chore(deps): bump the backend-go-dependencies group in /backend-go with 3 updates by dependabot[bot] · Pull Request #60 · fabriziosalmi/secure-proxy-manager

dependabot · 2026-04-07T23:51:05Z

Bumps the backend-go-dependencies group in /backend-go with 3 updates: github.com/rs/zerolog, golang.org/x/crypto and modernc.org/sqlite.

Updates github.com/rs/zerolog from 1.33.0 to 1.35.0

Commits

1396655 Bump CI Go matrix minimum from 1.21 to 1.23
4b65a2f Bump actions/cache from 4 to 5 (#741)
b835796 Bump actions/setup-go from 5 to 6 (#742)
134caf8 Added sanitization of journald keys (#751)
e133b6a Added variadic StrsV, ObjectsV, and StringersV (#752)
82017d8 Bump github.com/coreos/go-systemd/v22 from 22.6.0 to 22.7.0 (#753)
2f5b8a9 fix: UpdateContext skips Nop and zero-value loggers (#754)
d64c9a7 Add slog.Handler implementation for zerolog (#755)
a0d61dc fix: return dict to Event pool (#749)
f6fbd33 Test coverage improvements (#748)
Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.45.0 to 0.49.0

Commits

982eaa6 go.mod: update golang.org/x dependencies
159944f ssh,acme: clean up tautological/impossible nil conditions
a408498 acme: only require prompt if server has terms of service
cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
2f26647 x509roots/fallback: update bundle
e08b067 go.mod: update golang.org/x dependencies
7d0074c scrypt: fix panic on parameters <= 0
506e022 go.mod: update golang.org/x dependencies
7dacc38 chacha20poly1305: error out in fips140=only mode
19acf81 go.mod: update golang.org/x dependencies
Additional commits viewable in compare view

Updates modernc.org/sqlite from 1.33.1 to 1.48.1

Changelog

Sourced from modernc.org/sqlite's changelog.

Changelog

2026-04-06 v1.48.2:

Fix ABI mapping mismatch in the pre-update hook trampoline that caused silent truncation of large 64-bit RowIDs.

Ensure the Go trampoline signature correctly aligns with the public sqlite3_preupdate_hook C API, preventing data corruption for high-entropy keys (e.g., Snowflake IDs).

See [GitLab merge request #98](https://gitlab.com/cznic/sqlite/-/merge_requests/98), thanks Josh Bleecher Snyder!

Fix the memory allocator used in (*conn).Deserialize.

Replace tls.Alloc with sqlite3_malloc64 to prevent internal allocator corruption. This ensures the buffer is safely owned by SQLite, which may resize or free it due to the SQLITE_DESERIALIZE_RESIZEABLE and SQLITE_DESERIALIZE_FREEONCLOSE flags.

Prevent a memory leak by properly freeing the allocated buffer if fetching the main database name fails before handing ownership to SQLite.

See [GitLab merge request #100](https://gitlab.com/cznic/sqlite/-/merge_requests/100), thanks Josh Bleecher Snyder!

Fix (*conn).Deserialize to explicitly reject nil or empty byte slices.

Prevent silent database disconnection and connection pool corruption caused by SQLite's default behavior when sqlite3_deserialize receives a 0-length buffer.

See [GitLab merge request #101](https://gitlab.com/cznic/sqlite/-/merge_requests/101), thanks Josh Bleecher Snyder!

Fix commitHookTrampoline and rollbackHookTrampoline signatures by removing the unused pCsr parameter.

Aligns internal hook callbacks accurately with the underlying SQLite C API, cleaning up the code to prevent potential future confusion or bugs.

See [GitLab merge request #102](https://gitlab.com/cznic/sqlite/-/merge_requests/102), thanks Josh Bleecher Snyder!

Fix checkptr instrumentation failures during go test -race when registering and using virtual tables (vtab).

Allocate sqlite3_module instances using the C allocator (libc.Xcalloc) instead of the Go heap. This ensures transpiled C code can safely perform pointer operations on the struct without tripping Go's pointer checks.

See [GitLab merge request #103](https://gitlab.com/cznic/sqlite/-/merge_requests/103), thanks Josh Bleecher Snyder!

Fix data race on mutex.id in the mutexTry non-recursive path.

Ensure consistent atomic writes (atomic.StoreInt32) to prevent data races with atomic loads in mutexHeld and mutexNotheld during concurrent execution.

See [GitLab merge request #104](https://gitlab.com/cznic/sqlite/-/merge_requests/104), thanks Josh Bleecher Snyder!

Fix resource leak in (*Backup).Commit where the destination connection was not closed on error.

Ensure dstConn is properly closed when sqlite3_backup_finish fails, preventing file descriptor, TLS, and memory leaks.

See [GitLab merge request #105](https://gitlab.com/cznic/sqlite/-/merge_requests/105), thanks Josh Bleecher Snyder!

Fix Exec to fully drain rows when encountering SQLITE_ROW, preventing silent data loss in DML statements.

Previously, Exec aborted after the first row, meaning INSERT, UPDATE, or DELETE statements with a RETURNING clause would fail to process subsequent rows. The execution path now correctly loops until SQLITE_DONE and properly respects context cancellations during the drain loop, fully aligning with native C sqlite3_exec semantics.

See [GitLab merge request #106](https://gitlab.com/cznic/sqlite/-/merge_requests/106), thanks Josh Bleecher Snyder!

Fix "Shadowed err value (stmt.go)".

See [GitLab issue #249](https://gitlab.com/cznic/sqlite/-/work_items/249), thanks Emrecan BATI!

Fix silent omission of virtual table savepoint callbacks by correctly setting the sqlite3_module version.

See [GitLab merge request #107](https://gitlab.com/cznic/sqlite/-/merge_requests/107), thanks Josh Bleecher Snyder!

Fix vfsRead to properly handle partial and fragmented reads from io.Reader.

Replace f.Read with io.ReadFull to ensure the buffer is fully populated, preventing premature SQLITE_IOERR_SHORT_READ errors on valid mid-stream partial reads. Unread tail bytes at EOF are now efficiently zero-filled using the built-in clear function.

See [GitLab merge request #108](https://gitlab.com/cznic/sqlite/-/merge_requests/108), thanks Josh Bleecher Snyder!

Refactor internal error formatting to safely handle uninitialized or closed database pointers.

Prevent a misleading "out of memory" error message when an operation fails and the underlying SQLite database handle is NULL (db == 0).

See [GitLab merge request #109](https://gitlab.com/cznic/sqlite/-/merge_requests/109), thanks Josh Bleecher Snyder!

2026-04-03 v1.48.1:

Fix memory leaks and double-free vulnerabilities in the multi-statement query execution path.

Ensure bind-parameter allocations are reliably freed via strict ownership transfer if an error occurs mid-loop or if multiple statements bind parameters.

Fix a resource leak where a subsequent statement's error could orphan a previously generated rows object without closing it, leaking the prepared statement handle.

See [GitLab merge request #96](https://gitlab.com/cznic/sqlite/-/merge_requests/96), thanks Josh Bleecher Snyder!

2026-03-27 v1.48.0:

Add _timezone DSN query parameter to apply IANA timezones (e.g., "America/New_York") to both reads and writes.

Writes will convert time.Time values to the target timezone before formatting as a string.

Reads will interpret timezone-less strings as being in the target timezone.

... (truncated)

Commits

51d1f91 CHANGELOG.md: document v1.48.1...
50a8b7f CHANGELOG.md: document v1.48.1
6050024 Merge branch 'multi-stmt-double-free' into 'master'
ef93ba8 improve memory safety of allocs in stmt.query
2a97c68 add conn.freeAllocs
19b8429 update {CHANGELOG,README}.md
78ddab8 Merge branch 'datetime-format' into 'master'
2e04523 Merge branch 'add-timezone' into 'master'
77706c1 add _time_format=datetime support
1895822 add _timezone DSN query parameter
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the backend-go-dependencies group in /backend-go with 3 updates: [github.com/rs/zerolog](https://github.com/rs/zerolog), [golang.org/x/crypto](https://github.com/golang/crypto) and [modernc.org/sqlite](https://gitlab.com/cznic/sqlite). Updates `github.com/rs/zerolog` from 1.33.0 to 1.35.0 - [Commits](rs/zerolog@v1.33.0...v1.35.0) Updates `golang.org/x/crypto` from 0.45.0 to 0.49.0 - [Commits](golang/crypto@v0.45.0...v0.49.0) Updates `modernc.org/sqlite` from 1.33.1 to 1.48.1 - [Changelog](https://gitlab.com/cznic/sqlite/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/cznic/sqlite/compare/v1.33.1...v1.48.1) --- updated-dependencies: - dependency-name: github.com/rs/zerolog dependency-version: 1.35.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: backend-go-dependencies - dependency-name: golang.org/x/crypto dependency-version: 0.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: backend-go-dependencies - dependency-name: modernc.org/sqlite dependency-version: 1.48.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: backend-go-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 7, 2026

dependabot Bot requested a review from fabriziosalmi as a code owner April 7, 2026 23:51

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 7, 2026

dependabot Bot force-pushed the dependabot/go_modules/backend-go/backend-go-dependencies-14c763b6fe branch from d86bf33 to de1decd Compare April 13, 2026 18:44

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the backend-go-dependencies group in /backend-go with 3 updates#60

chore(deps): bump the backend-go-dependencies group in /backend-go with 3 updates#60
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/backend-go/backend-go-dependencies-14c763b6fe

dependabot Bot commented on behalf of github Apr 7, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Apr 7, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Changelog

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

dependabot Bot commented on behalf of github Apr 7, 2026 •

edited

Loading