Sourced from github.com/jackc/pgx/v4's changelog.

4.16.1 (May 7, 2022)

• Upgrade pgconn to v1.12.1
• Fix explicitly prepared statements with describe statement cache mode

• 8b9b405 Release v4.16.1
• 644bd73 Upgrade to pgconn v1.12.1
• 7ceeea6 Fix explicitly prepared statements with describe statement cache mode
• c6335a3 Add link to github.com/vgarvardt/pgx-google-uuid
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b5ce165 fixing panic in calls to assertion with nil m.mutex (#1212)
• c206b2e Mock can be deadlocked by a panic (#1157)
• 1b73601 suite: correctly set stats on test panic (#1195)
• ba1076d Add .Unset method to mock (#982)
• c31ea03 Support comparing byte slice (#1202)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 48391ba Fix panic in AssertExpectations for mocks without expectations (#1207)
• 840cb80 arrays value types in a zero-initialized state are considered empty (#1126)
• 07dc7ee Bump actions/setup-go from 3.1.0 to 3.2.0 (#1191)
• c33fc8d Bump actions/checkout from 2 to 3 (#1163)
• 3c33e07 Added Go 1.18.1 as a build/supported version (#1182)
• e2b56b3 Bump github.com/stretchr/objx from 0.1.0 to 0.4.0
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/docker/docker's releases.

v20.10.17

This release of Docker Engine comes with updated versions of the compose, containerd, and runc components, as well as some minor bug fixes.

Client

• Remove asterisk from docker commands in zsh completion script docker/cli#3648.

Networking

• Fix Windows port conflict with published ports in host mode for overlay moby/moby#43644.
• Ensure performance tuning is always applied to libnetwork sandboxes moby/moby#43683.

Packaging

• Update Docker Compose to v2.6.0.
• Update containerd (containerd.io package) to v1.6.6, which contains a fix for CVE-2022-31030
• Update runc version to v1.1.2, which contains a fix for CVE-2022-29162.
• Updated Go runtime to 1.17.11, which contains fixes for CVE-2022-30634, CVE-2022-30629, CVE-2022-30580 and CVE-2022-29804

• a89b842 Merge pull request #43701 from thaJeztah/20.10_backport_update_containerd_1.6.6
• 6f3f2b6 update containerd binary to v1.6.6
• 3fba092 Merge pull request #43692 from thaJeztah/20.0_backport_bump_containerd_binary...
• 678cc00 Merge pull request #43589 from thaJeztah/20.10_backport_bump_runc
• b3bcb15 update containerd binary to v1.6.5
• 59d0ff3 Merge pull request #43686 from dfr/backport-freebsd-mknod
• 434eecd Merge pull request #43683 from neersighted/update-libnetwork
• f55b030 system: unbreak build for darwin
• 63ab12c Port pkg/system/mknod.go to FreeBSD
• 081e538 vendor: libnetwork f6ccccb1c082a432c2a5814aaedaca56af33d9ea
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 41453c0 Update gopkg.in/yaml.v3
• 285adcc Update go versions in build matrix
• 6e7fab4 Bump actions/setup-go from 2 to 3.1.0
• 106ec21 use RWMutex
• a409ccf fix data race in the suit
• 3586478 assert: fix typo
• 7797738 Update versions supported to include go 1.16
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/docker/docker's releases.

v20.10.16

This release of Docker Engine fixes a regression in the Docker CLI builds for macOS, fixes an issue with docker stats when using containerd 1.5 and up, and updates the Go runtime to include a fix for CVE-2022-29526.

Client

• Fix a regression in binaries for macOS introduced in 20.10.15, which resulted in a panic docker/cli#43426.
• Update golang.org/x/sys dependency which contains a fix for CVE-2022-29526.

Daemon

• Fix an issue where docker stats was showing empty stats when running with containerd 1.5.0 or up moby/moby#43567.
• Update the golang.org/x/sys build-time dependency which contains a fix for CVE-2022-29526.

Packaging

• Update Go runtime to 1.17.10, which contains a fix for CVE-2022-29526.
• Use "weak" dependencies for the docker scan CLI plugin, to prevent a "conflicting requests" error when users performed an off-line installation from downloaded RPM packages docker/docker-ce-packaging#659.

• f756502 Merge pull request #43582 from thaJeztah/20.10_bump_golang_1.17.10
• a15acb4 [20.10] vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
• 5f2e0b7 [20.10] update golang to 1.17.10
• 462cd7d Merge pull request #43567 from 42wim/fixstats
• be7855f vendor: update github.com/containerd/cgroups and github.com/cilium/ebpf
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/docker/docker's releases.

v20.10.15

This release of Docker Engine comes with updated versions of the compose, buildx, containerd, and runc components, as well as some minor bugfixes.

Daemon

• Use a RWMutex for stateCounter to prevent potential locking congestion moby/moby#43426.
• Prevent an issue where the daemon was unable to find an available IP-range in some conditions moby/moby#43360

Packaging

• Update Docker Compose to v2.5.0.
• Update Docker Buildx to v0.8.2.
• Update Go runtime to 1.17.9.
• Update containerd (containerd.io package) to v1.6.4.
• Update runc version to v1.1.1.
• Add packages for CentOS 9 stream and Fedora 36.

• 4433bf6 Merge pull request #43561 from thaJeztah/20.10_backport_bump_containerd_binar...
• 414a9e2 update containerd binary to v1.6.4
• 0809f5f Merge pull request #43433 from thaJeztah/20.10_backport_update_containerd_runc
• 47b6a92 update containerd binary to v1.6.3
• 6d7c2b2 update containerd binary to v1.6.2
• 91708bf update containerd binary to v1.6.1
• 53ae170 Revert "[20.10] update containerd binary to 1.5.11"
• 961b9a7 update runc binary to v1.1.1
• 97972da update runc binary to v1.1.0
• 2929771 Merge pull request #43499 from thaJeztah/20.10_bump_golang_1.17.9
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from go.mongodb.org/mongo-driver's releases.

MongoDB Go Driver 1.9.1

The MongoDB Go Driver Team is pleased to release version 1.9.1 of the official Go driver.

Release Notes

This release includes various bug fixes, including fixing the "soft fail" behavior of the OCSP certificate check and correctly handling 32- or 64-bit integers in server responses.

---

For a full list of tickets included in this release, please see the links below:

• Bugs

• Tasks

Documentation for the Go driver can be found on pkg.go.dev and the MongoDB documentation site. BSON library documentation is also available on pkg.go.dev. Questions and inquiries can be asked on the MongoDB Developer Community. Bugs can be reported in the Go Driver project in the MongoDB JIRA where a list of current issues can be found. Your feedback on the Go driver is greatly appreciated!

• 886d852 Update version to v1.9.1
• 96e30da GODRIVER-2395 Never return errors when attempting to contact OCSP responders....
• 7ff10a8 GODRIVER-2323 Support int64 for 'n' field in insert, update, and delete ops. ...
• b5c26f5 GODRIVER-2378 resync badQueries and types CSFLE tests (#906)
• 8aecd15 Update version to v1.9.1-prerelease
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/golang-migrate/migrate/v4's releases.

v4.15.2

Changes

Documentation

• 06c25a2 Add pkger to README (by @​glacials )
• ed8a8b0 Include iofs in migration sources (by @​bndw )
• b69b032 clarify the package name (#660) (by @​khash )
• bfd0502 Set syntax highlighting for pkger example (by @​glacials )
• 81cbc9c fix: incorrect clickhouse dns example (by @​xkisu )

Database Drivers

• f621644 Add WithConnection to Postgres similar to MySQL. (by @​AndreasKl )
• 6e499cb Expose configuring cassandra connect timeout through query string (by @​taywrobel )
• 4ba6957 Resolves #647 - Fixes typos in Mongo advisory locking parameters (#648) (by @​SJrX )
• 9d3babd Run SQL server tests on Azure SQL Edge (by @​jfhbrook-at-work )
• 5798784 Update Spanner to 1.27 (by @​mccalltd )
• 020eda4 Upgrade cloud.google.com/go/spanner to 1.28.0, which adds JSON_VALUE support (by @​kylechadha )
• 9f5ed82 Use DELETE FROM instead of TRUNCATE for MySQL (#656) (by @​martinarrieta and @​antigremlin )
• 608e4f6 Use the recommended v4 in mysql README (by @​mgenware )
• a46677e bump go-sqlite3 to v1.14.10 (by @​pankona )

Migration Sources

• a2b0bda change github auth to use oauth token instead of basic. (by @​Greyeye )

Builds

• 5aa1a03 Bump version of autorest/adal (by @​jcmuller )
• 169d0fc Include 2 letter query param key in unit test (by @​suzaku )
• 331a15d Update dktest from v0.3.9 to v0.3.10 to fix upstream security issues (by @​dhui )
• c277388 Update dktest to v0.3.9 for upstream security vulnerability fixes (by @​dhui )
• cf68462 Run gofmt on internal build dir (by @​dhui )
• fc7f720 refactor: use sort.Slice (by @​suzaku )
• 918e13a Upgrade containerd and image-spec for the vulnerabilities (#662) (by @​mopp )
• 4f82413 len(k) is guaranteed to be greater than 1 in this case (by @​suzaku )

Thank you for your hard work and all your contributions!

• 331a15d Update dktest from v0.3.9 to v0.3.10 to fix upstream security issues
• cc5f8b7 Merge pull request #714 from eaze/josh/test-sqlserver-with-edge
• 9d3babd Run SQL server tests on Azure SQL Edge
• 57aead3 Merge pull request #659 from AndreasKl/add-with-connection-to-postgres
• e1d604b Merge pull request #708 from taywrobel/cassandra-connect-timeout
• 3dfae0d Merge branch 'master' into add-with-connection-to-postgres
• 6e499cb Expose configuring cassandra connect timeout through query string
• 0bc9734 Merge pull request #700 from Juneezee/test/t.TempDir
• 34c9878 Merge branch 'master' into add-with-connection-to-postgres
• 98d2f99 test: use T.TempDir to create temporary test directory
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/jackc/pgx/v4's changelog.

4.16.0 (April 21, 2022)

• Upgrade pgconn to v1.12.0
• Upgrade pgproto3 to v2.3.0
• Upgrade pgtype to v1.11.0
• Fix: Do not panic when context cancelled while getting statement from cache.
• Fix: Less memory pinning from old Rows.
• Fix: Support '\r' line ending when sanitizing SQL comment.
• Add pluggable GSSAPI support (Oliver Tan)

• 8c1815e Release v4.16.0
• c74f3f0 Add link to https://github.com/otan/gopgkrb5
• e012ea0 Upgrade pgconn, pgtype, and pgproto3
• 49a8601 Try to pacify finicky timing test on CI
• 097b6aa Add time to logging failed Exec
• bb8c52f Add doc regarding default pgxpool.Config.MaxConns
• 3ce50c0 Rename dbSavepoint to dbSimulatedNestedTx
• a86ece0 Fix single line comment for line endings in mac when sanitizing.
• b6b24f9 Allocate connRows on demand instead of preallocating in bulk
• 1e565b0 Handle stmtCache.Get error previously thought impossible
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-go's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-go#192)
• Update package-lock.json file version to 2 (actions/setup-go#193) and @types/node to 16.11.25 (actions/setup-go#194)
• Remove the stable input and fix SemVer notation (actions/setup-go#195)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes the stable input, so there is no need to specify additional input to use pre-release versions. This release also corrects the pre-release versions syntax to satisfy the SemVer notation (1.18.0-beta1 -> 1.18.0-beta.1, 1.18.0-rc1 -> 1.18.0-rc.1).

steps:
  - uses: actions/[email protected]
  - uses: actions/[email protected]
    with:
      go-version: '1.18.0-rc.1' 
  - run: go version

Add check-latest input

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, a Go version will then be downloaded from go-versions repository. By default check-latest is set to false. Example of usage:

steps:
  - uses: actions/[email protected]
  - uses: actions/[email protected]
    with:
      go-version: '1.16'
      check-latest: true
  - run: go version

Moreover, we updated @actions/core from 1.2.6 to 1.6.0

v2.1.5

In scope of this release we updated matchers.json to improve the problem matcher pattern. For more information please refer to this pull request

v2.1.4

What's Changed

• Fix extractor selection on windows by @​paulcacheux in actions/setup-go#141

New Contributors

• @​paulcacheux made their first contribution in actions/setup-go#141

Full Changelog: https://github.com/actions/setup-go/compare/v2.1.3...v2.1.4

v2.1.3

• Updated communication with runner to use environment files rather then workflow commands

v2.1.2

This release includes vendored licenses for this action's npm dependencies.

... (truncated)

• f6164bd Remove stable input and fix SemVer notation (#195)
• 2bb2aab update types node (#194)
• edcbc0c update lockfileVersion (#193)
• fb9a043 Update default runtime to node16 (#192)
• 5b0ae0e Bump pathval from 1.1.0 to 1.1.1 (#188)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)