build(deps): bump github.com/lib/pq from 1.10.3 to 1.10.9

[dependabot]

Bumps github.com/lib/pq from 1.10.3 to 1.10.9.

Release notes

Sourced from github.com/lib/pq's releases.

v1.10.9

• Fixes backwards incompat bug with 1.13.
• Fixes pgpass issue

v1.10.4

• Keep track of (context cancelled) error on connection.
• Fix android build

Commits

• 2a217b9 add version check for go 1.15 (#1123)
• d8d93a3 fix handle pgpass (#1120)
• c10fcfe remove stray debugging code
• 96e73eb conn: Implement driver.Validator, SessionResetter for cancelation
• 922c00e Update codeql-analysis.yml
• a2a3173 Update test.yml
• 3a6282f Reduced the complexity of handlePgpass (#1101)
• 133ac67 Improved the performance of CopyIn and CopyInSchema and added BufferQuoteIden...
• d5affd5 Merge pull request #1088 from kelvich/sni_support
• d65e6ae Merge pull request #1083 from nhooyr/fix-receiver-51e2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🤖 GitHub comments

Expand to view the GitHub comments

Just comment with:

• run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)

[mergify]

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @dependabot[bot]? 🙏.
For such, you'll need to label your PR with:

• The upcoming major version of the Elastic Stack
• The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-8./d is the label to automatically backport to the 8./d branch. /d is the digit
• backport-active-all is the label that automatically backports to all active branches.
• backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
• backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

[shmsr]

NOTE: We should ideally be using https://github.com/jackc/pgx as this is under active development; it is highly unlikely that github/lib/pq will get new features as per the README. So, to be able to work with the latest Postgres, it is better if we move to use pgx instead.

From the commit tree between 2 versions, it does not seem like there was a change that could potentially break things for existing users.

[ishleenk17]

@shmsr : Could we please add the test details here.

[shmsr]

Test Plan: PostgreSQL Module

Test Environment

• PostgreSQL Version: 12.x
• github.com/lib/pq Version: 1.10.9 (upgraded from 1.10.3)
• Connection: postgres://localhost:5432?sslmode=disable
• Credentials: postgres/postgres

Test Results

Test Case	Status	Notes
Basic Connectivity	✅
Database Metricset	✅
BGWriter Metricset	✅
Activity Metricset	✅
Statement Metricset	✅
All Metricsets	✅	Ran it for a while to check if connections are constantly rising
Invalid Connection	✅
Diff of documents produced by Postgres module with older v/s newer version of the lib	✅	The diff seems to be correct and I do not see any any issues

[tommyers-elastic]

NOTE: We should ideally be using https://github.com/jackc/pgx as this is under active development; it is highly unlikely that github/lib/pq will get new features as per the README. So, to be able to work with the latest Postgres, it is better if we move to use pgx instead.

From the commit tree between 2 versions, it does not seem like there was a change that could potentially break things for existing users.

where is this note from?

[shmsr]

github.com/lib/pq

Here: https://github.com/lib/pq?tab=readme-ov-file#status

NOTE: We should ideally be using https://github.com/jackc/pgx as this is under active development; it is highly unlikely that github/lib/pq will get new features as per the README. So, to be able to work with the latest Postgres, it is better if we move to use pgx instead.

From the commit tree between 2 versions, it does not seem like there was a change that could potentially break things for existing users.

where is this note from?

Here: https://github.com/lib/pq?tab=readme-ov-file#status

[shmsr]

Waiting the for CI to be fixed. Fix is currently being worked on.

[shmsr]

@tommyers-elastic / @lalit-satapathy Can you please approve this PR?