Skip to content

chore(deps): bump the all group with 3 updates#2290

Merged
andreynering merged 1 commit intomainfrom
dependabot/go_modules/all-e614506e3f
Feb 23, 2026
Merged

chore(deps): bump the all group with 3 updates#2290
andreynering merged 1 commit intomainfrom
dependabot/go_modules/all-e614506e3f

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Feb 23, 2026
edited
Loading

Bumps the all group with 3 updates: charm.land/catwalk, github.com/clipperhouse/displaywidth and github.com/pressly/goose/v3.

Updates charm.land/catwalk from 0.21.0 to 0.21.1

Release notes

Sourced from charm.land/catwalk's releases.

v0.21.1

Changelog

Fixed

  • 9fce0671019b470da870aa57318944ebb362988c: fix: set right context window for z.ai glm 5 (@​andreynering)

First, download the checksums.txt file and the checksums.txt.sigstore.json file files, for example, with wget:

wget 'https://github.com/charmbracelet/catwalk/releases/download/v0.21.1/checksums.txt'
wget 'https://github.com/charmbracelet/catwalk/releases/download/v0.21.1/checksums.txt.sigstore.json'

Then, verify it using cosign:

cosign verify-blob \
  --certificate-identity 'https://github.com/charmbracelet/meta/.github/workflows/goreleaser.yml@refs/heads/main' \
  --certificate-oidc-issuer 'https://token.actions.githubusercontent.com' \
  --bundle 'checksums.txt.sigstore.json' \
  ./checksums.txt

If the output is Verified OK, you can safely use it to verify the checksums of other artifacts you downloaded from the release using sha256sum:

sha256sum --ignore-missing -c checksums.txt

Done! You artifacts are now verified!

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Commits

Updates github.com/clipperhouse/displaywidth from 0.10.0 to 0.11.0

Changelog

Sourced from github.com/clipperhouse/displaywidth's changelog.

[0.11.0]

Compare

Added

  • New ControlSequences8Bit option to treat 8-bit ECMA-48 (C1) escape sequences as zero-width. (#22)

Changed

  • Upgraded uax29 dependency to v2.7.0 for 8-bit escape sequence support in the grapheme iterator.
  • Truncation now validates that preserved trailing escape sequences are zero-width, preventing edge cases where non-zero-width sequences could leak into output.

Note

  • ControlSequences8Bit is deliberately ignored by TruncateString and TruncateBytes, because C1 byte values (0x80–0x9F) overlap with UTF-8 multi-byte encoding.
Commits

Updates github.com/pressly/goose/v3 from 3.26.0 to 3.27.0

Release notes

Sourced from github.com/pressly/goose/v3's releases.

v3.27.0

What's Changed

Added

  • Preliminary Spanner dialect support (#966)

Changed

  • Minimum Go version is now 1.25
  • SQL migration templates no longer include StatementBegin and StatementEnd annotations. These are only needed for complex statements containing semicolons (e.g., stored procedures). See docs for details.
  • Various dependency upgrades

Other

  • Added formatting for YDB table names to include folder (#1007)
  • Fix tests for StarRocks 3.5 (#1024)
  • CI improvements (#1000, #1005, #1008)

Full Changelog: pressly/goose@v3.26.0...v3.27.0

Changelog

Sourced from github.com/pressly/goose/v3's changelog.

[v3.27.0] - 2026-02-22

Added

  • Preliminary Spanner dialect support (#966)

Changed

  • Minimum Go version is now 1.25
  • SQL migration templates no longer include StatementBegin and StatementEnd annotations. These are only needed for complex statements containing semicolons (e.g., stored procedures). See docs for details.
  • Various dependency upgrades
Commits
  • 7fb1461 release: v3.27.0
  • 0b651ba fix: downgrade go directive to 1.25.0 in internal/testing
  • aa8e825 build(deps): bump dependencies in internal/testing
  • 83743b6 chore: apply go fix modernizations and bump dependencies (#1034)
  • 5de4fb4 feat: add dockermanage package (#1029)
  • ac97ee0 build(deps): bump github.com/ydb-platform/ydb-go-sdk/v3 from 3.125.1 to 3.126...
  • 8a37350 build(deps): bump the gomod group across 1 directory with 2 updates (#1026)
  • bab893c Fix tests for StarRocks 3.5 (#1024)
  • 26e537d build(deps): bump the gomod group across 1 directory with 5 updates (#1020)
  • 7a98c89 docs: update ordering of CLI param help text
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot force-pushed the dependabot/go_modules/all-e614506e3f branch from cfd209c to ce5b3e9 Compare February 23, 2026 20:30
andreynering added a commit that referenced this pull request Feb 23, 2026
@andreynering
ci: allow MIT-0 dependencies
2b381d7 
One of our indirect dependencies switched to "MIT-0". This is even more
permissive than MIT, so totally valid for us.

* segmentio/asm#86

Check failure:

* #2290
* https://github.com/charmbracelet/crush/actions/runs/22323633569/job/64588201366?pr=2290
@andreynering andreynering mentioned this pull request Feb 23, 2026
Merged
andreynering added a commit that referenced this pull request Feb 23, 2026
@andreynering
ci: allow MIT-0 dependencies (#2297)
c65b807 
One of our indirect dependencies switched to "MIT-0". This is even more
permissive than MIT, so totally valid for us.

* segmentio/asm#86

Check failure:

* #2290
* https://github.com/charmbracelet/crush/actions/runs/22323633569/job/64588201366?pr=2290

About the license:

* https://github.com/aws/mit-0
* https://opensource.org/license/mit-0
@andreynering
Copy link
Copy Markdown
Member

andreynering commented Feb 23, 2026

@dependabot rebase

@dependabot
chore(deps): bump the all group with 3 updates
411ac3a 
Bumps the all group with 3 updates: [charm.land/catwalk](https://github.com/charmbracelet/catwalk), [github.com/clipperhouse/displaywidth](https://github.com/clipperhouse/displaywidth) and [github.com/pressly/goose/v3](https://github.com/pressly/goose).


Updates `charm.land/catwalk` from 0.21.0 to 0.21.1
- [Release notes](https://github.com/charmbracelet/catwalk/releases)
- [Commits](charmbracelet/catwalk@v0.21.0...v0.21.1)

Updates `github.com/clipperhouse/displaywidth` from 0.10.0 to 0.11.0
- [Release notes](https://github.com/clipperhouse/displaywidth/releases)
- [Changelog](https://github.com/clipperhouse/displaywidth/blob/main/CHANGELOG.md)
- [Commits](clipperhouse/displaywidth@v0.10.0...v0.11.0)

Updates `github.com/pressly/goose/v3` from 3.26.0 to 3.27.0
- [Release notes](https://github.com/pressly/goose/releases)
- [Changelog](https://github.com/pressly/goose/blob/main/CHANGELOG.md)
- [Commits](pressly/goose@v3.26.0...v3.27.0)

---
updated-dependencies:
- dependency-name: charm.land/catwalk
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: github.com/clipperhouse/displaywidth
  dependency-version: 0.11.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/pressly/goose/v3
  dependency-version: 3.27.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/all-e614506e3f branch from ce5b3e9 to 411ac3a Compare February 23, 2026 20:59
@andreynering andreynering enabled auto-merge (squash) February 23, 2026 21:02
@andreynering andreynering merged commit 57a09a1 into main Feb 23, 2026
21 checks passed
@andreynering andreynering deleted the dependabot/go_modules/all-e614506e3f branch February 23, 2026 21:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area: dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@andreynering