build(deps): bump github.com/pocketbase/pocketbase from 0.35.0 to 0.38.1

[dependabot]

Bumps github.com/pocketbase/pocketbase from 0.35.0 to 0.38.1.

Release notes

Sourced from github.com/pocketbase/pocketbase's releases.

v0.38.1 Release

To update the prebuilt executable you can run ./pocketbase update.

• Silenced the superuser IPs confirmation if there is no change.

• Updated the experimental UI extensions APIs to allow top-level await in the initialization script.

• Force unset the auth state of existing realtime connections on user password, collection secret, etc. changes. This is not strictly necessary because the realtime connections have short-lived idle timeout by design but nonetheless it was implemented to minimize the attack vectors.

• Added error marker for each collection tab and fixed the styles of the raw errors tooltip.

• Fixed indexes collection update error (#7689). ⚠️ The fix comes with a system migration that resaves all collections with indexes to ensure that all indexes are normalized and available in the Collection.Indexes field (it will also include indexes created manually via the sqlite3 cli or other external tool). If you are using a test pb_data for your Go automation tests you may want to apply the migration to it too so that it runs only once and not for each execution of your tests, aka. you could run once go run main.go migrate up --dir="/path/to/test_pb_data".

• Updated modernc.org/sqlite to v1.50.1 (SQLite 3.53.1).

• Other minor fixes (updated API preview examples, fixed code comment typos, etc.).

v0.38.0 Release

To update the prebuilt executable you can run ./pocketbase update.

• Fixed UI logs pagination when no custom range is specified.

• Fixed default CSP not allowing audio/video previews (#7677).

• Serve fixed Content-Type for .xlsx, .docx and .pptx files to allow previews on iOS (#7467).

• Changed settings app URL input to type="text" for compatibility with earlier versions (#7681).

• Added an internal watcher to sync various runtime states between multiple PocketBase processes (e.g. memory store) using the same pb_data. This is helpful in case for example a separate PocketBase console command change the collections or application settings while the server is still running. The watcher is debounced and implemented by watching the special pb_data/.notify dir as a workaround to avoid depending on OS and SQLite driver specific APIs.

• Added new Superuser IPs/CIDR subnets whitelist setting. The optional setting can be changed from the UI under Dasboard > Settings > Application > Superuser IPs. To avoid lockout in case your superuser IP change, the ips whitelist can be updated also via the superuser ips console command:

  # note: --dir is optional and defaults to pb_data next to the executable
  clear whitelisted IPs
  ./pocketbase superuser ips --dir=/custom/path/to/pb_data
  OR change the whitelisted IPs to 127.0.0.1 and 10.0.0.0 (replace with your real IP(s))
  ./pocketbase superuser ips 127.0.0.1 10.0.0.0 --dir=/custom/path/to/pb_data

• Added rate limit option to exclude IPs/CIDR subnets (#6410).

... (truncated)

Changelog

Sourced from github.com/pocketbase/pocketbase's changelog.

v0.38.1

• Silenced the superuser IPs confirmation if there is no change.

• Updated the experimental UI extensions APIs to allow top-level await in the initialization script.

• Force unset the auth state of existing realtime connections on user password, collection secret, etc. changes. This is not strictly necessary because the realtime connections have short-lived idle timeout by design but nonetheless it was implemented to minimize the attack vectors.

• Added error marker for each collection tab and fixed the styles of the raw errors tooltip.

• Fixed indexes collection update error (#7689). ⚠️ The fix comes with a system migration that resaves all collections with indexes to ensure that all indexes are normalized and available in the Collection.Indexes field (it will also include indexes created manually via the sqlite3 cli or other external tool). If you are using a test pb_data for your Go automation tests you may want to apply the migration to it too so that it runs only once and not for each execution of your tests, aka. you could run once go run main.go migrate up --dir="/path/to/test_pb_data".

• Updated modernc.org/sqlite to v1.50.1 (SQLite 3.53.1).

• Other minor fixes (updated API preview examples, fixed code comment typos, etc.).

v0.38.0

• Fixed UI logs pagination when no custom range is specified.

• Fixed default CSP not allowing audio/video previews (#7677).

• Serve fixed Content-Type for .xlsx, .docx and .pptx files to allow previews on iOS (#7467).

• Changed settings app URL input to type="text" for compatibility with earlier versions (#7681).

• Added an internal watcher to sync various runtime states between multiple PocketBase processes (e.g. memory store) using the same pb_data. This is helpful in case for example a separate PocketBase console command change the collections or application settings while the server is still running. The watcher is debounced and implemented by watching the special pb_data/.notify dir as a workaround to avoid depending on OS and SQLite driver specific APIs.

• Added new Superuser IPs/CIDR subnets whitelist setting. The optional setting can be changed from the UI under Dasboard > Settings > Application > Superuser IPs. To avoid lockout in case your superuser IP change, the ips whitelist can be updated also via the superuser ips console command:

  # note: --dir is optional and defaults to pb_data next to the executable
  clear whitelisted IPs
  ./pocketbase superuser ips --dir=/custom/path/to/pb_data
  OR change the whitelisted IPs to 127.0.0.1 and 10.0.0.0 (replace with your real IP(s))
  ./pocketbase superuser ips 127.0.0.1 10.0.0.0 --dir=/custom/path/to/pb_data

• Added rate limit option to exclude IPs/CIDR subnets (#6410).

• Bumped min Go GitHub action version to 1.26.3 because it comes with some minor bug and security fixes.

... (truncated)

Commits

• a286d28 fixed changelog typo
• 5cff808 updated error message and regenerated jsvm types
• 45e3ca6 normalized scaffold indexes
• 9c8557a updated changelog
• 8d7e3ab #7689 fixed indexes update collection error
• 9d50e20 updated api preview examples
• fbf4f3e updated modernc.org/sqlite
• 820b9af added error marker for each collection tab and fixed the styles of the raw er...
• b061673 updated test to trigger the entire save hook chain
• c9c47dc removed duplicated entry from the backport changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)