chore(deps): bump the all group across 2 directories with 7 updates

[dependabot]

Bumps the all group with 2 updates in the / directory: golang.org/x/sync and golang.org/x/time.
Bumps the all group with 5 updates in the /examples directory:

Package	From	To
charm.land/bubbles/v2	2.0.0-beta.1.0.20251106192719-c2b822795a69	2.0.0
charm.land/lipgloss/v2	2.0.0	2.0.1
github.com/charmbracelet/x/editor	0.1.0	0.2.0
github.com/pkg/sftp	1.13.7	1.13.10
github.com/spf13/cobra	1.8.1	1.10.2

Updates golang.org/x/sync from 0.19.0 to 0.20.0

Commits

• ec11c4a errgroup: fix a typo in the documentation
• 1a58307 all: modernize interface{} -> any
• 3172ca5 all: upgrade go directive to at least 1.25.0 [generated]
• See full diff in compare view

Updates golang.org/x/time from 0.9.0 to 0.15.0

Commits

• 812b343 all: upgrade go directive to at least 1.25.0 [generated]
• 2b4e439 rate: use time.Time.Equal instead of ==
• c0b0320 all: upgrade go directive to at least 1.24.0 [generated]
• 1616a7f rate: skip time.Now call in Sometimes.Do unless necessary
• 0c50ed8 all: upgrade go directive to at least 1.23.0 [generated]
• 66520f6 rate: simplify function advance only returns new Tokens to caller
• 2c6c5a2 rate: prevent overflows when calculating durationFromTokens
• See full diff in compare view

Updates charm.land/bubbles/v2 from 2.0.0-beta.1.0.20251106192719-c2b822795a69 to 2.0.0

Release notes

Sourced from charm.land/bubbles/v2's releases.

v2.0.0

Bubbles v2 is here! 🫧

We're thrilled to share Bubbles v2 with you! This release accompanies Bubble Tea v2 and Lip Gloss v2 and brings a ton of consistency, new features, and quality-of-life improvements across every component. Catch 'em all:

go get charm.land/bubbletea/v2
go get charm.land/bubbles/v2
go get charm.land/lipgloss/v2

You can also check the Upgrade Guide for more info.

There are a lot of changes in here, but we've found upgrading pretty easy, especially with a linter. Read on for the full breakdown!

[!NOTE] When in doubt, check the examples for reference — they've all been updated for v2.

🏠 New Home

Bubbles v2 now lives at charm.land:

import "charm.land/bubbles/v2"

All sub-packages follow the same pattern: charm.land/bubbles/v2/viewport, charm.land/bubbles/v2/list, etc.

🎨 Light and Dark Styles

Some Bubbles, like help, offer default styles for both light and dark backgrounds. Since Lip Gloss v2 removes AdaptiveColor, choosing light or dark is now a manual process. You've got a couple of options.

🎩 The Best Way

Have Bubble Tea query the background color for you. This properly queries the correct inputs and outputs, and happens in lockstep with your application:

func (m model) Init() tea.Cmd {
    return tea.RequestBackgroundColor
}
func (m model) Update(msg tea.Msg) (tea.Model, tea.Cmd) {
switch msg := msg.(type) {
case tea.BackgroundColorMsg:
m.help.Styles = help.DefaultStyles(msg.IsDark())
return m, nil
}
// ...
</tr></table>

... (truncated)

Commits

• See full diff in compare view

Updates charm.land/lipgloss/v2 from 2.0.0 to 2.0.1

Release notes

Sourced from charm.land/lipgloss/v2's releases.

v2.0.1

A small release to properly set style underline colors, as well as handling partial reads while querying the terminal.

Changelog

Fixed

• 30441468e81b8d5322c78e7a78cac1aaf6b1b57d: fix: add missing underlineColorKey case in getAsColor (#624) (@​flux627)

Docs

• 61e734b4628b1f808f2a40dde55c8886432a110b: docs: Charm logo link in upgrade guide (@​aymanbagabas)

Other stuff

• 92b13d8d3982df42416dddcad755f8700d5f1a76: ci: sync golangci-lint config (#621) (@​github-actions[bot])

---

Thoughts? Questions? We love hearing from you. Feel free to reach out on X, Discord, Slack, The Fediverse, Bluesky.

Commits

• bffdafb chore(deps): bump the all group with 2 updates (#626)
• 92b13d8 ci: sync golangci-lint config (#621)
• 3044146 fix: add missing underlineColorKey case in getAsColor (#624)
• 1dd352c Merge pull request #619 from MartinodF/patch-4
• 61e734b docs: Charm logo link in upgrade guide
• See full diff in compare view

Updates github.com/charmbracelet/x/editor from 0.1.0 to 0.2.0

Commits

• 245c578 chore(term): drop input
• 61de596 feat(windows): add windows console read api
• 13e74f1 feat: remove exp/term (#153)
• e2dc8b5 chore(deps): bump github.com/creack/pty from 1.1.21 to 1.1.23 in /xpty (#154)
• 09454c3 chore(deps): bump github.com/creack/pty in /exp/term (#155)
• d72bfb0 fix(ansi): kitty: remove SetKittyKeyboard
• 759c05a fix(ansi): kitty: godocs disabling mode
• 64f64bd feat(ansi): xterm: modifyotherkeys
• a29dab6 feat: add kitty keyboard set flags sequence
• 7451802 feat: support FocusIn/FocusOut (#152)
• Additional commits viewable in compare view

Updates github.com/pkg/sftp from 1.13.7 to 1.13.10

Release notes

Sourced from github.com/pkg/sftp's releases.

v1.13.10 - maintenance release

We’ve made a bunch of little fixes here and there, and I imagine the tests alone could benefit from a proper release to various systems automations.

What's Changed

• Update crypto version to v0.35.0 sftp#625 by @​kbutz in pkg/sftp#626
• go.mod: set the minimum version to 1.23.0 as x/crypto by @​drakkan in pkg/sftp#628
• run go mod tidy by @​drakkan in pkg/sftp#629
• Fix SSH subsystemrequest usage by @​puellanivis in pkg/sftp#632
• Updating go packages by @​Farokhcpu in pkg/sftp#635
• add security policy by @​drakkan in pkg/sftp#637
• Fix typos in InMemHandler comments by @​KleeKitz in pkg/sftp#640
• Don't use LICENSE as a self-test sample file by @​jas4711 in pkg/sftp#638
• Accept '-' in usernames for ls self-test by @​jas4711 in pkg/sftp#639

New Contributors

• @​kbutz made their first contribution in pkg/sftp#626
• @​Farokhcpu made their first contribution in pkg/sftp#635
• @​KleeKitz made their first contribution in pkg/sftp#640
• @​jas4711 made their first contribution in pkg/sftp#638

Full Changelog: pkg/sftp@v1.13.9...v1.13.10

v1.13.9 - better Remove errors, short-circuit unsupported fsync, and ReadFull for readfrom

What's Changed

• Backport v2/Client.Remove and File.Sync by @​puellanivis in pkg/sftp#618
• perf: ensure full write buffer for *File.ReadFrom by @​justfalter in pkg/sftp#623

New Contributors

• @​justfalter made their first contribution in pkg/sftp#623

Full Changelog: pkg/sftp@v1.13.8...v1.13.9

v1.13.8 - readAt bug fix and drive enumeration for Windows

What's Changed

• Bump golang.org/x/crypto from 0.17.0 to 0.31.0 by @​dependabot in pkg/sftp#607
• server.go: "/" for windows by @​powellnorma in pkg/sftp#571
• Issue #609 - clarify what 'path contains a regular file' actually means by @​puellanivis in pkg/sftp#611
• fix: readAt() occasional hang in concurrent reads by @​cloudsbit in pkg/sftp#621

New Contributors

• @​powellnorma made their first contribution in pkg/sftp#571
• @​cloudsbit made their first contribution in pkg/sftp#621

Full Changelog: pkg/sftp@v1.13.7...v1.13.8

Commits

• 939b203 Merge pull request #639 from jas4711/test-username-regexp
• ab738a1 Merge pull request #638 from jas4711/use-sample-file
• 6b96da1 Merge pull request #640 from KleeKitz/patch-1
• 0af9d9e Fix typos in InMemHandler comments
• 935fe8e Improve regexp for valid usernames in ls self-test
• 36e0a6f Don't use LICENSE as a self-test sample file
• ad5b1e7 Update SECURITY.md
• ff15937 Merge pull request #637 from drakkan/security
• 1871076 add security policy
• ac1008f Merge pull request #635 from Farokhcpu/updating-go-packages
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.8.1 to 1.10.2

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.2

🔧 Dependencies

• chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in spf13/cobra#2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

• Fix linter and allow CI to pass by @​marckhouzam in spf13/cobra#2327
• fix: actions/setup-go v6 by @​jpmcb in spf13/cobra#2337

🔥✍🏼 Docs

• Add documentation for repeated flags functionality by @​rvergis in spf13/cobra#2316

🍂 Refactors

• refactor: replace several vars with consts by @​htoyoda18 in spf13/cobra#2328
• refactor: change minUsagePadding from var to const by @​ssam18 in spf13/cobra#2325

🤗 New Contributors

• @​rvergis made their first contribution in spf13/cobra#2316
• @​htoyoda18 made their first contribution in spf13/cobra#2328
• @​ssam18 made their first contribution in spf13/cobra#2325
• @​dims made their first contribution in spf13/cobra#2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

v1.10.1

🐛 Fix

• chore: upgrade pflags v1.0.9 by @​jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

• Bump pflag to 1.0.8 by @​tomasaschan in spf13/cobra#2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

• If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`
• or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

... (truncated)

Commits

• 88b30ab chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 (#2336)
• 346d408 fix: actions/setup-go v6 (#2337)
• fc81d20 refactor: change minUsagePadding from var to const (#2325)
• 117698a refactor: replace several vars with consts (#2328)
• e2dd29d Add documentation for repeated flags functionality (#2316)
• 0629892 Fix linter (#2327)
• 7da941c chore: Bump pflag to v1.0.9 (#2305)
• 51d6751 Bump pflag to 1.0.8 (#2303)
• 3f3b818 Update README.md with new logo
• dcaf42e Add Periscope to the list of projects using Cobra (#2299)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions