build(deps): Bump the go-minor group across 1 directory with 11 updates

[dependabot]

Bumps the go-minor group with 8 updates in the / directory:

Package	From	To
github.com/aws/aws-sdk-go-v2	1.41.7	1.42.0
github.com/aws/aws-sdk-go-v2/config	1.32.17	1.32.25
github.com/aws/aws-sdk-go-v2/service/bedrockruntime	1.50.6	1.53.5
github.com/go-chi/chi/v5	5.2.5	5.3.0
github.com/jackc/pgx/v5	5.9.2	5.10.0
github.com/redis/go-redis/v9	9.19.0	9.20.1
github.com/riverqueue/river	0.36.0	0.39.0
golang.org/x/crypto	0.51.0	0.53.0

Updates github.com/aws/aws-sdk-go-v2 from 1.41.7 to 1.42.0

Commits

• 9a3190f Release 2026-06-08
• b20dd5b Regenerated Clients
• 75a45ea Update API model
• e736f55 Add preview of changes for standard retry mode behind flag (#3400)
• ba08dc9 Release 2026-06-05.2
• 9a67e21 Revert schema serde (#3442)
• 51692f8 s3/transfermanager: avoid double-closing concurrentReader channel after read ...
• f696d5b Release 2026-06-05
• 7efb8fd Regenerated Clients
• 1a420c5 Update endpoints model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/config from 1.32.17 to 1.32.25

Commits

• 0016334 Release 2026-06-10
• 396a182 Regenerated Clients
• 3eb8533 Update API model
• 7bbea79 Release 2026-06-09
• 1fefa6c Regenerated Clients
• a2cf49f Update endpoints model
• d87be68 Update API model
• 9a3190f Release 2026-06-08
• b20dd5b Regenerated Clients
• 75a45ea Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/credentials from 1.19.16 to 1.19.24

Commits

• 0016334 Release 2026-06-10
• 396a182 Regenerated Clients
• 3eb8533 Update API model
• 7bbea79 Release 2026-06-09
• 1fefa6c Regenerated Clients
• a2cf49f Update endpoints model
• d87be68 Update API model
• 9a3190f Release 2026-06-08
• b20dd5b Regenerated Clients
• 75a45ea Update API model
• Additional commits viewable in compare view

Updates github.com/aws/aws-sdk-go-v2/service/bedrockruntime from 1.50.6 to 1.53.5

Commits

• c964dbd Release 2024-05-15
• ce84395 Regenerated Clients
• 8de9119 Update API model
• 05fcf66 internal: true up internal metrics collection for post-SRA middleware (#2642)
• 1148427 reformat signer/v4 package doc (#2640)
• b238d3f Release 2024-05-14
• 85f8268 Regenerated Clients
• ebaee4c Update endpoints model
• 593b966 Update API model
• bfb02f0 Merge customizations for S3
• Additional commits viewable in compare view

Updates github.com/go-chi/chi/v5 from 5.2.5 to 5.3.0

Release notes

Sourced from github.com/go-chi/chi/v5's releases.

v5.3.0

What's Changed

• Use strings.ReplaceAll where applicable by @​JRaspass in go-chi/chi#1046
• Propagate inline middlewares across mounted subrouters by @​LukasJenicek in go-chi/chi#1049
• add go 1.26 to ci by @​pkieltyka in go-chi/chi#1052
• Remove last uses of io/ioutil by @​JRaspass in go-chi/chi#1054
• Simplify chi.walk with slices.Concat by @​JRaspass in go-chi/chi#1053
• Apply the stringscutprefix modernizer by @​JRaspass in go-chi/chi#1051
• Bump minimum Go to 1.23, always use request.Pattern by @​JRaspass in go-chi/chi#1048
• middleware: fix httpFancyWriter.ReadFrom double-counting bytes with Tee by @​alliasgher in go-chi/chi#1085
• Fix typo in Route doc comment by @​gouwazi in go-chi/chi#1073
• fix: set Request.Pattern from RoutePattern() by @​leno23 in go-chi/chi#1097
• feat: middleware.ClientIP, a replacement for middleware.RealIP by @​VojtechVitek in go-chi/chi#967

New Contributors

• @​LukasJenicek made their first contribution in go-chi/chi#1049
• @​alliasgher made their first contribution in go-chi/chi#1085
• @​gouwazi made their first contribution in go-chi/chi#1073
• @​leno23 made their first contribution in go-chi/chi#1097

SECURITY: middleware.ClientIP, a replacement for middleware.RealIP

@​VojtechVitek submitted PR #967, which introduces middleware.ClientIP — a replacement for middleware.RealIP that closes the three open spoofing advisories:

• GHSA-9g5q-2w5x-hmxf — IP spoofing via XFF in RemoteAddr resolution (convto)
• GHSA-rjr7-jggh-pgcp — RealIP allows IP spoofing via unvalidated XFF (rezmoss)
• GHSA-3fxj-6jh8-hvhx — IP spoofing in middleware.RealIP (Saku0512, Critical / 9.3)

It also addresses issues outlined at:

• go-chi/chi#708
• https://adam-p.ca/blog/2022/03/x-forwarded-for/
• go-chi/chi#711
• go-chi/chi#453
• go-chi/chi#908

middleware.RealIP is deprecated in this PR with pointers to the new API.

The deprecation only adds a // Deprecated: doc comment; the function keeps working for backward compatibility.

Why a new middleware (not "fix RealIP in place")

RealIP has two unfixable design choices: it mutates r.RemoteAddr, and it tries to be a one-size-fits-all default by walking a hard-coded list of headers any client can supply. Per adam-p's "The perils of the 'real' client IP" (which calls chi out by name on this), there is no safe default — the user must pick their trust source explicitly.

The new API

Four middlewares, two accessors. Pick exactly one middleware based on your infrastructure, read the result with one of the two accessors:

// One of the four. There is no safe default — pick exactly one.
func ClientIPFromHeader(trustedHeader string) func(http.Handler) http.Handler
func ClientIPFromXFF(trustedIPPrefixes ...string) func(http.Handler) http.Handler
func ClientIPFromXFFTrustedProxies(numTrustedProxies int) func(http.Handler) http.Handler
</tr></table> 

... (truncated)

Commits

• 3b17157 feat: middleware.ClientIP, a replacement for middleware.RealIP (#967)
• 818fdcf fix: set Request.Pattern from RoutePattern() (#1097)
• f975af0 Fix typo in Route doc comment (#1073)
• 4ef87ea middleware: fix httpFancyWriter.ReadFrom double-counting bytes with Tee (#1085)
• a54874f Bump minimum Go to 1.23, always use request.Pattern (#1048)
• 3328d4d Apply the stringscutprefix modernizer (#1051)
• be60b2e Simplify chi.walk with slices.Concat (#1053)
• a36a925 Remove last uses of io/ioutil (#1054)
• 7d93ee3 add go 1.26 to ci (#1052)
• 903cff2 Propagate inline middlewares across mounted subrouters (#1049)
• Additional commits viewable in compare view

Updates github.com/jackc/pgx/v5 from 5.9.2 to 5.10.0

Changelog

Sourced from github.com/jackc/pgx/v5's changelog.

5.10.0 (June 3, 2026)

This release includes a significant amount of hardening against malicious or compromised PostgreSQL servers, contributed by Sean Chittenden at CrowdStrike, Inc. This work bounds binary decoders against attacker-controlled message sizes, caps server-supplied SCRAM iteration counts, adds require_auth to restrict which authentication methods a server may use (mitigating downgrade attacks under sslmode=prefer), and ensures cancellation requests are sent over TLS when the original connection used TLS.

Features

• Add require_auth to restrict accepted server authentication methods (Sean Chittenden at CrowdStrike, Inc.)
• Add ParseConfigOptions.ConnStringAllowedKeys to restrict allowed connection string keys (Sean Chittenden at CrowdStrike, Inc.)
• Add StructArgs and StrictStructArgs for @-named queries (Tubelight30)
• Add ErrConnClosed sentinel error and unwrap it from connLockError (Charlie Tonneslan)
• pgxpool: check if connection is expired before acquire (arthurdotwork)

Security Hardening

• Encrypt CancelRequest connection when the primary connection used TLS (Sean Chittenden at CrowdStrike, Inc.)
• Cap server-supplied SCRAM iteration count (Sean Chittenden at CrowdStrike, Inc.)
• Default Frontend max message body length to ~1 GiB (Sean Chittenden at CrowdStrike, Inc.)
• Bound hstore binary decode against malicious server input (Sean Chittenden at CrowdStrike, Inc.)
• Bound array binary decode element length against remaining message bytes (Sean Chittenden at CrowdStrike, Inc.)
• Bound array element count against remaining message bytes (Sean Chittenden at CrowdStrike, Inc.)
• Bound range, multirange, and tsvector binary decoders (Sean Chittenden at CrowdStrike, Inc.)
• Document secure connection configuration (Sean Chittenden at CrowdStrike, Inc.)
• Fix panic on malformed geometric text; return an error instead (MaIII)

Fixes

• Fix scanning "char" (OID 18) into *string in binary format (luongs3)
• Fix handling of typed-nil driver.Valuer in array and composite codecs (Donncha Fahy)
• Fix CopyData.Data hex decoding in UnmarshalJSON (Charlie Tonneslan)
• Fix data race when context is cancelled during connect
• Fix parseKeywordValueSettings rejecting trailing whitespace (alliasgher)
• pgconn: preserve full error chain in normalizeTimeoutError (Charlie Tonneslan)
• pgconn: use a fresh context for the fallback connection in connectPreferred (Charlie Tonneslan)
• pgxpool: fix MaxLifetimeDestroyCount and ping order for acquire-time expiry check
• Add missing error check of rows.Err to load types (Jen Altavilla)

Commits

• 7293fb1 Update changelog for v5.10.0
• 1ade285 pgconn: document secure connection configuration
• b4d6d4d pgtype: bound range, multirange, and tsvector binary decoders
• 0639b37 pgconn: add ParseConfigOptions.ConnStringAllowedKeys
• b28e65b pgtype: bound array element count against remaining message bytes
• cd1f389 pgtype: bound array binary decode element length against remaining bytes
• ff27b5b pgtype: bound hstore binary decode against malicious server input
• a6002e1 pgproto3: default Frontend max message body length to ~1 GiB
• 44f6173 pgconn: cap server-supplied SCRAM iteration count
• 1a976f7 pgconn: add require_auth to restrict accepted server auth methods
• Additional commits viewable in compare view

Updates github.com/redis/go-redis/v9 from 9.19.0 to 9.20.1

Release notes

Sourced from github.com/redis/go-redis/v9's releases.

9.20.1

This is a patch release containing bug fixes only. There are no new features or breaking changes; upgrading from 9.20.0 is a drop-in replacement.

🚀 Highlights

RESP3 pub/sub message loss fixed

PeekPushNotificationName previously inspected only the bytes already buffered by bufio, so when a push frame header straddled a buffer fill boundary it could return a truncated notification name (e.g. "messa" instead of "message"). The push processor then mis-routed the frame and ReadReply silently dropped it, causing intermittent RESP3 pub/sub message loss. The peek now grows its window (36 bytes → up to 4 KiB) and reads more from the connection until the header is complete, cleanly separating incomplete prefixes from corrupt frames (including overflow-safe bulk-length handling). Fixes #3839.

(#3842) by @​ndyakov

🐛 Bug Fixes

• RESP3 push peeking: PeekPushNotificationName no longer returns a truncated notification name when a push frame header spans a buffer boundary, preventing silent RESP3 pub/sub message loss (fixes #3839) (#3842) by @​ndyakov
• FT.HYBRID vector params: Vector data is now always sent via PARAMS with auto-generated param names (__vector_param_N, with collision avoidance) when VectorParamName is omitted, since Redis no longer accepts inline vector blobs; the FTHybridOptions.Params map is no longer mutated, so the same options struct can be reused across calls (#3844) by @​ndyakov
• CLUSTER SHARDS forward compatibility: Unknown shard- and node-level attributes in the CLUSTER SHARDS reply are now skipped via DiscardNext() instead of erroring, so clients keep working when the server introduces new fields (#3843) by @​madolson
• PubSub double reconnect: PubSub.releaseConn no longer reconnects twice when a connection is both unusable (or pending handoff) and reports a bad-connection error, avoiding a wasted connection establish-then-close cycle (#3833) by @​cxljs

👥 Contributors

We'd like to thank all the contributors who worked on this release!

@​cxljs, @​madolson, @​ndyakov

---

Full Changelog: redis/go-redis@v9.20.0...v9.20.1

9.20.0

🚀 Highlights

Redis 8.8 Support

This release adds support for Redis 8.8. The README's supported-versions list now includes Redis 8.8 alongside 8.0/8.2/8.4, and CI exercises the 8.8 client-libs-test image across the full suite (Makefile, build workflow, doctests, run-tests action, and docker-compose).

Coverage for the new commands that ship in the 8.x line, rounded out in this release:

• AR* array data type (#3813) — new array data structure, exposed via the ArrayCmdable interface (see the experimental-features highlight below).
• INCREX (#3816) — atomic increment with expiration in a single round-trip.
• XNACK (#3790) — explicit negative-acknowledge of pending stream entries.
• XAUTOCLAIM PEL deletes (#3798) — XAUTOCLAIM/XAUTOCLAIMJUSTID now return the list of deleted message IDs from the pending entries list.
• TS.RANGE multiple aggregators (#3791) — TS.RANGE/TS.REVRANGE/TS.MRANGE/TS.MREVRANGE accept multiple aggregators in a single call.
• Z(UNION|INTER|DIFF) COUNT aggregator (#3802) — COUNT reducer for sorted-set set operations.
• JSON.SET FPHA (#3797) — new FPHA argument that specifies the floating-point type for homogeneous FP arrays.

CI image bump (#3814) by @​ofekshenawa. Command coverage contributions by @​cxljs, @​elena-kolevska, @​Khukharr, @​ndyakov, and @​ofekshenawa.

Stable RESP3 for RediSearch (UnstableResp3 deprecated)

... (truncated)

Changelog

Sourced from github.com/redis/go-redis/v9's changelog.

9.20.1 (2026-06-11)

This is a patch release containing bug fixes only. There are no new features or breaking changes; upgrading from 9.20.0 is a drop-in replacement.

🚀 Highlights

RESP3 pub/sub message loss fixed

PeekPushNotificationName previously inspected only the bytes already buffered by bufio, so when a push frame header straddled a buffer fill boundary it could return a truncated notification name (e.g. "messa" instead of "message"). The push processor then mis-routed the frame and ReadReply silently dropped it, causing intermittent RESP3 pub/sub message loss. The peek now grows its window (36 bytes → up to 4 KiB) and reads more from the connection until the header is complete, cleanly separating incomplete prefixes from corrupt frames (including overflow-safe bulk-length handling). Fixes #3839.

(#3842) by @​ndyakov

🐛 Bug Fixes

• RESP3 push peeking: PeekPushNotificationName no longer returns a truncated notification name when a push frame header spans a buffer boundary, preventing silent RESP3 pub/sub message loss (fixes #3839) (#3842) by @​ndyakov
• FT.HYBRID vector params: Vector data is now always sent via PARAMS with auto-generated param names (__vector_param_N, with collision avoidance) when VectorParamName is omitted, since Redis no longer accepts inline vector blobs; the FTHybridOptions.Params map is no longer mutated, so the same options struct can be reused across calls (#3844) by @​ndyakov
• CLUSTER SHARDS forward compatibility: Unknown shard- and node-level attributes in the CLUSTER SHARDS reply are now skipped via DiscardNext() instead of erroring, so clients keep working when the server introduces new fields (#3843) by @​madolson
• PubSub double reconnect: PubSub.releaseConn no longer reconnects twice when a connection is both unusable (or pending handoff) and reports a bad-connection error, avoiding a wasted connection establish-then-close cycle (#3833) by @​cxljs

👥 Contributors

We'd like to thank all the contributors who worked on this release!

@​cxljs, @​madolson, @​ndyakov

---

Full Changelog: redis/go-redis@v9.20.0...v9.20.1

9.20.0 (2026-05-28)

🚀 Highlights

Redis 8.8 Support

This release adds support for Redis 8.8. The README's supported-versions list now includes Redis 8.8 alongside 8.0/8.2/8.4, and CI exercises the 8.8-rc1 client-libs-test image across the full suite (Makefile, build workflow, doctests, run-tests action, and docker-compose).

Coverage for the new commands that ship in the 8.x line, rounded out in this release:

• AR* array data type (#3813) — new array data structure, exposed via the ArrayCmdable interface (see the experimental-features highlight below).
• INCREX (#3816) — atomic increment with expiration in a single round-trip.
• XNACK (#3790) — explicit negative-acknowledge of pending stream entries.
• XAUTOCLAIM PEL deletes (#3798) — XAUTOCLAIM/XAUTOCLAIMJUSTID now return the list of deleted message IDs from the pending entries list.
• TS.RANGE multiple aggregators (#3791) — TS.RANGE/TS.REVRANGE/TS.MRANGE/TS.MREVRANGE accept multiple aggregators in a single call.
• Z(UNION|INTER|DIFF) COUNT aggregator (#3802) — COUNT reducer for sorted-set set operations.
• JSON.SET FPHA (#3797) — new FPHA argument that specifies the floating-point type for homogeneous FP arrays.

CI image bump (#3814) by @​ofekshenawa. Command coverage contributions by @​cxljs, @​elena-kolevska, @​Khukharr, @​ndyakov, and @​ofekshenawa.

Stable RESP3 for RediSearch (UnstableResp3 deprecated)

... (truncated)

Commits

• a13416b chore(release): 9.20.1 (#3847)
• 10dc44f fix(push): fix peeking when push name is truncated (#3842)
• e1a2d68 fix(ft.hybrid): Always generate vector param names if they are not provided b...
• a4b234f chore(deps): bump codecov/codecov-action from 6 to 7 (#3845)
• 974e717 fix(command): ignore unknown fields in CLUSTER SHARDS response (#3843)
• 65d6abd fix(pubsub): prevent double reconnect in releaseConn (#3833)
• 7d05dd3 chore(release): v9.20.0 (#3832)
• 9756882 fix(test): make waitForSentinelClusterStable robust to disconnected r… (#3830)
• 875ce21 fix(sentinel): do not close sentinel when replica list is empty (#3795)
• 8a027f2 chore(ci): add govulncheck workflow (#3779)
• Additional commits viewable in compare view

Updates github.com/riverqueue/river from 0.36.0 to 0.39.0

Release notes

Sourced from github.com/riverqueue/river's releases.

v0.39.0

⚠️ Breaking API change: rivermigrate.Migrator.Validate and rivermigrate.Migrator.ValidateTx now take a *rivermigrate.ValidateOpts parameter. Pass nil to preserve previous behavior. We normally endeavor not to make any breaking API changes, but this one will keep the API in a much nicer state, and is on an ancillary function that most installations won't be using. [PR #1259](riverqueue/river#1259)

Added

• Added MetadataSet to stage job metadata updates from worker middleware, HookWorkBegin, workers, or HookWorkEnd, with changes persisted when the job is completed. [PR #1269](riverqueue/river#1269)

Changed

• Add rivermigrate.ValidateOpts.TargetVersion so validation can check migrations up to a specific target version, matching the target-version behavior available on Migrate and MigrateTx. Notably, this is a breaking API change as the validate functions previously didn't take any options. [PR #1259](riverqueue/river#1259)
• When using (*Migrator[TTx]).Migrate with a TargetVersion that's already applied, River now no-ops idempotently instead of returning an error as a user convenience. [PR #1260](riverqueue/river#1260)
• Add logging statement for dropped job and queue subscription events at warn level when a subscriber buffer is full. [PR #1271](riverqueue/river#1271)

Fixed

• Add a 10-second timeout around StandardPilot.JobGetAvailable so a stalled standard-pilot fetch no longer hangs a producer indefinitely. [PR #1255](riverqueue/river#1255)
• Fixed rivertest.Worker.Work and WorkJob to honor a configured custom Config.Schema when transitioning a job to its running state. Previously, the running-state update ran unqualified and could fail on a connection whose search_path didn't include the configured schema. [PR #1262](riverqueue/river#1262)

v0.38.0

Added

• Added new configuration Config.SoftStopTimeout to provide a cleaner way to gracefully stop a client. [PR #1239](riverqueue/river#1239)

v0.37.1

Fixed

• Wrap PeriodicJobEnqueuer.insertBatch database calls in a 30-second timeout. Previously, a stalled pgx Begin/Insert/Commit could hang the periodic enqueuer indefinitely, halting all periodic job insertion until the process was restarted or leader re-elected. [PR #1251](riverqueue/river#1251)

v0.37.0

Added

• Added "resumable jobs" that can be broken down into multiple steps and with a step persisted after it finishes that lets them skip work that's already been done. This is particularly useful for long running jobs that may experience a cancellation (like in the event of a deploy) during the span of their run. [PR #1226](riverqueue/river#1226).

Changelog

Sourced from github.com/riverqueue/river's changelog.

[0.39.0] - 2026-06-03

⚠️ Breaking API change: rivermigrate.Migrator.Validate and rivermigrate.Migrator.ValidateTx now take a *rivermigrate.ValidateOpts parameter. Pass nil to preserve previous behavior. We normally endeavor not to make any breaking API changes, but this one will keep the API in a much nicer state, and is on an ancillary function that most installations won't be using. [PR #1259](riverqueue/river#1259)

Added

• Added MetadataSet to stage job metadata updates from worker middleware, HookWorkBegin, workers, or HookWorkEnd, with changes persisted when the job is completed. [PR #1269](riverqueue/river#1269)

Changed

• Add rivermigrate.ValidateOpts.TargetVersion so validation can check migrations up to a specific target version, matching the target-version behavior available on Migrate and MigrateTx. Notably, this is a breaking API change as the validate functions previously didn't take any options. [PR #1259](riverqueue/river#1259)
• When using (*Migrator[TTx]).Migrate with a TargetVersion that's already applied, River now no-ops idempotently instead of returning an error as a user convenience. [PR #1260](riverqueue/river#1260)
• Add logging statement for dropped job and queue subscription events at warn level when a subscriber buffer is full. [PR #1271](riverqueue/river#1271)

Fixed

• Add a 10-second timeout around StandardPilot.JobGetAvailable so a stalled standard-pilot fetch no longer hangs a producer indefinitely. [PR #1255](riverqueue/river#1255)
• Fixed rivertest.Worker.Work and WorkJob to honor a configured custom Config.Schema when transitioning a job to its running state. Previously, the running-state update ran unqualified and could fail on a connection whose search_path didn't include the configured schema. [PR #1262](riverqueue/river#1262)

[0.38.0] - 2026-05-22

Added

• Added new configuration Config.SoftStopTimeout to provide a cleaner way to gracefully stop a client. [PR #1239](riverqueue/river#1239)

[0.37.1] - 2026-05-15

Fixed

• Wrap PeriodicJobEnqueuer.insertBatch database calls in a 30-second timeout. Previously, a stalled pgx Begin/Insert/Commit could hang the periodic enqueuer indefinitely, halting all periodic job insertion until the process was restarted or leader re-elected. [PR #1251](riverqueue/river#1251)

[0.37.0] - 2026-05-11

Added

• Added "resumable jobs" that can be broken down into multiple steps and with a step persisted after it finishes that lets them skip work that's already been done. This is particularly useful for long running jobs that may experience a cancellation (like in the event of a deploy) during the span of their run. [PR #1226](riverqueue/river#1226).

Commits

• 5535390 Prepare release v0.39.0 (#1273)
• eead0e5 Standardize "hot" operation timeout (#1268)
• 1ca3420 Log dropped subscription events (#1271)
• dfc32de Add helper for job metadata updates (#1269)
• 9e7035d Bump the go-dependencies group across 3 directories with 1 update (#1267)
• 0808652 Clarify worker cancellation requirements for stuck jobs (#1264)
• 965dbad Add timeout to standard pilot fetch (#1255)
• 698d808 Make up migrations with TargetVersion idempotent (#1261)
• 87e82c3 Honor Config.Schema for the running-state transition in rivertest.Worker ...
• 61c6ac7 Add options to migrator Validate functions + option for TargetVersion (#1...
• Additional commits viewable in compare view

Updates github.com/riverqueue/river/riverdriver/riverpgxv5 from 0.36.0 to 0.39.0

Release notes

Sourced from github.com/riverqueue/river/riverdriver/riverpgxv5's releases.

v0.39.0

⚠️ Breaking API change: rivermigrate.Migrator.Validate and rivermigrate.Migrator.ValidateTx now take a *rivermigrate.ValidateOpts parameter. Pass nil to preserve previous behavior. We normally endeavor not to make any breaking API changes, but this one will keep the API in a much nicer state, and is on an ancillary function that most installations won't be using. [PR #1259](riverqueue/river#1259)

Added

• Added MetadataSet to stage job metadata updates from worker middleware, HookWorkBegin, workers, or HookWorkEnd, with changes persisted when the job is completed. [PR #1269](riverqueue/river#1269)

Changed

• Add rivermigrate.ValidateOpts.TargetVersion so validation can check migrations up to a specific target version, matching the target-version behavior available on Migrate and MigrateTx. Notably, this is a breaking API change as the validate functions previously didn't take any options. [PR #1259](riverqueue/river#1259)
• When using (*Migrator[TTx]).Migrate with a TargetVersion that's already applied, River now no-ops idempotently instead of returning an error as a user convenience. [PR #1260](riverqueue/river#1260)
• Add logging statement for dropped job and queue subscription events at warn level when a subscriber buffer is full. [PR #1271](riverqueue/river#1271)

Fixed

• Add a 10-second timeout around StandardPilot.JobGetAvailable so a stalled standard-pilot fetch no longer hangs a producer indefinitely. [PR #1255](riverqueue/river#1255)
• Fixed rivertest.Worker.Work and WorkJob to honor a configured custom Config.Schema when transitioning a job to its running state. Previously, the running-state update ran unqualified and could fail on a connection whose search_path didn't include the configured schema. [PR #1262](riverqueue/river#1262)

v0.38.0

Added

• Added new configuration Config.SoftStopTimeout to provide a cleaner way to gracefully stop a client. [PR #1239](riverqueue/river#1239)

v0.37.1

Fixed

• Wrap PeriodicJobEnqueuer.insertBatch database calls in a 30-second timeout. Previously, a stalled pgx Begin/Insert/Commit could hang the periodic enqueuer indefinitely, halting all periodic job insertion until the process was restarted or leader re-elected. [PR #1251](riverqueue/river#1251)

v0.37.0

Added

• Added "resumable jobs" that can be broken down into multiple steps and with a step persisted after it finishes that lets them skip work that's already been done. This is particularly useful for long running jobs that may experience a cancellation (like in the event of a deploy) during the span of their run. [PR #1226](riverqueue/river#1226).

Changelog

Sourced from github.com/riverqueue/river/riverdriver/riverpgxv5's changelog.

[0.39.0] - 2026-06-03

⚠️ Breaking API change: rivermigrate.Migrator.Validate and rivermigrate.Migrator.ValidateTx now take a *rivermigrate.ValidateOpts parameter. Pass nil to preserve previous behavior. We normally endeavor not to make any breaking API changes, but this one will keep the API in a much nicer state, and is on an ancillary function that most installations won't be using. [PR #1259](riverqueue/river#1259)

Added

• Added MetadataSet to stage job metadata updates from worker middleware, HookWorkBegin, workers, or HookWorkEnd, with changes persisted when the job is completed. [PR #1269](riverqueue/river#1269)

Changed

• Add rivermigrate.ValidateOpts.TargetVersion so validation can check migrations up to a specific target version, matching the target-version behavior available on Migrate and MigrateTx. Notably, this is a breaking API change as the validate functions previously didn't take any options. [PR #1259](riverqueue/river#1259)
• When using (*Migrator[TTx]).Migrate with a TargetVersion that's already applied, River now no-ops idempotently instead of returning an error as a user convenience. [PR #1260](riverqueue/river#1260)
• Add logging statement for dropped job and queue subscription events at warn level when a subscriber buffer is full. [PR #1271](riverqueue/river#1271)

Fixed

• Add a 10-second timeout around StandardPilot.JobGetAvailable so a stalled standard-pilot fetch no longer hangs a producer indefinitely. [PR #1255](riverqueue/river#1255)
• Fixed rivertest.Worker.Work and WorkJob to honor a configured custom Config.Schema when transitioning a job to its running state. Previously, the running-state update ran unqualified and could fail on a connection whose search_path didn't include the configured schema. [PR #1262](riverqueue/river#1262)

[0.38.0] - 2026-05-22

Added

• Added new configuration Config.SoftStopTimeout to provide a cleaner way to gracefully stop a client. [PR #1239](riverqueue/river#1239)

[0.37.1] - 2026-05-15

Fixed

• Wrap PeriodicJobEnqueuer.insertBatch database calls in a 30-second timeout. Previously, a stalled pgx Begin/Insert/Commit could hang the periodic enqueuer indefinitely, halting all periodic job insertion until the process was restarted or leader re-elected. [PR #1251](riverqueue/river#1251)

[0.37.0] - 2026-05-11

Added

• Added "resumable jobs" that can be broken down into multiple steps and with a step persisted after it finishes that lets them skip work that's already been done. This is particularly useful for long running jobs that may experience a cancellation (like in the event of a deploy) during the span of their run. [PR #1226](riverqueue/river#1226).

Commits

• 5535390 Prepare release v0.39.0 (#1273)
• eead0e5 Standardize "hot" operation timeout (#1268)
• 1ca3420 Log dropped subscription events (#1271)
• dfc32de Add helper for job metadata updates (#1269)
• 9e7035d Bump the go-dependencies group across 3 directories with 1 update (#1267)
• 0808652 Clarify worker cancellation requirements for stuck jobs (#1264)
• 965dbad Add timeout to standard pilot fetch (#1255)
• 698d808 Make up migrations with TargetVersion idempotent (#1261)
• 87e82c3 Honor Config.Schema for the running-state transition in rivertest.Worker ...
• 61c6ac7 Add options to migrator Validate functions + option for TargetVersion (#1...
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.51.0 to 0.53.0

Commits

• 45460e0 go.mod: update golang.org/x dependencies
• d37c95e pkcs12: limit PBKDF iteration count to prevent CPU exhaustion
• e2ffffe ssh: reject incomplete gssapi-with-mic configurations
• 60e158a ssh/test: isolate CLI tests from user SSH config and agent
• 1b77d23 ssh/knownhosts: reject lines with multiple or unknown markers
• 3872a2b ssh/knownhosts: verify declared key type matches decoded key
• 9f72ecc ssh/knownhosts: treat only ASCII space and tab as whitespace
• 8f405a4 ssh: validate ECDSA curve matches expected algorithm
• bb41b3d ssh: improve DH GEX group selection using PreferredBits
• e04e721 ssh/agent: validate ed25519 private key length in Add
• Additional commits viewable in compare view

Updates golang.org/x/text from 0.37.0 to 0.38.0

Commits

• f4bb632 go.mod: update golang.org/x dependencies
• See full diff in compare view

Dependabot will resolve any conflicts with thi...

Description has been truncated

[dependabot]

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.