Skip to content

chore(deps): bump the all group across 1 directory with 12 updates#10

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/all-c119640896
Closed

chore(deps): bump the all group across 1 directory with 12 updates#10
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/all-c119640896

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the all group with 8 updates in the / directory:

Package From To
charm.land/bubbles/v2 2.1.0 2.1.1
charm.land/bubbletea/v2 2.0.7 2.0.8
charm.land/catwalk 0.45.3 0.49.20
charm.land/fantasy 0.33.2 0.36.0
charm.land/lipgloss/v2 2.0.4 2.0.5
github.com/ncruces/go-sqlite3 0.35.1 0.35.2
github.com/pressly/goose/v3 3.27.1 3.27.2
golang.org/x/net 0.56.0 0.57.0

Updates charm.land/bubbles/v2 from 2.1.0 to 2.1.1

Release notes

Sourced from charm.land/bubbles/v2's releases.

v2.1.1

Lil’ Textarea Fix

This is a tiny patch to fix a bug in textarea where the prompt character could be missing styling on empty lines. That’s all for now!

Thanks for using Bubbles, Charm 🌞

Changelog

Fixed

  • d2b2217d6352ce04183623d66d4266115419733c: fix(textarea): apply prompt style on all lines, including fillers (@​meowgorithm)

Docs


Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Commits
  • d2b2217 fix(textarea): apply prompt style on all lines, including fillers
  • 0dafc72 chore(deps): bump actions/checkout from 6 to 7 in the all group (#1006)
  • 492ed7d chore(deps): bump the all group with 2 updates (#1004)
  • 40d145e chore(deps): bump the all group with 2 updates (#996)
  • 8585ef8 chore(deps): bump github.com/sahilm/fuzzy in the all group (#969)
  • ef0090e chore: remove CODEOWNERS
  • 6feda24 chore(deps): bump the all group with 3 updates (#958)
  • 42130e8 chore(deps): bump github.com/mattn/go-runewidth in the all group (#952)
  • 0d62ce2 chore(deps): bump dependabot/fetch-metadata from 2 to 3 in the all group (#953)
  • 204774b chore(deps): bump github.com/mattn/go-runewidth in the all group (#945)
  • Additional commits viewable in compare view

Updates charm.land/bubbletea/v2 from 2.0.7 to 2.0.8

Release notes

Sourced from charm.land/bubbletea/v2's releases.

v2.0.8

Graphemes, schmraphemes

No terminal can render emojis perfectly, but we can try. This release improves some very specific edge cases around emoji rendering. Enjoy!

Changelog

  • db569adcb41d0eae251587e6a5f0cc3c7d77e8eb: fix(deps): bump ultraviolet for emoji-related rendering improvements

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Commits
  • fc707bb chore(examples): go mod tidy
  • db569ad chore(deps): bump ultraviolet for emoji-related rendering fixes
  • See full diff in compare view

Updates charm.land/catwalk from 0.45.3 to 0.49.20

Release notes

Sourced from charm.land/catwalk's releases.

v0.49.20

Changelog

Other stuff

  • e1f0a2c4d135e4750454227def155f6a55cab36c: chore(copilot): add gpt 5.6 (@​andreynering)

First, download the checksums.txt file and the checksums.txt.sigstore.json file files, for example, with wget:

wget 'https://github.com/charmbracelet/catwalk/releases/download/v0.49.20/checksums.txt'
wget 'https://github.com/charmbracelet/catwalk/releases/download/v0.49.20/checksums.txt.sigstore.json'

Then, verify it using cosign:

cosign verify-blob \
  --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --bundle 'checksums.txt.sigstore.json' \
  ./checksums.txt

If the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:

sha256sum --ignore-missing -c checksums.txt

Done! You artifacts are now verified!

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

v0.49.19

Changelog

Other stuff

  • a407b309b9185f4d4e01d1237b5b14f4782d4e41: chore: auto-update generated files (#436) (@​github-actions[bot])

... (truncated)

Commits

Updates charm.land/fantasy from 0.33.2 to 0.36.0

Release notes

Sourced from charm.land/fantasy's releases.

v0.36.0

Changelog

New!

  • f78b5d6d9e7bd5c7c82627ee3e289e7a854613f1: feat: support per-call HTTP headers (@​meowgorithm)

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

v0.35.2

Changelog

Other stuff

  • 263de1d023c0a5c4456207ac6d03a05c6e477ed1: ci: fix govulncheck (@​andreynering)
  • 4f5ec5ae6cddbef3c9c70e005c0195af21074def: ci: only run lint on ubuntu (@​andreynering)
  • 49274e4e85fa36c406c7a6aea0015781c82d6326: v0.35.2 (@​andreynering)

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

v0.35.1

Changelog

Other stuff


Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

v0.35.0

Changelog

New!

  • bfdb4ad69389517ef79024b6471e891e3e3ab417: feat: enable prompt caching for OpenAI-compatible models that need per-message cache markers (@​taciturnaxolotl)

Other stuff


Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

v0.34.0

... (truncated)

Commits

Updates charm.land/lipgloss/v2 from 2.0.4 to 2.0.5

Release notes

Sourced from charm.land/lipgloss/v2's releases.

v2.0.5

Graphemes, Schmraphemes

If you’re using emojis in the terminal you're in for a rough ride. That said, we do what we can. This release brings some in some very specific edge case rendering improvements. Enjoy.

Enjoy!

Changelog

  • 10f9584edb197ddbbfc789081d33b6fadaea5742: chore(deps): bump ultraviolet for emoji-related improvements

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Commits
  • 5bd778d chore(deps): bump actions/checkout from 6 to 7 in the all group (#703)
  • f2a46ba chore(deps): bump golang.org/x/sys in the all group (#701)
  • See full diff in compare view

Updates github.com/charmbracelet/ultraviolet from 0.0.0-20260525132238-948f4557a654 to 0.0.0-20260703014108-f5a850f9c2b7

Commits

Updates github.com/ncruces/go-sqlite3 from 0.35.1 to 0.35.2

Release notes

Sourced from github.com/ncruces/go-sqlite3's releases.

v0.35.2

What's Changed

Updates:

  • SQLite 3.53.3
  • Gorm 1.31.2
  • Vec1 0.7

Added O_TMPFILE support.

[!CAUTION] There is a know issue (#404) that may cause data corruption when using WAL mode on Windows under high concurrency. The bug has likely existed ever since WAL mode support was added to Windows in v0.20.2 2 years ago. Since this is not a regression, I decided not to block the release waiting for a fix.

Full Changelog: ncruces/go-sqlite3@v0.35.1...v0.35.2

Artifact attestations

Commits

Updates github.com/pressly/goose/v3 from 3.27.1 to 3.27.2

Release notes

Sourced from github.com/pressly/goose/v3's releases.

v3.27.2

Changed

  • Upgrade golang.org/x/crypto and golang.org/x/net to address security advisories (CVE fixes)
  • Various dependency upgrades
Changelog

Sourced from github.com/pressly/goose/v3's changelog.

[v3.27.2] - 2026-06-30

Changed

  • Upgrade golang.org/x/crypto and golang.org/x/net to address security advisories (CVE fixes)
  • Various dependency upgrades
Commits
  • b0f7076 release: v3.27.2
  • 6669df2 build(deps): bump github.com/opencontainers/runc from 1.3.3 to 1.3.6 in /inte...
  • f61f5b9 build(deps): bump the gomod group across 1 directory with 4 updates (#1086)
  • 90d5b3a build(deps): bump actions/checkout from 6 to 7 (#1081)
  • cef6bb7 build(deps): bump golang crypto and net to FIX CVEs (#1083)
  • f2c327a build(deps): bump the gomod group across 1 directory with 7 updates (#1079)
  • d0bee40 Docs: mention MariaDB support (#1071)
  • See full diff in compare view

Updates golang.org/x/net from 0.56.0 to 0.57.0

Commits
  • b8f09f6 go.mod: update golang.org/x dependencies
  • f05f21b idna: reject all-ASCII xn-- labels on all Go versions
  • 0f748cf internal/http3: clean up stream I/O methods usages in tests
  • 0bb961e internal/http3: add net/http.ResponseController support
  • 0ca694d webdav: document Dir's lack of defense against filesystem modification
  • bd5f1dc http2: initialize Transport on NewClientConn
  • 488ff63 bpf: add security considerations to package docs
  • 93d1f25 xsrftoken: avoid token collisions
  • 5a3baee internal/http3: prevent panic in QPACK decoder due to overflow
  • See full diff in compare view

Updates golang.org/x/sync from 0.21.0 to 0.22.0

Commits

Updates golang.org/x/sys from 0.46.0 to 0.47.0

Commits
  • 9e7e939 cpu: handle vendor suffixes in parseRelease
  • f6fb8a1 unix: use epoll_pwait rather than epoll_wait
  • f3eeabf windows: avoid length overflow in NewNTString
  • 3cb6647 unix: update glibc to 2.43
  • c507910 windows: document safe usage of TrusteeValue
  • See full diff in compare view

Updates golang.org/x/text from 0.38.0 to 0.40.0

Commits
  • 724af9c go.mod: update golang.org/x dependencies
  • bf5b9d6 internal/export/idna: always treat Punycode encoding pure ASCII as an error
  • b326f3d go.mod: update golang.org/x dependencies
  • 5ae8e57 unicode/norm: avoid infinite loop on invalid input
  • 0dc94a2 all: fix some comments
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [charm.land/bubbles/v2](https://github.com/charmbracelet/bubbles) | `2.1.0` | `2.1.1` |
| [charm.land/bubbletea/v2](https://github.com/charmbracelet/bubbletea) | `2.0.7` | `2.0.8` |
| [charm.land/catwalk](https://github.com/charmbracelet/catwalk) | `0.45.3` | `0.49.20` |
| [charm.land/fantasy](https://github.com/charmbracelet/fantasy) | `0.33.2` | `0.36.0` |
| [charm.land/lipgloss/v2](https://github.com/charmbracelet/lipgloss) | `2.0.4` | `2.0.5` |
| [github.com/ncruces/go-sqlite3](https://github.com/ncruces/go-sqlite3) | `0.35.1` | `0.35.2` |
| [github.com/pressly/goose/v3](https://github.com/pressly/goose) | `3.27.1` | `3.27.2` |
| [golang.org/x/net](https://github.com/golang/net) | `0.56.0` | `0.57.0` |



Updates `charm.land/bubbles/v2` from 2.1.0 to 2.1.1
- [Release notes](https://github.com/charmbracelet/bubbles/releases)
- [Commits](charmbracelet/bubbles@v2.1.0...v2.1.1)

Updates `charm.land/bubbletea/v2` from 2.0.7 to 2.0.8
- [Release notes](https://github.com/charmbracelet/bubbletea/releases)
- [Commits](charmbracelet/bubbletea@v2.0.7...v2.0.8)

Updates `charm.land/catwalk` from 0.45.3 to 0.49.20
- [Release notes](https://github.com/charmbracelet/catwalk/releases)
- [Commits](charmbracelet/catwalk@v0.45.3...v0.49.20)

Updates `charm.land/fantasy` from 0.33.2 to 0.36.0
- [Release notes](https://github.com/charmbracelet/fantasy/releases)
- [Commits](charmbracelet/fantasy@v0.33.2...v0.36.0)

Updates `charm.land/lipgloss/v2` from 2.0.4 to 2.0.5
- [Release notes](https://github.com/charmbracelet/lipgloss/releases)
- [Commits](charmbracelet/lipgloss@v2.0.4...v2.0.5)

Updates `github.com/charmbracelet/ultraviolet` from 0.0.0-20260525132238-948f4557a654 to 0.0.0-20260703014108-f5a850f9c2b7
- [Commits](https://github.com/charmbracelet/ultraviolet/commits)

Updates `github.com/ncruces/go-sqlite3` from 0.35.1 to 0.35.2
- [Release notes](https://github.com/ncruces/go-sqlite3/releases)
- [Commits](ncruces/go-sqlite3@v0.35.1...v0.35.2)

Updates `github.com/pressly/goose/v3` from 3.27.1 to 3.27.2
- [Release notes](https://github.com/pressly/goose/releases)
- [Changelog](https://github.com/pressly/goose/blob/main/CHANGELOG.md)
- [Commits](pressly/goose@v3.27.1...v3.27.2)

Updates `golang.org/x/net` from 0.56.0 to 0.57.0
- [Commits](golang/net@v0.56.0...v0.57.0)

Updates `golang.org/x/sync` from 0.21.0 to 0.22.0
- [Commits](golang/sync@v0.21.0...v0.22.0)

Updates `golang.org/x/sys` from 0.46.0 to 0.47.0
- [Commits](golang/sys@v0.46.0...v0.47.0)

Updates `golang.org/x/text` from 0.38.0 to 0.40.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.38.0...v0.40.0)

---
updated-dependencies:
- dependency-name: charm.land/bubbles/v2
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: charm.land/bubbletea/v2
  dependency-version: 2.0.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: charm.land/catwalk
  dependency-version: 0.49.20
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: charm.land/fantasy
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: charm.land/lipgloss/v2
  dependency-version: 2.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/charmbracelet/ultraviolet
  dependency-version: 0.0.0-20260703014108-f5a850f9c2b7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/ncruces/go-sqlite3
  dependency-version: 0.35.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/pressly/goose/v3
  dependency-version: 3.27.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: golang.org/x/net
  dependency-version: 0.57.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/sync
  dependency-version: 0.22.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/sys
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/text
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: area: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot @github

dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 13, 2026
@dependabot
dependabot Bot deleted the dependabot/go_modules/all-c119640896 branch July 13, 2026 09:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants