Sourced from github.com/jackc/pgx/v5's changelog.

5.7.5 (May 17, 2025)

• Support sslnegotiation connection option (divyam234)
• Update golang.org/x/crypto to v0.37.0. This placates security scanners that were unable to see that pgx did not use the behavior affected by https://pkg.go.dev/vuln/GO-2025-3487.
• TraceLog now logs Acquire and Release at the debug level (dave sinclair)
• Add support for PGTZ environment variable
• Add support for PGOPTIONS environment variable
• Unpin memory used by Rows quicker
• Remove PlanScan memoization. This resolves a rare issue where scanning could be broken for one type by first scanning another. The problem was in the memoization system and benchmarking revealed that memoization was not providing any meaningful benefit.

• 15bca4a Release v5.7.5
• 1d557f9 Remove PlanScan memoization
• de7fe81 Use reflect.TypeFor instead of reflect.TypeOf
• d9eb089 Remove unused function
• 6be24eb Fix comment typo
• 07871c0 Zero internal baseRows references to allow GC earlier
• 777e7e5 Merge pull request #2313 from stampy88/tracelog_pool_additions
• 151bd02 Switched to LogLevelDebug
• 540fcaa Add support for PGOPTIONS environment variable
• 3a248e3 Add support for PGTZ environment variable
• Additional commits viewable in compare view

• 506c70f errgroup: propagate panic and Goexit through Wait
• See full diff in compare view

Sourced from google.golang.org/grpc's releases.

Release 1.72.1

Bug Fixes

• client: HTTP Proxy connections are no longer attempted for addresses with non-TCP network types. (#8215)
• client: Fix bug that causes RPCs to fail with status INTERNAL instead of CANCELLED or DEADLINE_EXCEEDED when receiving a RST_STREAM frame in the middle of the gRPC message. (#8289)

• 4cf3cf7 Change version to 1.72.1 (#8319)
• 537fe8d transport: Propagate status code on receiving RST_STREAM during message read ...
• f32eab3 cherry-pick #8302 and #8304 to v1.72.x branch (#8303)
• 7fcfc87 internal/delegatingresolver: avoid proxy if networktype of target address is ...
• ad1e120 Change version to 1.72.1-dev (#8219)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions