.
slack-go/slack v0.26.0 → v0.27.0 Low Purely additive: new DataVisualizationBlock, enterprise org fields preserved in Team payloads.
urfave/cli/v3 v3.10.0 → v3.10.1 Low Patch fixes: -v alias yielding, deterministic completion ordering, DefaultCommand flag handling.
golang.org/x/tools v0.46.0 → v0.47.0 Low Mostly gopls changes; not in PeerDB's runtime path.

Transitive dependency changes

Standard version bumps pulled in by the direct dependencies: docker/go-connections, ebitengine/purego, moby/moby, tklauser/go-sysconf/numcpus, otelhttp, andybalholm/brotli, paulmach/orb, and golang.org/x standard libs. All are minor/patch with no breaking changes.

Security & PII check

  • No code changes — diff is limited to go.mod and go.sum files.
  • No new logging, stdout/stderr output, or PII/secret exposure.

Verdict: Safe to merge.

@claude

claude Bot commented Jul 6, 2026

Copy link
Copy Markdown

Code review

No bugs or CLAUDE.md violations found. Checked for correctness issues in go.mod/go.sum changes and CLAUDE.md compliance.

Upstream release notes analysis (per REVIEW.md)

github.com/ClickHouse/clickhouse-go/v2 v2.46.0v2.47.0 — No regressions. Bug fixes only:

  • Fix: evict connections on wrapped net.OpErrors (#1869)
  • Fix: DateTime/DateTime64 timezone resolution for synthetic Fixed/UTC±HH:MM:SS offsets (#1882)
  • Fix: ignore placeholders in quoted contexts (#1879)
  • Fix: handle named args inside backticks (#1888)
  • Fix: restore debug logging when debug=1 set via DSN (#1852)

github.com/aws/smithy-go v1.27.2v1.27.3 — No regressions. Patch release fixing a bug in the JSON doc encoder and endpoint host label format validation.

github.com/go-mysql-org/go-mysql 35ca5c6a57884f (⚠️ digest bump, 2 days of commits, no release notes) — This library is PeerDB's core MySQL CDC engine (binlog replication, GTID handling, row event parsing). The Renovate PR provides no release notes for this bump. Recommend reviewing the commit diff before merging to check for regressions in binlog/GTID/event handling.

github.com/slack-go/slack v0.26.0v0.27.0 — No regressions. Additive changes only: adds DataVisualizationBlock support and preserves enterprise org details in interaction payloads.

github.com/urfave/cli/v3 v3.10.0v3.10.1 — No regressions. Bug fixes: yields -v alias to user-defined flags, deterministic completion subcommand ordering, DefaultCommand flag handling fix.

golang.org/x/tools v0.46.0v0.47.0 — Build/analysis tooling update, not in the runtime path. No risk.

@renovate renovate Bot force-pushed the renovate/gomod branch from 07da822 to 0d9b4dd Compare July 6, 2026 18:37
@claude

claude Bot commented Jul 6, 2026

Copy link
Copy Markdown

Dependency Bump Review

Reviewed all upstream changes for the bumped dependencies. No regressions or breaking changes found.

Upstream highlights:

Package Type Notes
clickhouse-go/v2 v2.46.0→v2.47.0 minor Bug fixes: DateTime timezone handling, placeholder in quoted contexts, named args in backticks. Improvement: connection eviction on wrapped net.OpErrors. No breaking changes.
aws-sdk-go-v2/* patches Standard patch bumps. smithy-go v1.27.3 fixes JSON doc encoder and endpoint host label format validation bug.
go-mysql 35ca5c6→a57884f digest Two commits: (1) SERVER_LOCAL_FILES capability change — only affects server package, not used by PeerDB; (2) Auth packet out-of-range panic fix — positive resilience improvement for the client package PeerDB uses.
slack-go/slack v0.26.0→v0.27.0 minor Additive: DataVisualizationBlock support, enterprise org details in interaction payloads.
urfave/cli/v3 v3.10.0→v3.10.1 patch Bug fixes: version flag alias, completion ordering, DefaultCommand flags.
golang.org/x/tools v0.46.0→v0.47.0 minor Standard tooling update.

Security/PII check: Diff is purely go.mod/go.sum changes — no source code, logging, or output modifications. No PII or secret exposure risk.

🤖 Generated with Claude Code

@renovate renovate Bot force-pushed the renovate/gomod branch from 0d9b4dd to 3220aec Compare July 6, 2026 19:42
@renovate

renovate Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@claude

claude Bot commented Jul 6, 2026

Copy link
Copy Markdown

Reviewed this Renovate dependency bump. All changes are confined to flow/go.mod, flow/go.sum, flow/pkg/go.mod, and flow/pkg/go.sum — no source code modifications.

Upstream release notes review (per REVIEW.md):

Package Bump Findings
clickhouse-go/v2 v2.46.0 → v2.47.0 Bug fixes (DateTime timezone, placeholder handling, named args in backticks) and improved connection eviction on wrapped net.OpErrors. No regressions reported against v2.47.0. Two open issues (#1896 panic-in-init, #1891 Array(Bool) params) are pre-existing bugs, not regressions. Low risk.
go-mysql-org/go-mysql 35ca5c6 → a57884f 2 commits, both in server/ package only: added CLIENT_LOCAL_FILES to default server capabilities (#1163) and fixed a handshake panic on malformed packets (#1166). PeerDB uses this library as a MySQL client for CDC replication — replication/, canal/, client/ packages are untouched. No impact.
aws-sdk-go-v2 (config, credentials, kms, s3, ses, sts) Patch bumps Routine SDK module version updates with no breaking changes.
aws/smithy-go v1.27.2 → v1.27.3 Bug fix for JSON doc encoder and endpoint host label format validation. Low risk.
slack-go/slack v0.26.0 → v0.27.0 Additive: new DataVisualizationBlock support and enterprise info in team payloads. No breaking changes.
urfave/cli/v3 v3.10.0 → v3.10.1 Bug fixes for version flag alias, completion ordering, and DefaultCommand flag handling.
golang.org/x/tools v0.46.0 → v0.47.0 Standard minor update to Go tooling.

PII/secrets check: No logging or output changes — diff is purely dependency version bumps in module files.

No regressions or breaking changes identified. Looks clean. ✅

🤖 Generated with Claude Code

@claude

claude Bot commented Jul 6, 2026

Copy link
Copy Markdown

Reviewed this Renovate dependency bump. All upstream release notes and commit logs checked — no regressions or breaking changes identified.

Upstream highlights:

  • clickhouse-go v2.47.0: Bug fixes — DateTime/DateTime64 timezone handling for synthetic offsets, connection eviction on wrapped net.OpErrors, placeholder handling in quoted contexts. No breaking changes.
  • AWS SDK patches (config, credentials, kms, s3, ses, sts, smithy-go): Routine patch updates. smithy-go v1.27.3 fixes a bug in JSON doc encoder and endpoint host label format validation.
  • go-mysql: The renovate.json5 change pins go-mysql at the current commit to prevent auto-upgrades past the team's reliability fixes — good defensive measure.
  • slack-go v0.27.0: Additive only (new data_visualization block, enterprise fields in Team payloads).
  • urfave/cli v3.10.1: Bug fixes for DefaultCommand flag handling and completion ordering.
  • golang.org/x/tools v0.47.0: Standard Go tooling minor update.

No PII/secret exposure concerns (only go.mod, go.sum, and renovate.json5 changed).

🤖 Reviewed by Claude

Comment thread renovate.json5
@claude

claude Bot commented Jul 6, 2026

Copy link
Copy Markdown

Reviewed the dependency bumps. Upstream release notes checked for all packages.

Summary of upstream changes:

Package Version Risk Notes
clickhouse-go/v2 v2.46.0 → v2.47.0 Low DateTime timezone fix (additive, PeerDB is write-only to CH), connection eviction improvement (beneficial for retry reliability), debug logging restore (PeerDB does not enable debug=1). All safe.
AWS SDK (config, credentials, kms, s3, ses, sts) patch bumps Low Standard SDK dependency updates, no PeerDB-relevant changes.
smithy-go v1.27.2 → v1.27.3 Low Bug fix for JSON doc encoder and endpoint host label validation.
go-mysql-org/go-mysql 35ca5c6 → a57884f Low Two server-side-only changes (thread-safe capability flags + handshake panic prevention). PeerDB uses the client/replication side — no intersection.
slack-go/slack v0.26.0 → v0.27.0 Low Additive: new DataVisualizationBlock, enterprise fields preserved in Team.
urfave/cli/v3 v3.10.0 → v3.10.1 Low Bug fixes for flag handling and completion ordering.
golang.org/x/tools v0.46.0 → v0.47.0 Low Developer tooling, no runtime impact.

No PII/secret logging concerns identified in any of the upstream changes.

⚠️ One issue found — see inline comment on renovate.json5: the go-mysql pin version (35ca5c6) does not match the go.mod bump target (a57884f) in this same PR.

@renovate renovate Bot merged commit ecdbbfd into main Jul 6, 2026
23 checks passed
@renovate renovate Bot deleted the renovate/gomod branch July 6, 2026 20:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants