Bump github.com/golang-migrate/migrate/v4 from 4.18.3 to 4.19.0 (#2324)

dependabot[bot] · web-flow · commit 1c70624891db · 2025-09-11T14:27:49.000-07:00
Bumps [github.com/golang-migrate/migrate/v4](https://github.com/golang-migrate/migrate) from 4.18.3 to 4.19.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/golang-migrate/migrate/releases">github.com/golang-migrate/migrate/v4's releases</a>.</em></p> <blockquote> <h2>v4.19.0</h2> <h2>What's Changed</h2> <ul> <li>Fixed sqlserver not actually getting a lock if lock is already set by <a href="https://github.com/urbim"><code>@​urbim</code></a> in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1186">golang-migrate/migrate#1186</a></li> <li>Bump golang.org/x/oauth2 from 0.18.0 to 0.27.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1299">golang-migrate/migrate#1299</a></li> <li>Update apt-key to gpg by <a href="https://github.com/sandhilt"><code>@​sandhilt</code></a> in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1277">golang-migrate/migrate#1277</a></li> <li>Update dktest to v0.4.6 for docker vuln fix by <a href="https://github.com/dhui"><code>@​dhui</code></a> in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1309">golang-migrate/migrate#1309</a></li> <li>refactor: Remove go.uber.org/atomic in favor of std sync/atomic by <a href="https://github.com/romshark"><code>@​romshark</code></a> in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1303">golang-migrate/migrate#1303</a></li> <li>Ensure bufferWriter is always closed in Migration.Buffer and propagate close errors by <a href="https://github.com/ckantcs"><code>@​ckantcs</code></a> in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1308">golang-migrate/migrate#1308</a></li> <li>Add support for Go 1.25 and drop support for 1.23 by <a href="https://github.com/dhui"><code>@​dhui</code></a> in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1310">golang-migrate/migrate#1310</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/urbim"><code>@​urbim</code></a> made their first contribution in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1186">golang-migrate/migrate#1186</a></li> <li><a href="https://github.com/sandhilt"><code>@​sandhilt</code></a> made their first contribution in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1277">golang-migrate/migrate#1277</a></li> <li><a href="https://github.com/romshark"><code>@​romshark</code></a> made their first contribution in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1303">golang-migrate/migrate#1303</a></li> <li><a href="https://github.com/ckantcs"><code>@​ckantcs</code></a> made their first contribution in <a href="https://redirect.github.com/golang-migrate/migrate/pull/1308">golang-migrate/migrate#1308</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/golang-migrate/migrate/compare/v4.18.3...v4.19.0">https://github.com/golang-migrate/migrate/compare/v4.18.3...v4.19.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang-migrate/migrate/commit/8b9c5f77128ef93d65a082208a2009a3911fe6d4"><code>8b9c5f7</code></a> Merge pull request <a href="https://redirect.github.com/golang-migrate/migrate/issues/1310">#1310</a> from dhui/update_go</li> <li><a href="https://github.com/golang-migrate/migrate/commit/b4ec9bccb14cd7b0eb0510ac9d3d01d4be79324f"><code>b4ec9bc</code></a> Add support for Go 1.25 and drop support for 1.23</li> <li><a href="https://github.com/golang-migrate/migrate/commit/ed4bdd4614e991ca8fba606b38a45f6409a9deb6"><code>ed4bdd4</code></a> Ensure bufferWriter is always closed in Migration.Buffer and propagate close ...</li> <li><a href="https://github.com/golang-migrate/migrate/commit/8945e853c4c84a92bfa42572ac4cfd7874e23108"><code>8945e85</code></a> Merge pull request <a href="https://redirect.github.com/golang-migrate/migrate/issues/1303">#1303</a> from romshark/master</li> <li><a href="https://github.com/golang-migrate/migrate/commit/7108d806dd50c1510510239a161887757f240122"><code>7108d80</code></a> Merge pull request <a href="https://redirect.github.com/golang-migrate/migrate/issues/1309">#1309</a> from dhui/dktest_v0.4.6</li> <li><a href="https://github.com/golang-migrate/migrate/commit/682016f04c2c0f8faa1d122fd22a62563876f71d"><code>682016f</code></a> Merge pull request <a href="https://redirect.github.com/golang-migrate/migrate/issues/1277">#1277</a> from sandhilt/doc/change-apt-key-to-gpg</li> <li><a href="https://github.com/golang-migrate/migrate/commit/f3e6b5a737de1b7c79aaf81168395d6f2eb1fbb0"><code>f3e6b5a</code></a> Replace usage of deprecated docker types</li> <li><a href="https://github.com/golang-migrate/migrate/commit/0a17402aa2359c8c5cd5a68a0e08a41c4460337f"><code>0a17402</code></a> Update dktest to v0.4.6 for docker vuln fix</li> <li><a href="https://github.com/golang-migrate/migrate/commit/5eee0c8030ca227bfd27a425988f9c7c4948e90a"><code>5eee0c8</code></a> Merge pull request <a href="https://redirect.github.com/golang-migrate/migrate/issues/1299">#1299</a> from golang-migrate/dependabot/go_modules/golang.org...</li> <li><a href="https://github.com/golang-migrate/migrate/commit/642a24d61bb0a870a15020adceeee3e85d5151c3"><code>642a24d</code></a> Bump golang.org/x/oauth2 from 0.18.0 to 0.27.0</li> <li>Additional commits viewable in <a href="https://github.com/golang-migrate/migrate/compare/v4.18.3...v4.19.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/golang-migrate/migrate/v4&package-manager=go_modules&previous-version=4.18.3&new-version=4.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/go.mod b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/emirpasic/gods v1.18.1
 	github.com/fsnotify/fsnotify v1.9.0
 	github.com/golang-jwt/jwt/v5 v5.3.0
-	github.com/golang-migrate/migrate/v4 v4.18.3
+	github.com/golang-migrate/migrate/v4 v4.19.0
 	github.com/google/generative-ai-go v0.20.1
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/handlers v1.5.2
@@ -90,10 +90,9 @@ require (
 	go.opentelemetry.io/auto/sdk v1.1.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
-	go.opentelemetry.io/otel v1.36.0 // indirect
-	go.opentelemetry.io/otel/metric v1.36.0 // indirect
-	go.opentelemetry.io/otel/trace v1.36.0 // indirect
-	go.uber.org/atomic v1.7.0 // indirect
+	go.opentelemetry.io/otel v1.37.0 // indirect
+	go.opentelemetry.io/otel/metric v1.37.0 // indirect
+	go.opentelemetry.io/otel/trace v1.37.0 // indirect
 	golang.org/x/net v0.43.0 // indirect
 	golang.org/x/oauth2 v0.30.0 // indirect
 	golang.org/x/text v0.28.0 // indirect
diff --git a/go.sum b/go.sum
@@ -79,8 +79,8 @@ github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpv
 github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
-github.com/golang-migrate/migrate/v4 v4.18.3 h1:EYGkoOsvgHHfm5U/naS1RP/6PL/Xv3S4B/swMiAmDLs=
-github.com/golang-migrate/migrate/v4 v4.18.3/go.mod h1:99BKpIi6ruaaXRM1A77eqZ+FWPQ3cfRa+ZVy5bmWMaY=
+github.com/golang-migrate/migrate/v4 v4.19.0 h1:RcjOnCGz3Or6HQYEJ/EEVLfWnmw9KnoigPSjzhCuaSE=
+github.com/golang-migrate/migrate/v4 v4.19.0/go.mod h1:9dyEcu+hO+G9hPSw8AIg50yg622pXJsoHItQnDGZkI0=
 github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
 github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
 github.com/google/generative-ai-go v0.20.1 h1:6dEIujpgN2V0PgLhr6c/M1ynRdc7ARtiIDPFzj45uNQ=
@@ -161,7 +161,6 @@ github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4
 github.com/spf13/pflag v1.0.9 h1:9exaQaMOCwffKiiiYk6/BndUBv+iRViNW+4lEMi0PvY=
 github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
@@ -188,18 +187,16 @@ go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.6
 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.61.0/go.mod h1:snMWehoOh2wsEwnvvwtDyFCxVeDAODenXHtn5vzrKjo=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus=
 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
-go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg=
-go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E=
-go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE=
-go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs=
+go.opentelemetry.io/otel v1.37.0 h1:9zhNfelUvx0KBfu/gb+ZgeAfAgtWrfHJZcAqFC228wQ=
+go.opentelemetry.io/otel v1.37.0/go.mod h1:ehE/umFRLnuLa/vSccNq9oS1ErUlkkK71gMcN34UG8I=
+go.opentelemetry.io/otel/metric v1.37.0 h1:mvwbQS5m0tbmqML4NqK+e3aDiO02vsf/WgbsdpcPoZE=
+go.opentelemetry.io/otel/metric v1.37.0/go.mod h1:04wGrZurHYKOc+RKeye86GwKiTb9FKm1WHtO+4EVr2E=
 go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs=
 go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY=
 go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis=
 go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4=
-go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w=
-go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA=
-go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
-go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
+go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
+go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
 golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
 golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
 golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
