Skip to content

build(deps): bump the tools group across 1 directory with 10 updates#6480

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/tools/tools-7f45b32ca6
Open

build(deps): bump the tools group across 1 directory with 10 updates#6480
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/tools/tools-7f45b32ca6

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026

Bumps the tools group with 9 updates in the /tools directory:

Package From To
github.com/bufbuild/buf 1.66.1 1.70.0
github.com/golangci/golangci-lint/v2 2.12.1 2.12.2
github.com/grpc-ecosystem/grpc-gateway/v2 2.28.0 2.29.0
github.com/mikefarah/yq/v4 4.52.4 4.53.2
github.com/oapi-codegen/oapi-codegen/v2 2.6.0 2.7.0
github.com/openfga/cli 0.7.12 0.7.15
github.com/sqlc-dev/sqlc 1.30.0 1.31.1
google.golang.org/grpc/cmd/protoc-gen-go-grpc 1.6.1 1.6.2
mvdan.cc/gofumpt 0.9.2 0.10.0

Updates github.com/bufbuild/buf from 1.66.1 to 1.70.0

Release notes

Sourced from github.com/bufbuild/buf's releases.

v1.70.0

  • Add LSP completion for buf.gen.yaml, buf.yaml, and buf.policy.yaml files.
  • Fix LSP textDocument/documentSymbol marking every symbol as deprecated.
  • Add error for when a dependency is added to buf.yaml and is missing from buf.lock.
  • Update the PROTOVALIDATE lint rule support checking NaN in const, in, not_in, gt, gte, lt and lte rules for float and double fields.
  • Update the PROTOVALIDATE lint rule support to check (buf.validate.message).oneof rules and make sure they are well-formed and valid.

v1.69.0

  • Increase check plugin WASM memory limits to 1GiB.
  • Fix LSP stale diagnostics persisting after a file is closed or deleted.
  • Fix handling of unprefixed newlines in block comments.
  • Add LSP code lenses for buf.gen.yaml files: "Run buf generate" and "Check for plugin updates".
  • Add LSP warnings for lint.ignore and breaking.ignore paths in buf.yaml that do not match any file in the workspace.

v1.68.4

  • Fix duplicated extension tags across imports from compiler.

v1.68.3

  • Fix buf format error handling for edition 2024.

v1.68.2

  • Fix build failures for modules with a vendored descriptor.proto.
  • Fix LSP incorrectly reporting "edition '2024' not yet fully supported" errors.
  • Fix CEL compilation error messages in buf lint to use the structured error API instead of parsing cel-go's text output.
  • Add --debug-address flag to buf lsp serve to provide debug and profile support.

v1.68.1

  • Revert the use of the new compiler report format and properly ungate Editions 2024 features.
  • Fix absolute imports (leading-dot) marked unused in diagnostics.

v1.68.0

This release ports buf to our new Protobuf compiler, already used to power the Buf LSP. It uses a query-driven frontend and a new AST and intermediate representation, designed from the ground up to bring several improvements:

  • Better diagnostics. The new compiler produces rich, structured diagnostic reports with precise source locations. It also catches issues that protoc misses, such as duplicate repeated modifiers.
  • Editions 2024 support. Full support for Protobuf Editions 2024.
  • Faster and more memory efficient. Designed for large workspaces, the new compiler uses less memory and compiles faster than the previous implementation.

This is a seamless upgrade for buf users: no changes are required, the output has been automatically updated to a new, richer diagnostics report.

  • Use new compiler for build process and support Editions 2024 features.
  • Add LSP document links for buf.yaml deps, buf.gen.yaml remote plugins and input modules, buf.policy.yaml name and BSR plugins, and buf.lock dep names, making each a clickable link to its BSR page.
  • Add LSP code lenses for buf.yaml files to update all dependencies (buf.dep.updateAll) or check for available updates (buf.dep.checkUpdates).
  • Improve shell completions for buf flags with fixed value sets and file/directory arguments.
  • Add buf curl URL path shell completions (service and method names) via server reflection, --schema, or the local buf module.
  • Add support for Edition 2024 syntax to buf format.
  • Fix buf generate --clean deleting files from nested plugin output directories.

... (truncated)

Changelog

Sourced from github.com/bufbuild/buf's changelog.

[v1.70.0] - 2026-05-25

  • Add LSP completion for buf.gen.yaml, buf.yaml, and buf.policy.yaml files.
  • Fix LSP textDocument/documentSymbol marking every symbol as deprecated.
  • Add error for when a dependency is added to buf.yaml and is missing from buf.lock.
  • Update the PROTOVALIDATE lint rule support checking NaN in const, in, not_in, gt, gte, lt and lte rules for float and double fields.
  • Update the PROTOVALIDATE lint rule support to check (buf.validate.message).oneof rules and make sure they are well-formed and valid.

[v1.69.0] - 2026-04-29

  • Increase check plugin WASM memory limits to 1GiB.
  • Fix LSP stale diagnostics persisting after a file is closed or deleted.
  • Fix handling of unprefixed newlines in block comments.
  • Add LSP code lenses for buf.gen.yaml files: "Run buf generate" and "Check for plugin updates".
  • Add LSP warnings for lint.ignore and breaking.ignore paths in buf.yaml that do not match any file in the workspace.

[v1.68.4] - 2026-04-22

  • Fix duplicated extension tags across imports from compiler.

[v1.68.3] - 2026-04-20

  • Fix buf format error handling for edition 2024.

[v1.68.2] - 2026-04-17

  • Fix build failures for modules with a vendored descriptor.proto.
  • Fix LSP incorrectly reporting "edition '2024' not yet fully supported" errors.
  • Fix CEL compilation error messages in buf lint to use the structured error API instead of parsing cel-go's text output.
  • Add --debug-address flag to buf lsp serve to provide debug and profile support.

[v1.68.1] - 2026-04-14

  • Revert the use of the new compiler report format and properly ungate Editions 2024 features.
  • Fix absolute imports (leading-dot) marked unused in diagnostics.

[v1.68.0] - 2026-04-14

  • Use new compiler for build process and support Editions 2024 features.
  • Add LSP document links for buf.yaml deps, buf.gen.yaml remote plugins and input modules, buf.policy.yaml name and BSR plugins, and buf.lock dep names, making each a clickable link to its BSR page.
  • Add LSP code lenses for buf.yaml files to update all dependencies (buf.dep.updateAll) or check for available updates (buf.dep.checkUpdates).
  • Improve shell completions for buf flags with fixed value sets and file/directory arguments.
  • Add buf curl URL path shell completions (service and method names) via server reflection, --schema, or the local buf module.
  • Add support for Edition 2024 syntax to buf format.
  • Fix buf generate --clean deleting files from nested plugin output directories.

[v1.67.0] - 2026-04-01

... (truncated)

Commits

Updates github.com/golangci/golangci-lint/v2 from 2.12.1 to 2.12.2

Release notes

Sourced from github.com/golangci/golangci-lint/v2's releases.

v2.12.2

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • 0b01827ae79a0cb92002b4b39867d133cef4c05c build(deps): bump github.com/onsi/ginkgo/v2 from 2.28.1 to 2.28.2 in /pkg/golinters/ginkgolinter/testdata in the linter-testdata group across 1 directory (#6559)
  • 1a0697fc84d7f1376c8d8b1ebe20d9331c3d221f build(deps): bump github.com/pelletier/go-toml/v2 from 2.3.0 to 2.3.1 (#6548)
  • f11cfe0f968601fb4cf40c704ca18e97b49282dd build(deps): bump github.com/ryancurrah/gomodguard/v2 from 2.1.0 to 2.1.3 (#6549)
  • fb2c2411a7e6b05778c097c971e4017d2a6ef5c9 build(deps): bump github.com/shirou/gopsutil/v4 from 4.26.3 to 4.26.4 (#6547)
  • 9a10710cd9d198dbda7ebdf39f7be4c659bc20c9 build(deps): bump github.com/uudashr/iface from 1.4.1 to 1.4.2 (#6557)
  • 81e8f81bbb341152bb21dc516981cb4c30712088 gomodguard: fix blocked configuration (#6561)
Changelog

Sourced from github.com/golangci/golangci-lint/v2's changelog.

v2.12.2

Released on 2026-05-06

  1. Linters bug fixes
    • gomodguard_v2: fix blocked configuration
    • gomodguard_v2: from 2.1.0 to 2.1.3
    • iface: from 1.4.1 to 1.4.2
Commits

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.28.0 to 2.29.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.29.0

What's Changed

New Contributors

Full Changelog: grpc-ecosystem/grpc-gateway@v2.28.0...v2.29.0

Commits
  • ba9b55c chore(deps): update dependency rules_shell to v0.8.0 (#6626)
  • 284a82e chore(deps): update googleapis digest to bcfcbda (#6625)
  • f74bc7f chore(deps): update google/oss-fuzz digest to d58fd64 (#6624)
  • efb665d Add edition 2024 support (#6622)
  • c58da15 chore(deps): update google/oss-fuzz digest to 32b8df7 (#6621)
  • 42997a1 Deprecate fields and methods if file is deprecated (#6613)
  • 6f4af8b chore(deps): update googleapis digest to bf85cad (#6620)
  • 68fde5f chore(deps): update google/oss-fuzz digest to 7b814a1 (#6619)
  • 6da2a46 chore(deps): update googleapis digest to 898f25c (#6617)
  • c9c7ad4 chore(deps): update googleapis digest to fc96870 (#6616)
  • Additional commits viewable in compare view

Updates github.com/mikefarah/yq/v4 from 4.52.4 to 4.53.2

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.53.2

  • Releases and tags now signed and immutable!
  • Add system(command; args) operator (disabled by default) (#2640)
  • TOML encoder: prefer readable table sections over inline tables (#2649)
  • Fix TOML encoder to quote keys containing special characters (#2648)
  • Add string slicing support (#2639)
  • Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
  • Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
  • Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
  • Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
  • Bumped dependencies

v4.52.5

Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.53.2:

  • Fixing release process

4.53.1:

  • Releases and tags now signed and immutable!
  • Add system(command; args) operator (disabled by default) (#2640)
  • TOML encoder: prefer readable table sections over inline tables (#2649)
  • Fix TOML encoder to quote keys containing special characters (#2648)
  • Add string slicing support (#2639)
  • Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
  • Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
  • Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
  • Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
  • Bumped dependencies

4.52.5:

Commits
  • 751d8ad Bumping version
  • 6dd681a Fixing release signing
  • fc7c337 Updating bump version script
  • e969dd7 Bumping version
  • dc4b4ea Preparing release notes
  • 602586d Create scorecard.yml
  • 9a0335a fix: restrict GitHub Actions workflow token permissions (OSSF least-privilege...
  • 838c516 Trying to test release
  • c8f6c1a Updating release to sign checksums
  • 0e80383 chore: pin GitHub Actions and Docker base images to full-length hashes (OSSF ...
  • Additional commits viewable in compare view

Updates github.com/oapi-codegen/oapi-codegen/v2 from 2.6.0 to 2.7.0

Release notes

Sourced from github.com/oapi-codegen/oapi-codegen/v2's releases.

v2.7.0: Squashing bugs, many bugs (and adding some features)

Many improvements and even more bug fixes

This v2.7.0 release of oapi-codegen contains quite a bit of internal refactoring, focused on our most historically fragile code paths, which relate to the aggregate types (allOf/anyOf/oneOf), $ref to external specs, enums, and the spec traversal logic missing quite a few leaf nodes where models should have been generated, but were skipped.

The biggest changes are explicitly described in the sections below, and the full list of commits is at the bottom.

Thank you to all contributors, we've been going through all past PR's and updating them and merging where we can, and thanks to all our users for reporting issues that you hit.

I've (@​mromaszewicz) used a lot of LLM help here to scrub through old issues and do some deep internal refactoring to address common problem areas. I intend to continue doing this, since the conditional generation logic is getting quite complicated. When I originally released oapi-codegen, the use case was much simpler, all the models were under #/components/schemas, and all the references to them were in the requests, responses, etc. I never imagine how many things would be external references or unions, and how many complex OpenAPI specifications people would be generating code for. The initial design was never flexible enough to handle that, so ongoing bug fixes are getting increasingly complex due to edge cases. This version has a lot of internal changes you won't see as a user, but the way we handle type generation internally is unifying lots of copy/paste re-implementations into reusable code for consistency. Most of these changes can be done transparently, but some can't, so, onto the changes:

Code generation changes which might require some changes on your end

This release contains three changes, all very narrow in scope, which will require some manual adjustment of your own code. We've decided that these are small enough and uncommon enough not to require opt-in, which causes internal complexity. It's always a judgment call with these. If we got it wrong, we're happy to revisit it in a maintenance release.

Strict-server external response refs require strict-server generation in both packages (#2357)

If your strict-server spec uses an external $ref to a components/responses/... defined in another spec, that other spec must also be generated with strict-server: true. Add it to the source spec's config and regenerate:

# config for the spec being $ref'd
generate:
  models: true
  strict-server: true   # now required when imported by a strict-server spec

This restores the v2.0.0 behavior that lets you cast response models across package boundaries — the standard pattern for sharing error models (e.g. a common 400) across services. PR #1387 had silently changed the embedded type from N400JSONResponse to the bare externalRef0.N400, so the local and external response structs no longer had matching types and casts stopped compiling.

Many more anonymous inner schemas are now hoisted into top level schemas

Inline oneOf, anyOf, and additionalProperties schemas embedded directly under an operation's request or response body now flow through the same boilerplate-emission pipeline as components/schemas, so they get the As* / From* / Merge* accessor methods they were previously missing. As part of that change, two older naming patterns are replaced with one pattern, shared with all components:

GetPets_200_Data_Item             →  GetPets200JSONResponseBody_Data_Item
GetPets200JSONResponse_Data_Item  →  GetPets200JSONResponseBody_Data_Item

In practice, we think this shouldn't break anyone, because this change addresses a bug which produced pointless types with no benefit, and you never interact with these directly, but rather you'd call an accessor on a field of a model.

Strict middleware typedefs are now inlined (#2271)

StrictHandlerFunc and StrictMiddlewareFunc in generated strict-server code are now inline type definitions instead of aliases to github.com/oapi-codegen/runtime/strictmiddleware/<framework>. Generated servers no longer import that package.

... (truncated)

Commits
  • b363ca5 refactor(codegen): better Swagger compression, modern naming (#1909)
  • 08b3018 Route server enums through general enums codegen (#2358)
  • fbc8e0d revert external-ref carve-out in strict-server response embedding (#2010) (#2...
  • 7517e09 respect output file path on gofmt failure (#2356)
  • 9643421 fix example codegen (#2354)
  • 036a54b per-operation middleware in Echo (#2353)
  • 3338f93 Strict server: gate no-content response headers on nullable/optional (#2351)
  • 218effe Synchronize strict servers (#2350)
  • 81b9d95 Overhaul anonymous schema hoisting (#2348)
  • eff4a2b fix: allow x-go-type and x-go-type-skip-optional-pointer for allOf (#1610)
  • Additional commits viewable in compare view

Updates github.com/openfga/cli from 0.7.12 to 0.7.15

Release notes

Sourced from github.com/openfga/cli's releases.

v0.7.15

0.7.15 (2026-05-20)

Changed

  • Update bundled OpenFGA to v1.16.0

Fixed

[!NOTE] v0.7.14 had issues in the release process so the changelog has been merged into v0.7.15

v0.7.14

No release notes provided.

v0.7.13

0.7.13 (2026-04-27)

Added

Changed

  • Update bundled OpenFGA to v1.15.0

What's Changed

New Contributors

Full Changelog: openfga/cli@v0.7.12...v0.7.13

Changelog

Sourced from github.com/openfga/cli's changelog.

0.7.15 (2026-05-20)

Changed

  • Update bundled OpenFGA to v1.16.0

Fixed

[!NOTE] v0.7.14 had issues in the release process so the changelog has been merged into v0.7.15

0.7.13 (2026-04-27)

Added

Changed

  • Update bundled OpenFGA to v1.15.0
Commits
  • eb218c3 release: v0.7.15 (#697)
  • e2572e9 chore(deps): bump deps & bump openfga to v1.16.0 (#696)
  • c88d2c1 chore(ci): fixing release pipeline (#695)
  • eaaa1d8 release: v0.7.14-beta.1 (#694)
  • 0adb7aa chore(ci): fix SLSA upload to tag name, goreleaser use existing draft (#693)
  • a2b7eec release: v0.7.14 (#692)
  • 55d6563 chore(ci): add draft releases workflow and bump go-sdk (#691)
  • 1dd758a chore(deps): bump github.com/openfga/openfga (#689)
  • 50ab712 chore(deps): bump sigstore/cosign-installer in the dependencies group (#690)
  • 1aa8e96 chore(deps): bump goreleaser/goreleaser-action in the dependencies group (#688)
  • Additional commits viewable in compare view

Updates github.com/sqlc-dev/sqlc from 1.30.0 to 1.31.1

Release notes

Sourced from github.com/sqlc-dev/sqlc's releases.

v1.31.1

Bug Fixes

  • Remove go.mod replace directive that breaks go install ...@latest (#4401)
  • Downgrade github.com/ncruces/go-sqlite3 to v0.32.0 (#4400)

Build

  • (deps) Bump github.com/jackc/pgx/v5 (#4398)

v1.31.0

Bug Fixes

  • Strip psql meta-commands from schema files (#4390)
  • Emit pointers for nullable enum columns when emit_pointers_for_null_types is set (#4388)
  • Map xid8 to pgtype.Uint64 for pgx/v5 (#4387)
  • Rename :one return variable when it conflicts with a parameter (#4383)
  • Coerce SQLite JSONB output regardless of type casing (#4385)
  • Dedupe sqlc.arg parameters wrapped in a type cast for MySQL (#4384)
  • Preserve MySQL optimizer hints in generated query text (#4382)
  • Catch invalid ON CONFLICT DO UPDATE column references (#4366)
  • Replace manual loop with copy() builtin (#4166)
  • (native) Make MySQL connection check immediate on first attempt (#4254)

Documentation

  • Add link to community python plugin (#4157)
  • Add Claude Code remote environment setup instructions (#4246)
  • Add sqlc-gen-sqlx to community language support (#4371)
  • Add GitHub Topic to the plugins page (#4258)

Features

  • (sqlfile) Add sqlfile.Split (#4146)
  • (sqlite) Add database analyzer using ncruces/go-sqlite3 (#4199)
  • (ast) Implement comprehensive SQL AST formatting (#4205)
  • (mysql) Improve AST formatting and add DELETE JOIN support (#4206)
  • (sqlite) Add SQLite support to format tests (#4207)
  • (expander) Add star expander for SELECT * and RETURNING * (PostgreSQL, MySQL, SQLite) (#4203)
  • Add SQLCEXPERIMENT environment variable for experimental features (#4228)
  • Add native database support for e2e tests without Docker (#4236)
  • (postgresql) Add analyzerv2 experiment for database-only analysis (#4237)
  • Graduate parsecmd experiment (#4253)
  • Add parse subcommand with AST JSON output (#4240)
  • Add ClickHouse support to sqlc parse (#4267)
  • Add sqlc-test-setup command for database test environment setup (#4304)

Refactor

  • (ast) Rename Formatter interface to Dialect (#4208)

... (truncated)

Commits

Updates golang.org/x/tools from 0.44.0 to 0.45.0

Commits
  • 2aabba0 go.mod: update golang.org/x dependencies
  • ef989b3 go/types/internal/play: show Info.Instances[Ident]
  • 21d44f2 go/analysis/passes/inline: document skipping of TestF->F calls
  • ec83c21 go/analysis/passes/modernize: minmax: only remove exact userdefined
  • 5625353 go/analysis/passes/modernize: improve value variable name generation
  • 15a3bd5 gopls/internal/analysis/errorsastype: imporove example clarity
  • cd57ef8 go/packages: include dependency errors when CompiledGoFiles is missing
  • 053fdbc go/analysis/passes/modernize: minmax: fix pure operands only
  • bf84681 go/analysis/passes/errorsas: add example of invalid errors.As use
  • 23921d1 gopls: add errorsastype analyzer
  • Additional commits viewable in compare view

Updates google.golang.org/grpc/cmd/protoc-gen-go-grpc from 1.6.1 to 1.6.2

Release notes

Sourced from google.golang.org/grpc/cmd/protoc-gen-go-grpc's releases.

protoc-gen-go-grpc v1.6.2

Dependencies

  • Upgrade dependencies to latest.
Commits
  • 1c63fa5 grpc: remove support for env var GRPC_GO_EXPERIMENTAL_DISABLE_STRICT_PATH_CHE...
  • 959af53 transport: set current timestamp in channelz socket metrics (#9109)
  • 94b9449 xds/rbac: enforce strict presence-based short-circuit in authenticatedMatcher...
  • 89fe783 grpc: Document interactions between static flow control window options (#9096)
  • 3d0dd1e cmd/protoc-gen-go-grpc: Update to latest version of grpc-go (#9110)
  • 811290b stats/opentelemetry: restore the changes from #8342 and fix the flaky test. (...
  • 679ae4c stats: use correct import for services (#9107)
  • 850cc54 grpc: Remove ErrRetriesExhausted type in favor of error string (#9105)
  • 3d82ab3 otel: Segregate client and server RPCInfo used for metrics and traces (#9081)
  • a481b8f cleanup: removing TODO to improve timeouts encoding. (#9101)
  • Additional commits viewable in compare view

Updates mvdan.cc/gofumpt from 0.9.2 to 0.10.0

Release notes

Sourced from mvdan.cc/gofumpt's releases.

v0.10.0

This release is based on Go 1.26's gofmt, and requires Go 1.25 or later.

A new rule is introduced to drop unnecessary parentheses around expressions where the inner expression is unambiguous on its own, such as f((3)). Parentheses are kept where they are useful, such as on binary expressions. See #44.

A new rule is introduced to require multi-line function calls to match the opening and closing parenthesis in terms of the use of newlines. See #74.

The -extra flag now accepts a comma-separated list of rule names to enable individual extra rules, rather than enabling all of them at once. See #339.

The following changes are included as well:

  • Avoid crashing on go.mod files without a module directive - #350
  • Avoid failing when an ignored directory cannot be read - #351
  • Avoid prefixing more kinds of commented-out Go code with spaces - #230
  • Avoid prefixing a shebang comment with a space - #237
  • Narrow the newlines on assignments rule to ignore complex cases - #354
  • Fix three bugs which caused a second gofumpt run to make changes - #132, #345

Binaries built on go version go1.26.2 linux/amd64 with:

CGO_ENABLED=0 go build -trimpath -ldflags="-w -s"

Consider becoming a sponsor if you benefit from the work that went into this release! New tiers with rewards are available as well.

Changelog

Sourced from mvdan.cc/gofumpt's changelog.

[v0.10.0] - 2026-05-04

This release is based on Go 1.26's gofmt, and requires Go 1.25 or later.

A new rule is introduced to drop unnecessary parentheses around expressions where the inner expression is unambiguous on its own, such as f((3)). Parentheses are kept where they are useful, such as on binary expressions. See #44.

A new rule is introduced to require multi-line function calls to match the opening and closing parenthesis in terms of the use of newlines. See #74.

The -extra flag now accepts a comma-separated list of rule names to enable individual extra rules, rather than enabling all of them at once. See #339.

The following changes are included as well:

  • Avoid crashing on go.mod files without a module directive - #350
  • Avoid failing when an ignored directory cannot be read - #351
  • Avoid prefixing more kinds of commented-out Go code with spaces - #230
  • Avoid prefixing a shebang comment with a space - #237
  • Narrow the newlines on assignments rule to ignore complex cases - #354
  • Fix three bugs which caused a second gofumpt run to make changes - #132, #345

[v0.9.1] - 2025-09-07

This is a bugfix release to address a regression in detecting comment directives with special characters such as //golangcitest:config_path<...

Description has been truncated

@dependabot
build(deps): bump the tools group across 1 directory with 10 updates
c5367dd 
Bumps the tools group with 9 updates in the /tools directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/bufbuild/buf](https://github.com/bufbuild/buf) | `1.66.1` | `1.70.0` |
| [github.com/golangci/golangci-lint/v2](https://github.com/golangci/golangci-lint) | `2.12.1` | `2.12.2` |
| [github.com/grpc-ecosystem/grpc-gateway/v2](https://github.com/grpc-ecosystem/grpc-gateway) | `2.28.0` | `2.29.0` |
| [github.com/mikefarah/yq/v4](https://github.com/mikefarah/yq) | `4.52.4` | `4.53.2` |
| [github.com/oapi-codegen/oapi-codegen/v2](https://github.com/oapi-codegen/oapi-codegen) | `2.6.0` | `2.7.0` |
| [github.com/openfga/cli](https://github.com/openfga/cli) | `0.7.12` | `0.7.15` |
| [github.com/sqlc-dev/sqlc](https://github.com/sqlc-dev/sqlc) | `1.30.0` | `1.31.1` |
| [google.golang.org/grpc/cmd/protoc-gen-go-grpc](https://github.com/grpc/grpc-go) | `1.6.1` | `1.6.2` |
| [mvdan.cc/gofumpt](https://github.com/mvdan/gofumpt) | `0.9.2` | `0.10.0` |



Updates `github.com/bufbuild/buf` from 1.66.1 to 1.70.0
- [Release notes](https://github.com/bufbuild/buf/releases)
- [Changelog](https://github.com/bufbuild/buf/blob/main/CHANGELOG.md)
- [Commits](bufbuild/buf@v1.66.1...v1.70.0)

Updates `github.com/golangci/golangci-lint/v2` from 2.12.1 to 2.12.2
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/main/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v2.12.1...v2.12.2)

Updates `github.com/grpc-ecosystem/grpc-gateway/v2` from 2.28.0 to 2.29.0
- [Release notes](https://github.com/grpc-ecosystem/grpc-gateway/releases)
- [Commits](grpc-ecosystem/grpc-gateway@v2.28.0...v2.29.0)

Updates `github.com/mikefarah/yq/v4` from 4.52.4 to 4.53.2
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@v4.52.4...v4.53.2)

Updates `github.com/oapi-codegen/oapi-codegen/v2` from 2.6.0 to 2.7.0
- [Release notes](https://github.com/oapi-codegen/oapi-codegen/releases)
- [Commits](oapi-codegen/oapi-codegen@v2.6.0...v2.7.0)

Updates `github.com/openfga/cli` from 0.7.12 to 0.7.15
- [Release notes](https://github.com/openfga/cli/releases)
- [Changelog](https://github.com/openfga/cli/blob/main/CHANGELOG.md)
- [Commits](openfga/cli@v0.7.12...v0.7.15)

Updates `github.com/sqlc-dev/sqlc` from 1.30.0 to 1.31.1
- [Release notes](https://github.com/sqlc-dev/sqlc/releases)
- [Commits](sqlc-dev/sqlc@v1.30.0...v1.31.1)

Updates `golang.org/x/tools` from 0.44.0 to 0.45.0
- [Release notes](https://github.com/golang/tools/releases)
- [Commits](golang/tools@v0.44.0...v0.45.0)

Updates `google.golang.org/grpc/cmd/protoc-gen-go-grpc` from 1.6.1 to 1.6.2
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@cmd/protoc-gen-go-grpc/v1.6.1...cmd/protoc-gen-go-grpc/v1.6.2)

Updates `mvdan.cc/gofumpt` from 0.9.2 to 0.10.0
- [Release notes](https://github.com/mvdan/gofumpt/releases)
- [Changelog](https://github.com/mvdan/gofumpt/blob/master/CHANGELOG.md)
- [Commits](mvdan/gofumpt@v0.9.2...v0.10.0)

---
updated-dependencies:
- dependency-name: github.com/bufbuild/buf
  dependency-version: 1.70.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: github.com/golangci/golangci-lint/v2
  dependency-version: 2.12.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tools
- dependency-name: github.com/grpc-ecosystem/grpc-gateway/v2
  dependency-version: 2.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: github.com/mikefarah/yq/v4
  dependency-version: 4.53.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: github.com/oapi-codegen/oapi-codegen/v2
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: github.com/openfga/cli
  dependency-version: 0.7.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tools
- dependency-name: github.com/sqlc-dev/sqlc
  dependency-version: 1.31.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: golang.org/x/tools
  dependency-version: 0.45.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
- dependency-name: google.golang.org/grpc/cmd/protoc-gen-go-grpc
  dependency-version: 1.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tools
- dependency-name: mvdan.cc/gofumpt
  dependency-version: 0.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tools
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 1, 2026 20:57
@coveralls
Copy link
Copy Markdown

coveralls commented Jun 1, 2026

Coverage Status

coverage: 60.446% (-0.003%) from 60.449% — dependabot/go_modules/tools/tools-7f45b32ca6 into main

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@coveralls