chore: bump the gomod group in /packages/server/duckdb-server-go with 4 updates

[dependabot]

Bumps the gomod group in /packages/server/duckdb-server-go with 4 updates: github.com/apache/arrow-go/v18, github.com/duckdb/duckdb-go/v2, github.com/maypok86/otter/v2 and golang.org/x/sync.

Updates github.com/apache/arrow-go/v18 from 18.4.1 to 18.5.0

Release notes

Sourced from github.com/apache/arrow-go/v18's releases.

v18.5.0

What's Changed

• fix(parquet/pqarrow): Fix null_count column stats by @​MasslessParticle in apache/arrow-go#489
• chore: Use apache/arrow-dotnet for integration test by @​kou in apache/arrow-go#495
• feat(parquet): utilize memory allocator in serializedPageReader by @​joechenrh in apache/arrow-go#485
• chore: Bump actions/setup-python from 5.6.0 to 6.0.0 by @​dependabot[bot] in apache/arrow-go#501
• chore: Bump actions/github-script from 7.0.1 to 8.0.0 by @​dependabot[bot] in apache/arrow-go#502
• chore: Automate GitHub Releases creation and site redirect by @​kou in apache/arrow-go#497
• chore: Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in apache/arrow-go#500
• chore: Bump github.com/stretchr/testify from 1.11.0 to 1.11.1 by @​dependabot[bot] in apache/arrow-go#488
• use xnor for boolean equals function by @​Dhruvit96 in apache/arrow-go#505
• chore: Bump golang.org/x/sync from 0.16.0 to 0.17.0 by @​dependabot[bot] in apache/arrow-go#498
• chore: Bump golang.org/x/sys from 0.35.0 to 0.36.0 by @​dependabot[bot] in apache/arrow-go#499
• chore: Bump golang.org/x/tools from 0.36.0 to 0.37.0 by @​dependabot[bot] in apache/arrow-go#507
• chore(ci): fix verify_rc finding latest go by @​zeroshade in apache/arrow-go#512
• feat: Add support for specifying Timestamp ValueStr output layout by @​erezrokah in apache/arrow-go#510
• fix(arrow/cdata): Avoid calling unsafe.Slice on zero-length pointers by @​orlp in apache/arrow-go#513
• chore: Bump google.golang.org/grpc from 1.75.0 to 1.75.1 by @​dependabot[bot] in apache/arrow-go#514
• fix(arrow/compute): fix scalar comparison panic by @​zeroshade in apache/arrow-go#518
• fix(arrow/array): fix panic in dictionary builders by @​zeroshade in apache/arrow-go#517
• chore: Bump github.com/hamba/avro/v2 from 2.29.0 to 2.30.0 by @​dependabot[bot] in apache/arrow-go#508
• chore: Bump google.golang.org/protobuf from 1.36.8 to 1.36.9 by @​dependabot[bot] in apache/arrow-go#515
• fix(parquet/pqarrow): unsupported dictionary types in pqarrow by @​zeroshade in apache/arrow-go#520
• chore(parquet/metadata): use constant time compare for signature verify by @​zeroshade in apache/arrow-go#528
• build(deps): update substrait to v7 by @​zeroshade in apache/arrow-go#526
• fix(parquet): fix adaptive bloom filter duplicate hash counting, comparison logic, and GC safety by @​Mandukhai-Alimaa in apache/arrow-go#527
• chore: Bump google.golang.org/protobuf from 1.36.9 to 1.36.10 by @​dependabot[bot] in apache/arrow-go#530
• refactor(arrow): last increment of the Record -> RecordBatch migration by @​Mandukhai-Alimaa in apache/arrow-go#522
• chore: Bump github.com/google/flatbuffers from 25.2.10+incompatible to 25.9.23+incompatible by @​dependabot[bot] in apache/arrow-go#524
• chore: Bump github.com/substrait-io/substrait-go/v7 from 7.0.0 to 7.1.0 by @​dependabot[bot] in apache/arrow-go#529
• chore: Bump golang.org/x/tools from 0.37.0 to 0.38.0 by @​dependabot[bot] in apache/arrow-go#537
• chore: Bump google.golang.org/grpc from 1.75.1 to 1.76.0 by @​dependabot[bot] in apache/arrow-go#534
• chore: Bump github.com/pterm/pterm from 0.12.81 to 0.12.82 by @​dependabot[bot] in apache/arrow-go#539
• chore: Bump github.com/klauspost/compress from 1.18.0 to 1.18.1 by @​dependabot[bot] in apache/arrow-go#538
• fix: update iceberg substrait URN by @​zeroshade in apache/arrow-go#541
• optimization: comparison: when DataType is static, skip reflection by @​pixelherodev in apache/arrow-go#542
• chore: Bump actions/download-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in apache/arrow-go#550
• chore: Bump actions/upload-artifact from 4.6.2 to 5.0.0 by @​dependabot[bot] in apache/arrow-go#549
• fix(parquet/pqarrow): decoding Parquet with Arrow dict in schema by @​freakyzoidberg in apache/arrow-go#551
• feat: support conversion of chunked arrays by @​ahmed-mez in apache/arrow-go#553
• format: regenerate internal/flatbuf from arrow repo and newer flatc by @​pixelherodev in apache/arrow-go#555
• Batch of small optimizations by @​pixelherodev in apache/arrow-go#556
• perf: optimize compute.Take for fewer memory allocations by @​hamilton-earthscope in apache/arrow-go#557
• optimization: compare: avoid initializing config when it's not needed by @​pixelherodev in apache/arrow-go#563
• optimization: schema: use slices.Sort instead of sort.Slice by @​pixelherodev in apache/arrow-go#564
• doc(parquet): document arrow parquet mappings by @​amoeba in apache/arrow-go#561
• fix: Metadata.Equal comparison with keys in different order by @​zeroshade in apache/arrow-go#571
• perf(compute): optimize Take kernel for list types by @​hamilton-earthscope in apache/arrow-go#573
• chore: Bump golang.org/x/sync from 0.17.0 to 0.18.0 by @​dependabot[bot] in apache/arrow-go#567
• chore: Bump golang.org/x/sys from 0.37.0 to 0.38.0 by @​dependabot[bot] in apache/arrow-go#568

... (truncated)

Commits

• 622a802 chore: Bump golang.org/x/sync from 0.18.0 to 0.19.0 (#599)
• a4bf919 chore: Bump actions/checkout from 6.0.0 to 6.0.1 (#598)
• 9a089b1 chore: Bump golang.org/x/sys from 0.38.0 to 0.39.0 (#600)
• 64e07d9 fix(arrow/cdata): fix leaks identified by leak-sanitizer (#603)
• 77348c9 perf(parquet): minor tweaks for iceberg write improvement (#595)
• b2cd6a7 chore(arrow): Bump package version to 18.5.0 (#594)
• 2931bad new(arrow/compute): temporal rounding methods (#572)
• 7e53c0a fix(arrow/array): fix concat for out of order REE slices (#587)
• f0761d0 chore: Bump github.com/klauspost/compress from 1.18.1 to 1.18.2 (#588)
• 6d2d215 chore: Bump actions/setup-python from 6.0.0 to 6.1.0 (#589)
• Additional commits viewable in compare view

Updates github.com/duckdb/duckdb-go/v2 from 2.5.3 to 2.5.4

Release notes

Sourced from github.com/duckdb/duckdb-go/v2's releases.

v2.5.4

What's Changed

• Generalize getValue by @​taniabogatsch in duckdb/duckdb-go#69
• Make function arguments available during scalar UDF binding by @​taniabogatsch in duckdb/duckdb-go#70
• Regression test for #22 by @​mlafeldt in duckdb/duckdb-go#79
• Add script and documentation for building Go apps with local DuckDB src by @​EtgarDev in duckdb/duckdb-go#82
• Map projected columns for ChunkTableSource by @​wmTJc9IK0Q in duckdb/duckdb-go#68
• Support new prepared statement metadata functions by @​hrl20 in duckdb/duckdb-go#51
• Update mappings to DuckDB v1.4.3 by @​taniabogatsch in duckdb/duckdb-go#85
• Update DuckDB to v1.4.3 by @​mlafeldt in duckdb/duckdb-go#84

New Contributors

• @​EtgarDev made their first contribution in duckdb/duckdb-go#82
• @​hrl20 made their first contribution in duckdb/duckdb-go#51

Full Changelog: duckdb/duckdb-go@v2.5.3...v2.5.4

Commits

• 4995d31 Merge pull request #84 from mlafeldt/v1.4.3-branch
• fcce253 update to latest mappings versions
• 3a019fd Merge branch 'main' into v1.4.3-branch
• abd28c8 Merge pull request #85 from duckdb/update-mappings
• 3ec5d00 update mappings
• 45a70b6 Update DuckDB version
• 4729d81 go get -u ./...
• be077f2 Set DUCKDB_VERSION in Makefile like duckdb-go-bindings does
• cd10f47 Merge pull request #51 from hrl20/prepare-stmt-metadata
• 249ff55 merge main formatting
• Additional commits viewable in compare view

Updates github.com/maypok86/otter/v2 from 2.2.1 to 2.3.0

Release notes

Sourced from github.com/maypok86/otter/v2's releases.

v2.3.0

2.3.0 - 2025-12-22

✨Features

• A plugin for the slog logger has been added.
• The StopAllGoroutines method has been added.

🚀 Improvements

• docs: add Nuclei to projects list (#169)

🐞 Bug Fixes

• fix: the return value check in the err-not-found example (#156)
• Panics when running under synctest (#158)
• Does not build with GOARCH=wasm (#161)
• fix: treat expired item refresh as create operation in ExpiryCreating (#154)

Contributors

We'd like to thank all the contributors who worked on this release!

@​maxtwardowski @​dwisiswant0

Changelog

Sourced from github.com/maypok86/otter/v2's changelog.

2.3.0 - 2025-12-22

✨Features

• A plugin for the slog logger has been added.
• The StopAllGoroutines method has been added.

🚀 Improvements

• docs: add Nuclei to projects list (#169)

🐞 Bug Fixes

• fix: the return value check in the err-not-found example (#156)
• Panics when running under synctest (#158)
• Does not build with GOARCH=wasm (#161)
• fix: treat expired item refresh as create operation in ExpiryCreating (#154)

Commits

• a01a3c3 chore: release v2.3.0
• dbecae2 Merge pull request #169 from dwisiswant0/dwisiswant0/docs/add-Nuclei-to-proje...
• d1a4b66 docs: add Nuclei to projects list
• af06af4 Merge pull request #168 from maypok86/maypok86/Add interactor mark selection to vgplot #158-synctest
• 84dc7dd feat: add support for synctest (#158)
• 3dfefdf fix: package name
• b10d70c feat: add a plugin for slog
• 3a48e35 Merge pull request #166 from maypok86/maypok86/Kimweiss11 patch 6 #161-cacheline
• a7a72d8 Merge pull request #167 from maypok86/maypok86/What environments is Mosaic envisioned to run in? #156-example
• 769b4ef fix: the return value check in the err-not-found example (#156)
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.18.0 to 0.19.0

Commits

• 2a180e2 errgroup: use consistent read for SetLimit panic
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions