🌱(deps): Bump the all-go-deps group with 3 updates

[dependabot]

Bumps the all-go-deps group with 3 updates: github.com/go-sql-driver/mysql, github.com/mattn/go-sqlite3 and google.golang.org/grpc.

Updates github.com/go-sql-driver/mysql from 1.9.3 to 1.10.0

Release notes

Sourced from github.com/go-sql-driver/mysql's releases.

v1.10.0

What's Changed

• add Go 1.24 to the test matrix by @​shogo82148 in go-sql-driver/mysql#1681
• modernize for Go 1.22 by @​methane in go-sql-driver/mysql#1695
• test stability improvement. by @​methane in go-sql-driver/mysql#1698
• simplify collation tests by @​methane in go-sql-driver/mysql#1700
• fix bigint unsigned null column scan to err type int64 by @​elonnzhang in go-sql-driver/mysql#1612
• Transaction Commit/Rollback returns conn's cached error, if present by @​brad-defined in go-sql-driver/mysql#1691
• add BenchmarkReceive10kRowsCompress by @​methane in go-sql-driver/mysql#1704
• optimize readPacket by @​methane in go-sql-driver/mysql#1705
• MariaDB Metadata skipping and DEPRECATE_EOF by @​rusher in go-sql-driver/mysql#1708
• Optimization: statements reuse previous column name by @​methane in go-sql-driver/mysql#1711
• update outdated MySQL internals documentation links by @​demouth in go-sql-driver/mysql#1714
• fix PING on compressed connections by @​methane in go-sql-driver/mysql#1721
• add DeepWiki badge by @​methane in go-sql-driver/mysql#1722
• Update edwards25519 dependency to v1.1.1 by @​williamhaw in go-sql-driver/mysql#1749
• Configure Dependabot for Go modules by @​methane in go-sql-driver/mysql#1755
• Bump dominikh/staticcheck-action from 1.3.1 to 1.4.1 by @​dependabot[bot] in go-sql-driver/mysql#1759
• Bump github/codeql-action from 3 to 4 by @​dependabot[bot] in go-sql-driver/mysql#1760
• Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in go-sql-driver/mysql#1757
• fix staticcheck error by @​methane in go-sql-driver/mysql#1761
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in go-sql-driver/mysql#1758
• Fix getSystemVar buffer reuse by @​morgo in go-sql-driver/mysql#1754
• Consolidate Dependabot update noise by grouping weekly dependency PRs by @​Copilot in go-sql-driver/mysql#1762
• Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0 by @​dependabot[bot] in go-sql-driver/mysql#1756
• CI: Update GitHub Actions Go matrix to 1.24–1.26 by @​Copilot in go-sql-driver/mysql#1763
• Enhance interpolateParams to correctly handle placeholders by @​rusher in go-sql-driver/mysql#1732
• modernize by @​methane in go-sql-driver/mysql#1764
• release v1.10.0 by @​methane in go-sql-driver/mysql#1765

New Contributors

• @​elonnzhang made their first contribution in go-sql-driver/mysql#1612
• @​brad-defined made their first contribution in go-sql-driver/mysql#1691
• @​rusher made their first contribution in go-sql-driver/mysql#1708
• @​demouth made their first contribution in go-sql-driver/mysql#1714
• @​williamhaw made their first contribution in go-sql-driver/mysql#1749
• @​dependabot[bot] made their first contribution in go-sql-driver/mysql#1759
• @​morgo made their first contribution in go-sql-driver/mysql#1754
• @​Copilot made their first contribution in go-sql-driver/mysql#1762

Full Changelog: go-sql-driver/mysql@v1.9.2...v1.10.0

Changelog

Sourced from github.com/go-sql-driver/mysql's changelog.

v1.10.0 (2026-04-28)

• Fix getSystemVar("max_allowed_packet") potentially returned wrong value. (#1754) This affects only when maxAllowedPacket=0 is set.

• Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0. (#1756) While older versions have reported CVEs, they do not affect go-mysql.

• Update Go versions to 1.24-1.26. (#1763)

• Enhance interpolateParams to correctly handle placeholders. (#1732) The question mark (?) within strings and comments will no longer be treated as a placeholder.

Commits

• a065b60 release v1.10.0 (#1765)
• 09e4187 modernize (#1764)
• 6c44a9a Enhance interpolateParams to correctly handle placeholders (#1732)
• 688ce56 Update supported Go version to 1.24–1.26 (#1763)
• 118d07f Bump filippo.io/edwards25519 from 1.1.1 to 1.2.0 (#1756)
• d6b2d3e Consolidate Dependabot update noise by grouping weekly dependency PRs (#1762)
• 037dfd8 Fix getSystemVar buffer reuse (#1754)
• 900f330 Bump actions/checkout from 4 to 6 (#1758)
• ab9e380 fix staticcheck error (#1761)
• f298c66 Bump actions/setup-go from 5 to 6 (#1757)
• Additional commits viewable in compare view

Updates github.com/mattn/go-sqlite3 from 1.14.42 to 1.14.44

Commits

• 20826e8 Merge pull request #1394 from mattn/sqlite-amalgamation-3053000
• 2d4d220 fix changelog URL when minor or patch version is zero
• 3761cf7 Upgrade SQLite to version 3053000
• 1aa7317 Merge pull request #1388 from mattn/stmt-cache-lru
• c719e20 Merge pull request #1392 from mattn/fix-issue-1390-query-comment-panic
• 869e516 fix panic when querying input with no SQL (only comments/whitespace)
• 6690238 extract finalizeCachedStmt helper and drop redundant tail reset
• 59e8e75 only set stmt cacheKey when cache is enabled
• 2badb4c use slice len/cap for stmt cache instead of separate counters
• 7716c20 evict LRU stmt when stmt cache is full
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.80.0 to 1.81.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.81.0

Behavior Changes

• balancer/rls: Switch gauge metrics to asynchronous emission (once per collection cycle) to reduce telemetry noise and align with other gRPC language implementations. (#8808)

Dependencies

• Minimum supported Go version is now 1.25. (#8969)

Bug Fixes

• xds: Use the leaf cluster's security config for the TLS handshake instead of the aggregate cluster's config. (#8956)
• transport: Send a RST_STREAM when receiving an END_STREAM when the stream is not already half-closed. (#8832)
• xds: Fix ADS resource name validation to prevent a panic. (#8970)

New Features

• grpc/stats: Add support for custom labels in per-call metrics (gRFC A108). (#9008)
• xds: Add support for Server Name Indication (SNI) and SAN validation (gRFC A101). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_SNI=true environment variable. (#9016)
• xds: Add support to control which fields get propagated from ORCA backend metric reports to LRS load reports (gRFC A85). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_ORCA_LRS_PROPAGATION=true. (#9005)
• xds: Add metrics to track xDS client connectivity and cached resource state (gRFC A78). (#8807)
• stats/otel: Enhance grpc.subchannel.disconnections metric by adding disconnection reason to the grpc.disconnect_error label (gRFC A94). This provides granular insights into why subchannels are closing. (#8973)
• mem: Add mem.Buffer.Slice() API to slice the buffer like a slice. (#8977)
  • Special Thanks: @​ash2k

Performance Improvements

• alts: Pool read buffers to lower memory utilization when sockets are unreadable. (#8964)
• transport: Pool HTTP/2 framer read buffers to reduce idle memory consumption. Currently limited to Linux for ALTS and non-encrypted transports (TCP, Unix). To disable, set GRPC_GO_EXPERIMENTAL_HTTP_FRAMER_READ_BUFFER_POOLING=false and report any issues. (#9032)

Commits

• cb18228 Change version to 1.81.0 (#9062)
• 96748f9 Cherry-pick #9105 to 1.81.x (#9106)
• 9183222 Cherry pick #9055, #9032 to v1.81.x (#9095)
• 5cba6da Revert "deps: update dependencies for all modules (#9065)" (#9067)
• af8a936 deps: update dependencies for all modules (#9065)
• cdc60df transport: optimize heap allocations in ready reader and update syscall conne...
• 208d053 xds/resolver: pass complete XDSConfig in RPC context for HTTP filters (gRFC A...
• 50fe1cc test: Fix flaky test TestServerStreaming_ClientCallRecvMsgTwice in `end2end...
• d574bad build(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 (#9050)
• b8bf4d0 build(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 in /inte...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions