Bump the go-deps group with 3 updates by dependabot[bot] · Pull Request #390 · asciimoo/hister

dependabot · 2026-05-04T16:24:28Z

Bumps the go-deps group with 3 updates: github.com/blevesearch/bleve/v2, github.com/fsnotify/fsnotify and github.com/mattn/go-sqlite3.

Updates github.com/blevesearch/bleve/v2 from 2.5.7 to 2.6.0

Release notes

Sourced from github.com/blevesearch/bleve/v2's releases.

v2.6.0

What's Changed

MB-69881: Improved APIs and perf optimizations for vector search by @CascadingRadium in blevesearch/bleve#2270

MB-27666: Hierarchy Search by @CascadingRadium ; see docs/hierarchy.md

Remove legacy vendor folder by @CascadingRadium in blevesearch/bleve#2271

Upgrade several dependencies - roaring/v2, mmap-go etc. by @abhinavdangeti in blevesearch/bleve#2275

MB-59633: Improve performance of Geospatial Search by @CascadingRadium in blevesearch/bleve#2268

MB-70388: Add forced docvalues for geopoint fields by @Likith101 in blevesearch/bleve#2278

MB-70410: Simplify CoalesceQueue in hierarchical nested search by @CascadingRadium in blevesearch/bleve#2283

MB-61890 - Introducing config for zap layer by @Thejas-bhat in blevesearch/bleve#2066

Handle nil multiSearchParams properly for MultiSearch by @capemox in blevesearch/bleve#2286

MB-59633: Disable DocValues Chunking & Compression for Geo Fields by @Likith101 in blevesearch/bleve#2269

Improved geo spatial search accuracy by @Likith101 in blevesearch/geo#29 & blevesearch/geo#30

MB-62985: Support for Binary quantized vector indexes @Likith101 ; see docs/vectors.md

MB-62182: New merge approach that avoids re-training of vector indexes @Thejas-bhat ; see docs/fast_merge.md

MB-71041: avoid updating root.bolt with in-memory segment's data by @Thejas-bhat in blevesearch/bleve#2296

MB-65018 add custom_filter/custom_score query support with context-driven callback hooks by @maneuvertomars in blevesearch/bleve#2289 ; see docs/custom_query.md

MB-65860: Introducing support for fileIO Callbacks by @Likith101 in blevesearch/bleve#2209

(perf) pool queryStringLex to reuse bufio.Reader across query parses by @huynhanx03 in blevesearch/bleve#2300

Fix null issue when parsing search request attributes by @CascadingRadium in blevesearch/bleve#2312

MB-71375: Bolt Wrappers for File Callbacks by @Likith101 in blevesearch/bleve#2309

Absorb fixes for filtering vector search, update workflows by @abhinavdangeti in blevesearch/bleve#2314

MB-59670: GPU-Accelerated Vector Search by @CascadingRadium & @capemox ; see docs/vectors.md

MB-71383: Expose vector field stats in scorch by @capemox in blevesearch/bleve#2316

Added check for in-memory segment merge by @Likith101 in blevesearch/bleve#2319

MB-71607: Fixed data corruption in bolt by @Likith101 in blevesearch/bleve#2324

Fix metrics involving NestedDocuments by @CascadingRadium in blevesearch/bleve#2325

MB-71216, MB-71650: Implement fast merge over binary index classes by @Thejas-bhat in blevesearch/bleve#2326

Upgrade to go-faiss@v1.1.0; Fix formatting, typos, etc. in docs/ by @abhinavdangeti in blevesearch/bleve#2328

Introduced new file format - zapx@v17

Milestone: https://github.com/blevesearch/bleve/milestone/29 Full Changelog: blevesearch/bleve@v2.5.7...v2.6.0

Commits

d8f2ab9 Upgrade to go-faiss@v1.1.0; Fix formatting, typos, etc. in docs/ (#2328)
71b13fe go fmt ./... (#2327)
2a48049 MB-71216, MB-71650: Implement fast merge over binary index classes (#2326)
a9e101a Fix metrics involving NestedDocuments (#2325)
2c7269a v2.6.0 doc fixes (#2323)
e5e7e9e MB-71607: Fixed data corruption in bolt (#2324)
08e551f Updates to docs/vectors.md for v2.6.0 (#2320)
7cb486d Add a document for fast merge (#2321)
d3a4022 Added check for in-memory segment merge (#2319)
77af9c8 Update docs/vectors.md (#2318)
Additional commits viewable in compare view

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

inotify: don't remove sibling watches sharing a path prefix (#754)

inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

inotify: improve initialization error message (#731)

inotify: send Rename event if recursive watch is renamed (#696)

inotify: avoid copying event buffers when reading names (#741)

kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

windows: fix nil pointer dereference in remWatch (#736)

windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

inotify: don't remove sibling watches sharing a path prefix (#754)

inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

inotify: improve initialization error message (#731)

inotify: send Rename event if recursive watch is renamed (#696)

inotify: avoid copying event buffers when reading names (#741)

kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

windows: fix nil pointer dereference in remWatch (#736)

windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits

76b01a6 Release 1.10.1
fec150b Update changelog
162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
224257f inotify: don't remove sibling watches sharing a path prefix (#754)
e0c956c windows: document directory Write events and stabilize tests (#745)
8d01d7b Release 1.10.0
602284e Update changelog
7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
Additional commits viewable in compare view

Updates github.com/mattn/go-sqlite3 from 1.14.42 to 1.14.44

Commits

20826e8 Merge pull request #1394 from mattn/sqlite-amalgamation-3053000
2d4d220 fix changelog URL when minor or patch version is zero
3761cf7 Upgrade SQLite to version 3053000
1aa7317 Merge pull request #1388 from mattn/stmt-cache-lru
c719e20 Merge pull request #1392 from mattn/fix-issue-1390-query-comment-panic
869e516 fix panic when querying input with no SQL (only comments/whitespace)
6690238 extract finalizeCachedStmt helper and drop redundant tail reset
59e8e75 only set stmt cacheKey when cache is enabled
2badb4c use slice len/cap for stmt cache instead of separate counters
7716c20 evict LRU stmt when stmt cache is full
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the go-deps group with 3 updates: [github.com/blevesearch/bleve/v2](https://github.com/blevesearch/bleve), [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) and [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3). Updates `github.com/blevesearch/bleve/v2` from 2.5.7 to 2.6.0 - [Release notes](https://github.com/blevesearch/bleve/releases) - [Commits](blevesearch/bleve@v2.5.7...v2.6.0) Updates `github.com/fsnotify/fsnotify` from 1.9.0 to 1.10.1 - [Release notes](https://github.com/fsnotify/fsnotify/releases) - [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md) - [Commits](fsnotify/fsnotify@v1.9.0...v1.10.1) Updates `github.com/mattn/go-sqlite3` from 1.14.42 to 1.14.44 - [Release notes](https://github.com/mattn/go-sqlite3/releases) - [Commits](mattn/go-sqlite3@v1.14.42...v1.14.44) --- updated-dependencies: - dependency-name: github.com/blevesearch/bleve/v2 dependency-version: 2.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/fsnotify/fsnotify dependency-version: 1.10.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-deps - dependency-name: github.com/mattn/go-sqlite3 dependency-version: 1.14.44 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-deps ... Signed-off-by: dependabot[bot] <support@github.com>

asciimoo · 2026-05-04T17:09:49Z

Seems like no supply chain attacks are introduced.

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels May 4, 2026

asciimoo merged commit 8494463 into master May 4, 2026
6 of 7 checks passed

dependabot Bot deleted the dependabot/go_modules/go-deps-dcd2e5ec18 branch May 4, 2026 17:10

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the go-deps group with 3 updates#390

Bump the go-deps group with 3 updates#390
asciimoo merged 1 commit intomasterfrom
dependabot/go_modules/go-deps-dcd2e5ec18

dependabot Bot commented on behalf of github May 4, 2026

Uh oh!

asciimoo commented May 4, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 4, 2026

v2.6.0

What's Changed

Introduced new file format - zapx@v17

v1.10.1

Changes and fixes

v1.10.0

Changes and fixes

1.10.1 2026-05-04

Changes and fixes

1.10.0 2026-04-30

Changes and fixes

Uh oh!

asciimoo commented May 4, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant