chore(deps): bump github.com/nats-io/nats-server/v2 from 2.12.2 to 2.12.3 #2609

Closed

dependabot[bot] wants to merge 1 commit from refs/pull/2609/head into staging

dependabot[bot] commented

2025-12-22 02:14:54 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #2194
Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2194
Original created: 2025-12-22T02:14:54Z
Original updated: 2026-02-02T02:28:53Z
Original head: carverauto/serviceradar:dependabot/go_modules/github.com/nats-io/nats-server/v2-2.12.3
Original base: staging

Bumps github.com/nats-io/nats-server/v2 from 2.12.2 to 2.12.3.

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.12.3

Changelog

Refer to the 2.12 Upgrade Guide for backwards compatibility notes with 2.11.x.

Go Version

1.25.5 (#7604)

Dependencies

github.com/google/go-tpm v0.9.7 (#7578)

github.com/nats-io/nkeys v0.4.12 (#7578)

golang.org/x/crypto v0.45.0 (#7578)

github.com/klauspost/compress v1.18.2 (#7604)

github.com/antithesishq/antithesis-sdk-go v0.5.0-default-no-op (#7604)

golang.org/x/crypto v0.46.0 (#7648)

golang.org/x/sys v0.39.0 (#7648)

Added

General

Added WebSocket-specific ping interval configuration with ping_internal in the websocket block (#7614)

Improved

JetStream

The scan for the last sourced message sequence when setting up a subject-filtered source is now considerably faster (#7553)

The metalayer will now stage and deduplicate recovery operations at startup, instead of rapidly applying and then undoing conflicting assignments (#7540)

Consumer interest checks on interest-based streams are now significantly faster when there are large gaps in interest (#7656)

MQTT

Retained messages will now work correctly even when sourced from a different account and has a subject transform (#7636)

Fixed

General

WebSocket connections will now correctly limit the buffer size during decompression (#7625, thanks to Pavel Kokout at Aisle Research)

JetStream

A protocol error caused by an invalid transform of acknowledgement reply subjects when originating from a gateway connection has been fixed (#7579)

The meta layer will now only respond to peer remove requests after quorum has been reached (#7581)

Invalid subject filters containing non-terminating full wildcard no longer produce unexpected matches (#7585)

A data race when creating a stream in clustered mode has been fixed (#7586)

Raft will no longer allow multiple membership changes to take place concurrently (#7565, #7609)

... (truncated)

Commits

450a519 Release v2.12.3
8670ba0 Release v2.12.3-RC.5
08bb9ee Cherry-picks for 2.12.3-RC.5 (#7657)
7bd48a2 [IMPROVED] Consumer interest check with large gap
9be1774 [FIXED] Filestore desync during stream snapshot
97f0c1a Release v2.12.3-RC.4
036a3fd Cherry-picks for 2.12.3-RC.4 (#7652)
6d739fa NRG: Removed leader may reappear in membership
d2e57bf [FIXED] mb.compact updates last seq/ts
8e732b2 [FIXED] Filestore idx mismatch & 'no idx present' errors
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Imported from GitHub pull request. Original GitHub pull request: #2194 Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2194 Original created: 2025-12-22T02:14:54Z Original updated: 2026-02-02T02:28:53Z Original head: carverauto/serviceradar:dependabot/go_modules/github.com/nats-io/nats-server/v2-2.12.3 Original base: staging --- Bumps [github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server) from 2.12.2 to 2.12.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nats-io/nats-server/releases">github.com/nats-io/nats-server/v2's releases</a>.</em></p> <blockquote> <h2>Release v2.12.3</h2> <h2>Changelog</h2> <p>Refer to the <a href="https://docs.nats.io/release-notes/whats_new/whats_new_212">2.12 Upgrade Guide</a> for backwards compatibility notes with 2.11.x.</p> <h3>Go Version</h3> <ul> <li>1.25.5 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7604">#7604</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>github.com/google/go-tpm v0.9.7 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7578">#7578</a>)</li> <li>github.com/nats-io/nkeys v0.4.12 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7578">#7578</a>)</li> <li>golang.org/x/crypto v0.45.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7578">#7578</a>)</li> <li>github.com/klauspost/compress v1.18.2 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7604">#7604</a>)</li> <li>github.com/antithesishq/antithesis-sdk-go v0.5.0-default-no-op (<a href="https://redirect.github.com/nats-io/nats-server/issues/7604">#7604</a>)</li> <li>golang.org/x/crypto v0.46.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7648">#7648</a>)</li> <li>golang.org/x/sys v0.39.0 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7648">#7648</a>)</li> </ul> <h3>Added</h3> <p>General</p> <ul> <li>Added WebSocket-specific ping interval configuration with <code>ping_internal</code> in the <code>websocket</code> block (<a href="https://redirect.github.com/nats-io/nats-server/issues/7614">#7614</a>)</li> </ul> <h3>Improved</h3> <p>JetStream</p> <ul> <li>The scan for the last sourced message sequence when setting up a subject-filtered source is now considerably faster (<a href="https://redirect.github.com/nats-io/nats-server/issues/7553">#7553</a>)</li> <li>The metalayer will now stage and deduplicate recovery operations at startup, instead of rapidly applying and then undoing conflicting assignments (<a href="https://redirect.github.com/nats-io/nats-server/issues/7540">#7540</a>)</li> <li>Consumer interest checks on interest-based streams are now significantly faster when there are large gaps in interest (<a href="https://redirect.github.com/nats-io/nats-server/issues/7656">#7656</a>)</li> </ul> <p>MQTT</p> <ul> <li>Retained messages will now work correctly even when sourced from a different account and has a subject transform (<a href="https://redirect.github.com/nats-io/nats-server/issues/7636">#7636</a>)</li> </ul> <h3>Fixed</h3> <p>General</p> <ul> <li>WebSocket connections will now correctly limit the buffer size during decompression (<a href="https://redirect.github.com/nats-io/nats-server/issues/7625">#7625</a>, thanks to Pavel Kokout at Aisle Research)</li> </ul> <p>JetStream</p> <ul> <li>A protocol error caused by an invalid transform of acknowledgement reply subjects when originating from a gateway connection has been fixed (<a href="https://redirect.github.com/nats-io/nats-server/issues/7579">#7579</a>)</li> <li>The meta layer will now only respond to peer remove requests after quorum has been reached (<a href="https://redirect.github.com/nats-io/nats-server/issues/7581">#7581</a>)</li> <li>Invalid subject filters containing non-terminating full wildcard no longer produce unexpected matches (<a href="https://redirect.github.com/nats-io/nats-server/issues/7585">#7585</a>)</li> <li>A data race when creating a stream in clustered mode has been fixed (<a href="https://redirect.github.com/nats-io/nats-server/issues/7586">#7586</a>)</li> <li>Raft will no longer allow multiple membership changes to take place concurrently (<a href="https://redirect.github.com/nats-io/nats-server/issues/7565">#7565</a>, <a href="https://redirect.github.com/nats-io/nats-server/issues/7609">#7609</a>)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nats-io/nats-server/commit/450a519adf9c53e3d86623bb423dcad5e658ae78"><code>450a519</code></a> Release v2.12.3</li> <li><a href="https://github.com/nats-io/nats-server/commit/8670ba0073be3e12300a31e0f877dd432ef4c70c"><code>8670ba0</code></a> Release v2.12.3-RC.5</li> <li><a href="https://github.com/nats-io/nats-server/commit/08bb9ee8fa0a8b6a5527ef904f887835ff8773e9"><code>08bb9ee</code></a> Cherry-picks for 2.12.3-RC.5 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7657">#7657</a>)</li> <li><a href="https://github.com/nats-io/nats-server/commit/7bd48a2f3ccbfc026bbd301e965bc0d675eedf79"><code>7bd48a2</code></a> [IMPROVED] Consumer interest check with large gap</li> <li><a href="https://github.com/nats-io/nats-server/commit/9be1774b16df2e099a1f0ff050c78d11eadeae99"><code>9be1774</code></a> [FIXED] Filestore desync during stream snapshot</li> <li><a href="https://github.com/nats-io/nats-server/commit/97f0c1a8bc74e50decc92901087c7ec1331349ff"><code>97f0c1a</code></a> Release v2.12.3-RC.4</li> <li><a href="https://github.com/nats-io/nats-server/commit/036a3fda5bdcc4026af69bfaeee13a8c9eb02936"><code>036a3fd</code></a> Cherry-picks for 2.12.3-RC.4 (<a href="https://redirect.github.com/nats-io/nats-server/issues/7652">#7652</a>)</li> <li><a href="https://github.com/nats-io/nats-server/commit/6d739faa5c78751b2cfbb4218cf55fb67f792430"><code>6d739fa</code></a> NRG: Removed leader may reappear in membership</li> <li><a href="https://github.com/nats-io/nats-server/commit/d2e57bf2e8df37cbb354141ca21cc6a7362576e2"><code>d2e57bf</code></a> [FIXED] mb.compact updates last seq/ts</li> <li><a href="https://github.com/nats-io/nats-server/commit/8e732b2dafd27a4be7d615d928cb7ffec417e337"><code>8e732b2</code></a> [FIXED] Filestore idx mismatch & 'no idx present' errors</li> <li>Additional commits viewable in <a href="https://github.com/nats-io/nats-server/compare/v2.12.2...v2.12.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/nats-io/nats-server/v2&package-manager=go_modules&previous-version=2.12.2&new-version=2.12.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

dependabot[bot] commented

2026-02-02 02:28:51 +00:00

(Migrated from github.com)

Author

Owner

Imported GitHub PR comment.

Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/2194#issuecomment-3832589452
Original created: 2026-02-02T02:28:51Z

Superseded by #2663.

Imported GitHub PR comment. Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/2194#issuecomment-3832589452 Original created: 2026-02-02T02:28:51Z --- Superseded by #2663.