deps: bump modules and CI actions to latest#32
Merged
Conversation
Routine dependency-update run. No security advisory drove this (govulncheck reports no vulnerabilities); every bump is patch or minor within the same major. Direct modules: golang.org/x/net 0.55.0->0.56.0, golang.org/x/text 0.37.0->0.38.0, modernc.org/sqlite 1.52.0->1.53.0, lipgloss/v2 2.0.3->2.0.4, 99designs/gqlgen 0.17.90->0.17.92, gqlparser/v2 2.5.33->2.5.35, and ogen-go/ogen 1.20.3->1.22.0. The buf tool dependency moves 1.68.4->1.71.0, and go mod tidy settles the transitive graph. The go directive is raised 1.26.1->1.26.4 to match the toolchain. The graph/ files are regenerated gqlgen output: the diff is the new version stamp plus gqlgen's internal template reorganization. The hand-written IxLan field-privacy resolver is preserved. CI action pins move to their latest majors: actions/checkout v6->v7 and actions/cache v5->v6, both ESM/packaging refreshes with no input changes affecting this workflow. Every other action pin was already on its latest major. Verified with the full local gate: build, vet, generate (one-pass, only graph drift), test -race (no data races), golangci-lint (zero issues), and govulncheck (clean). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01WPryaFRrwKyMkUrvzBWBGR
Code Metrics Report
Code coverage of files in pull request scope (86.2%)
Reported by octocov |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Routine dependency-update run — no security advisory drove this (
govulncheckclean); every bump is patch/minor within the same major.Go modules
golang.org/x/net0.55.0 → 0.56.0golang.org/x/text0.37.0 → 0.38.0 (feedsinternal/unifold)modernc.org/sqlite1.52.0 → 1.53.0 (DB driver)charm.land/lipgloss/v22.0.3 → 2.0.4github.com/99designs/gqlgen0.17.90 → 0.17.92github.com/vektah/gqlparser/v22.5.33 → 2.5.35github.com/ogen-go/ogen1.20.3 → 1.22.0buftool 1.68.4 → 1.71.0;go mod tidysettles the transitive graphgodirective 1.26.1 → 1.26.4 (match toolchain)graph/{generated,schema.resolvers,custom.resolvers}.goare regenerated gqlgen output (version stamp + gqlgen internal template reorganization). The hand-written IxLan field-privacy resolver is preserved.CI
actions/checkoutv6 → v7actions/cachev5 → v6Every other action pin was already on its latest major.
Not touched (deliberately)
latesttags by design.Verification (full local CI-equivalent)
go build/go vet— cleango generate ./...— one-pass convergence, onlygraph/driftgo test -race ./...— 0 failures, 0 data racesgolangci-lint run— 0 issuesgovulncheck ./...— no vulnerabilities🤖 Generated with Claude Code