build(deps): bump the go-mod group across 1 directory with 11 updates

[dependabot]

Bumps the go-mod group with 8 updates in the / directory:

Package	From	To
github.com/authzed/authzed-go	1.5.1-0.20250909211335-16b58d03994c	1.6.0
github.com/authzed/spicedb	1.45.4	1.47.0
github.com/charmbracelet/x/term	0.2.1	0.2.2
github.com/mark3labs/mcp-go	0.41.1	0.43.0
github.com/samber/lo	1.51.0	1.52.0
golang.org/x/net	0.44.0	0.46.0
google.golang.org/grpc	1.75.1	1.76.0
google.golang.org/protobuf	1.36.9	1.36.10

Updates github.com/authzed/authzed-go from 1.5.1-0.20250909211335-16b58d03994c to 1.6.0

Release notes

Sourced from github.com/authzed/authzed-go's releases.

v1.6.0

Highlights

Bring in v1.45.4 backwards-compatible changes for SpiceDB

What's Changed

• Bump the go-mod group across 1 directory with 10 updates by @​dependabot[bot] in authzed/authzed-go#344
• Bump the go-mod-magefiles group across 1 directory with 3 updates by @​dependabot[bot] in authzed/authzed-go#340
• Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 in the go-mod group by @​dependabot[bot] in authzed/authzed-go#345
• Bump actions/checkout from 4 to 5 in the github-actions group by @​dependabot[bot] in authzed/authzed-go#341
• Bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /magefiles in the go_modules group by @​dependabot[bot] in authzed/authzed-go#342
• Bump actions/setup-go from 5 to 6 in the github-actions group by @​dependabot[bot] in authzed/authzed-go#348
• Bump mvdan.cc/gofumpt from 0.8.0 to 0.9.1 in /magefiles in the go-mod-magefiles group by @​dependabot[bot] in authzed/authzed-go#349
• Bump golang.org/x/sync from 0.16.0 to 0.17.0 in the go-mod group by @​dependabot[bot] in authzed/authzed-go#347
• Move client to API ref d27fc025233c4149be1ee333389b5dcd by @​josephschorr in authzed/authzed-go#350
• Bump the go-mod-magefiles group across 1 directory with 2 updates by @​dependabot[bot] in authzed/authzed-go#354

Full Changelog: authzed/authzed-go@v1.5.0...v1.6.0

Commits

• See full diff in compare view

Updates github.com/authzed/spicedb from 1.45.4 to 1.47.0

Release notes

Sourced from github.com/authzed/spicedb's releases.

v1.46.2

What's Changed

• feat: Add visitor pattern for easy walking of schema v2 by @​josephschorr in authzed/spicedb#2592
• Update link to SpiceDB Kubernetes Operator guide by @​luyi404 in authzed/spicedb#2593
• chore: change accessors in schema v2 into methods by @​josephschorr in authzed/spicedb#2594
• perf: significant improvements around LR3 dispatching by @​josephschorr in authzed/spicedb#2587
• ci: notify slack if windows release fails by @​miparnisari in authzed/spicedb#2599
• Fix data race in trailer test by @​tstirrat15 in authzed/spicedb#2603
• chore: refactor NewPaginatedIterator by @​miparnisari in authzed/spicedb#2597
• chore: update golang linter to 2.5.0 by @​miparnisari in authzed/spicedb#2600
• feat: add man page generation support by @​ivanauth in authzed/spicedb#2595
• test: improve RegisterRelationshipCountersInParallelTest by @​miparnisari in authzed/spicedb#2590
• chore: update bug template by @​miparnisari in authzed/spicedb#2607
• fix: amend #2603 by @​miparnisari in authzed/spicedb#2612
• chore: refactor dispatch/remote/cluster.go by using a concurrent map by @​miparnisari in authzed/spicedb#2598
• ci: add build tags to .golangci.yaml and fix issues by @​miparnisari in authzed/spicedb#2613
• chore: convert Path pointer objects to Path objects by @​barakmich in authzed/spicedb#2615
• feat: Handle caveats and intersection arrows in the query plan by @​barakmich in authzed/spicedb#2565
• add fgprof wall-clock profiler by @​vroldanbet in authzed/spicedb#2618
• chore: move off experimental changefeed query for CRDB by @​miparnisari in authzed/spicedb#2617
• chore: add perfsprint linter by @​miparnisari in authzed/spicedb#2585
• feat: relationship expiration is now on by default by @​miparnisari in authzed/spicedb#2605
• feat: add support for riscv64 architecture by @​rodneyosodo in authzed/spicedb#2601
• Use prettier for yaml formatting and fix some yaml linting/formatting issues by @​tstirrat15 in authzed/spicedb#2622
• chore: fix bug template by @​miparnisari in authzed/spicedb#2623
• Schema V2 translation, cloning and flattening support by @​josephschorr in authzed/spicedb#2608
• More fixes of gocritic/govet/testifyrequire by @​tstirrat15 in authzed/spicedb#2625
• chore: Add additional zedtoken construction functions by @​josephschorr in authzed/spicedb#2631
• chore: Automatic lint changes: require.* simplifications and unused i… by @​tstirrat15 in authzed/spicedb#2626
• Lint fixes part 5 by @​tstirrat15 in authzed/spicedb#2628
• fix: properly rewrite errors for watch api by @​miparnisari in authzed/spicedb#2640
• feat: Add recursive iterators by @​barakmich in authzed/spicedb#2621
• propagate acquire timeout to crdbDatastore by @​ecordell in authzed/spicedb#2642
• chore: Lint fixes part 6 by @​tstirrat15 in authzed/spicedb#2635
• chore: Lint fixes part 7 by @​tstirrat15 in authzed/spicedb#2637
• test: add tests for error URLs by @​miparnisari in authzed/spicedb#2641
• Lint fixes part 8 by @​tstirrat15 in authzed/spicedb#2644
• Further operations and improvements to Schema V2 library by @​josephschorr in authzed/spicedb#2643
• chore: update Docker to fix CVE-2025-54410 by @​miparnisari in authzed/spicedb#2650
• ci: revert #2601 by @​tstirrat15 in authzed/spicedb#2648

New Contributors

• @​luyi404 made their first contribution in authzed/spicedb#2593
• @​rodneyosodo made their first contribution in authzed/spicedb#2601

Full Changelog: authzed/spicedb@v1.46.0...v1.46.2

Docker Images

This release is available at authzed/spicedb:v1.46.2, quay.io/authzed/spicedb:v1.46.2, ghcr.io/authzed/spicedb:v1.46.2

... (truncated)

Commits

• afd982c ci: revert #2601 (#2648)
• fcc5042 chore: update Docker to fix CVE-2025-54410 (#2650)
• 5fc65b0 Further operations and improvements to Schema V2 library (#2643)
• f8379c3 Lint fixes part 8 (#2644)
• 9638aca test: add tests for error URLs (#2641)
• 5d34d05 chore: Lint fixes part 7 (#2637)
• f702cb9 chore: Lint fixes part 6 (#2635)
• dd8a11b propagate acquire timeout to crdbDatastore (#2642)
• a589a03 feat: Add recursive iterators (#2621)
• b59dc8c fix: properly rewrite errors for watch api (#2640)
• Additional commits viewable in compare view

Updates github.com/charmbracelet/x/term from 0.2.1 to 0.2.2

Commits

• d941777 feat(ansi): add cursor and mouse pointer shape sequences
• 57c5431 chore(deps): update bubbletea to v0.27 (#161)
• 2c0e84d chore(term): go mod tidy
• 61a8baf feat(input): update kitty keyboard flag name
• See full diff in compare view

Updates github.com/mark3labs/mcp-go from 0.41.1 to 0.43.0

Release notes

Sourced from github.com/mark3labs/mcp-go's releases.

Release v0.43.0

What's Changed

• feat: add support for custom HTTP headers in client requests by @​matthisholleville in mark3labs/mcp-go#546
• feat: add SessionWithResourceTemplates for session-specific resource templates by @​ezynda3 in mark3labs/mcp-go#624
• feat(mcp): Add SessionIdManagerResolver interface for request-based session management by @​aradyaron in mark3labs/mcp-go#626
• feat(mcp): add HTTP and Stdio client Roots feature by @​yuehaii in mark3labs/mcp-go#620
• feat(mcp): add Title field to Implementation struct per MCP spec by @​ezynda3 in mark3labs/mcp-go#633
• fix(toocall): properly set custom header to ensure correct request handling by @​cx215133873 in mark3labs/mcp-go#632

New Contributors

• @​aradyaron made their first contribution in mark3labs/mcp-go#626
• @​yuehaii made their first contribution in mark3labs/mcp-go#620
• @​cx215133873 made their first contribution in mark3labs/mcp-go#632

Full Changelog: mark3labs/mcp-go@v0.42.0...v0.43.0

Release v0.43.0-beta.3

What's Changed

• feat(mcp): Add SessionIdManagerResolver interface for request-based session management by @​aradyaron in mark3labs/mcp-go#626
• feat(mcp): add HTTP and Stdio client Roots feature by @​yuehaii in mark3labs/mcp-go#620

New Contributors

• @​aradyaron made their first contribution in mark3labs/mcp-go#626
• @​yuehaii made their first contribution in mark3labs/mcp-go#620

Full Changelog: mark3labs/mcp-go@v0.43.0-beta.2...v0.43.0-beta.3

Release v0.43.0-beta.2

What's Changed

• feat: add SessionWithResourceTemplates for session-specific resource templates by @​ezynda3 in mark3labs/mcp-go#624

Full Changelog: mark3labs/mcp-go@v0.43.0-beta.1...v0.43.0-beta.2

Release v0.43.0-beta.1

What's Changed

• feat: add support for custom HTTP headers in client requests by @​matthisholleville in mark3labs/mcp-go#546

Full Changelog: mark3labs/mcp-go@v0.42.0...v0.43.0-beta.1

Release v0.42.0

What's Changed

• HTTP Sampling Improvements by @​ezynda3 in mark3labs/mcp-go#601
• feat: update type definition of _meta field to text/blob resources. by @​rabbah in mark3labs/mcp-go#591
• fix: documentation typos by @​Artmorse in mark3labs/mcp-go#608
• fix: prevent tools invocation without valid session initialization by @​ezynda3 in mark3labs/mcp-go#607
• fix: make transport Start() idempotent to resolve issue #583 by @​ezynda3 in mark3labs/mcp-go#606
• feat: extend resource middlewares to resource templates by @​tjhop in mark3labs/mcp-go#582
• Preserve Tool _meta when marshaling to JSON by @​jaredly in mark3labs/mcp-go#609

... (truncated)

Commits

• ecc6d8f fix: custom header (#632)
• 69772ea feat(mcp): add Title field to Implementation struct per MCP spec (#633)
• cd61ef9 update CI/CD
• 7805a68 feat(mcp): add HTTP and Stdio client Roots feature (#620)
• da6f722 feat(mcp): Add SessionIdManagerResolver interface for request-based session m...
• 5088c93 feat: add SessionWithResourceTemplates for session-specific resource template...
• 8b7d60c fmt
• 4086efe feat: add support for custom HTTP headers in client requests (#546)
• f60537b go fmt
• c273e1a 📝 Add docstrings to issue-345-withany (#619)
• Additional commits viewable in compare view

Updates github.com/samber/lo from 1.51.0 to 1.52.0

Release notes

Sourced from github.com/samber/lo's releases.

v1.52.0

Thrilled to announce the latest release of samber/lo!

This version brings major improvements:

• A new it/ sub-package for everything related to the iter package added in Go 1.23. Big up to @​NathanBaulch for its help on this
• A new documentation -> lo.samber.dev
• Lots of micro fixes and performance improvements
• Better code quality with many more linters

✨ A good introduction to streams in Go !

What's Changed

• fix(chunk): Copy chunk in a new slice by @​samber in samber/lo#648
• fix(zipx): fix the max length calculation by @​samber in samber/lo#649
• fix(retry): fix potential race condition in debounce callback by @​samber in samber/lo#650
• feature: add Mode function with tests and documentation by @​ghosx in samber/lo#644
• add FilterKeys for map by @​rasha108bik in samber/lo#631
• feat: adding FilterValues and fix FilterKeys signature by @​samber in samber/lo#661 samber/lo#662
• fix: more consistent panic strings by @​NathanBaulch in samber/lo#678
• fix: minor example issues by @​NathanBaulch in samber/lo#676
• feat: preserve type alias in DropByIndex and WithoutBy by @​NathanBaulch in samber/lo#675
• feat: adding hassuffix + hasprefix by @​samber in samber/lo#680
• Added Cut, CutPrefix, CutSuffix by @​xelavopelk in samber/lo#666
• Add TrimXXX helpers by @​samber in samber/lo#683
• fix(string): fix division by zero by @​samber in samber/lo#684
• fix: avoid recover() if possible by @​NathanBaulch in samber/lo#685
• fix: panic when passing -1 to Drop by @​NathanBaulch in samber/lo#688
• perf: avoid Keyify twice in Trim by @​NathanBaulch in samber/lo#689
• feat: new iter package by @​NathanBaulch in samber/lo#672
• feat: from slice to map with index passed by @​mabrarov in samber/lo#697
• feat: from slice/iterator to map with index passed by @​mabrarov in samber/lo#698
• feat(generator): deprecate lo.Generator in favor of go "iter" package by @​samber in samber/lo#700
• perf: optimization of map access by @​mabrarov in samber/lo#692
• perf: optimize map access everywhere by @​NathanBaulch in samber/lo#693

Tests

• fix(tests): fix flaky time-based tests by @​samber in samber/lo#699

Style

• lint: unit test improvements by @​NathanBaulch in samber/lo#674
• lint: fix CI warnings and avoid named return parameters by @​NathanBaulch in samber/lo#682
• lint: enable 7 more linters by @​NathanBaulch in samber/lo#686
• lint: enable gofumpt extra rules by @​NathanBaulch in samber/lo#690
• Style/rename internal rand by @​samber in samber/lo#701
• lint: Apply testifylint linter recommendations by @​NathanBaulch in samber/lo#669
• Style add golangci config by @​samber in samber/lo#670
• chore: minor whitespace fixes by @​NathanBaulch in samber/lo#677

... (truncated)

Commits

• a25c42d bump v1.52.0
• 15ac624 docs: adding go playground examples to it/ package (#708)
• c7e9459 docs: lots of various doc improvements (#706)
• fa2d724 doc: add it/mutable/parallel sub-package to llms.txt (#707)
• aa3a48d fix(doc): add missing "contributing" entry in the menu
• 5def06d fix(doc): various hot fixes
• f9a57ef chore(deps-dev): bump typescript from 5.6.3 to 5.9.3 in /docs (#704)
• 8b8aa28 fix(doc): make "iter" package visible in doc sidebar
• 39e418f doc: adding a "contributing" page
• 1b3cb42 fix(doc): improve algolia search
• Additional commits viewable in compare view

Updates github.com/spf13/pflag from 1.0.9 to 1.0.10

Release notes

Sourced from github.com/spf13/pflag's releases.

v1.0.10

What's Changed

• fix deprecation comment for (FlagSet.)ParseErrorsWhitelist by @​thaJeztah in spf13/pflag#447
• remove uses of errors.Is, which requires go1.13, move go1.16/go1.21 tests to separate file by @​thaJeztah in spf13/pflag#448

New Contributors

• @​thaJeztah made their first contribution in spf13/pflag#447

Full Changelog: spf13/pflag@v1.0.9...v1.0.10

Commits

• 0491e57 Merge pull request #448 from thaJeztah/fix_go_version
• 72abab1 Merge pull request #447 from thaJeztah/fix_deprecation_comment
• 7e4dfb1 Test on Go 1.12
• 18a9d17 move Func, BoolFunc, tests as they require go1.21
• c5b9e98 remove uses of errors.Is, which requires go1.13
• 45a4873 fix deprecation comment for (FlagSet.)ParseErrorsWhitelist
• See full diff in compare view

Updates golang.org/x/mod from 0.27.0 to 0.28.0

Commits

• 1759e96 go.mod: update golang.org/x dependencies
• f060e16 all: upgrade go directive to at least 1.24.0 [generated]
• See full diff in compare view

Updates golang.org/x/net from 0.44.0 to 0.46.0

Commits

• 2002a06 go.mod: update golang.org/x dependencies
• 59706cd html: impose open element stack size limit
• 6ec8895 html: align in row insertion mode with spec
• 5393563 http2: fix RFC 9218 write scheduler not being idempotent
• b2ab371 internal/httpsfv: implement parsing support for date and display string
• edb764c internal/httpsfv: add parsing functionality for types defined in RFC 8941
• fbba2c2 internal/httpsfv: add support for consuming Display String and Date type
• 47a241f http2: make the error channel pool per-Server
• 51f657b webdav/internal/xml: use the built-in min function
• f2e909b internal/httpsfv: implement parsing support for Dictionary and List type.
• Additional commits viewable in compare view

Updates golang.org/x/term from 0.35.0 to 0.36.0

Commits

• 3a0828a go.mod: update golang.org/x dependencies
• See full diff in compare view

Updates google.golang.org/grpc from 1.75.1 to 1.76.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.76.0

Dependencies

• Minimum supported Go version is now 1.24 (#8509)
  • Special Thanks: @​kevinGC

Bug Fixes

• client: Return status INTERNAL when a server sends zero response messages for a unary or client-streaming RPC. (#8523)
• client: Fail RPCs with status INTERNAL instead of UNKNOWN upon receiving http headers with status 1xx and END_STREAM flag set. (#8518)
  • Special Thanks: @​vinothkumarr227
• pick_first: Fix race condition that could cause pick_first to get stuck in IDLE state on backend address change. (#8615)

New Features

• credentials: Add credentials/jwt package providing file-based JWT PerRPCCredentials (A97). (#8431)
  • Special Thanks: @​dimpavloff

Performance Improvements

• client: Improve HTTP/2 header size estimate to reduce re-allocations. (#8547)
• encoding/proto: Avoid redundant message size calculation when marshaling. (#8569)
  • Special Thanks: @​rs-unity

Commits

• d96c2ef Change version to 1.76.0 (#8584)
• 79c553c Cherry pick #8610, #8615 to v1.76.x (#8621)
• 0513350 client: minor improvements to log messages (#8564)
• ebaf486 credentials: implement file-based JWT Call Credentials (part 1 for A97) (#8431)
• ca78c90 xds/resolver_test: fix flaky test ResolverBadServiceUpdate_NACKedWithoutCache...
• 83bead4 internal/buffer: set closed flag when closing channel in the Load method (#8575)
• 0f45079 encoding/proto: enable use cached size option (#8569)
• 8420f3f transport: avoid slice reallocation during header creation (#8547)
• b36320e Revert "stats/opentelemetry: record retry attempts from clientStream (#8342)"...
• c122250 stats/opentelemetry: record retry attempts from clientStream (#8342)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.9 to 1.36.10

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.