fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
alpine	final	minor	3.20 -> 3.22
alpinejs (source)	dependencies	minor	3.11.1 -> 3.15.0
github.com/crewjam/saml	require	minor	v0.4.14 -> v0.5.1
github.com/gin-gonic/gin	require	patch	v1.10.0 -> v1.10.1
github.com/golang-jwt/jwt/v4	require	patch	v4.5.0 -> v4.5.2
go (source)	toolchain	minor	1.22.0 -> 1.25.1
golang	stage	minor	1.23-alpine3.20 -> 1.24-alpine3.20
gorm.io/gorm	require	minor	v1.25.11 -> v1.30.5
tailwindcss (source)	devDependencies	minor	3.2.4 -> 3.4.17
typescript (source)	devDependencies	patch	4.9.4 -> 4.9.5

---

Release Notes

alpinejs/alpine (alpinejs)

v3.15.0

Compare Source

Changed

• Improve CSP build #​4671
• Add Alpine.morphBetween() #​4629
• style: use let instead of var in x-model.js #​4645
• style: use let/const instead of var in debounce.js #​4644
• style: remove useless param #​4650
• feat(persist): add 'exports' field for proper ESM/CJS resolution #​4611
• Fix Chrome warning when using x-trap.inert #​4640
• Fixes license #​4647

v3.14.9

Compare Source

What's Changed

• Fix focus documentation example code by @​iamshcc in #​4496
• Add skip children to morph by @​joshhanley in #​4568

New Contributors

• @​iamshcc made their first contribution in #​4496

Full Changelog: alpinejs/alpine@v3.14.8...v3.14.9

v3.14.8

Compare Source

Fixed

• Fix x-mask triggering update requests on load #​4481

v3.14.7

Compare Source

Fixed

• Fix x-teleport by removing clone x-ignore #​4469

v3.14.6

Compare Source

Fixed

• Fix regression on x-ignore when removed #​4458

v3.14.5

Compare Source

Changed

• Optimize mutation observer to better handle move operations - ref #​4450 #​4451
• 🐛 Fixes Regression in Mutation handling #​4450

v3.14.4

Compare Source

What's Changed

• Fix deep morphdom key bug by @​calebporzio in #​4423
• Don't init trees within ignore elements (x-ignore) by @​calebporzio in #​4428
• Adjust mutation observer to be faster and still account for moving and wrapping nodes by @​calebporzio in #​4447

Full Changelog: alpinejs/alpine@v3.14.3...v3.14.4

v3.14.3

Compare Source

Changes

• Allow Flux checkbox/radio/switch custom elements to use x-model like native inputs - ref

Full Changelog: alpinejs/alpine@v3.14.2...v3.14.3

v3.14.2

Compare Source

What's Changed

• fix: memoization when injecting magic by @​AbhiShake1 in #​4276
• 🐛 Initializes Interceptors before store by @​ekwoka in #​4278
• Add resize plugin: x-resize by @​calebporzio in #​4304
• Fix typo in sort.md by @​jfr3000 in #​4296
• 🐛 Cleans up template directives memory by @​ekwoka in #​4300
• 🚧 Updates List of boolean attributes to follow spec by @​ekwoka in #​4325
• Fixed a couple of typos. by @​armandohg in #​4332
• 🐛 Cleans teleported clone by @​ekwoka in #​4328
• Remove unnecessary parentheses from bind.md example by @​danielsbird in #​4363
• 📝 Updates docs with notes for x-data usage by @​ekwoka in #​4307

New Contributors

• @​AbhiShake1 made their first contribution in #​4276
• @​jfr3000 made their first contribution in #​4296
• @​armandohg made their first contribution in #​4332
• @​danielsbird made their first contribution in #​4363

Full Changelog: alpinejs/alpine@v3.14.1...v3.14.2

v3.14.1

Compare Source

Changed

• Minor grammar correction in the for directive docs #​4266
• 🐛 Fixes issue with setters accessing deeply nested data #​4265
• [UI][Tabs] Prevent tab focus on mousedown #​4239
• [CSP] Add support for nested properties to CSP build #​4238

v3.14.0

Compare Source

Changed

• ✨ Enhances clicks with key modifiers #​4209
• Update transition.md - changed span to div #​4215
• collapse: remove overflow hidden even if height does not match perfect #​4203
• Fix error: TypeError: i is not a function #​4204
• Adjust code block according to example #​4197
• Higher visibility in docs about needing x-data for things to work #​4194

v3.13.10

Compare Source

Changed

• Comma modifier to keyup and keydown events #​4170
• Fix morphing root level state #​4169
• Fix morph when x-for is used inside x-teleport #​4168
• Fix form reset for x-model radio, checkbox arrays, select multiple and various modifiers #​4159
• Wrong plugin name in Sort docs #​4165

v3.13.9

Compare Source

Changed

• Add "sort" plugin #​4137
• Add missing plugin warnings #​4158
• Change to x-sort:item, add sorting class to body, and use x-sort:group #​4161
• Remove extra destroyTree call #​4151
• Fix x-on with both self and once #​4152
• Documentation issue: Event name in code snippet and description doesn't match in dispatch.md #​4141
• Fix some typos #​4134
• Chore: remove repetitive words #​4132

v3.13.8

Compare Source

Changed

• Cleanup after x-bind:class and other attribute modifications #​4111
• Bug: Fixes x-model.fill when used with debounce #​4103
• Remove hidden from booleanAttributes #​4099
• Fix fill modifier for radio buttons #​4101
• Add missing border to fill example #​4104
• Fixed persist crash when the stored value is undefined #​4091

v3.13.7

Compare Source

Changed

• Revert breaking mutation fix #​4084
• 🐛 Prevents Setting from registering a dependency #​4081

v3.13.6

Compare Source

Changes

• Fix __noscroll param #​4063
• Allow access to methods when class instance used for x-data #​4038
• Fix $refs being used with x-teleport #​4031
• Fix x-if and x-for double init on clone phase #​4015
• Only ever initialize an Alpine element once #​4000
• Fix context of listbox to prevent error when using wire:navigate #​4008
• Ensure $listboxOption.isSelected / $comboboxOption.isSelected works if item value is false or 0 #​4005
• Remove unused imports #​4006
• Ignore Vue markRaw() objects when evaluating interceptors 815fae3
• Remove x-intersect from clone phase e8c5992
• Support destroyTree custom walker bf36275
• Add warning for duplicate x-for keys f6e87ce

v3.13.5

Compare Source

Fixed

• 🐛 Fixes reinitializing moved elements #​3995
• Add better entangle infinite-loop protection 8001383

v3.13.4

Compare Source

What's Changed

• Improve combobox performance by @​calebporzio in #​3898
• [Docs] Add range type to x-model inputs by @​peterfox in #​3911
• Fix x-id when used with morph by @​calebporzio in #​3919
• Rework mutation observer by @​calebporzio in #​3929
• add explanation of passing an object to x-for by @​browner12 in #​3928
• x-mask: Cleanup of event listeners by @​beholdr in #​3908
• Update refs.md by @​Simsz in #​3851
• Add CSP-friendly Alpine build by @​calebporzio in #​3959
• docs: typo by @​mhanberg in #​3960
• Bug in code example of documentation for x-anchor to an ID by @​MaximVanhove in #​3942
• Fix typo by @​aerni in #​3932
• 🐛 Gracefully handles bad throws by @​ekwoka in #​3570
• Fix x-mask when used with wire:model by @​calebporzio in #​3988
• Fix issue where error message would not print directive name properly by @​mattvague in #​3572
• Add named exports to build files by @​ypconstante in #​3644
• fix: reset input on init so default value is displayed by @​coder2000 in #​3881
• Clear combobox bugfix by @​gdebrauwer in #​3934
• fix/x-model with fill modifier takes input value on undefined by @​rgbc-alex in #​3941
• fix: already init component by @​Matsa59 in #​3951
• Listbox compare null value bugfix by @​gdebrauwer in #​3962
• Fix error message in listbox.js by @​gdebrauwer in #​3965
• Add x-trap noinitialfocus modifier by @​richcarni in #​3977
• Combobox and listbox: Save optionKey in x-data to fix usage in Livewire by @​gdebrauwer in #​3990

New Contributors

• @​peterfox made their first contribution in #​3911
• @​beholdr made their first contribution in #​3908
• @​Simsz made their first contribution in #​3851
• @​MaximVanhove made their first contribution in #​3942
• @​aerni made their first contribution in #​3932
• @​mattvague made their first contribution in #​3572
• @​ypconstante made their first contribution in #​3644
• @​coder2000 made their first contribution in #​3881
• @​rgbc-alex made their first contribution in #​3941
• @​Matsa59 made their first contribution in #​3951
• @​richcarni made their first contribution in #​3977

Full Changelog: alpinejs/alpine@v3.13.3...v3.13.4

v3.13.3

Compare Source

What's Changed

• Fix teleport morphing by @​calebporzio in #​3841
• Add anchor plugin by @​calebporzio in #​3843
• Jlb/fix combobox bugs by @​calebporzio in #​3854
• Fix typo: Rename x-alpine to x-anchor by @​CodeWithKyrian in #​3848
• Update anchor.md by @​allenjd3 in #​3847
• x-model.boolean modifier by @​gdebrauwer in #​3532
• 🐛 Joins selectors to meet spec by @​ekwoka in #​3844

New Contributors

• @​CodeWithKyrian made their first contribution in #​3848
• @​allenjd3 made their first contribution in #​3847
• @​gdebrauwer made their first contribution in #​3532

Full Changelog: alpinejs/alpine@v3.13.2...v3.13.3

v3.13.2

Compare Source

Changed

• ✅ Allows underscore in event names #​3756
• update CSP build/installation docs #​3762
• use normal single quotes #​3764
• Gracefully handle SecurityError exception if localStorage is unavailable #​3775
• ♻️ Cleans Up Entangle #​3792
• 🐛 Fixes proxy stack setters bug #​3807
• 🐛 Fixes reference to incorrect attribute #​3814
• Use Internet Explorer conditional comment syntax to preserve morph markers on Cloudflare-proxied sites #​3794

v3.13.1

Compare Source

Changed

• ✨ Names expression evaluators #​3765
• Fix typos #​3771
• Update installation.md #​3779
• Fixed webpack 4 builds breaking due to nullish coalescing operator #​3679
• ♻️ improves merge proxies #​3722
• x-if warning if used on non-template #​3737
• clarify execution order of init #​3702
• Document destroy method in Alpine.data #​3716
• Fixed a variable typo #​3727
• fix(morph): currentNode can also be null, not just undefined, fixes #​3728 #​3729

v3.13.0

Compare Source

What's Changed

• Fix tests broken by e579cc8. by @​andrewbelcher in #​3631
• Morph key lookup issue by @​joshhanley in #​3658
• bug: Allows model.fill to work with checkbox arrays by @​ekwoka in #​3676
• bump focus-trap version by @​bty888 in #​3667
• Update watch.md by @​diomed in #​3621
• fix: highlighting in docs by @​ChrystianDeMatos in #​3599
• 🐛 Prevents double bundling of Alpine in UI Package by @​ekwoka in #​3597
• Livewire3 by @​calebporzio in #​3678
• fix: Entangle inner state undefined by @​danharrin in #​3681
• Make morphdom faster and more powerful by @​calebporzio in #​3692
• [livewire] Update navigate page.js by @​PhiloNL in #​3685
• Move history and navigate plugins into livewire/livewire until they are stable by @​calebporzio in #​3720

New Contributors

• @​andrewbelcher made their first contribution in #​3631
• @​bty888 made their first contribution in #​3667
• @​diomed made their first contribution in #​3621
• @​ChrystianDeMatos made their first contribution in #​3599
• @​danharrin made their first contribution in #​3681
• @​PhiloNL made their first contribution in #​3685

Full Changelog: alpinejs/alpine@v3.12.3...v3.13.0

v3.12.3

Compare Source

Internal changes release...

v3.12.2

Compare Source

Fixed

• Reverted PR #​3459

v3.12.1

Compare Source

Added

• Support for registering multiple plugins at once: Alpine.plugin([...]) #​3497
• Add warning to prevent Alpine from being loaded twice on the same page #​3565
• Add descriptive warning for undefined x-for key and updates tests. #​3498

Fixed

• Fix x-for scope updates when looping through x-data elements #​3504
• Exclude dependencies from non-CDN builds #​3459
• Make x-transition delay syntax consistent with duration syntax #​3476
• Fix throttle/debounce user callback after preventDefault/stopPropagation is executed #​3481
• Make .fill work with selects and other modifiers #​3495
• Fix morphing @​event handlers #​3494
• Allow Booleans in bound x-transitions #​3519
• Handle special binding case for 'checked' and 'selected' #​3535
• Fix Safari AutoFill #​3483
• Fix duplicate/inaccurate test #​3520
• Fix typo on alt "component" #​3541
• Attempt memory leak fix from using magics #​2832

v3.12.0

Compare Source

Added

• x-model.fill by input value on null or empty string #​3423
• x-mask custom decimal precision #​3415
• x-mask $money allow for negative values #​3416
• Accept x-data="true" as a synonym for x-data="{}" #​3339

Fixed

• 🐛 fixes improper use of nullish coalescing #​3408
• Fixes @keyup and @keydown listeners with .capture modifier never executed #​3398
• Remove Alpine UI references from Alpine core #​3336
• Update CSP documentation to clarify availability of the CSP build #​2619
• Fix x-model event listener doubling when cloned #​3393
• docs: Fix a few typos #​3363
• Fix Alpine.js becoming unresponsive after uncaught exception in reactive effect callback #​3279
• Fix inconsistent update for template x-if (issue #​2803) #​3278

crewjam/saml (github.com/crewjam/saml)

v0.5.1

Compare Source

v0.5.0

Compare Source

gin-gonic/gin (github.com/gin-gonic/gin)

v1.10.1

Compare Source

Changelog

Refactor

• b5af779: refactor: strengthen HTTPS security and improve code organization (@​appleboy)

golang-jwt/jwt (github.com/golang-jwt/jwt/v4)

v4.5.2

Compare Source

See GHSA-mh63-6h87-95cp

Full Changelog: golang-jwt/jwt@v4.5.1...v4.5.2

v4.5.1

Compare Source

Security

Unclear documentation of the error behavior in ParseWithClaims in <= 4.5.0 could lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by ParseWithClaims return both error codes. If users only check for the jwt.ErrTokenExpired using error.Is, they will ignore the embedded jwt.ErrTokenSignatureInvalid and thus potentially accept invalid tokens.

This issue was documented in GHSA-29wx-vh33-7x7r and fixed in this release.

Note: v5 was not affected by this issue. So upgrading to this release version is also recommended.

What's Changed

• Back-ported error-handling logic in ParseWithClaims from v5 branch. This fixes GHSA-29wx-vh33-7x7r.

Full Changelog: golang-jwt/jwt@v4.5.0...v4.5.1

golang/go (go)

v1.25.1

v1.25.0

v1.24.7

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.12

v1.23.11

v1.23.10

v1.23.9

v1.23.8

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.22.12

v1.22.11

v1.22.10

v1.22.9

v1.22.8

v1.22.7

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

go-gorm/gorm (gorm.io/gorm)

v1.30.5

Compare Source

Changes

• No changes

v1.30.4

Compare Source

Changes

• Add Set-based Create and Update support to Generics API @​jinzhu (#​7578)
• fix: build failure on Go versions below 1.21 @​iTanken (#​7572)
• fix slogLogger to support ParameterizedQueries Config @​EricWvi (#​7574)

v1.30.3

Compare Source

Changes

• No changes

v1.30.2

Compare Source

Changes

• avoid copying structures with embedded mutexs @​drakkan (#​7571)
• Add DefaultContextTimeout option @​jinzhu (#​7567)
• Update the docker compose file @​moseszane168 (#​7524)
• fix: returning all columns with "on conflict do update" @​phongphan (#​7534)
• feat(slog-integration) @​rezamokaram (#​7537)
• fix data race in some case 725aa5b
• performance improvement

v1.30.1

Compare Source

Changes

• optimize: field.ReflectValueOf @​liov (#​7530)
• optimize: performance optimization @​liov (#​7526)
• fix(schema): check the hook function parameter type @​demoManito (#​7468)
• Fix: Unexpected OR Conditions force converted to AND @​Riseif (#​7512)
• Add GaussDB Database Support @​moseszane168 (#​7508)
• Call after initialize for gorm.Config @​jinzhu (#​7518)
• A little optimization for filed.ValueOf @​liov (#​7499)
• fixes #​7486 @​Eshan-Jogwar (#​7492)
• fix decimal migrate error. @​Chise1 (#​7450)
• test: update MySQL test matrix to use official images and add 9.0, 8.4 versions @​enomotodev (#​7476)

v1.30.0

Compare Source

Changes

• (WIP) Implement Generics API @​jinzhu (#​7424)
• perf(schema): avoid redundant strings.ToLower call @​1911860538 (#​7464)
• fix: return init dialector error @​codingplz (#​7379)
• perf: break early on match failure in ParseConstraint @​1911860538 (#​7402)
• feat: error message show field name @​pi12138 (#​7452)
• perf: use strings.IndexByte to replace strings.Index @​1911860538 (#​7454)
• perf: use strings.Cut to replace strings.SplitN @​1911860538 (#​7455)

v1.26.1

Compare Source

Changes

• fix: int type variable defaultMaxSize overflows in 32-bit environment @​iTanken (#​7439)

v1.26.0

Compare Source

Changes

• Preparestmt use LRU Map instead default map @​Yaccc (#​7435)
• use golangci replace reviewdog @​jinzhu (#​7426)
• test: mssql ci @​a631807682 (#​7388)
• fix deprecated reflect.PtrTo reflect.PointerTo usage @​Aman-Shitta (#​7366)
• Fix concurrent map writes #​7297 @​Ponywka (#​7298)
• chore: update copyright year @​maxktz (#​7332)
• Enhance db.Scan with ParamsFilter - Issue 7336 - Suggestion @​evyaffe (#​7337)
• Fixed Empty Returning Clause Merge Edge Case @​aviyam181199 (#​7339)
• feat:Capitalize the priority field of IndexOption（https://redirect.github.com/go-gorm/gorm/issues/7331） @​nowindexman (#​7342)
• fix: deterministic index ordering when migrating @​bamo (#​7208)
• use map look-up for indexes @​abbyssoul (#​7242)
• [#​6372] Fixed nullable constraint bug for columns during auto migration @​wookie0 (#​7269)
• Create CODE_OF_CONDUCT.md @​omidfth (#​7240)
• Enhance Release Process: Implement Automated Release Management and Notes Generation @​YidiDev (#​7224)
• refactor: improve logging for unimplemented ErrorTranslator in TranlateError config enabled @​Invidam (#​7225)
• Add GitHub Actions workflow to automate release creation on tagged pushes @​YidiDev (#​7209)
• Use official SQL Server docker image for tests @​omkar-foss (#​7205)
• feat: Modernize Docker Compose File @​isso-719 (#​7086)
• Generate unique savepoint names for nested transactions @​phroggyy (#​7174)
• fix: AfterQuery using safer right trim while clearing from clause's j… @​bhowmik-abhijeet (#​7153)
• fix memory leaks in PrepareStatementDB @​ivila (#​7142)
• ci: Add PostgreSQL 14 and 15 to GitHub Actions matrix @​enomotodev (#​7081)
• feat: add MapColumns method @​molon (#​6901)
• add DB level propagation for the Unscoped flag @​sprataa (#​7007)
• fix(scan): update Scan function to reset structs to zero values for each scan @​Waldeedle (#​7061)
• fix: use reflect.Append when preloading nested associations instead of making a slice with fixed size @​emilienkofman (#​7014)
• Fix association replace non-addressable panic @​SergeiSadov (#​7012)
• fix: unsupported data on nested joins with preloads @​N-Schaef (#​6957)
• fix: AfterQuery should clear FROM Clause's Joins rather than the Stat… @​liov (#​7027)
• feat: chainable order support clause.OrderBy @​supergem3000 (#​7054)
• fix: strings.Title -> cases.Title bcs strings.Title library is deprecated @​ryuji-cre8ive (#​6999)
• fix: typo @​hakusai22 (#​7003)
• Fix handling of unknown column types @​looi (#​6540)
• Fix panic bug in migrator due to lack of nil check for stmt.Schema @​pixelmaxQm (#​6932)
• Add new error for "Violation Check Constraint" @​anilsenay (#​6992)
• fix: not clause with or condition @​a631807682 (#​6984)
• perf: merge nested preload query when using join @​a631807682 (#​6990)
• Faster utils.FileWithLineNum @​kkocdko (#​6981)
• Added comment describing Unscoped() method @​AntonyChR (#​6969)
• fix: duplicated preload @​yetone (#​6948)
• feat: prepare_stmt support ping @​philhuan (#​6924)
• fix: remove callback from callbacks if Remove() called @​snackmgmg (#​6916)
• fix: 'type XXXX int' will print wrong sql to terminal @​wangzeping722 (#​6917)
• chore: optimize regEnLetterAndMidline regular @​demoManito ([#​6908](https://redir

---

Configuration

📅 Schedule: Branch creation - "before 5am every weekday,every weekend" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 4 additional dependencies were updated

Details:

Package	Change
github.com/beevik/etree	v1.4.1 -> v1.5.0
golang.org/x/crypto	v0.26.0 -> v0.33.0
golang.org/x/sys	v0.24.0 -> v0.30.0
golang.org/x/text	v0.17.0 -> v0.22.0