Skip to content

build: (deps): bump sqlite3 from 2.9.4 to 3.3.4#2393

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pub/sqlite3-3.3.4
Closed

build: (deps): bump sqlite3 from 2.9.4 to 3.3.4#2393
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pub/sqlite3-3.3.4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps sqlite3 from 2.9.4 to 3.3.4.

Release notes

Sourced from sqlite3's releases.

sqlite3-3.3.4

  • Build hook: Fix assets being re-downloaded too often.

Full Changelog: simolus3/sqlite3.dart@sqlite3-3.3.3...sqlite3-3.3.4

sqlite3-3.3.3

  • Restore support for SQLCipher (thanks to @​davidmartos96!).
  • Fix crash when loading IndexedDB databases with blocks past the file length (#380).
  • Don't uninstall update hooks when closing databases if no update hooks were installed by this package.

sqlite3-3.3.2

  • Support package:native_toolchain_c versions 0.18.x and 0.19.x.
  • Support hooks versions 2.x.
  • Upgrade to SQLite version 3.53.1.
  • Allow disabling BigInt support via -Dsqlite3.dartbigints=false, which can be used to reduce code size on the web if nothing else uses BigInt values.

sqlite3-3.3.1

  • Avoid memory leaks when tempDirectory is set multiple times.
  • Update to SQLite 3.53.0 and SQLite3 Multiple Ciphers version 2.3.3.

sqlite3-3.3.0

  • Web: Add WasmModuleLoader API to customize how WebAssembly modules are loaded.
  • Hook: Improve error message for failing downloads.

sqlite3-3.2.0

  • Add package:sqlite3/unstable/ffi_bindings.dart providing low-level access to generated libsqlite3 bindings.
  • Add PreparedStatement.leak to transfer ownership of a prepared statement into native code.
  • Add Database.statementFromPointer, which can be used to access a statement prepared in native code from Dart.

sqlite3-3.1.7

  • Update to sqlite version 3.52.0.

sqlite3-3.1.6

Note: These assets are for version 3.1.6 of the sqlite3 package. If you're on version 2, use these releases instead.

  • Expose the address of sqlite3_close_v2 as static field on Sqlite3 class.
  • Allow wrapping databases without closing them with the borrowed parameter on Sqlite3.fromPointer.
  • Add Database.leak(), which extracts a sqlite3* pointer and disables finalizers.

sqlite3-3.1.5

Note: These assets are for version 3.1.4 of the sqlite3 package. If you're on version 2 (you are if you're using drift, use these releases instead).

  • Build hook: Ensure we use consistent filenames to fix issues on Apple platforms.

sqlite3-3.1.4

Note: These assets are for version 3.1.4 of the sqlite3 package. If you're on version 2 (you are if you're using drift, use these releases instead).

  • Build hook: Fix paths not resolving on Windows when building from source.

sqlite3-3.1.3

... (truncated)

Commits
  • 4a752b1 Hook: Fix existing assets being re-downloaded
  • bb4b8cf Bump zizmorcore/zizmor-action
  • 465fd1b Update GH actions dependencies
  • 6186376 Expose sqlite3_web types
  • 56a56d7 Update Android build in example app
  • aa46413 Prepare 3.3.3 release
  • 97268a5 Don't remove hooks if not installed
  • 4d492e0 Ignore IndexedDB blocks past the file length
  • 891f51c Acquire navigator lock before feature detection
  • 4e224c2 Update to SQLite 3.53.2
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Assignees

The following users could not be added as assignees: famedly/frontend. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added dart Pull requests that update dart code dependencies Pull requests that update a dependency file labels Jul 1, 2026
@cursor

cursor Bot commented Jul 1, 2026

Copy link
Copy Markdown

PR Summary

Medium Risk
Major-version bump on the local SQLite stack can affect native builds, web WASM loading, and runtime DB behavior even though no SDK code changed in the diff.

Overview
Updates the direct sqlite3 dependency in pubspec.yaml from the 2.x line to ^3.3.4, a major semver jump for the Dart SQLite bindings used alongside sqflite_common.

This pulls in upstream changes from sqlite3 3.x (newer embedded SQLite, build-hook/native asset behavior, web and SQLCipher-related fixes, and additional low-level APIs) without any application code changes in this PR—only the version constraint is updated.

Reviewed by Cursor Bugbot for commit 10b8a80. Bugbot is set up for automated code reviews on this repo. Configure here.

Bumps [sqlite3](https://github.com/simolus3/sqlite3.dart) from 2.9.4 to 3.3.4.
- [Release notes](https://github.com/simolus3/sqlite3.dart/releases)
- [Commits](simolus3/sqlite3.dart@sqlite3-2.9.4...sqlite3-3.3.4)

---
updated-dependencies:
- dependency-name: sqlite3
  dependency-version: 3.3.4
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/pub/sqlite3-3.3.4 branch from d805045 to 10b8a80 Compare July 3, 2026 05:58
@td-famedly td-famedly closed this Jul 7, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/pub/sqlite3-3.3.4 branch July 7, 2026 13:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dart Pull requests that update dart code dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant