rm-hull / gps-routes-api

36%

LAST BUILD ON BRANCH main

branch: main

CHANGE BRANCH

x

Reset

• main
• bugfix/empty-facets
• bugfix/harden-auth-middleware
• bugfix/nearest-order-by
• bugfix/remove-bad-images
• chore/add-tests
• chore/go-1.25
• chore/multi-arch-docker-image
• chore/remove-mongo
• chore/update-deps
• dependabot/docker/golang-1.26-alpine
• dependabot/github_actions/actions/cache-5
• dependabot/github_actions/actions/checkout-5
• dependabot/github_actions/actions/checkout-6
• dependabot/github_actions/actions/setup-go-6
• dependabot/github_actions/actions/setup-node-5
• dependabot/github_actions/actions/setup-node-6
• dependabot/github_actions/actions/setup-python-6
• dependabot/github_actions/actions/upload-artifact-4
• dependabot/github_actions/actions/upload-artifact-5
• dependabot/github_actions/actions/upload-artifact-6
• dependabot/github_actions/docker/build-push-action-7
• dependabot/github_actions/docker/login-action-4
• dependabot/github_actions/docker/metadata-action-6
• dependabot/github_actions/docker/setup-buildx-action-4
• dependabot/github_actions/golangci/golangci-lint-action-7
• dependabot/github_actions/golangci/golangci-lint-action-8
• dependabot/github_actions/golangci/golangci-lint-action-9
• dependabot/github_actions/mikepenz/action-junit-report-6
• dependabot/go_modules/github.com/Depado/ginprom-1.8.2
• dependabot/go_modules/github.com/Depado/ginprom-1.8.3
• dependabot/go_modules/github.com/JGLTechnologies/gin-rate-limit-1.5.6
• dependabot/go_modules/github.com/JGLTechnologies/gin-rate-limit-1.5.8
• dependabot/go_modules/github.com/gin-contrib/cors-1.7.4
• dependabot/go_modules/github.com/gin-contrib/cors-1.7.5
• dependabot/go_modules/github.com/gin-contrib/cors-1.7.6
• dependabot/go_modules/github.com/gin-contrib/cors-1.7.7
• dependabot/go_modules/github.com/gin-contrib/size-1.0.2
• dependabot/go_modules/github.com/gin-gonic/gin-1.10.1
• dependabot/go_modules/github.com/gin-gonic/gin-1.12.0
• dependabot/go_modules/github.com/golang-migrate/migrate/v4-4.18.2
• dependabot/go_modules/github.com/golang-migrate/migrate/v4-4.18.3
• dependabot/go_modules/github.com/golang-migrate/migrate/v4-4.19.0
• dependabot/go_modules/github.com/golang-migrate/migrate/v4-4.19.1
• dependabot/go_modules/github.com/ikeikeikeike/go-sitemap-generator-2.0.1incompatible
• dependabot/go_modules/github.com/jackc/pgx/v5-5.7.4
• dependabot/go_modules/github.com/jackc/pgx/v5-5.7.5
• dependabot/go_modules/github.com/jackc/pgx/v5-5.7.6
• dependabot/go_modules/github.com/jackc/pgx/v5-5.8.0
• dependabot/go_modules/github.com/jackc/pgx/v5-5.9.2
• dependabot/go_modules/github.com/lib/pq-1.11.0
• dependabot/go_modules/github.com/lib/pq-1.11.1
• dependabot/go_modules/github.com/lib/pq-1.11.2
• dependabot/go_modules/github.com/lib/pq-1.12.0
• dependabot/go_modules/github.com/lib/pq-1.12.1
• dependabot/go_modules/github.com/lib/pq-1.12.2
• dependabot/go_modules/github.com/lib/pq-1.12.3
• dependabot/go_modules/github.com/rm-hull/godx-0.0.10
• dependabot/go_modules/github.com/rm-hull/godx-0.0.3
• dependabot/go_modules/github.com/rm-hull/godx-0.0.4
• dependabot/go_modules/github.com/rm-hull/godx-0.0.5
• dependabot/go_modules/github.com/rm-hull/godx-0.0.6
• dependabot/go_modules/github.com/rm-hull/godx-0.0.7
• dependabot/go_modules/github.com/rm-hull/godx-0.0.8
• dependabot/go_modules/github.com/rm-hull/godx-0.1.0
• dependabot/go_modules/github.com/rm-hull/godx-0.2.0
• dependabot/go_modules/github.com/rm-hull/godx-0.2.1
• dependabot/go_modules/github.com/schollz/progressbar/v3-3.19.0
• dependabot/go_modules/github.com/spf13/cobra-1.10.1
• dependabot/go_modules/github.com/spf13/cobra-1.10.2
• dependabot/go_modules/github.com/spf13/cobra-1.9.1
• dependabot/go_modules/github.com/stretchr/testify-1.11.0
• dependabot/go_modules/github.com/stretchr/testify-1.11.1
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.1
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.10
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.11
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.12
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.13
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.14
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.15
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.2
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.3
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.4
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.5
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.6
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.7
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.8
• dependabot/go_modules/github.com/tavsec/gin-healthcheck-1.7.9
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.36.0
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.37.0
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.38.0
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.39.0
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.40.0
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.41.0
• dependabot/go_modules/github.com/testcontainers/testcontainers-go-0.42.0
• dependabot/go_modules/go.eigsys.de/gin-cachecontrol/v2-2.3.0
• dependabot/go_modules/go.eigsys.de/gin-cachecontrol/v2-2.4.0
• dependabot/go_modules/go.mongodb.org/mongo-driver-1.17.2
• dependabot/go_modules/go.mongodb.org/mongo-driver-1.17.3
• feat/add-tests
• feat/auth-middleware
• feat/docker-multi-arch
• feat/enriched-nearby-suggestions
• feat/extra-facets
• feat/generate-sitemap
• feat/git-tagging
• feat/issue-120/phase-4-query-layer-refactoring
• feat/json-logging
• feat/llama-regen
• feat/llama.cpp-augmentation
• feat/mcp-tools
• feat/nearby
• feat/no-limits
• feat/prealloc-storage
• feat/ref-data
• feat/restructure-docker-compose
• feat/skip-facets
• feat/truncate
• v0.1.0
• v0.1.3
• v0.2.0

Build # 24662381479

Build Type

push

github

Committed by web-flow

Commit Message

Bump github.com/jackc/pgx/v5 from 5.9.1 to 5.9.2 (#122)

Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.9.1
to 5.9.2.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jackc/pgx/blob/master/CHANGELOG.md">github.com/jackc/pgx/v5's
changelog</a>.</em></p>
<blockquote>
<h1>5.9.2 (April 18, 2026)</h1>
<p>Fix SQL Injection via placeholder confusion with dollar quoted string
literals (GHSA-j88v-2chj-qfwx)</p>
<p>SQL injection can occur when:</p>
<ol>
<li>The non-default simple protocol is used.</li>
<li>A dollar quoted string literal is used in the SQL query.</li>
<li>That query contains text that would be would be interpreted outside
as a placeholder outside of a string literal.</li>
<li>The value of that placeholder is controllable by the attacker.</li>
</ol>
<p>e.g.</p>
<pre lang="go"><code>attackValue := `$tag$; drop table canary; --`
_, err = tx.Exec(ctx, `select $tag$ $1 $tag$, $1`,
pgx.QueryExecModeSimpleProtocol, attackValue)
</code></pre>
<p>This is unlikely to occur outside of a contrived scenario.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jackc/pgx/commit/0aeabbcf1"><code>0aeabbc</code></a>
Release v5.9.2</li>
<li><a
href="https://github.com/jackc/pgx/commit/60644f849"><code>60644f8</code></a>
Fix SQL sanitizer bugs with dollar-quoted strings and placeholder
overflow</li>
<li><a
href="https://github.com/jackc/pgx/commit/a5680bc94"><code>a5680bc</code></a>
Merge pull request <a
href="https://redirect.github.com/jackc/pgx/issues/2531">#2531</a> from
dolmen-go/godoc-add-links</li>
<li><a
href="https://github.com/jackc/pgx/commit/e34e45240"><code>e34e452</code></a>
doc: Add godoc links</li>
<li><a
href="https://github.com/jackc/pgx/commit/08c9bb1f0"><code>08c9bb1</code></a>
Fix St... (continued)

Coverage Stats

687 of 1896 relevant lines covered (36.23%)

0.39 hits per line