chore(deps): bump github.com/labstack/gommon from 0.4.0 to 0.5.0 in /server

[dependabot]

Bumps github.com/labstack/gommon from 0.4.0 to 0.5.0.

Release notes

Sourced from github.com/labstack/gommon's releases.

v0.5.0

Highlights

• email: SMTPS / implicit TLS on port 465. smtp.SendMail only speaks plain + STARTTLS, so Resend/SendGrid/etc. on :465 hang on the handshake. Detect port 465 and dial TLS directly. Added Email.TLSConfig (custom root pool / ServerName; always cloned per send) and Email.DialTimeout (scoped to the TCP/TLS connect phase).
• email: no silent cleartext downgrade. Drive Hello() explicitly so a failed EHLO can't be swallowed and mis-read as "STARTTLS not advertised".
• log: silence 14 go vet printf warnings. Split the internal log() method; public signatures unchanged. TestCallerFile guards the runtime.Caller skip.
• random: fix sync.Pool copy in New(). Construct the pool directly on the struct — sync.Pool must not be copied after first use.

Toolchain (breaking)

• Go directive bumped 1.18 → 1.23.0 to align with labstack/echo. Consumers on Go <1.23 should stay on v0.4.2.
• CI matrix: 1.23 / 1.24 / 1.25 / 1.26 × ubuntu / macos / windows.
• Deps refreshed: testify 1.8.4 → 1.11.1, go-colorable 0.1.13 → 0.1.14, go-isatty 0.0.20 → 0.0.21, x/sys 0.15.0 → 0.29.0 (highest that still supports Go 1.23).

Non-breaking code changes

• bytes/bytes_test.go: replaced Parse(\"8EiB\") assertions with Parse(\"7EiB\") — 2^63 overflowed int64 and relied on implementation-defined float-to-int behavior.

Full diff

labstack/gommon#62

v0.4.2 update deps

• update deps #58

v0.4.1 small updates

• feat(random): use crypto/rand for random string generator #55

• update deps and CI flow #57

• update deps #54

Commits

• 2659cda fix: SMTPS support + align toolchain with echo (#62)
• 2888b9c update deps (#58)
• bf0335a update deps and CI flow (#57)
• 508eabf feat(random): use crypto/rand for random string generator (#55)
• d43909e update deps
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
resolute	Ready	Preview, Comment	Apr 20, 2026 9:30pm