chore(deps): bump the everything-else group across 1 directory with 5 updates

[dependabot]

Bumps the everything-else group with 3 updates in the / directory: github.com/99designs/gqlgen, github.com/go-chi/chi/v5 and github.com/olahol/melody.

Updates github.com/99designs/gqlgen from 0.17.56 to 0.17.80

Release notes

Sourced from github.com/99designs/gqlgen's releases.

v0.17.80

What's Changed

• Fix context not being captured for field directives by @​dloukadakis in 99designs/gqlgen#3843
• Test propagating context to resolvers from directive by @​g1ntas in 99designs/gqlgen#3842

New Contributors

• @​g1ntas made their first contribution in 99designs/gqlgen#3842

Full Changelog: 99designs/gqlgen@v0.17.79...v0.17.80

v0.17.79

What's Changed

• Added new Maintainer @​UnAfraid 🥳
• Add server GraphQL rules customization by @​StevenACoffman in 99designs/gqlgen#3779
• Fixed benchmark not awaiting dispatched operation by @​UnAfraid in 99designs/gqlgen#3781
• Better duration documentation by @​StevenACoffman in 99designs/gqlgen#3812
• Documentation of the Omittable type by @​evellior in 99designs/gqlgen#3813
• fix: handle nil-return from field hooks to omit a field from code generation by @​7opf in 99designs/gqlgen#3814
• Add Support For All SIgned and Unsigned Integers by @​rodneyosodo in 99designs/gqlgen#3787
• Updated federation integration tests by @​UnAfraid in 99designs/gqlgen#3829
• Updated integration tests by @​UnAfraid in 99designs/gqlgen#3831
• fix generating enum maps for slices by @​adamgonen in 99designs/gqlgen#3830
• Move field generated code to graphql package by @​dloukadakis in 99designs/gqlgen#3832
• Drop support for Go 1.23 and Add support for Go 1.25 by @​StevenACoffman in 99designs/gqlgen#3833
• Pin GitHub Actions to SHA1 with human readable comments for security, lint actions by @​StevenACoffman in 99designs/gqlgen#3834
• Fix test coverage script by @​StevenACoffman in 99designs/gqlgen#3838
• Try alternative coverage package include/exclude by @​StevenACoffman in 99designs/gqlgen#3839
• chore(deps-dev): bump @​apollo/client from 3.13.8 to 3.13.9 in /integration by @​dependabot[bot] in 99designs/gqlgen#3783
• chore(deps): bump @​apollo/server from 4.12.2 to 5.0.0 in /_examples/federation by @​dependabot[bot] in 99designs/gqlgen#3785
• chore(deps-dev): bump typescript from 5.8.3 to 5.9.2 in /integration by @​dependabot[bot] in 99designs/gqlgen#3786
• chore(deps-dev): bump vite from 7.0.4 to 7.0.6 in /integration by @​dependabot[bot] in 99designs/gqlgen#3782
• chore(deps-dev): bump graphql-ws from 6.0.5 to 6.0.6 in /integration by @​dependabot[bot] in 99designs/gqlgen#3784
• chore(deps-dev): bump vite from 7.0.6 to 7.1.1 in /integration by @​dependabot[bot] in 99designs/gqlgen#3790
• chore(deps-dev): bump urql from 4.2.2 to 5.0.0 in /integration by @​dependabot[bot] in 99designs/gqlgen#3791
• chore(deps): bump the npm_and_yarn group in /integration with 2 updates by @​dependabot[bot] in 99designs/gqlgen#3793
• chore(deps): bump golang.org/x/text from 0.27.0 to 0.28.0 in /_examples by @​dependabot[bot] in 99designs/gqlgen#3792
• chore(deps): bump actions/checkout from 4 to 5 by @​dependabot[bot] in 99designs/gqlgen#3795
• chore(deps-dev): bump vite from 7.1.1 to 7.1.2 in /integration by @​dependabot[bot] in 99designs/gqlgen#3797
• chore(deps): bump golang.org/x/text from 0.27.0 to 0.28.0 by @​dependabot[bot] in 99designs/gqlgen#3796
• chore(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.7 by @​dependabot[bot] in 99designs/gqlgen#3799
• chore(deps): bump the go_modules group across 3 directories with 1 update by @​dependabot[bot] in 99designs/gqlgen#3801
• chore(deps): bump golang.org/x/tools from 0.35.0 to 0.36.0 by @​dependabot[bot] in 99designs/gqlgen#3798
• chore(deps-dev): bump vite from 7.1.2 to 7.1.3 in /integration by @​dependabot[bot] in 99designs/gqlgen#3804
• chore(deps): bump google.golang.org/protobuf from 1.36.7 to 1.36.8 by @​dependabot[bot] in 99designs/gqlgen#3807
• chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 in /_examples by @​dependabot[bot] in 99designs/gqlgen#3806
• chore(deps): bump @​apollo/client from 3.14.0 to 4.0.0 in /_examples/chat by @​dependabot[bot] in 99designs/gqlgen#3809
• chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.0 by @​dependabot[bot] in 99designs/gqlgen#3808
• chore(deps-dev): bump vite from 7.1.3 to 7.1.5 in /integration by @​dependabot[bot] in 99designs/gqlgen#3823
• chore(deps): bump actions/setup-go from 5 to 6 by @​dependabot[bot] in 99designs/gqlgen#3826
• chore(deps): bump actions/setup-node from 4 to 5 by @​dependabot[bot] in 99designs/gqlgen#3827

... (truncated)

Commits

• e7100c2 release v0.17.80
• 3f9488d Test propagating context to resolvers from directive (#3842)
• d9a190e Fix context not being captured for field directives (#3843)
• 522517d v0.17.79 postrelease bump
• d83cd09 release v0.17.79
• 14c0625 Alternative coverage package include/exclude (#3839)
• 6dd4af7 chore(deps): bump golang.org/x/tools from 0.36.0 to 0.37.0 (#3836)
• b6ab3ea chore(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9 (#3835)
• f69dd3d chore(deps-dev): bump @​apollo/client from 4.0.4 to 4.0.5 in /integration (#3837)
• 74c0dc9 I somehow broke coverage (#3838)
• Additional commits viewable in compare view

Updates github.com/go-chi/chi/v5 from 5.2.1 to 5.2.3

Release notes

Sourced from github.com/go-chi/chi/v5's releases.

v5.2.3

What's Changed

• Add pathvalue example to README and implement PathValue handler. by @​catatsuy in go-chi/chi#985
• Allow multiple whitespace between method & pattern by @​JRaspass in go-chi/chi#1013
• Avoid potential nil dereference by @​ProjectMutilation in go-chi/chi#1008
• feat(mux): support http.Request.Pattern in Go 1.23 by @​Gusted in go-chi/chi#986
• fix/608 - Fix flaky Throttle middleware test by synchronizing token usage by @​OtavioBernardes in go-chi/chi#1016
• Optimize throttle middleware by avoiding unnecessary timer creation by @​vasayxtx in go-chi/chi#1011
• Simplify wildcard replacement in route patterns by @​srpvpn in go-chi/chi#1012
• Replace methodTypString func with reverseMethodMap by @​JRaspass in go-chi/chi#1018

New Contributors

• @​ProjectMutilation made their first contribution in go-chi/chi#1008
• @​Gusted made their first contribution in go-chi/chi#986
• @​OtavioBernardes made their first contribution in go-chi/chi#1016
• @​srpvpn made their first contribution in go-chi/chi#1012

Full Changelog: go-chi/chi@v5.2.2...v5.2.3

v5.2.2

What's Changed

• Use strings.Cut in a few places by @​JRaspass in go-chi/chi#971
• Fix non-constant format strings in t.Fatalf by @​JRaspass in go-chi/chi#972
• Apply fieldalignment fixes to optimize struct memory layout by @​pixel365 in go-chi/chi#974
• go 1.24 by @​pkieltyka in go-chi/chi#977
• chore: delint ioutil usage by @​costela in go-chi/chi#962
• Fixed typo in Router interface definition by @​mithileshgupta12 in go-chi/chi#958
• Add support for TinyGo by @​efraimbart in go-chi/chi#978
• Exclude middleware/profiler.go in TinyGo, as there's no net/http/pprof pkg by @​cxjava in go-chi/chi#982
• Make use of strings.Cut by @​scop in go-chi/chi#1005
• Change install command format to code block by @​sglkc in go-chi/chi#1001
• Correct documentation by @​mrdomino in go-chi/chi#992

Security fix

• Fixes GHSA-vrw8-fxc6-2r93 - "Host Header Injection Leads to Open Redirect in RedirectSlashes" commit
  • a lower-severity Open Redirect that can't be exploited in browser or email client, as it requires manipulation of a Host header
  • reported by Anuraag Baishya, @​anuraagbaishya. Thank you!

New Contributors

• @​pixel365 made their first contribution in go-chi/chi#974
• @​mithileshgupta12 made their first contribution in go-chi/chi#958
• @​efraimbart made their first contribution in go-chi/chi#978
• @​cxjava made their first contribution in go-chi/chi#982
• @​sglkc made their first contribution in go-chi/chi#1001
• @​mrdomino made their first contribution in go-chi/chi#992

Full Changelog: go-chi/chi@v5.2.1...v5.2.2

Commits

• 9b9fb55 Replace methodTypString func with reverseMethodMap (#1018)
• 0265fcd refactor: iterative wildcard collapsing and add test for consecutive wildcard...
• cf537d4 Optimize throttle middleware by avoiding unnecessary timer creation (#1011)
• 9040e95 fix/608 - Fix flaky Throttle middleware test by synchronizing token usage (#1...
• d12cc49 feat(mux): support http.Request.Pattern in Go 1.23 (#986)
• 1c2d011 Avoid potential nil dereference (#1008)
• 7859137 Allow multiple whitespace between method & pattern (#1013)
• 80d8da2 Add pathvalue example to README and implement PathValue handler. (#985)
• 23c395f Correct documentation (#992)
• 5516d14 docs: change install code to code block (#1001)
• Additional commits viewable in compare view

Updates github.com/olahol/melody from 1.2.1 to 1.3.0

Changelog

Sourced from github.com/olahol/melody's changelog.

2025-06-08 (v1.3.0)

• Refactor and simplify hub by @​TheSven73 (PR-98).

2022-09-12 (v1.1.0)

• Create Go module.
• Update examples.
• Fix concurrent panic (PR-65).
• Add Sessions to get all sessions (PR-53).
• Add LocalAddr and RemoteAddr (PR-55).

2017-05-18

• Fix HandleSentMessageBinary.

2017-04-11

• Allow any origin by default.
• Add BroadcastMultiple.

2017-04-09

• Add control message support.
• Add IsClosed to Session.

2017-02-10

• Return errors for some exposed methods.
• Add HandleRequestWithKeys.
• Add HandleSentMessage and HandleSentMessageBinary.

2017-01-20

• Add Len() to fetch number of connected sessions.

2016-12-09

• Add metadata management for sessions.

2016-05-09

• Add method HandlePong to melody instance.

2015-10-07

• Add broadcast methods for binary messages.

2015-09-03

... (truncated)

Commits

• 3ea5efd Update changelog.
• 592352f Merge pull request #98 from TheSven73/simplify-hub
• a33e664 Simplify Session's RWMutex
• 4f7d97a Simplify hub
• 6bf8615 Update gophers example
• ca3b7af Fix multichat example
• See full diff in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

• Backport #1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @​brackendawson in stretchr/testify#1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

• Call stack perf change for CallerInfo by @​mikeauclair in stretchr/testify#1614
• Lazily render mock diff output on successful match by @​mikeauclair in stretchr/testify#1615
• assert: check early in Eventually, EventuallyWithT, and Never by @​cszczepaniak in stretchr/testify#1427
• assert: add IsNotType by @​bartventer in stretchr/testify#1730
• assert.JSONEq: shortcut if same strings by @​dolmen in stretchr/testify#1754
• assert.YAMLEq: shortcut if same strings by @​dolmen in stretchr/testify#1755
• assert: faster and simpler isEmpty using reflect.Value.IsZero by @​dolmen in stretchr/testify#1761
• suite: faster methods filtering (internal refactor) by @​dolmen in stretchr/testify#1758

Fixes

• assert.ErrorAs: log target type by @​craig65535 in stretchr/testify#1345
• Fix failure message formatting for Positive and Negative asserts in stretchr/testify#1062
• Improve ErrorIs message when error is nil but an error was expected by @​tsioftas in stretchr/testify#1681
• fix Subset/NotSubset when calling with mixed input types by @​siliconbrain in stretchr/testify#1729
• Improve ErrorAs failure message when error is nil by @​ccoVeille in stretchr/testify#1734
• mock.AssertNumberOfCalls: improve error msg by @​3scalation in stretchr/testify#1743

Documentation, Build & CI

• docs: Fix typo in README by @​alexandear in stretchr/testify#1688
• Replace deprecated io/ioutil with io and os by @​alexandear in stretchr/testify#1684
• Document consequences of calling t.FailNow() by @​greg0ire in stretchr/testify#1710
• chore: update docs for Unset #1621 by @​techfg in stretchr/testify#1709
• README: apply gofmt to examples by @​alexandear in stretchr/testify#1687
• refactor: use %q and %T to simplify fmt.Sprintf by @​alexandear in stretchr/testify#1674
• Propose Christophe Colombier (ccoVeille) as approver by @​brackendawson in stretchr/testify#1716
• Update documentation for the Error function in assert or require package by @​architagr in stretchr/testify#1675
• assert: remove deprecated build constraints by @​alexandear in stretchr/testify#1671
• assert: apply gofumpt to internal test suite by @​ccoVeille in stretchr/testify#1739
• CI: fix shebang in .ci.*.sh scripts by @​dolmen in stretchr/testify#1746
• assert,require: enable parallel testing on (almost) all top tests by @​dolmen in stretchr/testify#1747
• suite.Passed: add one more status test report by @​Ararsa-Derese in stretchr/testify#1706
• Add Helper() method in internal mocks and assert.CollectT by @​dolmen in stretchr/testify#1423
• assert.Same/NotSame: improve usage of Sprintf by @​ccoVeille in stretchr/testify#1742
• mock: enable parallel testing on internal testsuite by @​dolmen in stretchr/testify#1756
• suite: cleanup use of 'testing' internals at runtime by @​dolmen in stretchr/testify#1751
• assert: check test failure message for Empty and NotEmpty by @​ccoVeille in stretchr/testify#1745

... (truncated)

Commits

• 2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
• af8c912 Backport #1786 to release/1.11
• b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
• 69831f3 build(deps): bump actions/checkout from 4 to 5
• a53be35 Improve captureTestingT helper
• aafb604 mock: improve formatting of error message
• 7218e03 improve error msg
• 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
• bc7459e suite: faster filtering of methods (-testify.m)
• 7d37b5c suite: refactor methodFilter
• Additional commits viewable in compare view

Updates github.com/vektah/gqlparser/v2 from 2.5.19 to 2.5.30

Release notes

Sourced from github.com/vektah/gqlparser/v2's releases.

v2.5.30

What's Changed

• BREAKING: Fix AddRule and ReplaceRule methods behavior and add documentation by @​tomoikey in vektah/gqlparser#381
• Ensure Validation Rule order is deterministic by @​StevenACoffman in vektah/gqlparser#383

Full Changelog: vektah/gqlparser@v2.5.29...v2.5.30

v2.5.29

What's Changed

• Refactoring: not to use global rule sets (part 1) by @​tomoikey in vektah/gqlparser#379
• Refactoring: not to use global rule sets (part 2) by @​tomoikey in vektah/gqlparser#380
• Bump prettier from 3.5.3 to 3.6.0 in /validator/imported in the actions-deps group by @​dependabot in vektah/gqlparser#377
• Bump brace-expansion from 1.1.11 to 1.1.12 in /validator/imported by @​dependabot in vektah/gqlparser#378

Full Changelog: vektah/gqlparser@v2.5.28...v2.5.29

v2.5.28

What's Changed

• fix: ErrorPosf() handle nil Position input by @​robmyersrobmyers in vektah/gqlparser#376
• Fix formatter when schema uses a mix of custom and default root opera… by @​ascherkus in vektah/gqlparser#374
• Bump the actions-deps group in /validator/imported with 2 updates by @​dependabot in vektah/gqlparser#372
• Bump @​babel/core from 7.27.1 to 7.27.4 in /validator/imported in the actions-deps group by @​dependabot in vektah/gqlparser#373

New Contributors

• @​ascherkus made their first contribution in vektah/gqlparser#374

Full Changelog: vektah/gqlparser@v2.5.27...v2.5.28

v2.5.27

What's Changed

• Change parser limit error to be gqlerror by @​StevenACoffman in vektah/gqlparser#371
• Bump golangci/golangci-lint-action from 7.0.0 to 8.0.0 in the actions-deps group by @​dependabot in vektah/gqlparser#370
• Bump the actions-deps group in /validator/imported with 6 updates by @​dependabot in vektah/gqlparser#369

Full Changelog: vektah/gqlparser@v2.5.26...v2.5.27

v2.5.26

What's Changed

• Fix loosing schema directives in FormatSchema() when schema definition only contains default operation types and gets optimized out by @​lorf in vektah/gqlparser#366
• Add column information to errors string output by @​robmyersrobmyers in vektah/gqlparser#368

Full Changelog: vektah/gqlparser@v2.5.25...v2.5.26

v2.5.25

What's Changed

• Fix formatting schema and schema extensions directives in FormatSchema() and FormatSchemaDocument() by @​lorf in vektah/gqlparser#365
• change: no longer include Position information when marshaling to JSON by @​robmyersrobmyers in vektah/gqlparser#364

New Contributors

... (truncated)

Commits

• f638740 Ensure Validation order is deterministic (#383)
• 46a464d BREAKING: Fix AddRule and ReplaceRule methods behavior and add documentat...
• 22fa045 Refactoring: not to use global rule sets (part 2) (#380)
• 8fe841e Refactoring: not to use global rule sets (part 1) (#379)
• 9e14766 Bump brace-expansion from 1.1.11 to 1.1.12 in /validator/imported (#378)
• a954d8d Bump prettier in /validator/imported in the actions-deps group (#377)
• 895262c Fix formatter when schema uses a mix of custom and default root operation typ...
• eadea45 fix: ErrorPosf() handle nil Position input (#376)
• f7a3835 Bump @​babel/core in /validator/imported in the actions-deps group (#373)
• 7defefa Bump the actions-deps group in /validator/imported with 2 updates (#372)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions