Skip to content

Bump the dependencies group with 4 updates#627

Merged
pk910 merged 2 commits intomasterfrom
dependabot/go_modules/dependencies-d04a7b5a18
Apr 7, 2026
Merged

Bump the dependencies group with 4 updates#627
pk910 merged 2 commits intomasterfrom
dependabot/go_modules/dependencies-d04a7b5a18

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026

Bumps the dependencies group with 4 updates: github.com/ethereum/go-ethereum, github.com/lib/pq, github.com/minio/minio-go/v7 and github.com/pk910/dynamic-ssz.

Updates github.com/ethereum/go-ethereum from 1.17.1 to 1.17.2

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

EMF Suppressor (v1.17.2)

This is a maintenance release with several important bug fixes. Notably, a critical issue in debug_executionWitness could previously corrupt node data, users relying on this RPC endpoint are strongly advised to upgrade.

Geth now also supports syncing with chains where pre-Prague history has been pruned, and allows explicitly removing it via geth prune-history --history.chain postprague.

Geth

  • Set default cache size to 4GB across all networks (#33836, #33975)
  • Added support for pruning chain history prior to the Prague fork (#33657, #34036)
  • Added fetchpayload command to build execution witnesses for specific blocks (#33919)
  • Optimized Era history import with batched insertion (#33894)
  • Added womir target for keeper (#34079)
  • Added support for iterating a single storage trie in geth snapshot traverse-state and geth snapshot traverse-rawstate (#34051)

Core

  • Amsterdam fork updates:
    • EIP-8024: Switch to branchless normalization and extend EXCHANGE (#33869)
    • EIP-7778: Block gas accounting without refunds (#33593)
    • EIP-7954: Increase maximum contract size (#33832)
    • EIP-7708: ETH transfers now emit logs (#33645)
    • Reworked gas measurement order (prerequisite for EIP-7928) (#33648)
  • Improved payload building by prewarming trie nodes for state hash computation (#33945)
  • Various binary trie improvements (#33951, #33961, #33989, #34021, #34032, #34022, #34056)
  • Upgraded go-eth-kzg to v1.5.0, significantly reducing allocations in VerifyCellProofBatch (#33963)
  • Refactored state database in preparation for binary trie integration (#33816)
  • Enabled trie node history retention on existing nodes (#33934)
  • Optimized historical state indexer with batch processing (#33640)
  • Fixed potential deadlock in txlookup (#34039)
  • Added new RLP APIs (#34052, #34048)
  • Fix dir.Sync() failure in freezer on Windows (#34115)

Networking

  • Avoid duplicate connections by skipping simultaneous inbound/outbound dials (#33198)
  • Fixed session key mismatch by using consistent remote address handling in discv5 tests (#34031)
  • Added DNS hostname resolution for bootstrap nodes (#34101)

RPC

  • Fixed state corruption issue in debug_executionWitness; deprecated debug_executionWitnessByHash (#33931)
  • Added MaxUsedGas field to eth_simulateV1 response (#32789)
  • Fixed gas cap handling in eth_simulateV1 (#33952)
  • Fixed nonce revert edge case during contract creation in tracer (#33978)
  • Fixed eth_createAccessList to return an empty list instead of null for storage keys (#33976)
  • eth_getFilterLogs now returns an error if the requested chain segment has been pruned (#33823)
  • Fixed slot number encoding in RPC responses (#34005)
  • Enforce RPC call limits for eth_simulateV1 (#34616)
  • Enforce storage slot limits for proofs in eth_getProof (#34617)

Observability

... (truncated)

Commits

Updates github.com/lib/pq from 1.12.0 to 1.12.3

Release notes

Sourced from github.com/lib/pq's releases.

v1.12.3

  • Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2

  • Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1

  • Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

  • Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

Changelog

Sourced from github.com/lib/pq's changelog.

v1.12.3 (2026-04-03)

  • Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2 (2026-04-02)

  • Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1 (2026-03-30)

  • Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

  • Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

Commits
  • 1f3e3d9 Send datestyle as a startup parameter (#1312)
  • 32ba56b Expand tests for multiple result sets
  • c2cfac1 Release v1.12.2
  • 859f104 Test CockroachDB
  • 12e464c Allow multiple matches and regexps in pqtest.ErrorContains()
  • 6d77ced Treat io.ErrUnexpectedEOF as driver.ErrBadConn in handleError
  • 71daecb Ensure transactions are closed in pqtest
  • 8f44823 Set PGAPPNAME for tests
  • 4af2196 Fix healthcheck
  • 38a54e4 Split out testdata/init a bit
  • Additional commits viewable in compare view

Updates github.com/minio/minio-go/v7 from 7.0.99 to 7.0.100

Commits
  • 570a610 Add ChecksumAlgorithm to list response (#2211)
  • 9ab4afb Update signature of UpdateObjectEncryption (#2215)
  • 30849ad fix: honor StartAfter when listing object versions (#2212)
  • 2eacfe9 add SignV4WithServiceType function (#2214)
  • dedfa39 tags: add MarshalJSON/UnmarshalJSON to Tags
  • 4976cb3 get content encoding when available (#2208)
  • d75e965 add S3 Outposts support: Implement request signing and endpoint validation fo...
  • d00bd2f Fix: handling non-DualStack regions gracefully (#2205)
  • See full diff in compare view

Updates github.com/pk910/dynamic-ssz from 1.2.3-0.20260318065836-323b83c1a387 to 1.3.0

Release notes

Sourced from github.com/pk910/dynamic-ssz's releases.

v1.3.0

Added

  • SSZ Views — custom view types that decouple the SSZ schema from the Go struct layout, allowing different field orders and custom type mappings. Views are supported in both reflection and codegen paths, including views from external packages.
  • Incremental hasher — new hashing strategy for lists that processes elements in chunks rather than buffering all leaves in memory, significantly reducing memory consumption for large lists. Requires code regeneration to take effect; existing generated code continues to work with the previous hashing approach.
  • SszError wrapper — structured error type with consistent error messages across reflection and codegen code paths
  • Error path tracking in generated code — errors include the field path for easier debugging
  • Custom type annotations via sszutils.Annotate — programmatic SSZ tag overrides for types that cannot use struct tags
  • Backward compatibility tests — CI validates that code generated by older releases still compiles and works correctly
  • Internal write buffer for marshal-to-stream, reducing syscall overhead
  • Function header documentation in generated code
  • Code scanning (CodeQL) and OpenSSF best practices

Changed

  • Reflection performance improvements — fast path for static container marshal/unmarshal, bulk allocations to avoid descriptor copies, hoisted pointer checks, early skip of compat checks for primitive types
  • Codegen performance improvements — reduced string builder and import overhead, batched offset insertion in marshaler, HashUint64Slice for uint64 arrays, reduced Collapse() calls to every 256th item
  • Treeproof optimizations — refactored package, optimized tree construction with empty-node caching, faster proof verification, multiproof fast path for full-tree proofs, fixed mixed-depth multiproof indices
  • Normalized error messages across codegen and reflection code paths
  • Consistent list length limit checks in all marshal and unmarshal code paths
  • Downgraded minimum Go version for the base library to 1.22
  • Updated go-hashtree bindings and go-bitfield dependency
  • Always generate streaming code with dynamic expressions enabled
  • Always generate code for pointer types (lists & arrays)
  • Improved test coverage across codegen, treeproof, hasher, and reflection

Fixed

  • String pointer unmarshaling
  • Bitlist limit checks
  • ExpandSlice reset and lazy typecache index setup
  • Integer overflow conversions flagged by CodeQL (32-bit compatibility)
  • Bitlist allocation in hash tree root calculation
  • Conflicting annotation resolution (struct annotations take precedence over custom type annotations)
  • Streaming codegen when dynamic expressions are disabled

Full changelog

  • dd7d073 Merge pull request #157 from pk910/pk910/fix-prepare-release
  • 5cca0c4 Merge pull request #156 from pk910/pk910/speedup-ci-workflow
  • 3f63af7 Merge pull request #155 from pk910/pk910/remove-binary
  • 4133fbf Merge pull request #82 from pk910/ssz-views
  • d4a2ba4 Merge pull request #154 from pk910/pk910/trim-benchmark-paths
  • 2a755d5 Merge pull request #153 from pk910/pk910/fix-perftests
  • 01e7869 Merge pull request #152 from pk910/dependabot/github_actions/all-actions-9f46a57012
  • e79fa8a Merge pull request #151 from pk910/pk910/test-coverage-03
  • 5cd5b51 Merge pull request #150 from pk910/pk910/check-list-limits
  • f76e1de Merge pull request #149 from Sahil-4555/fix/expand-slice-and-typecache-init
  • 54c8e26 Merge pull request #148 from pk910/pk910/fix-streaming-with-expressions-disabled
  • 5a33b51 Merge pull request #147 from pk910/pk910/custom-annotations
  • 191f12b Merge pull request #144 from Sahil-4555/treeproof-multiproof-verification-cleanup

... (truncated)

Changelog

Sourced from github.com/pk910/dynamic-ssz's changelog.

[v1.3.0] 2026-03-31

Added

  • SSZ Views — custom view types that decouple the SSZ schema from the Go struct layout, allowing different field orders and custom type mappings. Views are supported in both reflection and codegen paths, including views from external packages.
  • Incremental hasher — new hashing strategy for lists that processes elements in chunks rather than buffering all leaves in memory, significantly reducing memory consumption for large lists. Requires code regeneration to take effect; existing generated code continues to work with the previous hashing approach.
  • SszError wrapper — structured error type with consistent error messages across reflection and codegen code paths
  • Error path tracking in generated code — errors include the field path for easier debugging
  • Custom type annotations via sszutils.Annotate — programmatic SSZ tag overrides for types that cannot use struct tags
  • Backward compatibility tests — CI validates that code generated by older releases still compiles and works correctly
  • Internal write buffer for marshal-to-stream, reducing syscall overhead
  • Function header documentation in generated code
  • Code scanning (CodeQL) and OpenSSF best practices

Changed

  • Reflection performance improvements — fast path for static container marshal/unmarshal, bulk allocations to avoid descriptor copies, hoisted pointer checks, early skip of compat checks for primitive types
  • Codegen performance improvements — reduced string builder and import overhead, batched offset insertion in marshaler, HashUint64Slice for uint64 arrays, reduced Collapse() calls to every 256th item
  • Treeproof optimizations — refactored package, optimized tree construction with empty-node caching, faster proof verification, multiproof fast path for full-tree proofs, fixed mixed-depth multiproof indices
  • Normalized error messages across codegen and reflection code paths
  • Consistent list length limit checks in all marshal and unmarshal code paths
  • Downgraded minimum Go version for the base library to 1.22
  • Updated go-hashtree bindings and go-bitfield dependency
  • Always generate streaming code with dynamic expressions enabled
  • Always generate code for pointer types (lists & arrays)
  • Improved test coverage across codegen, treeproof, hasher, and reflection

Fixed

  • String pointer unmarshaling
  • Bitlist limit checks
  • ExpandSlice reset and lazy typecache index setup
  • Integer overflow conversions flagged by CodeQL (32-bit compatibility)
  • Bitlist allocation in hash tree root calculation
  • Conflicting annotation resolution (struct annotations take precedence over custom type annotations)
  • Streaming codegen when dynamic expressions are disabled

[v1.2.2] 2026-03-12

Added

  • Fuzz testing framework with parallel workers and multi-dimensional list/vector support
  • Extended type support (int8/int16/int32/int64, float32/float64, bigint, optional) for reflection and code generation
  • Fuzzing CI workflow
  • Smoke tests for fuzzer in CI
  • Codecov exclusion for fuzzer code

Changed

  • Refactored getZeroOrderHashes for clarity

Fixed

  • Concurrent map read/write panic in specValueCache (added mutex synchronization)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group with 4 updates
e597b73 
Bumps the dependencies group with 4 updates: [github.com/ethereum/go-ethereum](https://github.com/ethereum/go-ethereum), [github.com/lib/pq](https://github.com/lib/pq), [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) and [github.com/pk910/dynamic-ssz](https://github.com/pk910/dynamic-ssz).


Updates `github.com/ethereum/go-ethereum` from 1.17.1 to 1.17.2
- [Release notes](https://github.com/ethereum/go-ethereum/releases)
- [Commits](ethereum/go-ethereum@v1.17.1...v1.17.2)

Updates `github.com/lib/pq` from 1.12.0 to 1.12.3
- [Release notes](https://github.com/lib/pq/releases)
- [Changelog](https://github.com/lib/pq/blob/master/CHANGELOG.md)
- [Commits](lib/pq@v1.12.0...v1.12.3)

Updates `github.com/minio/minio-go/v7` from 7.0.99 to 7.0.100
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](minio/minio-go@v7.0.99...v7.0.100)

Updates `github.com/pk910/dynamic-ssz` from 1.2.3-0.20260318065836-323b83c1a387 to 1.3.0
- [Release notes](https://github.com/pk910/dynamic-ssz/releases)
- [Changelog](https://github.com/pk910/dynamic-ssz/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pk910/dynamic-ssz/commits/v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/ethereum/go-ethereum
  dependency-version: 1.17.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/lib/pq
  dependency-version: 1.12.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/minio/minio-go/v7
  dependency-version: 7.0.100
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github.com/pk910/dynamic-ssz
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 6, 2026
@pk910 pk910 enabled auto-merge April 7, 2026 21:52
@pk910 pk910 merged commit ae5bb7f into master Apr 7, 2026
4 checks passed
@pk910 pk910 deleted the dependabot/go_modules/dependencies-d04a7b5a18 branch April 7, 2026 21:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pk910 pk910 pk910 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pk910