Skip to content

chore(deps): bump dependencies#500

Merged
ericfitz merged 1 commit into
mainfrom
chore/bump-deps-20260627-111319
Jun 27, 2026
Merged

chore(deps): bump dependencies#500
ericfitz merged 1 commit into
mainfrom
chore/bump-deps-20260627-111319

Conversation

@ericfitz

Copy link
Copy Markdown
Owner

Automated dependency bump (Go + Node ecosystems scanned).

Go

  • github.com/oracle/oci-go-sdk/v65 v65.118.0 → v65.118.1 (patch)
  • gorm.io/gorm v1.31.1 → v1.31.2 (patch)

Security

None. govulncheck ./... clean; pnpm audit reports 0 vulnerabilities.

Oracle compatibility (oracle-db-admin review)

APPROVED WITH NOTES for the gorm bump. v1.31.2 is a bug-fix patch; its only SQL-generation change is on the NamedExpr (named-parameter) path, which TMI does not use. Cursor-close hardening (defer rows.Close()) is a net positive on Oracle ADB (reduces ORA-01000 risk). Ops note: AutoMigrate may emit column ALTERs slightly more eagerly due to a sticky AlterColumn fix — watch the next ADB AutoMigrate run.

Validation

  • make build-server
  • make lint ✓ (0 issues)
  • make test-unit ✓ (1096 passed, 0 failed)

Deferred to needs-plan

  • @redocly/cli 2.33.2 → 2.35.1 (minor, dev tooling): local pnpm is 11.x but the repo pins packageManager: pnpm@10.12.1. Bumping with local pnpm 11 would rewrite pnpm-lock.yaml in a different lockfile-format major. Should be bumped via corepack pnpm@10.12.1.

🤖 Generated with Claude Code

Go:
- github.com/oracle/oci-go-sdk/v65 v65.118.0 -> v65.118.1 (patch)
- gorm.io/gorm v1.31.1 -> v1.31.2 (patch)

Security fixes: none (govulncheck clean, pnpm audit 0 vulnerabilities).

Oracle review (oracle-db-admin): APPROVED WITH NOTES for the gorm bump.
v1.31.2 is a bug-fix patch; its only SQL-generation change is on the
NamedExpr path, which TMI does not use. Cursor-close hardening is a net
positive on Oracle ADB. Ops note: AutoMigrate may emit column ALTERs
slightly more eagerly (sticky AlterColumn fix) — watch the next ADB
AutoMigrate run.

Deferred to needs-plan:
- @redocly/cli 2.33.2 -> 2.35.1 (minor): local pnpm is 11.x but the repo
  pins packageManager pnpm@10.12.1; bump it via corepack pnpm@10.12.1 to
  avoid rewriting pnpm-lock.yaml in a different lockfile-format major.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MALfzW2R3g2UJqpBhZbUUD
@ericfitz ericfitz merged commit 7489031 into main Jun 27, 2026
7 checks passed
@ericfitz ericfitz deleted the chore/bump-deps-20260627-111319 branch June 27, 2026 15:25
ericfitz added a commit that referenced this pull request Jun 27, 2026
Go:
- github.com/oracle/oci-go-sdk/v65 v65.118.0 -> v65.118.1 (patch)
- gorm.io/gorm v1.31.1 -> v1.31.2 (patch)

Security fixes: none (govulncheck clean, pnpm audit 0 vulnerabilities).

Oracle review: the gorm v1.31.1 -> v1.31.2 transition was reviewed by
oracle-db-admin (APPROVED WITH NOTES) earlier this session on the main
bump (#500); the same review applies. Bug-fix patch, no upsert/naming/
locking changes; cursor-close hardening is a net positive on Oracle ADB.

Deferred to needs-plan:
- github.com/godror/godror v0.50.0 -> v0.51.0 (minor): Oracle DB driver
  change. Requires oracle-db-admin review + `make test-integration-oci`
  against real ADB before shipping; the oracle-db-admin subagent was not
  available this session, so the bump is held rather than shipped unreviewed.
- @redocly/cli 2.33.2 -> latest (dev tooling): local pnpm is 11.x but the
  repo pins packageManager pnpm@10.12.1; bump via corepack pnpm@10.12.1 to
  avoid rewriting pnpm-lock.yaml in a different lockfile-format major.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01MALfzW2R3g2UJqpBhZbUUD
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant