build(deps): bump the go-mod group with 8 updates

[dependabot]

Bumps the go-mod group with 8 updates:

Package	From	To
github.com/authzed/spicedb	1.40.1-0.20250203174657-98e88a128ae5	1.40.1
github.com/hamba/avro/v2	2.27.0	2.28.0
github.com/muesli/termenv	0.15.2	0.16.0
github.com/spf13/cobra	1.8.1	1.9.1
golang.org/x/mod	0.22.0	0.23.0
golang.org/x/sync	0.10.0	0.11.0
golang.org/x/term	0.28.0	0.29.0
google.golang.org/protobuf	1.36.4	1.36.5

Updates github.com/authzed/spicedb from 1.40.1-0.20250203174657-98e88a128ae5 to 1.40.1

Release notes

Sourced from github.com/authzed/spicedb's releases.

v1.40.1

What's Changed

• bug fix: implement flag for spanner by @​kartikaysaxena in authzed/spicedb#2210
• security-fix: upgrade go base image to fix new CVE published by @​kartikaysaxena in authzed/spicedb#2213
• Implement partials syntax parsing by @​tstirrat15 in authzed/spicedb#2211
• Fixes for replicated query iterator by @​josephschorr in authzed/spicedb#2214
• Switch namespace read call in Check to simplify by @​josephschorr in authzed/spicedb#2215
• Have LookupSubjects return Unimplemented if a cursor is used by @​josephschorr in authzed/spicedb#2216
• [mysql] pipe logger into mysql for debug printing (#1055) by @​barakmich in authzed/spicedb#2217
• Change strict reading PG to only return rows when valid by @​josephschorr in authzed/spicedb#2219
• Remove parallel test to reduce flakiness by @​josephschorr in authzed/spicedb#2222
• Implement partials compilation by @​tstirrat15 in authzed/spicedb#2212
• Add metrics for usage of the replication proxies in the datastore by @​josephschorr in authzed/spicedb#2229
• Update tracing logic in authn code by @​tstirrat15 in authzed/spicedb#2230
• Remove the reference for changes being emitted by Watch by @​josephschorr in authzed/spicedb#2232
• fixes pg replica error: "canceling statement due to conflict with recovery by @​vroldanbet in authzed/spicedb#2233
• Change default version for CRDB testing to latest by @​josephschorr in authzed/spicedb#2226
• Move to Go 1.23.6 for a reported Go vuln by @​josephschorr in authzed/spicedb#2237
• Have strictreplicated proxy buffer relationships by @​josephschorr in authzed/spicedb#2236
• crdb pool: handle cases with nil errors by @​ecordell in authzed/spicedb#2238
• Port in expiration parsing into composable schema DSL by @​tstirrat15 in authzed/spicedb#2239

New Contributors

• @​barakmich made their first contribution in authzed/spicedb#2217

Full Changelog: authzed/spicedb@v1.40.0...v1.40.1

Docker Images

This release is available at authzed/spicedb:v1.40.1, quay.io/authzed/spicedb:v1.40.1, ghcr.io/authzed/spicedb:v1.40.1

Commits

• See full diff in compare view

Updates github.com/hamba/avro/v2 from 2.27.0 to 2.28.0

Release notes

Sourced from github.com/hamba/avro/v2's releases.

v2.28.0

What's Changed

• chore: bump coverallsapp/github-action from 2.3.1 to 2.3.3 in the all group by @​dependabot in hamba/avro#473
• chore: bump github.com/klauspost/compress from 1.17.10 to 1.17.11 in the all group by @​dependabot in hamba/avro#471
• chore: bump coverallsapp/github-action from 2.3.3 to 2.3.4 in the all group by @​dependabot in hamba/avro#475
• chore: bump golang.org/x/tools from 0.26.0 to 0.27.0 in the all group by @​dependabot in hamba/avro#478
• chore: bump golang.org/x/tools from 0.27.0 to 0.28.0 in the all group by @​dependabot in hamba/avro#480
• Fix error handling in OCF example by @​mihaitodor in hamba/avro#483
• fix: updated link for apache arrow go lib in README.md by @​pavelpascari in hamba/avro#487
• feat: allow setting zstd codec options by @​vpapp in hamba/avro#485
• chore: bump golang.org/x/tools from 0.28.0 to 0.29.0 in the all group by @​dependabot in hamba/avro#488
• fix: add handling to skip block data in Decoder readBlock method by @​lukrah in hamba/avro#492
• chore: bump coverallsapp/github-action from 2.3.4 to 2.3.6 in the all group by @​dependabot in hamba/avro#493
• feat: add CRC64-AVRO-LE fingerprint type by @​kimgr in hamba/avro#491
• fix(gen): fix multiline doc comments in generated struct by @​ekazakas in hamba/avro#499
• fix(gen): escape backticks by @​ekazakas in hamba/avro#500
• feat(gen): implement struct generation from schema registry subjects and versions by @​ekazakas in hamba/avro#498
• fix: panic on null type by @​nrwiersma in hamba/avro#501
• feat: support go 1.24 by @​nrwiersma in hamba/avro#503
• fix: panic with concurrent schema parsing by @​YousefHagag in hamba/avro#502

New Contributors

• @​mihaitodor made their first contribution in hamba/avro#483
• @​pavelpascari made their first contribution in hamba/avro#487
• @​vpapp made their first contribution in hamba/avro#485
• @​lukrah made their first contribution in hamba/avro#492
• @​kimgr made their first contribution in hamba/avro#491
• @​ekazakas made their first contribution in hamba/avro#499
• @​YousefHagag made their first contribution in hamba/avro#502

Full Changelog: hamba/avro@v2.27.0...v2.28.0

Commits

• b48c057 fix: panic with concurrent schema parsing (#502)
• 323f149 feat: support go 1.24 (#503)
• d39c1ec fix: panic on null type (#501)
• 559723e feat(gen): implement struct generation from schema registry subjects and vers...
• 29f45e2 fix(gen): escape backticks (#500)
• 1154cda fix(gen): fix multiline doc comments in generated struct (#499)
• e9a408d feat: add CRC64-AVRO-LE fingerprint type (#491)
• 7846b97 chore: bump coverallsapp/github-action from 2.3.4 to 2.3.6 in the all group (...
• 4ba9c73 fix: add handling to skip block data in ocf decoder readBlock method (#492)
• 68046a4 chore: bump golang.org/x/tools from 0.28.0 to 0.29.0 in the all group (#488)
• Additional commits viewable in compare view

Updates github.com/muesli/termenv from 0.15.2 to 0.16.0

Release notes

Sourced from github.com/muesli/termenv's releases.

v0.16.0

What's Changed

• build(deps): bump github.com/mattn/go-isatty from 0.0.18 to 0.0.19 by @​dependabot in muesli/termenv#137
• build(deps): bump golang.org/x/sys from 0.7.0 to 0.10.0 by @​dependabot in muesli/termenv#142
• fix(output): export output writer by @​aymanbagabas in muesli/termenv#122
• docs: update alacritty OSC 8 support documentation by @​Thesmader in muesli/termenv#157
• fix(termenv): prevent hang in Emacs shell by @​bard in muesli/termenv#152
• feat: ghostty is truecolor by @​caarlos0 in muesli/termenv#161
• fix: do not use ioutil and other fixes by @​caarlos0 in muesli/termenv#162
• Use uniseg.StringWidth by @​maaslalani in muesli/termenv#164
• Add support for building on z/OS by @​dustin-ward in muesli/termenv#165
• feat: Profile.Name() by @​caarlos0 in muesli/termenv#163
• Fix lint comments (godot) by @​maaslalani in muesli/termenv#160
• feat: mark more term as truecolor by @​caarlos0 in muesli/termenv#171
• feat: rio is truecolor, xterm is ansi by @​caarlos0 in muesli/termenv#174
• build(deps): bump golang.org/x/crypto from 0.3.0 to 0.31.0 in /examples/ssh by @​dependabot in muesli/termenv#175
• update deps, fixes lint issues by @​caarlos0 in muesli/termenv#183

New Contributors

• @​Thesmader made their first contribution in muesli/termenv#157
• @​bard made their first contribution in muesli/termenv#152
• @​maaslalani made their first contribution in muesli/termenv#164
• @​dustin-ward made their first contribution in muesli/termenv#165

Full Changelog: muesli/termenv@v0.15.2...v0.16.0

Commits

• 2e6fa35 fix: more lint issues
• 44c6825 ci: fix lint-soft job
• 46061a4 ci: fix lint job
• 44e5a50 chore(deps): update actions
• 34b0cf0 fix: goveralls, maybe
• b470d69 fix: lint issues
• 944e1cd build(deps): update go-isatty, uniseg, x/sys
• 8c990cd build(deps): bump golang.org/x/crypto in /examples/ssh
• 0d230cb feat: rio is truecolor, xterm is ansi (#174)
• 82936c5 feat: mark more terminals as truecolor (#171)
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.9.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.9.1

🐛 Fixes

• Fix CompletionFunc implementation by @​ccoVeille in spf13/cobra#2234
• Revert "Make detection for test-binary more universal (#2173)" by @​marckhouzam in spf13/cobra#2235

Full Changelog: spf13/cobra@v1.9.0...v1.9.1

v1.9.0

✨ Features

• Allow linker to perform deadcode elimination for program using Cobra by @​aarzilli in spf13/cobra#1956
• Add default completion command even if there are no other sub-commands by @​marckhouzam in spf13/cobra#1559
• Add CompletionWithDesc helper by @​ccoVeille in spf13/cobra#2231

🐛 Fixes

• Fix deprecation comment for Command.SetOutput by @​thaJeztah in spf13/cobra#2172
• Replace deprecated ioutil usage by @​nirs in spf13/cobra#2181
• Fix --version help and output for plugins by @​nirs in spf13/cobra#2180
• Allow to reset the templates to the default by @​marckhouzam in spf13/cobra#2229

🤖 Completions

• Make Powershell completion work in constrained mode by @​lstemplinger in spf13/cobra#2196
• Improve detection for flags that accept multiple values by @​thaJeztah in spf13/cobra#2210
• add CompletionFunc type to help with completions by @​ccoVeille in spf13/cobra#2220
• Add similar whitespace escape logic to bash v2 completions than in other completions by @​kangasta in spf13/cobra#1743
• Print ActiveHelp for bash along other completions by @​marckhouzam in spf13/cobra#2076
• fix(completions): Complete map flags multiple times by @​gabe565 in spf13/cobra#2174
• fix(bash): nounset unbound file filter variable on empty extension by @​scop in spf13/cobra#2228

🧪 Testing

• Test also with go 1.23 by @​nirs in spf13/cobra#2182
• Make detection for test-binary more universal by @​thaJeztah in spf13/cobra#2173

✍🏼 Documentation

• docs: update README.md by @​eltociear in spf13/cobra#2197
• Improve site formatting by @​nirs in spf13/cobra#2183
• doc: add Conduit by @​raulb in spf13/cobra#2230
• doc: azion project added to the list of CLIs that use cobra by @​maxwelbm in spf13/cobra#2198
• Fix broken links in active_help.md by @​vuil in spf13/cobra#2202
• chore: fix function name in comment by @​zhuhaicity in spf13/cobra#2216

🔧 Dependency upgrades

• build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6 by @​thaJeztah in spf13/cobra#2206
• Update to latest go-md2man by @​mikelolasagasti in spf13/cobra#2201

... (truncated)

Commits

• 40b5bc1 Revert "Make detection for test-binary more universal (#2173)" (#2235)
• a97f9fd fix CompletionFunc implementation (#2234)
• 5f9c408 chore: Upgrade dependencies for v1.9.0 (#2233)
• 24ada7f Remove the default "completion" cmd if it is alone (#1559)
• 680936a New logo
• 8cb30f9 feat: add CompletionWithDesc helper (#2231)
• 17b6dca doc: add Conduit (#2230)
• ab5cadc Allow to reset the templates to the default (#2229)
• 4ba5566 fix(bash): nounset unbound file filter variable on empty extension (#2228)
• 41b26ec Print ActiveHelp for bash along other completions (#2076)
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.22.0 to 0.23.0

Commits

• 52289f1 modfile: fix trailing empty lines in require blocks
• See full diff in compare view

Updates golang.org/x/sync from 0.10.0 to 0.11.0

Commits

• fe3591b sync/errgroup: improve documentation for semaphore limit behavior
• See full diff in compare view

Updates golang.org/x/term from 0.28.0 to 0.29.0

Commits

• 743b270 go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates google.golang.org/protobuf from 1.36.4 to 1.36.5

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[tstirrat15]

These all look good to me