Chore(deps): bump the backend group across 1 directory with 10 updates

[dependabot]

Bumps the backend group with 8 updates in the /services/backend directory:

Package	From	To
github.com/uptrace/bun	1.2.11	1.2.15
github.com/uptrace/bun/driver/pgdriver	1.2.11	1.2.15
github.com/uptrace/bun/extra/bunotel	1.2.11	1.2.15
github.com/gin-contrib/cors	1.7.5	1.7.6
github.com/golang-jwt/jwt/v5	5.2.2	5.3.0
github.com/uptrace/bun/dialect/pgdialect	1.2.11	1.2.15
github.com/v1Flows/shared-library	1.0.7	1.0.25
github.com/zeromicro/go-zero	1.8.2	1.8.5

Updates github.com/uptrace/bun from 1.2.11 to 1.2.15

Release notes

Sourced from github.com/uptrace/bun's releases.

v1.2.15

Please refer to CHANGELOG.md for details

v1.2.14

Please refer to CHANGELOG.md for details

v1.2.13

Please refer to CHANGELOG.md for details

v1.2.12

Please refer to CHANGELOG.md for details

Changelog

Sourced from github.com/uptrace/bun's changelog.

1.2.15 (2025-07-17)

Bug Fixes

• pgdriver: add mandatory space before negative numbers to resolve CVE-2024-34359 (8067a8f)

Features

• db: rename CleanQueryHook to ResetQueryHooks (cb17679)
• db: support clean query hooks (a5f19a7), closes #1226
• dialect: return default on update/delete when create table (d347b48), closes #1212

1.2.14 (2025-06-16)

Bug Fixes

• restore q.limit check (07d32c1)

1.2.13 (2025-06-11)

Bug Fixes

• query: scanAndCount without model (07fb7ec), closes #1209
• sort fk constraints before appending (c87fa90)
• use slices sort (8555900)

1.2.12 (2025-06-05)

Bug Fixes

• automigrate: append SQL to separate []byte slices (f44a349)
• gh-1160: add WithExcludeForeignKeys option (63141cb), closes #1160
• iss-824 to allow mssql to support non unicode strings (0565763)
• migrations: skip template rendering if no data + fix tests (4055827)
• pgdriver: rename channelOverflowHandler to ChannelOverflowHandler for public API (65760a9)
• relation join data race (37971d7)
• report BIGSERIAL ~ BIGINT in pgdialect (ad7356a)
• skip automigrator test early (5b22710)
• start sequence with last+1 (7fbf34a)

... (truncated)

Commits

• 29e836e Merge pull request #1240 from uptrace/release/v1.2.15
• 5c5af41 chore: release v1.2.15 (release.sh)
• 9464a84 Merge pull request #1230 from kissejau/master
• 16b9ca4 Merge pull request #1225 from thunderkatz/master
• cb17679 feat(db): rename CleanQueryHook to ResetQueryHooks
• 8067a8f fix(pgdriver): add mandatory space before negative numbers to resolve CVE-202...
• 225bab0 Merge pull request #1236 from uptrace/feat-hook-support-clean
• a5f19a7 feat(db): support clean query hooks
• 7a28883 Merge pull request #1217 from uptrace/feat-dialect-support-on-update-delete
• 32d85ae chore: rename Listener.Channel to Listener.CreateChannel
• Additional commits viewable in compare view

Updates github.com/uptrace/bun/driver/pgdriver from 1.2.11 to 1.2.15

Release notes

Sourced from github.com/uptrace/bun/driver/pgdriver's releases.

v1.2.15

Please refer to CHANGELOG.md for details

v1.2.14

Please refer to CHANGELOG.md for details

v1.2.13

Please refer to CHANGELOG.md for details

v1.2.12

Please refer to CHANGELOG.md for details

Changelog

Sourced from github.com/uptrace/bun/driver/pgdriver's changelog.

1.2.15 (2025-07-17)

Bug Fixes

• pgdriver: add mandatory space before negative numbers to resolve CVE-2024-34359 (8067a8f)

Features

• db: rename CleanQueryHook to ResetQueryHooks (cb17679)
• db: support clean query hooks (a5f19a7), closes #1226
• dialect: return default on update/delete when create table (d347b48), closes #1212

1.2.14 (2025-06-16)

Bug Fixes

• restore q.limit check (07d32c1)

1.2.13 (2025-06-11)

Bug Fixes

• query: scanAndCount without model (07fb7ec), closes #1209
• sort fk constraints before appending (c87fa90)
• use slices sort (8555900)

1.2.12 (2025-06-05)

Bug Fixes

• automigrate: append SQL to separate []byte slices (f44a349)
• gh-1160: add WithExcludeForeignKeys option (63141cb), closes #1160
• iss-824 to allow mssql to support non unicode strings (0565763)
• migrations: skip template rendering if no data + fix tests (4055827)
• pgdriver: rename channelOverflowHandler to ChannelOverflowHandler for public API (65760a9)
• relation join data race (37971d7)
• report BIGSERIAL ~ BIGINT in pgdialect (ad7356a)
• skip automigrator test early (5b22710)
• start sequence with last+1 (7fbf34a)

... (truncated)

Commits

• 29e836e Merge pull request #1240 from uptrace/release/v1.2.15
• 5c5af41 chore: release v1.2.15 (release.sh)
• 9464a84 Merge pull request #1230 from kissejau/master
• 16b9ca4 Merge pull request #1225 from thunderkatz/master
• cb17679 feat(db): rename CleanQueryHook to ResetQueryHooks
• 8067a8f fix(pgdriver): add mandatory space before negative numbers to resolve CVE-202...
• 225bab0 Merge pull request #1236 from uptrace/feat-hook-support-clean
• a5f19a7 feat(db): support clean query hooks
• 7a28883 Merge pull request #1217 from uptrace/feat-dialect-support-on-update-delete
• 32d85ae chore: rename Listener.Channel to Listener.CreateChannel
• Additional commits viewable in compare view

Updates github.com/uptrace/bun/extra/bunotel from 1.2.11 to 1.2.15

Release notes

Sourced from github.com/uptrace/bun/extra/bunotel's releases.

v1.2.15

Please refer to CHANGELOG.md for details

v1.2.14

Please refer to CHANGELOG.md for details

v1.2.13

Please refer to CHANGELOG.md for details

v1.2.12

Please refer to CHANGELOG.md for details

Changelog

Sourced from github.com/uptrace/bun/extra/bunotel's changelog.

1.2.15 (2025-07-17)

Bug Fixes

• pgdriver: add mandatory space before negative numbers to resolve CVE-2024-34359 (8067a8f)

Features

• db: rename CleanQueryHook to ResetQueryHooks (cb17679)
• db: support clean query hooks (a5f19a7), closes #1226
• dialect: return default on update/delete when create table (d347b48), closes #1212

1.2.14 (2025-06-16)

Bug Fixes

• restore q.limit check (07d32c1)

1.2.13 (2025-06-11)

Bug Fixes

• query: scanAndCount without model (07fb7ec), closes #1209
• sort fk constraints before appending (c87fa90)
• use slices sort (8555900)

1.2.12 (2025-06-05)

Bug Fixes

• automigrate: append SQL to separate []byte slices (f44a349)
• gh-1160: add WithExcludeForeignKeys option (63141cb), closes #1160
• iss-824 to allow mssql to support non unicode strings (0565763)
• migrations: skip template rendering if no data + fix tests (4055827)
• pgdriver: rename channelOverflowHandler to ChannelOverflowHandler for public API (65760a9)
• relation join data race (37971d7)
• report BIGSERIAL ~ BIGINT in pgdialect (ad7356a)
• skip automigrator test early (5b22710)
• start sequence with last+1 (7fbf34a)

... (truncated)

Commits

• 29e836e Merge pull request #1240 from uptrace/release/v1.2.15
• 5c5af41 chore: release v1.2.15 (release.sh)
• 9464a84 Merge pull request #1230 from kissejau/master
• 16b9ca4 Merge pull request #1225 from thunderkatz/master
• cb17679 feat(db): rename CleanQueryHook to ResetQueryHooks
• 8067a8f fix(pgdriver): add mandatory space before negative numbers to resolve CVE-202...
• 225bab0 Merge pull request #1236 from uptrace/feat-hook-support-clean
• a5f19a7 feat(db): support clean query hooks
• 7a28883 Merge pull request #1217 from uptrace/feat-dialect-support-on-update-delete
• 32d85ae chore: rename Listener.Channel to Listener.CreateChannel
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.37.0 to 0.40.0

Commits

• 459a9db go.mod: update golang.org/x dependencies
• 74e709a ssh: add AlgorithmNegotiationError
• b3790b8 acme: fix TLSALPN01ChallengeCert for IP address identifiers
• 1dc4269 acme: add Pebble integration testing
• 97bf787 blake2b: implement hash.XOF
• 952517d x509roots/fallback: update bundle
• c6fce02 ssh: refuse to parse certificates that use a certificate as signing key
• 0ae49b8 ssh: reject certificate keys used as signature keys for SSH certs
• 3bf9d2a ssh/test: skip KEX test if unsupported by system SSH client
• 9bab967 go.mod: update golang.org/x dependencies
• Additional commits viewable in compare view

Updates github.com/gin-contrib/cors from 1.7.5 to 1.7.6

Release notes

Sourced from github.com/gin-contrib/cors's releases.

v1.7.6

Changelog

Others

• f65f3f787bfa4425d557a2975f2c00ce377718d4: test: refactor and expand CORS AllowOrigins test coverage (@​appleboy)

Enhancements

• 28dfa405cf69fbaacd0a6012026e6dde68dbb1c9: chore: update core dependencies to latest supported versions (@​appleboy)
• a9706b1fc6fcd2f76de77c756d83d2fbd24362c1: chore: use http.MethodOptions instead of string literal (#164) (@​LombardiDaniel)
• 7161918d462067a93089e31b125a4bb5af8227f7: chore: update go codec library to improve serialization support (@​appleboy)
• ebd7f912c7f16d468ce530a8625f1a135f65a76f: chore: pin golangci-lint to a specific version (@​appleboy)

Refactor

• 47d9afe5a3f22e913dfd5dc0fab17d1fef58cbbc: refactor: refactor tests to table-driven style and simplify router logic (@​appleboy)

Build process updates

• 90bd363599befa876b8a8d351dea21aa5d58e5d7: ci: upgrade golangci-lint GitHub Action to v8 (@​appleboy)

Documentation updates

• 516207b6baef2029edd9a5c78e892546ab42b7bb: docs: rewrite and expand README for clarity and comprehensive guidance (@​appleboy)
• abfb2cb54b85cae2f72f6a7c5a4ee1decbca9bd4: docs: expand and clarify configuration documentation (@​appleboy)
• 8efeda3905b9493a2c1962393ea783b126ad27aa: docs: revise and expand project documentation for clarity and usability (@​appleboy)
• 4ee797ec66a133fb02afbcda6d27ef0a58473c9c: docs: reorganize and streamline README structure and content (@​appleboy)

Commits

• 47d9afe refactor: refactor tests to table-driven style and simplify router logic
• f65f3f7 test: refactor and expand CORS AllowOrigins test coverage
• 4ee797e docs: reorganize and streamline README structure and content
• 8efeda3 docs: revise and expand project documentation for clarity and usability
• abfb2cb docs: expand and clarify configuration documentation
• ebd7f91 chore: pin golangci-lint to a specific version
• 516207b docs: rewrite and expand README for clarity and comprehensive guidance
• 7161918 chore: update go codec library to improve serialization support
• 90bd363 ci: upgrade golangci-lint GitHub Action to v8
• a9706b1 chore: use http.MethodOptions instead of string literal (#164)
• Additional commits viewable in compare view

Updates github.com/gin-gonic/gin from 1.10.0 to 1.10.1

Release notes

Sourced from github.com/gin-gonic/gin's releases.

v1.10.1

Changelog

Refactor

• b5af7796535d97d9c7af42539af01d787fcb3b4d: refactor: strengthen HTTPS security and improve code organization (@​appleboy)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin ChangeLog

Commits

• b5af779 refactor: strengthen HTTPS security and improve code organization
• See full diff in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.2.2 to 5.3.0

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.0

This release is almost identical to to v5.2.3 but now correctly indicates Go 1.21 as minimum requirement.

What's Changed

• Create CODEOWNERS by @​oxisto in golang-jwt/jwt#449
• Bump Go version to indicate correct minimum requirement by @​oxisto in golang-jwt/jwt#452

Full Changelog: golang-jwt/jwt@v5.2.3...v5.3.0

v5.2.3

What's Changed

• Bump GitHub workflows and Go versions by @​mfridman in golang-jwt/jwt#438
• Implementing validation of multiple audiences by @​oxisto in golang-jwt/jwt#433
• Bump golangci/golangci-lint-action from 7 to 8 by @​dependabot[bot] in golang-jwt/jwt#440
• replaced interface{} to any by @​aachex in golang-jwt/jwt#445
• Fix bug in validation of multiple audiences by @​sfinnman-cotn in golang-jwt/jwt#441

New Contributors

• @​aachex made their first contribution in golang-jwt/jwt#445
• @​sfinnman-cotn made their first contribution in golang-jwt/jwt#441

Full Changelog: golang-jwt/jwt@v5.2.2...v5.2.3

Commits

• e9547a1 Bump Go version to indicate correct minimum requirement (#452)
• 3839817 Create CODEOWNERS (#449)
• d83e545 Fix bug in validation of multiple audiences (#441)
• 75740f1 replaced interface{} to any (#445)
• 048854f Bump golangci/golangci-lint-action from 7 to 8 (#440)
• 497a38e Implementing validation of multiple audiences (#433)
• 12384ea Bump GitHub workflows and Go versions (#438)
• See full diff in compare view

Updates github.com/uptrace/bun/dialect/pgdialect from 1.2.11 to 1.2.15

Release notes

Sourced from github.com/uptrace/bun/dialect/pgdialect's releases.

v1.2.15

Please refer to CHANGELOG.md for details

v1.2.14

Please refer to CHANGELOG.md for details

v1.2.13

Please refer to CHANGELOG.md for details

v1.2.12

Please refer to CHANGELOG.md for details

Changelog

Sourced from github.com/uptrace/bun/dialect/pgdialect's changelog.

1.2.15 (2025-07-17)

Bug Fixes

• pgdriver: add mandatory space before negative numbers to resolve CVE-2024-34359 (8067a8f)

Features

• db: rename CleanQueryHook to ResetQueryHooks (cb17679)
• db: support clean query hooks (a5f19a7), closes #1226
• dialect: return default on update/delete when create table (d347b48), closes #1212

1.2.14 (2025-06-16)

Bug Fixes

• restore q.limit check (07d32c1)

1.2.13 (2025-06-11)

Bug Fixes

• query: scanAndCount without model (07fb7ec), closes #1209
• sort fk constraints before appending (c87fa90)
• use slices sort (8555900)

1.2.12 (2025-06-05)

Bug Fixes

• automigrate: append SQL to separate []byte slices (f44a349)
• gh-1160: add WithExcludeForeignKeys option (63141cb), closes #1160
• iss-824 to allow mssql to support non unicode strings (0565763)
• migrations: skip template rendering if no data + fix tests (4055827)
• pgdriver: rename channelOverflowHandler to ChannelOverflowHandler for public API (65760a9)
• relation join data race (37971d7)
• report BIGSERIAL ~ BIGINT in pgdialect (ad7356a)
• skip automigrator test early (5b22710)
• start sequence with last+1 (7fbf34a)

... (truncated)

Commits

• 29e836e Merge pull request #1240 from uptrace/release/v1.2.15
• 5c5af41 chore: release v1.2.15 (release.sh)
• 9464a84 Merge pull request #1230 from kissejau/master
• 16b9ca4 Merge pull request #1225 from thunderkatz/master
• cb17679 feat(db): rename CleanQueryHook to ResetQueryHooks
• 8067a8f fix(pgdriver): add mandatory space before negative numbers to resolve CVE-202...
• 225bab0 Merge pull request #1236 from uptrace/feat-hook-support-clean
• a5f19a7 feat(db): support clean query hooks
• 7a28883 Merge pull request #1217 from uptrace/feat-dialect-support-on-update-delete
• 32d85ae chore: rename Listener.Channel to Listener.CreateChannel
• Additional commits viewable in compare view

Updates github.com/v1Flows/shared-library from 1.0.7 to 1.0.25

Commits

• 241bf88 Add CancelExecution to Action Condition
• 8b09c1e feat: add Condition and ConditionItem types to enhance action handling
• f27deeb feat: refactor Params struct to use DependsOn type for better structure
• d678872 feat: add DependsOn field to Params struct
• 18a56bd feat: add ApiToken field to Runners and IncomingAutoRunners structs
• d1c975f feat: add ApiURL field to Runners and IncomingAutoRunners structs
• 6ac2a68 feat: add Timestamp field to Line struct and LastHeartbeat field to Execution...
• d29396d feat: add update information fields to Action struct
• d7391f9 feat: refactor Params struct to use Option type for Options field
• 998ff26 feat: update Params struct to redefine Options field with key-value pairs
• Additional commits viewable in compare view

Updates github.com/zeromicro/go-zero from 1.8.2 to 1.8.5

Release notes

Sourced from github.com/zeromicro/go-zero's releases.

v1.8.5

Features

• SQL Read/Write Splitting: Introduced SQL read/write splitting for improved database performance and scalability (#4976, #4990, #5000).
• Serverless Support in REST: Added support for serverless use in REST services (#5001).

Bug Fixes & Improvements

• Fixed HTTP SSE method timeout not working when timeout is set by server (#4932)
• Fixed timeout 0s not working in API files (#4932)
• Fixed panic caused by time.Duration type with numerical values (#4944)
• Fixed duration type comparison in environment variable processing (#4979)

New Contributors

• @​wanwusangzhi made their first contribution (#4944)
• @​geekeryy made their first contribution (#4979)

Full Changelog: v1.8.4...v1.8.5

goctl/v1.8.5

What's Changed

• Bug Fix: Fix for issue #4943 — fix goctl api swagger error (@​kesonan)
• Bug Fix: Fixed goctl api swagger panic with nil pointer when there is a wrong field tag in the API file (#4936)
• Bug Fix: Resolved issue where timeout: 0s was not working in API files (#4932, @​kevwan)
• Bug Fix: Corrected PostgreSQL numeric type mapping in goctl model generation (#4992, @​AnlynnLee)
• Enhancement: Improved POST JSON parameter determination logic in goctl API Swagger and added unit tests (#4997, @​Twilikiss)

New Contributors

• @​wanwusangzhi made their first contribution (#4944)
• @​geekeryy made their first contribution (#4979)
• @​Twilikiss made their first contribution (#4997)

Full Changelog: tools/goctl/v1.8.4...tools/goctl/v1.8.5

v1.8.4

Highlights

• Continuous profiling support (#4867).

  Profiling:
     ServerAddr: http://<pyroscope-server>:<port>

• Embedded File Server Enhancements: Added support to serve files using embed.FS, simplifying static file serving (#4847, #4851).
• Performance Optimizations: Improved performance for hashing and slicing operations (#4891, #4877).

What's Changed

... (truncated)

Commits

• c9ff6a1 feat: support serverless in rest (#5001)
• a71e56d fix: context key error in sql read write mode (#5000)
• bae8d4f chore: refactoring sql read write mode (#4990)
• 8c6266f sql read write support (#4976)
• 95d5b81 chore: optimize pr 4979 (#4988)
• bca7bbc fix: correct duration type comparison in environment variable processing (#4979)
• df9a526 fix issue #4986
• 937cf0d Update readme-cn.md (#4983)
• 75cebb6 fix: timeout 0s not working (#4932)
• 410f56e chore(deps): bump github.com/redis/go-redis/v9 from 9.10.0 to 9.11.0 (#4969)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.