Bump gitlab.com/gitlab-org/api/client-go from 0.127.0 to 1.46.0

[dependabot]

Bumps gitlab.com/gitlab-org/api/client-go from 0.127.0 to 1.46.0.

Release notes

Sourced from gitlab.com/gitlab-org/api/client-go's releases.

v1.46.0

1.46.0

🚀 Features

• Update urls and add missing (!2785) by Mohamed Mongy

1.46.0 (2026-03-01)

v1.45.0

1.45.0

🚀 Features

• Add LockMembershipsToSAML support to Application Settings (!2791) by Mohamed Mongy

🔄 Other Changes

• test(integration): Use epic IID instead of ID in DeleteEpic cleanup. (!2794) by Florian Forster

1.45.0 (2026-02-27)

Bug Fixes

• test: Use epic IID instead of ID in DeleteEpic cleanup. (49dea05)

v1.44.0

1.44.0

🚀 Features

• Implement runner controller instance-level runner scope support (!2765) by Timo Furrer

🔄 Other Changes

• chore(deps): update module github.com/graph-gophers/graphql-go to v1.9.0 (!2789) by GitLab Dependency Bot

1.44.0 (2026-02-26)

v1.43.0

1.43.0

🚀 Features

... (truncated)

Changelog

Sourced from gitlab.com/gitlab-org/api/client-go's changelog.

1.46.0

🚀 Features

• Update urls and add missing (!2785) by Mohamed Mongy

1.46.0 (2026-03-01)

1.45.0

🚀 Features

• Add LockMembershipsToSAML support to Application Settings (!2791) by Mohamed Mongy

🔄 Other Changes

• test(integration): Use epic IID instead of ID in DeleteEpic cleanup. (!2794) by Florian Forster

1.45.0 (2026-02-27)

Bug Fixes

• test: Use epic IID instead of ID in DeleteEpic cleanup. (49dea05)

1.44.0

🚀 Features

• Implement runner controller instance-level runner scope support (!2765) by Timo Furrer

🔄 Other Changes

• chore(deps): update module github.com/graph-gophers/graphql-go to v1.9.0 (!2789) by GitLab Dependency Bot

1.44.0 (2026-02-26)

1.43.0

🚀 Features

• feat(pagination): Add ScanAndCollectN to collect at most n results. (!2788) by Florian Forster

... (truncated)

Commits

• da7b8a7 chore(release): 1.46.0 [skip ci]
• 072590b Merge branch 'Update_Urls_and_add-missing' into 'main'
• 8b63461 Update urls and add missing
• 0abd5ce chore(release): 1.45.0 [skip ci]
• 6f5a6da Merge branch 'issue_#2237' into 'main'
• 06094f9 Add LockMembershipsToSAML support to Application Settings
• 37ff76b Merge branch 'fforster/epic-cleanup' into 'main'
• 49dea05 fix(test): Use epic IID instead of ID in DeleteEpic cleanup.
• 1e294d4 chore(release): 1.44.0 [skip ci]
• 69b78fe Merge branch 'rc-runner-scopes' into 'main'
• Additional commits viewable in compare view

[sami-alajrami]

@dependabot rebase

[sami-alajrami]

this is a major bump and requires some code change

[mbevc1]

@dependabot rebase

[claude]

Claude finished @mbevc1's task in 1m 30s —— View job

---

PR Review: Bump gitlab.com/gitlab-org/api/client-go from 0.127.0 to 1.46.0

• Run static analysis (build, vet, mod tidy)
• Review changed files
• Post review feedback

---

Static Analysis

All checks pass:

• go build ./... — compiles cleanly
• go vet ./... — no issues
• go mod tidy — no diff (dependencies are clean)

Code Review

This is a major version bump (0.x → 1.x) of the GitLab API client library. The breaking change is that BasicMergeRequest.IID changed from int to int64, which required updating:

1. internal/gitlab/gitlab.go:132 — GetMergeRequestApprovers(mrIID, version int64) signature updated from int to int64. The version parameter (an internal flag, always 1 or 2) was also changed to int64 since it shares the parameter type declaration. This is a minor cosmetic consequence but harmless.

2. internal/gitlab/gitlab_test.go:235 — Test struct field mrIID int64 updated to match.

3. go.mod / go.sum — Clean dependency update with a few transitive bumps (antlr, cel-go, go-querystring, godbus, wincred, retryablehttp, etc.) and one removal (stoewer/go-strcase).

Observations

• The callers at lines 81, 103, and 163 of gitlab.go pass mr.IID directly from the BasicMergeRequest struct, so the type flows through correctly with no casts needed.
• The GetMergeRequestCommits call at line 163 also takes mr.IID — this also compiles fine with the new int64 type.
• No other files in the codebase reference GetMergeRequestApprovers or use the mrIID type directly, so there are no missed call sites.

Verdict

LGTM. The changes are minimal, correct, and well-scoped for this major version bump. The int → int64 migration is the only breaking change and it's been handled properly in both production code and tests.

[mbevc1]

@dependabot rebase

[mbevc1]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.