Bump github.com/pocketbase/pocketbase from 0.24.4 to 0.26.1

[dependabot]

Bumps github.com/pocketbase/pocketbase from 0.24.4 to 0.26.1.

Release notes

Sourced from github.com/pocketbase/pocketbase's releases.

v0.26.1 Release

To update the prebuilt executable you can run ./pocketbase update.

• Removed the wrapping of io.EOF error when reading files since currently io.ReadAll doesn't check for wrapped errors (#6600).

v0.26.0 Release

To update the prebuilt executable you can run ./pocketbase update.

• ⚠️ Replaced aws-sdk-go-v2 and gocloud.dev/blob with custom lighter implementation (#6562). As a side-effect of the dependency removal, the binary size has been reduced with ~10MB and builds ~30% faster. Although the change is expected to be backward-compatible, I'd recommend to test first locally the new version with your S3 provider (if you use S3 for files storage and backups).

• ⚠️ Prioritized the user submitted non-empty createData.email (it will be unverified) when creating the PocketBase user during the first OAuth2 auth.

• Load the request info context during password/OAuth2/OTP authentication (#6402). This could be useful in case you want to target the auth method as part of the MFA and Auth API rules. For example, to disable MFA for the OAuth2 auth could be expressed as @request.context != "oauth2" MFA rule.

• Added store.Store.SetFunc(key, func(old T) new T) to set/update a store value with the return result of the callback in a concurrent safe manner.

• Added subscription.Message.WriteSSE(w, id) for writing an SSE formatted message into the provided writer interface (used mostly to assist with the unit testing).

• Added $os.stat(file) JSVM helper (#6407).

• Added log warning for async marked JSVM handlers and resolve when possible the returned Promise as fallback (#6476).

• Allowed calling cronAdd, cronRemove from inside other JSVM handlers (#6481).

• Bumped the default request read and write timeouts to 5mins (old 3mins) to accommodate slower internet connections and larger file uploads/downloads. If you want to change them you can modify the OnServe hook's ServeEvent.ReadTimeout/WriteTimeout fields as shown in #6550.

• Normalized the @request.auth.* and @request.body.* back relations resolver to always return null when the relation field is pointing to a different collection (#6590).

• Other minor improvements (fixed query dev log nested parameters output, reintroduced DynamicModel object/array props reflect types caching, updated Go and npm deps, etc.)

v0.26.0-rc.1 Prerelease

[!CAUTION] This is a prerelease intended for test and experimental purposes only in relation to the removal of the aws-sdk-go-v2 dependency!

v0.25.9 Release

To update the prebuilt executable you can run ./pocketbase update.

• Fixed DynamicModel object/array props reflect type caching (#6563).

v0.25.8 Release

To update the prebuilt executable you can run ./pocketbase update.

• Added a default leeway of 5 minutes for the Apple/OIDC id_token timestamp claims check to account for clock-skew (#6529). It can be further customized if needed with the PB_ID_TOKEN_LEEWAY env variable (the value must be in seconds, e.g. PB_ID_TOKEN_LEEWAY=60 for 1 minute).

... (truncated)

Changelog

Sourced from github.com/pocketbase/pocketbase's changelog.

v0.26.1

• Removed the wrapping of io.EOF error when reading files since currently io.ReadAll doesn't check for wrapped errors (#6600).

v0.26.0

• ⚠️ Replaced aws-sdk-go-v2 and gocloud.dev/blob with custom lighter implementation (#6562). As a side-effect of the dependency removal, the binary size has been reduced with ~10MB and builds ~30% faster. Although the change is expected to be backward-compatible, I'd recommend to test first locally the new version with your S3 provider (if you use S3 for files storage and backups).

• ⚠️ Prioritized the user submitted non-empty createData.email (it will be unverified) when creating the PocketBase user during the first OAuth2 auth.

• Load the request info context during password/OAuth2/OTP authentication (#6402). This could be useful in case you want to target the auth method as part of the MFA and Auth API rules. For example, to disable MFA for the OAuth2 auth could be expressed as @request.context != "oauth2" MFA rule.

• Added store.Store.SetFunc(key, func(old T) new T) to set/update a store value with the return result of the callback in a concurrent safe manner.

• Added subscription.Message.WriteSSE(w, id) for writing an SSE formatted message into the provided writer interface (used mostly to assist with the unit testing).

• Added $os.stat(file) JSVM helper (#6407).

• Added log warning for async marked JSVM handlers and resolve when possible the returned Promise as fallback (#6476).

• Allowed calling cronAdd, cronRemove from inside other JSVM handlers (#6481).

• Bumped the default request read and write timeouts to 5mins (old 3mins) to accommodate slower internet connections and larger file uploads/downloads. If you want to change them you can modify the OnServe hook's ServeEvent.ReadTimeout/WriteTimeout fields as shown in #6550.

• Normalized the @request.auth.* and @request.body.* back relations resolver to always return null when the relation field is pointing to a different collection (#6590).

• Other minor improvements (fixed query dev log nested parameters output, reintroduced DynamicModel object/array props reflect types caching, updated Go and npm deps, etc.)

v0.25.9

• Fixed DynamicModel object/array props reflect type caching (#6563).

v0.25.8

• Added a default leeway of 5 minutes for the Apple/OIDC id_token timestamp claims check to account for clock-skew (#6529). It can be further customized if needed with the PB_ID_TOKEN_LEEWAY env variable (the value must be in seconds, e.g. "PB_ID_TOKEN_LEEWAY=60" for 1 minute).

v0.25.7

• Fixed @request.body.jsonObjOrArr.* values extraction (#6493).

... (truncated)

Commits

• e6573d2 #6600 removed filesystem io.EOF error wrapping
• 8aa3545 updated changelog
• 7f7d451 updated go deps
• 44007a7 reorganized sqlLogReplacements
• 613af90 bumped app version
• 64e2931 fixed sql nested json value dev print log
• 6e9ecb2 updated modernc.org/sqlite dependency
• 04a3dc7 fixed typos and pass the correct custom abortCtx
• 24c4b63 #6590 apply nullifyMisingField for request.auth.* and request.body.* back r...
• 4ced91f updated ui/dist
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #30.