Build(deps): Bump the prod group across 1 directory with 3 updates

[dependabot]

Bumps the prod group with 3 updates in the / directory: github.com/go-co-op/gocron/v2, github.com/wailsapp/wails/v2 and modernc.org/sqlite.

Updates github.com/go-co-op/gocron/v2 from 2.19.1 to 2.21.0

Release notes

Sourced from github.com/go-co-op/gocron/v2's releases.

v2.21.0

What's Changed

• feat: add WithDSTPolicy option for DST spring-forward handling by @​Copilot in go-co-op/gocron#917
• feat: add IsRunning() and LastRunCompletedAt() to Job interface by @​Copilot in go-co-op/gocron#918
• feat: Expose job schedule information via Schedule() method on Job interface by @​Copilot in go-co-op/gocron#919

Test Suite

• test: enhancements to testing speed and reliablity by @​JohnRoesler in go-co-op/gocron#920

Full Changelog: go-co-op/gocron@v2.20.0...v2.21.0

v2.20.0

What's Changed

• feat: add ShutdownWithContext and StopJobsWithContext by @​huynhanx03 in go-co-op/gocron#913

Performance improvements

• perf: replace string allocation with bytes.Compare in Jobs() UUID sort by @​huynhanx03 in go-co-op/gocron#914

Fixes

• Fix CronJob duplicate execution during DST fall-back by @​Copilot in go-co-op/gocron#912

Docs

• docs: clarify NextRun/NextRuns require scheduler to be started by @​Copilot in go-co-op/gocron#910

New Contributors

• @​huynhanx03 made their first contribution in go-co-op/gocron#913

Full Changelog: go-co-op/gocron@v2.19.1...v2.20.0

Commits

• 54f6bd8 test: enhancements to testing speed and reliablity (#920)
• 9b8a3f7 Expose job schedule information via Schedule() method on Job interface (#...
• 2e69a26 feat: add IsRunning() and LastRunCompletedAt() to Job interface (#918)
• 1e25a3b feat: add WithDSTPolicy option for DST spring-forward handling (#917)
• 89567e9 perf: replace string allocation with bytes.Compare in Jobs() UUID sort (#914)
• a6875f0 Fix CronJob duplicate execution during DST fall-back (#912)
• c304de1 feat: add ShutdownWithContext and StopJobsWithContext (#913)
• 5b307f5 docs: clarify NextRun/NextRuns require scheduler to be started (#910)
• 102b2b2 Change GitHub Sponsors username in FUNDING.yml
• See full diff in compare view

Updates github.com/wailsapp/wails/v2 from 2.11.0 to 2.12.0

Release notes

Sourced from github.com/wailsapp/wails/v2's releases.

Wails v2.12.0

Installation

go install github.com/wailsapp/wails/v2/cmd/wails@v2.12.0

Changes

Fixed

• Fixed clipboard mojibake on macOS by setting LANG environment variable for pbpaste/pbcopy operations #5012 by @​veeceey
• Fixed wails init to prevent initialization in non-empty directories when using the -d flag, avoiding accidental data loss [#4940](https://github.com/wailsapp/wails/issues/4940) by @leaanthony
• Fixed missing EventsOffAll in runtime templates for all frontend frameworks #4883 by @​narcilee7
• Fixed Linux crash on panic in JS-bound Go methods due to WebKit overriding signal handlers #3965 by @​leaanthony
• Fixed code block range in "How Does It Work?" documentation #4884 by @​msal4
• Fixed WebView crash on macOS 26 (Tahoe) during rapid UI updates #4592 by @​leaanthony
• Updated menu reference docs with complete imports by @​agilgur5 in #4727 and #4742
• Fixed menu reference syntax by @​agilgur5 in #4726
• Fixed indentation in Application Development guide by @​agilgur5 in #4730
• Updated Application Development guide to show imports in the app.go snippets by @​agilgur5 in #4731
• Fixed link to CoC in Community Guide when there was a trailing slash by @​agilgur5 in #4732
• Fixed indentation in "How does it work?" page by @​agilgur5 in #4733
• Updated wails installation documentation to allow copying the install wails command with one click by @​tilak999 in #4692
• Remove ioutl.Discard and replace it with io.Discard by @​xjh22222228 in #4877

Commits

• ebe9d32 release: v2.12.0
• ffb0678 fix: use --no-frozen-lockfile in release docs update
• f99ed1b ci: use task v2:release, minor version bumps, docs-aware releases
• 060faf2 ci: add automated weekly release workflow for v2
• 25d02ee chore: update sponsors.svg (#5073)
• 981dc1a chore: update sponsors.svg (#5064)
• 0ce8919 fix(v2): set LANG for pbpaste/pbcopy to prevent clipboard mojibake on macOS (...
• 63725f1 Merge pull request #5060 from wailsapp/update-sponsors
• c8476d7 chore: update sponsors.svg
• 51d3032 [v2] Notifications API (#4256)
• Additional commits viewable in compare view

Updates modernc.org/sqlite from 1.46.1 to 1.48.2

Changelog

Sourced from modernc.org/sqlite's changelog.

Changelog

• 2026-04-06 v1.48.2:

  • Fix ABI mapping mismatch in the pre-update hook trampoline that caused silent truncation of large 64-bit RowIDs.
  • Ensure the Go trampoline signature correctly aligns with the public sqlite3_preupdate_hook C API, preventing data corruption for high-entropy keys (e.g., Snowflake IDs).
  • See [GitLab merge request #98](https://gitlab.com/cznic/sqlite/-/merge_requests/98), thanks Josh Bleecher Snyder!
  • Fix the memory allocator used in (*conn).Deserialize.
  • Replace tls.Alloc with sqlite3_malloc64 to prevent internal allocator corruption. This ensures the buffer is safely owned by SQLite, which may resize or free it due to the SQLITE_DESERIALIZE_RESIZEABLE and SQLITE_DESERIALIZE_FREEONCLOSE flags.
  • Prevent a memory leak by properly freeing the allocated buffer if fetching the main database name fails before handing ownership to SQLite.
  • See [GitLab merge request #100](https://gitlab.com/cznic/sqlite/-/merge_requests/100), thanks Josh Bleecher Snyder!
  • Fix (*conn).Deserialize to explicitly reject nil or empty byte slices.
  • Prevent silent database disconnection and connection pool corruption caused by SQLite's default behavior when sqlite3_deserialize receives a 0-length buffer.
  • See [GitLab merge request #101](https://gitlab.com/cznic/sqlite/-/merge_requests/101), thanks Josh Bleecher Snyder!
  • Fix commitHookTrampoline and rollbackHookTrampoline signatures by removing the unused pCsr parameter.
  • Aligns internal hook callbacks accurately with the underlying SQLite C API, cleaning up the code to prevent potential future confusion or bugs.
  • See [GitLab merge request #102](https://gitlab.com/cznic/sqlite/-/merge_requests/102), thanks Josh Bleecher Snyder!
  • Fix checkptr instrumentation failures during go test -race when registering and using virtual tables (vtab).
  • Allocate sqlite3_module instances using the C allocator (libc.Xcalloc) instead of the Go heap. This ensures transpiled C code can safely perform pointer operations on the struct without tripping Go's pointer checks.
  • See [GitLab merge request #103](https://gitlab.com/cznic/sqlite/-/merge_requests/103), thanks Josh Bleecher Snyder!
  • Fix data race on mutex.id in the mutexTry non-recursive path.
  • Ensure consistent atomic writes (atomic.StoreInt32) to prevent data races with atomic loads in mutexHeld and mutexNotheld during concurrent execution.
  • See [GitLab merge request #104](https://gitlab.com/cznic/sqlite/-/merge_requests/104), thanks Josh Bleecher Snyder!
  • Fix resource leak in (*Backup).Commit where the destination connection was not closed on error.
  • Ensure dstConn is properly closed when sqlite3_backup_finish fails, preventing file descriptor, TLS, and memory leaks.
  • See [GitLab merge request #105](https://gitlab.com/cznic/sqlite/-/merge_requests/105), thanks Josh Bleecher Snyder!
  • Fix Exec to fully drain rows when encountering SQLITE_ROW, preventing silent data loss in DML statements.
  • Previously, Exec aborted after the first row, meaning INSERT, UPDATE, or DELETE statements with a RETURNING clause would fail to process subsequent rows. The execution path now correctly loops until SQLITE_DONE and properly respects context cancellations during the drain loop, fully aligning with native C sqlite3_exec semantics.
  • See [GitLab merge request #106](https://gitlab.com/cznic/sqlite/-/merge_requests/106), thanks Josh Bleecher Snyder!
  • Fix "Shadowed err value (stmt.go)".
  • See [GitLab issue #249](https://gitlab.com/cznic/sqlite/-/work_items/249), thanks Emrecan BATI!
  • Fix silent omission of virtual table savepoint callbacks by correctly setting the sqlite3_module version.
  • See [GitLab merge request #107](https://gitlab.com/cznic/sqlite/-/merge_requests/107), thanks Josh Bleecher Snyder!
  • Fix vfsRead to properly handle partial and fragmented reads from io.Reader.
  • Replace f.Read with io.ReadFull to ensure the buffer is fully populated, preventing premature SQLITE_IOERR_SHORT_READ errors on valid mid-stream partial reads. Unread tail bytes at EOF are now efficiently zero-filled using the built-in clear function.
  • See [GitLab merge request #108](https://gitlab.com/cznic/sqlite/-/merge_requests/108), thanks Josh Bleecher Snyder!
  • Refactor internal error formatting to safely handle uninitialized or closed database pointers.
  • Prevent a misleading "out of memory" error message when an operation fails and the underlying SQLite database handle is NULL (db == 0).
  • See [GitLab merge request #109](https://gitlab.com/cznic/sqlite/-/merge_requests/109), thanks Josh Bleecher Snyder!
  • Fix error handling in database backup and restore initialization (sqlite3_backup_init).
  • Ensure error codes and messages are accurately read from the destination database handle rather than hardcoding the source or remote handle. This prevents swallowed errors or mismatched "not an error" messages when a backup or restore operation fails to start.
  • See [GitLab merge request #111](https://gitlab.com/cznic/sqlite/-/merge_requests/111), thanks Josh Bleecher Snyder!
  • Fix database handle and C-heap memory leaks when sqlite3_open_v2 fails.
  • Ensure sqlite3_close_v2 is called on the partially allocated database handle during a failed open, and explicitly close libc.TLS in newConn to prevent resource leakage.
  • Prevent misleading "out of memory" error messages on failed connections by correctly extracting the exact error string from the allocated handle before it is closed.
  • See [GitLab merge request #112](https://gitlab.com/cznic/sqlite/-/merge_requests/112), thanks Josh Bleecher Snyder!

• 2026-04-03 v1.48.1:

  • Fix memory leaks and double-free vulnerabilities in the multi-statement query execution path.
  • Ensure bind-parameter allocations are reliably freed via strict ownership transfer if an error occurs mid-loop or if multiple statements bind parameters.
  • Fix a resource leak where a subsequent statement's error could orphan a previously generated rows object without closing it, leaking the prepared statement handle.

... (truncated)

Commits

• df16977 CHANGELOG.md: add !112
• 172c395 Merge branch 'fix-openv2-handle-leak' into 'master'
• 2719730 fix openV2 handle leak, TLS leak, and misleading error on failed open
• 53c87f6 CHANGELOG.md: add !111
• c324f37 Merge branch 'fix-backup-restore-error-handle' into 'master'
• fc791df read error from correct db handle on backup init failure
• 1620515 CHANGELOG.md: add !109
• 72aaab4 Merge branch 'errstr-for-db' into 'master'
• 2ae65f7 extract errstrForDB from conn.errstr
• eeec006 CHANGELOG.md: add !108
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions