chore(deps): bump the minor-and-patch group with 8 updates

[dependabot]

Bumps the minor-and-patch group with 8 updates:

Package	From	To
github.com/fatih/color	1.18.0	1.19.0
github.com/fsnotify/fsnotify	1.9.0	1.10.1
github.com/go-pkgz/lgr	0.12.1	0.12.3
github.com/go-pkgz/rest	1.20.6	1.21.0
github.com/lib/pq	1.10.9	1.12.3
github.com/playwright-community/playwright-go	0.5200.1	0.5700.1
github.com/yuin/gopher-lua	1.1.1	1.1.2
google.golang.org/genai	1.52.1	1.57.0

Updates github.com/fatih/color from 1.18.0 to 1.19.0

Release notes

Sourced from github.com/fatih/color's releases.

v1.19.0

What's Changed

• Bump golang.org/x/sys from 0.25.0 to 0.28.0 by @​dependabot[bot] in fatih/color#246
• Fix for issue #230 set/unsetwriter symmetric wrt color support detection by @​ataypamart in fatih/color#243
• chore: go mod cleanup by @​sashamelentyev in fatih/color#244
• Bump golang.org/x/sys from 0.28.0 to 0.30.0 by @​dependabot[bot] in fatih/color#249
• Bump github.com/mattn/go-colorable from 0.1.13 to 0.1.14 by @​dependabot[bot] in fatih/color#248
• Update CI and go deps by @​fatih in fatih/color#254
• Bump golang.org/x/sys from 0.31.0 to 0.37.0 by @​dependabot[bot] in fatih/color#268
• fix: include escape codes in byte counts from Fprint, Fprintf by @​qualidafial in fatih/color#282
• Bump golang.org/x/sys from 0.37.0 to 0.40.0 by @​dependabot[bot] in fatih/color#277
• fix: add nil check for os.Stdout to prevent panic on Windows services by @​majiayu000 in fatih/color#275
• Bump dominikh/staticcheck-action from 1.3.1 to 1.4.0 by @​dependabot[bot] in fatih/color#259
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in fatih/color#273
• Optimize Color.Equals performance (O(n²) → O(n)) by @​UnSubble in fatih/color#269
• Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in fatih/color#266

New Contributors

• @​ataypamart made their first contribution in fatih/color#243
• @​sashamelentyev made their first contribution in fatih/color#244
• @​qualidafial made their first contribution in fatih/color#282
• @​majiayu000 made their first contribution in fatih/color#275
• @​UnSubble made their first contribution in fatih/color#269

Full Changelog: fatih/color@v1.18.0...v1.19.0

Commits

• ca25f6e Merge pull request #266 from fatih/dependabot/github_actions/actions/setup-go-6
• 1205984 Bump actions/setup-go from 5 to 6
• 5715c20 Merge pull request #269 from UnSubble/main
• 2f6e200 Merge branch 'main' into main
• f72ec94 Merge pull request #273 from fatih/dependabot/github_actions/actions/checkout-6
• 848e633 Merge branch 'main' into main
• 4c2cd34 Add tests
• 7f812f0 Bump actions/checkout from 4 to 6
• b7fc9f9 Merge pull request #259 from fatih/dependabot/github_actions/dominikh/staticc...
• 239a88f Bump dominikh/staticcheck-action from 1.3.1 to 1.4.0
• Additional commits viewable in compare view

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits

• 76b01a6 Release 1.10.1
• fec150b Update changelog
• 162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
• 224257f inotify: don't remove sibling watches sharing a path prefix (#754)
• e0c956c windows: document directory Write events and stabilize tests (#745)
• 8d01d7b Release 1.10.0
• 602284e Update changelog
• 7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
• dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
• eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
• Additional commits viewable in compare view

Updates github.com/go-pkgz/lgr from 0.12.1 to 0.12.3

Release notes

Sourced from github.com/go-pkgz/lgr's releases.

Version 0.12.3

Bug Fixes

• Fix ToSlogHandler duplicating time and level in output #30 @​umputun

Version 0.12.2

Bug Fixes

• Fix FromSlogHandler ignoring AddSource option #28 @​paskal
• Fix CI workflow: checkout before setup-go for proper caching #27 @​paskal

Commits

• ecca49c Fix ToSlogHandler duplicating time and level in output, closes #29
• a780ed2 Merge pull request #28 from go-pkgz/fix-from-slog-handler-add-source
• 374a0c0 Fix FromSlogHandler ignoring AddSource option, closes #26
• de27555 Fix CI workflow: checkout before setup-go for proper caching (#27)
• See full diff in compare view

Updates github.com/go-pkgz/rest from 1.20.6 to 1.21.0

Release notes

Sourced from github.com/go-pkgz/rest's releases.

Version 1.21.0

• #43 Add security middlewares: Secure, CORS, CSRF, CleanPath, StripSlashes

Version 1.20.7

• #42 Add HEAD method support to Ping middleware

Commits

• 4e8fe40 docs: add documentation for new middlewares
• 090feef feat(rewrite): add CleanPath and StripSlashes middlewares
• f884b91 feat(csrf): add CSRF protection middleware
• 4bc2958 feat(cors): add CORS middleware
• 5916b1c feat(secure): add security headers middleware
• 321d021 improve test coverage and fix code review issues
• 0c9258a add HEAD method support to Ping middleware, modernize code
• See full diff in compare view

Updates github.com/lib/pq from 1.10.9 to 1.12.3

Release notes

Sourced from github.com/lib/pq's releases.

v1.12.3

• Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2

• Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1

• Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

• Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

v1.12.0

• The next release may change the default sslmode from require to prefer. See #1271 for details.

• CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

  // Old
  tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
  // Replacement
  tx.Prepare(copy temp (num, text, blob, nothing) from stdin)
  

Features

• Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

• Support sslmode=prefer and sslmode=allow (#1270).

• Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

• Support connection service file to load connection details (#1285).

• Support sslrootcert=system and use ~/.postgresql/root.crt as the default value of sslrootcert (#1280, #1281).

• Add a new pqerror package with PostgreSQL error codes (#1275).

  For example, to test if an error is a UNIQUE constraint violation:

  if pqErr, ok := errors.AsType[*pq.Error](https://github.com/lib/pq/blob/HEAD/err); ok && pqErr.Code == pqerror.UniqueViolation {
      log.Fatalf("email %q already exsts", email)
  }
  

  To make this a bit more convenient, it also adds a pq.As() function:

... (truncated)

Changelog

Sourced from github.com/lib/pq's changelog.

v1.12.3 (2026-04-03)

• Send datestyle startup parameter, improving compatbility with database engines that use a different default datestyle such as EnterpriseDB (#1312).

#1312: lib/pq#1312

v1.12.2 (2026-04-02)

• Treat io.ErrUnexpectedEOF as driver.ErrBadConn so database/sql discards the connection. Since v1.12.0 this could result in permanently broken connections, especially with CockroachDB which frequently sends partial messages (#1299).

#1299: lib/pq#1299

v1.12.1 (2026-03-30)

• Look for pgpass file in ~/.pgpass instead of ~/.postgresql/pgpass (#1300).

• Don't clear password if directly set on pq.Config (#1302).

#1300: lib/pq#1300 #1302: lib/pq#1302

v1.12.0 (2026-03-18)

• The next release may change the default sslmode from require to prefer. See #1271 for details.

• CopyIn() and CopyInToSchema() have been marked as deprecated. These are simple query builders and not needed for COPY [..] FROM STDIN support (which is not deprecated). (#1279)

  // Old
  tx.Prepare(CopyIn("temp", "num", "text", "blob", "nothing"))
  // Replacement
  tx.Prepare(copy temp (num, text, blob, nothing) from stdin)
  

Features

• Support protocol 3.2, and the min_protocol_version and max_protocol_version DSN parameters (#1258).

• Support sslmode=prefer and sslmode=allow (#1270).

• Support ssl_min_protocol_version and ssl_max_protocol_version (#1277).

... (truncated)

Commits

• 1f3e3d9 Send datestyle as a startup parameter (#1312)
• 32ba56b Expand tests for multiple result sets
• c2cfac1 Release v1.12.2
• 859f104 Test CockroachDB
• 12e464c Allow multiple matches and regexps in pqtest.ErrorContains()
• 6d77ced Treat io.ErrUnexpectedEOF as driver.ErrBadConn in handleError
• 71daecb Ensure transactions are closed in pqtest
• 8f44823 Set PGAPPNAME for tests
• 4af2196 Fix healthcheck
• 38a54e4 Split out testdata/init a bit
• Additional commits viewable in compare view

Updates github.com/playwright-community/playwright-go from 0.5200.1 to 0.5700.1

Release notes

Sourced from github.com/playwright-community/playwright-go's releases.

v0.5700.1

Note: v0.5700.0 renamed two types: Cookie and OptionalCookie. v0.5700.1 revert it.

What's Changed

• chore: maintain StorageState type by @​canstand in playwright-community/playwright-go#583

Full Changelog: playwright-community/playwright-go@v0.5700.0...v0.5700.1

v0.5700.0

Roll to v1.57.0 thanks to @​antiremy - thanks!

Commits

• d2aa790 chore: maintain StorageState type (#583)
• fcd06e1 chore: roll to Playwright v1.57.0 (#578)
• See full diff in compare view

Updates github.com/yuin/gopher-lua from 1.1.1 to 1.1.2

Release notes

Sourced from github.com/yuin/gopher-lua's releases.

v1.1.2

Full Changelog: yuin/gopher-lua@v1.1.1...v1.1.2

Commits

• b87eac2 chore: update test workflow
• b59f85c docs: convert README from rst to md
• 66d0cb7 chore: bump go version
• ed5db76 Merge pull request #525 from BrightLocal/master
• 0d1d551 Merge pull request #523 from tul/disable_loadnil_merge
• 4911e39 PS-3239: error on too complex regex pattern (#1)
• b3dcd3f disable LOADNIL code generation optimisation
• ccacf66 Merge pull request #483 from serprex/gluabit32
• 48fb8d7 Merge pull request #488 from Root-lee/fix-README-format-error
• d1cb61e Merge pull request #497 from warjiang/fix/typo-error
• Additional commits viewable in compare view

Updates google.golang.org/genai from 1.52.1 to 1.57.0

Release notes

Sourced from google.golang.org/genai's releases.

v1.57.0

1.57.0 (2026-05-12)

Features

• Expose Test and Server of the Replay API Client for the cross module usage in the AgentPlatform module. (27b142d)
• support Blocking FunctionCall in Live API in AgentPlatform (Vertex) (e5e653c)
• support speech to speech translation in Gemini Live (621b55d)

Bug Fixes

• Fix version redaction logic in the replay API client. (af4c931)

v1.56.0

1.56.0 (2026-05-04)

Features

• [Python] Multimodal file search (c32ae6e)
• Multimodal file search (989d064)

Bug Fixes

• Simplify generated Go URL path formatting when VertexAI and MLDev URLs are identical. (d90a592), closes #761

v1.55.0

1.55.0 (2026-04-29)

Features

• Add output_info to BatchJob (9ec7d3b)
• Add ImageResizeMode for GenerateVideos (8fc27f4)
• Add InternalApplyConverterToSliceWithRoot to the common utilities. (7aaf1eb)
• Add Vertex Dataset input and output options for batch jobs (73ee07c)
• introduce BackendEnterprise and GOOGLE_GENAI_USE_ENTERPRISE env var (1181fe0)

v1.54.0

1.54.0 (2026-04-13)

Features

• Add "eu" as a supported service location for Vertex AI platform. (9245aba)
• Add Live Avatar new fields (2ae252c)
• Add webhook_config to batches.create() and models.generate_videos() (4790027)

... (truncated)

Changelog

Sourced from google.golang.org/genai's changelog.

1.57.0 (2026-05-12)

Features

• Expose Test and Server of the Replay API Client for the cross module usage in the AgentPlatform module. (27b142d)
• support Blocking FunctionCall in Live API in AgentPlatform (Vertex) (e5e653c)
• support speech to speech translation in Gemini Live (621b55d)

Bug Fixes

• Fix version redaction logic in the replay API client. (af4c931)

1.56.0 (2026-05-04)

Features

• [Python] Multimodal file search (c32ae6e)
• Multimodal file search (989d064)

Bug Fixes

• Simplify generated Go URL path formatting when VertexAI and MLDev URLs are identical. (d90a592), closes #761

1.55.0 (2026-04-29)

Features

• Add output_info to BatchJob (9ec7d3b)
• Add ImageResizeMode for GenerateVideos (8fc27f4)
• Add InternalApplyConverterToSliceWithRoot to the common utilities. (7aaf1eb)
• Add Vertex Dataset input and output options for batch jobs (73ee07c)
• introduce BackendEnterprise and GOOGLE_GENAI_USE_ENTERPRISE env var (1181fe0)

1.54.0 (2026-04-13)

Features

• Add "eu" as a supported service location for Vertex AI platform. (9245aba)
• Add Live Avatar new fields (2ae252c)
• Add webhook_config to batches.create() and models.generate_videos() (4790027)

1.53.0 (2026-04-08)

... (truncated)

Commits

• c02ba4f chore(main): release 1.57.0 (#784)
• af4c931 fix: Fix version redaction logic in the replay API client.
• 621b55d feat: support speech to speech translation in Gemini Live
• 27b142d feat: Expose Test and Server of the Replay API Client for the cross module us...
• aec9d38 chore: update error messages to clarify which APIs support a feature.
• e5e653c feat: support Blocking FunctionCall in Live API in AgentPlatform (Vertex)
• 1ca15ba chore: Handle vertex-genai-modules user-agent header for the AgentPlatform SDK.
• afcab1d chore: Expose the Replay API client as an internal component only for the Age...
• ca5475d chore(main): release 1.56.0 (#776)
• 989d064 feat: Multimodal file search
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions