build(deps): bump github.com/gin-gonic/gin from 1.10.0 to 1.11.0

[dependabot]

Bumps github.com/gin-gonic/gin from 1.10.0 to 1.11.0.

Release notes

Sourced from github.com/gin-gonic/gin's releases.

v1.11.0

Changelog

Features

• 6ca8ddb1aed78d9ffaf984e5489111838242fedb: feat(binding): add BindPlain (#3904) (@​guonaihong)
• 4ccfa7c275c449990818e46759d5974a953cc1c1: feat(binding): add support for unixMilli and unixMicro (#4190) (@​takanuva15)
• 9d7c0e9e1a301f417df9dc89a8cadc3bf9063db2: feat(context): GetXxx added support for more go native types (#3633) (@​CC11001100)
• fb09c825e8e13134daaa90debfda198520e1b347: feat(context): add SetCookieData (#4240) (@​Narita-1095305)
• f05f966a0824b1d302ee556183e2579c91954266: feat(form): Support default values for collections in form binding (#4048) (@​takanuva15)
• 3cb30679b5e3021db16c776ed7e70d380586e9ce: feat(form): add array collection format in form binding (#3986) (@​slowhigh)
• 24d67647cb9b4e0bbdcdec7f0c2086e8004e1572: feat(form): add custom string slice for form tag unmarshal (#3970) (#3971) (@​bruceNu1l)
• 8791c96960e719ff2f41e24163c5898656cee474: feat(fs): Export, test and document OnlyFilesFS (#3939) (@​joeig)
• 71496abe6836462e2ed70436b7d72ea2a3585417: feat(fs): Implement loading HTML from http.FileSystem (#4053) (@​sunshineplan)
• 3ac729dc4a497d360a23b9d7e766c622b3c99f51: feat(gin): support http3 using quic-go/quic-go (#3210) (@​thinkerou)
• 4621b7ac982335d9a74432e182dd2bfc6d841431: feat(router): add literal colon support (#1432) (#2857) (@​wssccc)
• dbd8a2515093ad47cadc5c1fface89861a0b765c: feat: added AbortWithStatusPureJSON() in Context (#4290) (@​ddevsr)
• 688a429d19d8c804447bb889d3635e2c31a5564d: feat: support custom json codec at runtime (#3391) (@​timandy)

Bug fixes

• 8fb3136664254d7c592127f00d52849caba18a67: Revert "fix(time): binding time with empty value (#4103)" (#4245) (@​appleboy)
• e737e3e267beb4dc3bab16cc8be59e3902d98a94: fix(binding): prevent duplicate decoding and add validation in decodeToml (#4193) (@​revevide)
• 4f339e6a35b163d31b30916b37f4176d385f41bd: fix(context): YAML judgment logic in Negotiate (#3966) (@​RedCrazyGhost)
• 36b0dede4b8c4a67d92c4107cebc5a068364321d: fix(context): check handler is nil (#3413) (@​hktalent)
• e0d46ded6cb6974d55a255ab122d1aa6ca0cd60e: fix(context): verify URL is Non-nil in initQueryCache() (#3969) (@​adrianosela)
• dd33ff793861cee3baa77d575ff319119c366f3a: fix(docs): missing go markdown codeblock (#4266) (@​vdusart)
• b38c59de7fef67400a1c98efeae700a689c45783: fix(errors): change Unwrap method receiver to value type (#4232) (@​OrkhanAlikhanov)
• 28e57f58b184b2305ace192e02496bb89f6fd8cb: fix(form): Set default value for form fields (#4047) (@​ahmadSaeedGoda)
• 626d55b0c02937645c21774cacc021713de88604: fix(gin): Do not panic when handling method not allowed on empty tree (#4003) (@​phsym)
• 7d147928ee232fce156ea7ce8ae6329e148aeb41: fix(gin): data race warning for gin mode (#1580) (@​kplachkov)
• c677ccc40a60386565dd0d755efacb85d153feca: fix(go): invalid Go toolchain version (#3961) (@​thinkerou)
• 3319038418656a268c889393cb2dd4224c4469ec: fix(readme): fix broken link to English documentation (#4222) (@​eduardo-ax)
• 674522db91d637d179c16c372d87756ea26fa089: fix(time): binding time with empty value (#4103) (@​ksw2000)
• ea53388e6ee4a6a0a1647b390c56eeed780e7e56: fix(tree): Keep panic infos consistent when wildcard type build faild (#4077) (@​kingcanfish)
• 8763f33c65f7df8be5b9fe7504ab7fcf20abb41d: fix: prevent middleware re-entry issue in HandleContext (#3987) (@​bound2)
• 7a1b655074c313f9491c83bb8ea164cdc4a9afe9: fix: sonic on arm64 (#4234) (@​yashgorana)
• 5826722a87cf5855fcc4b794cbef11612352771d: fix: version number discrepancy (#4299) (@​suwakei)

Enhancements

• 40725d85badd647870df6f9fa7a75ac76341f804: chore(bind): return 413 status code when error is http.MaxBytesError (#4227) (@​ItalyPaleAle)
• f875d8728306c2c2c6f504900ab08cd1d8c47f12: chore(context): test context initialization and handler logic (#4087) (@​appleboy)
• e7693e67c23005743502962d3bb9839a354d6688: chore(deps): bump actions/setup-go from 5 to 6 (#4351) (@​dependabot[bot])
• afa0c31d97e1b112ccfe7652957f7d8514580c72: chore(deps): bump github.com/gin-contrib/sse from 0.1.0 to 1.1.0 (#4216) (@​dependabot[bot])
• 255af882db4baf0ed6209f1a5471f1663c5d0060: chore(deps): bump github.com/go-playground/validator/v10 (#4208) (@​dependabot[bot])
• 545fd74379a0b167a918e38626ae5f7eb83fb243: chore(deps): bump github.com/go-playground/validator/v10 (#4289) (@​dependabot[bot])
• c3c8620a7fb4e09c7845feca4e8e8a8678a2685d: chore(deps): bump github.com/go-playground/validator/v10 from 10.20.0 to 10.22.1 (#4052) (@​dependabot[bot])
• cf32d2dcf8c7534f59727c5e213e45f2412c593a: chore(deps): bump github.com/pelletier/go-toml/v2 from 2.2.2 to 2.2.4 (#4212) (@​dependabot[bot])
• bb824731032856460aa3ffc23bd90e11bf7d5199: chore(deps): bump github.com/quic-go/quic-go from 0.48.2 to 0.50.1 (#4197) (@​dependabot[bot])
• 61c2b1c28f0c5a754330545e31f02cd6d6f7944e: chore(deps): bump github.com/quic-go/quic-go from 0.51.0 to 0.52.0 (#4250) (@​dependabot[bot])
• b7d6308bcc84066df79a047ae363a6120fe87808: chore(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.53.0 (#4281) (@​dependabot[bot])
• 077a2f39c85700ba0823f85ed29cec0c8f2cbdfc: chore(deps): bump github.com/quic-go/quic-go from 0.53.0 to 0.54.0 (#4328) (@​dependabot[bot])
• 46150257b3eec60e3e0bf1cee7c03439099aef83: chore(deps): bump github.com/stretchr/testify from 1.10.0 to 1.11.1 (#4347) (@​dependabot[bot])
• a6287825c95821a378a34f8a5c9139ea1f6ebd96: chore(deps): bump github.com/ugorji/go/codec from 1.2.12 to 1.3.0 (#4268) (@​dependabot[bot])
• cc4e11438cd6c0bcc632fe3492d3817dfa21c337: chore(deps): bump golang.org/x/net from 0.25.0 to 0.27.0 (#4013) (@​dependabot[bot])

... (truncated)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.11.0

Features

• feat(gin): Experimental support for HTTP/3 using quic-go/quic-go (#3210)
• feat(form): add array collection format in form binding (#3986), add custom string slice for form tag unmarshal (#3970)
• feat(binding): add BindPlain (#3904)
• feat(fs): Export, test and document OnlyFilesFS (#3939)
• feat(binding): add support for unixMilli and unixMicro (#4190)
• feat(form): Support default values for collections in form binding (#4048)
• feat(context): GetXxx added support for more go native types (#3633)

Enhancements

• perf(context): optimize getMapFromFormData performance (#4339)
• refactor(tree): replace string(/) with "/" in node.insertChild (#4354)
• refactor(render): remove headers parameter from writeHeader (#4353)
• refactor(context): simplify "GetType()" functions (#4080)
• refactor(slice): simplify SliceValidationError Error method (#3910)
• refactor(context):Avoid using filepath.Dir twice in SaveUploadedFile (#4181)
• refactor(context): refactor context handling and improve test robustness (#4066)
• refactor(binding): use strings.Cut to replace strings.Index (#3522)
• refactor(context): add an optional permission parameter to SaveUploadedFile (#4068)
• refactor(context): verify URL is Non-nil in initQueryCache() (#3969)
• refactor(context): YAML judgment logic in Negotiate (#3966)
• tree: replace the self-defined 'min' to official one (#3975)
• context: Remove redundant filepath.Dir usage (#4181)

Bug Fixes

• fix: prevent middleware re-entry issue in HandleContext (#3987)
• fix(binding): prevent duplicate decoding and add validation in decodeToml (#4193)
• fix(gin): Do not panic when handling method not allowed on empty tree (#4003)
• fix(gin): data race warning for gin mode (#1580)
• fix(context): verify URL is Non-nil in initQueryCache() (#3969)
• fix(context): YAML judgment logic in Negotiate (#3966)
• fix(context): check handler is nil (#3413)
• fix(readme): fix broken link to English documentation (#4222)
• fix(tree): Keep panic infos consistent when wildcard type build faild (#4077)

Build process updates / CI

• ci: integrate Trivy vulnerability scanning into CI workflow (#4359)
• ci: support Go 1.25 in CI/CD (#4341)
• build(deps): upgrade github.com/bytedance/sonic from v1.13.2 to v1.14.0 (#4342)
• ci: add Go version 1.24 to GitHub Actions (#4154)
• build: update Gin minimum Go version to 1.21 (#3960)
• ci(lint): enable new linters (testifylint, usestdlibvars, perfsprint, etc.) (#4010, #4091, #4090)
• ci(lint): update workflows and improve test request consistency (#4126)

... (truncated)

Commits

• 6ad6205 docs(changelog): upgrade Gin to v1.11.0 and add release notes (#4361)
• 7858527 docs(changelog): update release notes for Gin v1.10.1 (#4360)
• cb000f5 ci: integrate Trivy vulnerability scanning into CI workflow (#4359)
• 2119046 ci: support Go 1.25 (#4341)
• da372fc build(deps): upgrade github.com/bytedance/sonic from v1.13.2 to v1.14.0 (#4342)
• e198f6e refactor(render): remove headers parameter from writeHeader (#4353)
• cca98d2 chore(deps): bump google.golang.org/protobuf from 1.36.8 to 1.36.9 (#4356)
• 9b1e353 refactor(tree): replace string(/) with "/" in node.insertChild (#4354)
• f9bd00a perf(context): optimize getMapFromFormData performance (#4339)
• 28172fa chore(deps): bump google.golang.org/protobuf from 1.36.6 to 1.36.8 (#4346)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Important

Bump github.com/gin-gonic/gin to 1.11.0, adding new features, bug fixes, and enhancements.

• Dependencies:
  • Bump github.com/gin-gonic/gin from 1.10.0 to 1.11.0 in go.mod and go.sum.
  • Update github.com/stretchr/testify from 1.10.0 to 1.11.1 in go.mod and go.sum.
  • Update golang.org/x/net from 0.40.0 to 0.42.0 in go.mod and go.sum.
• Features:
  • Adds BindPlain and support for unixMilli and unixMicro in binding.
  • Adds SetCookieData and AbortWithStatusPureJSON() in context.
  • Supports HTTP/3 using quic-go/quic-go.
• Bug Fixes:
  • Fixes duplicate decoding in decodeToml and handler nil check in context.
  • Prevents panic on method not allowed in gin.
• Enhancements:
  • Optimizes getMapFromFormData performance in context.
  • Refactors context and tree for improved performance and consistency.

^{This description was created by for 6e21d73. You can customize this summary. It will automatically update as commits are pushed.}

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

Labels

The following labels could not be found: go. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 6e21d73 in 1 minute and 4 seconds. Click for details.

• Reviewed 335 lines of code in 2 files
• Skipped 0 files when reviewing.
• Skipped posting 4 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. go.mod:12

• Draft comment:
  Bump 'github.com/gin-gonic/gin' to v1.11.0. Verify that any custom middleware or context usage is compatible with the changes in Gin.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is related to a dependency change, specifically bumping the version of a library. It asks the author to verify compatibility with custom middleware or context usage, which is a form of asking the author to double-check things. This violates the rule against asking the author to ensure compatibility or verify intentions.

2. go.mod:23

• Draft comment:
  Upgrade 'github.com/stretchr/testify' to v1.11.1. Ensure that any test assertions remain compatible.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% The comment is related to a dependency change, specifically upgrading a library version. The comment also asks to ensure compatibility, which is against the rules. Therefore, this comment should be removed.

3. go.mod:29

• Draft comment:
  Updated 'golang.org/x/net' (v0.40.0 -> v0.42.0) and 'google.golang.org/protobuf' (v1.36.6 -> v1.36.9). These changes appear routine; please ensure dependent libraries remain compatible.
• Reason this comment was not posted:
  Comment did not seem useful. Confidence is useful = 0% <= threshold 50% This comment is about dependency updates and asks the author to ensure compatibility, which violates the rule against commenting on dependency changes and asking for confirmation or testing.

4. go.sum:1

• Draft comment:
  The go.sum file has been updated to reflect the new dependency versions. Confirm that all tests pass after these indirect updates.
• Reason this comment was not posted:
  Confidence changes required: 50% <= threshold 50% None

Workflow ID: wflow_iVO2HphAvvplglNL

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}