Bump github.com/pocketbase/pocketbase from 0.24.4 to 0.25.3

[dependabot]

Bumps github.com/pocketbase/pocketbase from 0.24.4 to 0.25.3.

Release notes

Sourced from github.com/pocketbase/pocketbase's releases.

v0.25.3 Release

To update the prebuilt executable you can run ./pocketbase update.

• Added a temporary exception for Backblaze S3 endpoints to exclude the new aws-sdk-go-v2 checksum headers (#6440).

v0.25.2 Release

To update the prebuilt executable you can run ./pocketbase update.

• Fixed realtime delete event not being fired for RecordProxy-ies and added basic realtime record resolve automated tests (#6433).

v0.25.1 Release

To update the prebuilt executable you can run ./pocketbase update.

• Fixed the batch API Preview success sample response.

• Bumped GitHub action min Go version to 1.23.6 as it comes with a minor security fix for the ppc64le build.

v0.25.0 Release

To update the prebuilt executable you can run ./pocketbase update.

• ⚠️ Upgraded Google OAuth2 auth, token and userinfo endpoints to their latest versions. For users that don't do anything custom with the Google OAuth2 data or the OAuth2 auth URL, this should be a non-breaking change. The exceptions that I could find are:

  • /v3/userinfo auth response changes:

    meta.rawUser.id             => meta.rawUser.sub
    meta.rawUser.verified_email => meta.rawUser.email_verified
    

  • /v2/auth query parameters changes: If you are specifying custom approval_prompt=force query parameter for the OAuth2 auth URL, you'll have to replace it with prompt=consent.

• Added Trakt OAuth2 provider (#6338; thanks @​aidan-)

• Added support for case-insensitive password auth based on the related UNIQUE index field collation (#6337).

• Enforced when_required for the new AWS SDK request and response checksum validations to allow other non-AWS vendors to catch up with new AWS SDK changes (see #6313 and aws/aws-sdk-go-v2#2960). You can set the environment variables AWS_REQUEST_CHECKSUM_CALCULATION and AWS_RESPONSE_CHECKSUM_VALIDATION to when_supported if your S3 vendor supports the new default integrity protections.

• Soft-deprecated Record.GetUploadedFiles in favor of Record.GetUnsavedFiles to minimize the ambiguities what the method do (#6269).

• Replaced archived github.com/AlecAivazis/survey dependency with a simpler osutils.YesNoPrompt(message, fallback) helper.

• Upgraded to golang-jwt/jwt/v5.

• Added JSVM new Timezone(name) binding for constructing time.Location value (#6219).

• Added inflector.Camelize(str) and inflector.Singularize(str) helper methods.

• Use the non-transactional app instance during the realtime records delete access checks to ensure that cascade deleted records with API rules relying on the parent will be resolved.

• Other minor improvements (replaced all bool exists db scans with int for broader drivers compatibility, updated API Preview sample error responses, updated UI dependencies, etc.)

Changelog

Sourced from github.com/pocketbase/pocketbase's changelog.

v0.25.3

• Added a temporary exception for Backblaze S3 endpoints to exclude the new aws-sdk-go-v2 checksum headers (#6440).

v0.25.2

• Fixed realtime delete event not being fired for RecordProxy-ies and added basic realtime record resolve automated tests (#6433).

v0.25.1

• Fixed the batch API Preview success sample response.

• Bumped GitHub action min Go version to 1.23.6 as it comes with a minor security fix for the ppc64le build.

v0.25.0

• ⚠️ Upgraded Google OAuth2 auth, token and userinfo endpoints to their latest versions. For users that don't do anything custom with the Google OAuth2 data or the OAuth2 auth URL, this should be a non-breaking change. The exceptions that I could find are:

  • /v3/userinfo auth response changes:

    meta.rawUser.id             => meta.rawUser.sub
    meta.rawUser.verified_email => meta.rawUser.email_verified
    

  • /v2/auth query parameters changes: If you are specifying custom approval_prompt=force query parameter for the OAuth2 auth URL, you'll have to replace it with prompt=consent.

• Added Trakt OAuth2 provider (#6338; thanks @​aidan-)

• Added support for case-insensitive password auth based on the related UNIQUE index field collation (#6337).

• Enforced when_required for the new AWS SDK request and response checksum validations to allow other non-AWS vendors to catch up with new AWS SDK changes (see #6313 and aws/aws-sdk-go-v2#2960). You can set the environment variables AWS_REQUEST_CHECKSUM_CALCULATION and AWS_RESPONSE_CHECKSUM_VALIDATION to when_supported if your S3 vendor supports the new default integrity protections.

• Soft-deprecated Record.GetUploadedFiles in favor of Record.GetUnsavedFiles to minimize the ambiguities what the method do (#6269).

• Replaced archived github.com/AlecAivazis/survey dependency with a simpler osutils.YesNoPrompt(message, fallback) helper.

• Upgraded to golang-jwt/jwt/v5.

• Added JSVM new Timezone(name) binding for constructing time.Location value (#6219).

• Added inflector.Camelize(str) and inflector.Singularize(str) helper methods.

• Use the non-transactional app instance during the realtime records delete access checks to ensure that cascade deleted records with API rules relying on the parent will be resolved.

• Other minor improvements (replaced all bool exists db scans with int for broader drivers compatibility, updated API Preview sample error responses, updated UI dependencies, etc.)

Commits

• c0b7762 #6440 added a temporary exception for Backblaze S3 endpoints to exclude the...
• 2e26f61 updated changelog
• 59f98ca fixed flaky realtime record resolve test
• 2a1fdc1 added realtime api record resolve tests
• f767af0 bumped app version
• 920e893 #6433 fixed realtime delete event for RecordProxy and other custom record m...
• 048e534 bumped app version
• acd7210 fixed batch API Preview sample response
• fa343c3 fixed changelog typos
• d3aac57 updated changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #21.