Skip to content

chore(deps): bump sqlx from 0.7.4 to 0.9.0 in /reconciler#211

Open
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/cargo/reconciler/sqlx-0.9.0
Open

chore(deps): bump sqlx from 0.7.4 to 0.9.0 in /reconciler#211
dependabot[bot] wants to merge 3 commits into
mainfrom
dependabot/cargo/reconciler/sqlx-0.9.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown

Bumps sqlx from 0.7.4 to 0.9.0.

Changelog

Sourced from sqlx's changelog.

0.9.0 - 2026-05-06

Important Announcements

New Github Organization

Shortly after this release is published, the SQLx repository will be transferred to a new GitHub organization: https://github.com/transact-rs/

This is because SQLx has not been owned or maintained by LaunchBadge, LLC. for a few years now, and has since been informally transferred to the collective ownership of its principal authors. Moving the repository to a new organization makes this change more clear, and also allows for potentially inviting outside collaborators.

Cargo.lock Removed from Tracking

The Cargo.lock has been removed from tracking in Git. CI should now always test with the latest versions of all dependencies by default, alongside our pass that checks with cargo generate-lockfile -Z minimal-versions.

This should eliminate the need for any PRs that update dependencies to also update Cargo.lock or contend with an endless stream of merge conflicts against it.

N.B. cargo install --locked sqlx-cli will no longer work. However, cargo install sqlx-cli has always used the latest dependencies by default, ignoring the lockfile, so most users should not be affected. For users requiring reproducible builds, consider maintaining your own lockfile instead; historically, we only ran cargo update sporadically, so relying on SQLx's lockfile offered few guarantees anyway.

See [the manual page for cargo install][man-cargo-install] for details.

Breaking

As per our MSRV policy, the supported Rust version for this release cycle is 1.94.0.

  • [#3383]: feat: create sqlx.toml format [[@​abonander]]
    • SQLx and sqlx-cli now support per-crate configuration files (sqlx.toml)
    • New functionality includes, but is not limited to:
      • Rename DATABASE_URL for a crate (for multi-database workspaces)
      • Set global type overrides for the macros (supporting custom types)
      • Rename or relocate the _sqlx_migrations table (for multiple crates using the same database)
      • Set characters to ignore when hashing migrations (e.g. ignore whitespace)
    • More to be implemented in future releases.
    • Enable feature sqlx-toml to use.
      • sqlx-cli has it enabled by default, but sqlx does not.
      • Default features of library crates can be hard to completely turn off because of [feature unification], so it's better to keep the default feature set as limited as possible. [This is something we learned the hard way.][preferred-crates]
    • Guide: see sqlx::_config module in documentation.
    • Reference: [Link]
    • Examples (written for Postgres but can be adapted to other databases; PRs welcome!):
      • Multiple databases using DATABASE_URL renaming and global type overrides: [Link]
      • Multi-tenant database using _sqlx_migrations renaming and multiple schemas: [Link]
      • Force use of chrono when time is enabled (e.g. when using tower-sessions-sqlx-store): [[Link][preferred-crates]]
        • Forcing bigdecimal when rust_decimal is enabled is also shown, but problems with chrono/time are more common.

... (truncated)

Commits
  • 75bc048 Release 0.9.0 (#4256)
  • 6956cef Prefer to give real data to .bind() in README.md (#4257)
  • 45ba990 Add the possibility to skip migrations (#3846)
  • 66533fa Ensure Deterministic Migration Order (#4136)
  • db47fe3 ci: check direct minimal versions (#4173)
  • 9ecb76d Unescape PostgreSQL passfile password (#3993)
  • c0a3218 breaking(any+mysql): correctly convert text and blob types to AnyTypeInfo (...
  • d82b781 test(sqlite): add regression test for ORDER BY + LIMIT nullability (#4223)
  • b77ba16 chore: update to axum 0.8 (#4253)
  • c0ec9c0 fix(tls): potential deadlock in StdSocket::poll_ready() (#4251)
  • Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot @github

dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: cargo, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

dreamgeneX and others added 3 commits June 5, 2026 06:00
- app.module.ts: remove duplicate AdminModule/TreasuryModule/DevModule imports,
  add missing CorrelationMiddleware import
- webhooks.service.ts: collapse three interleaved duplicate implementations
  (dispatchEvent, emitKycEvent, verifyWithRotation, rotateSecret) into
  single clean versions; remove duplicate events key in createWebhookSchema
- webhook-delivery.worker.ts: merge two interleaved deliver() bodies into one;
  fix double catch block
- invoices.service.ts: remove duplicate const result in expireInvoices()
- audit/audit.service.ts: add webhook_replayed to AuditAction type
- treasury/dto: add definite assignment assertion to signingQuorum
- test fixes: deduplicate mockAudit, add missing AppLogger mock arg,
  fix ConfigService cast, fix supertest import style
- tsconfig.json: correct ignoreDeprecations from "6.0" to "5.0"
- package.json: add supertest + @types/supertest@6 devDependencies

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
P-001 fix(reconciler): correct muxed address ID decoding using stellar-strkey
P-002 feat(settlement): wire TreasuryContract for automated USDC disbursement
P-003 security: lock CORS origins and add rate limiting to public endpoints
P-004 fix(invoices): replace COUNT-based sequence with atomic Postgres function
P-005 security(frontend): move JWT to httpOnly server-set cookie via BFF
P-006 feat(checkout): add SEP-0007 QR code for mobile wallet deep-link
P-008 feat(webhooks): Redis Streams consumer group for real-time delivery
P-012 feat(compliance): wire Soroban ComplianceContract as on-chain oracle
P-014 ci: harden production deployment with health-gate and auto-rollback

Founder & CEO: dreamgene (dreamgeneX)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Bumps [sqlx](https://github.com/launchbadge/sqlx) from 0.7.4 to 0.9.0.
- [Changelog](https://github.com/transact-rs/sqlx/blob/main/CHANGELOG.md)
- [Commits](transact-rs/sqlx@v0.7.4...v0.9.0)

---
updated-dependencies:
- dependency-name: sqlx
  dependency-version: 0.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/cargo/reconciler/sqlx-0.9.0 branch from e624574 to 60a4cc2 Compare June 9, 2026 11:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant