Skip to content

security: update pgx/v5 to v5.9.2 (critical)#2661

Closed
coffeegoddd wants to merge 1 commit into
mainfrom
dependabot/pgx-v5.9.2
Closed

security: update pgx/v5 to v5.9.2 (critical)#2661
coffeegoddd wants to merge 1 commit into
mainfrom
dependabot/pgx-v5.9.2

Conversation

@coffeegoddd
Copy link
Copy Markdown
Contributor

@coffeegoddd coffeegoddd commented Apr 28, 2026

Summary

Test plan

  • CI passes
  • Postgres client integration tests pass

🤖 Generated with Claude Code

@coffeegoddd @claude
security: update pgx/v5 to v5.9.2 (critical)
1059130 
Fixes Dependabot alerts:
- #54 (critical: memory-safety vulnerability, CVE-2026-33816)
- #58 (low: SQL injection via placeholder confusion with dollar-quoted strings)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@coffeegoddd
Copy link
Copy Markdown
Contributor Author

coffeegoddd commented Apr 28, 2026

Closing in favor of Dependabot PR #2654 which covers the same pgx/v5 upgrade.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 28, 2026

Main PR
covering_index_scan_postgres 1293.07/s ${\color{red}DNF}$
index_join_postgres 194.59/s ${\color{red}DNF}$
index_join_scan_postgres 207.49/s ${\color{red}DNF}$
index_scan_postgres 11.78/s ${\color{red}DNF}$
oltp_point_select 2298.15/s ${\color{red}DNF}$
oltp_read_only 1839.43/s ${\color{red}DNF}$
select_random_points 130.32/s ${\color{red}DNF}$
select_random_ranges 1054.01/s ${\color{red}DNF}$
table_scan_postgres 11.49/s ${\color{red}DNF}$
types_table_scan_postgres 5.25/s ${\color{red}DNF}$

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@coffeegoddd