chore(deps): bump the production-dependencies group across 1 directory with 23 updates

[dependabot]

Bumps the production-dependencies group with 10 updates in the / directory:

Package	From	To
ash	3.5.22	3.5.39
ash_admin	0.13.10	0.13.18
ash_ai	0.2.2	0.2.12
ash_graphql	1.7.15	1.8.3
hackney	1.24.1	1.25.0
phoenix_ecto	4.6.4	4.6.5
sentry	11.0.1	11.0.3
swoosh	1.19.2	1.19.5
tailwind	0.3.1	0.4.0
telemetry_poller	1.2.0	1.3.0

Updates ash from 3.5.22 to 3.5.39

Release notes

Sourced from ash's releases.

v3.5.39

authorize before before_transaction hooks in bulk actions by @​zachdaniel

This fixes the CVE: CVE-2025-48042. See the GHSA-jj4j-x5ww-cwh9 advisory for more.

Bug Fixes:

• authorize before before_transaction hooks in bulk actions by @​zachdaniel

• special case ci_strings as strings in type casting by @​zachdaniel

• make Ash.PlugHelpers.set_actor/2 typespec accept term as an actor (#2307) by Maciej Malecki

v3.5.38

Bug Fixes:

• cache action inputs for all action types by @​zachdaniel

• properly pass template opts when showing policy errors by @​zachdaniel

• add default values to manual action changesets (#2305) by @​Torkan

• properly escape collection defaults in TypedStruct macro (#2304) by @​bradleygolden

Improvements:

• skip count of records when paginating if filter evaluates to false (#2303) by Rodolfo Torres

v3.5.37

Bug Fixes:

• ensure that count tasks are always stopped by @​zachdaniel

• Allow ^actor() in upsert_condition (#2297) by @​FugiTech

• properly add aggregate with add_new_aggregate by @​zachdaniel

• resolve variable swapping in authorizer reducer (#2296) by Jesse Williams

• handle notification without set domain in telemetry spans (#2293) by @​vonagam

... (truncated)

Changelog

Sourced from ash's changelog.

v3.5.39 (2025-09-06)

Security Vulnerabilities Addressed

• authorize before before_transaction hooks in bulk actions by @​zachdaniel

This fixes the CVE: CVE-2025-48042. See the GHSA-jj4j-x5ww-cwh9 advisory for more.

Bug Fixes:

• special case ci_strings as strings in type casting by @​zachdaniel

• make Ash.PlugHelpers.set_actor/2 typespec accept term as an actor (#2307) by Maciej Malecki

v3.5.38 (2025-09-04)

Bug Fixes:

• cache action inputs for all action types by @​zachdaniel

• properly pass template opts when showing policy errors by @​zachdaniel

• add default values to manual action changesets (#2305) by @​Torkan

• properly escape collection defaults in TypedStruct macro (#2304) by @​bradleygolden

Improvements:

• skip count of records when paginating if filter evaluates to false (#2303) by Rodolfo Torres

v3.5.37 (2025-08-31)

Bug Fixes:

• ensure that count tasks are always stopped by @​zachdaniel

• Allow ^actor() in upsert_condition (#2297) by @​FugiTech

• properly add aggregate with add_new_aggregate by @​zachdaniel

• resolve variable swapping in authorizer reducer (#2296) by Jesse Williams

• handle notification without set domain in telemetry spans (#2293) by @​vonagam

• Use :unsafe_to_atom? constraint when casting stored atom values by Rutgerdj

... (truncated)

Commits

• c035b53 chore: release version v3.5.39
• 5d1b6a5 fix: authorize before before_transaction hooks in bulk actions
• d81ccf0 fix: special case ci_strings as strings in type casting
• 7686715 fix: make Ash.PlugHelpers.set_actor/2 typespec accept term as an actor (#2307)
• e95da4e chore: release version v3.5.38
• 6113184 fix: cache action inputs for all action types
• 6e6d63f fix: properly pass template opts when showing policy errors
• 9b71c87 fix: add default values to manual action changesets (#2305)
• 7119d0b improvement: skip count of records when paginating if filter evaluates to fal...
• ed0b621 fix: properly escape collection defaults in TypedStruct macro (#2304)
• Additional commits viewable in compare view

Updates ash_admin from 0.13.10 to 0.13.18

Release notes

Sourced from ash_admin's releases.

v0.13.15

Bug Fixes:

• better names for version resources by Zach Daniel

• Read phoenix js assests at compile time (#355) by Kenneth Kostrešević

Improvements:

• add a little razzle dazzle to the authorizing/actor buttons (#352) by Andy LeClair

• change svg icons to words (#351) by Andy LeClair

v0.13.14

Bug Fixes:

• better names for version resources by Zach Daniel

• Read phoenix js assests at compile time (#355) by Kenneth Kostrešević

Improvements:

• add a little razzle dazzle to the authorizing/actor buttons (#352) by Andy LeClair

• change svg icons to words (#351) by Andy LeClair

v0.13.11

Bug Fixes:

• Prevent double HTML escaping (#332) by Jechol Lee

• Encode/decode cookie values in JS (#328) by Jechol Lee

Changelog

Sourced from ash_admin's changelog.

v0.13.18 (2025-08-31)

Bug Fixes:

• properly retain values for fallback rendered attribute inputs by Zach Daniel

Improvements:

• inline jsoneditor and easymde for security by Zach Daniel

v0.13.17 (2025-08-21)

Bug Fixes:

• use Resource.admin.show_action (#359) by quartz

v0.13.16 (2025-08-18)

Bug Fixes:

• handle overflow & tenant form for long domains list by Zach Daniel

v0.13.15 (2025-08-18)

Bug Fixes:

• better names for version resources by Zach Daniel

• Read phoenix js assests at compile time (#355) by Kenneth Kostrešević

Improvements:

• add a little razzle dazzle to the authorizing/actor buttons (#352) by Andy LeClair

• change svg icons to words (#351) by Andy LeClair

v0.13.14 (2025-08-07)

... (truncated)

Commits

• b6f964d chore: release version v0.13.18
• b8d6e57 improvement: inline jsoneditor and easymde for security
• 4aae670 chore: remove IO.inspects
• b117187 fix: properly retain values for fallback rendered attribute inputs
• 10de547 chore(deps-dev): bump the dev-dependencies group across 1 directory with 4 up...
• 26d93f1 chore(deps): bump the production-dependencies group across 1 directory with 4...
• 891125f chore: release version v0.13.17
• 52ac513 fix: use Resource.admin.show_action (#359)
• 014f8d4 chore: release version v0.13.16
• bffffb2 fix: handle overflow & tenant form for long domains list
• Additional commits viewable in compare view

Updates ash_ai from 0.2.2 to 0.2.12

Release notes

Sourced from ash_ai's releases.

v0.2.9

Improvements:

• mark all fields as required by @​zachdaniel

• handle number constraints by @​zachdaniel

• Add on_tool_start and on_tool_end callbacks (#96) by @​bradleygolden

v0.2.8

Improvements:

• add typed struct example to usage rules & docs by @​zachdaniel

v0.2.7

Bug Fixes:

• separate custom_context from llm initialization in ash_ai.gen.chat (#88) by @​germanbottosur

v0.2.6

Bug Fixes:

• handle missing user module more gracefully by @​zachdaniel

• properly install usage rules by @​zachdaniel

v0.2.5

Improvements:

• support sub rules in usage rules tools by @​zachdaniel

... (truncated)

Changelog

Sourced from ash_ai's changelog.

v0.2.12 (2025-08-31)

Bug Fixes:

• pass context option through setup_ash_ai to nested actions (#111) by @​bradleygolden

Improvements:

• don't show input if no inputs to action by @​zachdaniel

• add action_parameters option by @​zachdaniel

v0.2.11 (2025-08-21)

Bug Fixes:

• Respect resource pagination limits (#108) by kik4444

• eliminate chat_live compile warning (#107) by @​andyl

• log the action name (#102) by @​barnabasJ

Improvements:

• move permissions check of tools until after appropriate filtering (#104) by @​jgwmaxwell

• Add default adapter for ChatGoogleAI (#99) by @​mylanconnolly

v0.2.10 (2025-08-07)

Bug Fixes:

• log the action name (#102) by @​barnabasJ

Improvements:

• move permissions check of tools until after appropriate filtering (#104) by @​jgwmaxwell

• Add default adapter for ChatGoogleAI (#99) by @​mylanconnolly

v0.2.9 (2025-07-22)

... (truncated)

Commits

• b2311d2 chore: release version v0.2.12
• 4d90e94 chore: fix build
• 20e1536 chore: add .tool-versions file
• 514e867 fix: pass context option through setup_ash_ai to nested actions (#111)
• 8db034f chore: fix required keys with optional input parameter
• 987d127 improvement: don't show input if no inputs to action
• 8055dee improvement: add action_parameters option
• e25b600 docs: add gemini
• b7c91df chore: release version v0.2.11
• 26eaa9e chore(deps): bump the production-dependencies group across 1 directory with 8...
• Additional commits viewable in compare view

Updates ash_graphql from 1.7.15 to 1.8.3

Release notes

Sourced from ash_graphql's releases.

v1.8.2

Improvements:

• Add support for relay_id_translation on GraphQL subscriptions (#349) by Mike Wilson

v1.8.1

Bug Fixes:

• apply destroy loads on initial query (#346) by Daniel Gollings

v1.8.0

Features:

• add domain-level pubsub configuration for subscriptions (#341) by @​barnabasJ

v1.7.17

Bug Fixes:

• fix :none relationship pagination strategy, and improve tests for it (#337) by Jesse Williams

v1.7.16

Bug Fixes:

• Add sorting of managed inputs to output stable graphql schema (#334) by olivermt

Changelog

Sourced from ash_graphql's changelog.

v1.8.3 (2025-08-21)

Bug Fixes:

• Fix generated SDL stability (#355) by @​serpent213

• only resolve notifications for the same tenant (#353) by @​barnabasJ

Improvements:

• Add support for relay_id_translation on GraphQL subscriptions (#349) by Mike Wilson

v1.8.2 (2025-08-07)

Improvements:

• Add support for relay_id_translation on GraphQL subscriptions (#349) by Mike Wilson

v1.8.1 (2025-07-29)

Bug Fixes:

• apply destroy loads on initial query (#346) by Daniel Gollings

v1.8.0 (2025-07-17)

Features:

• add domain-level pubsub configuration for subscriptions (#341) by @​barnabasJ

v1.7.17 (2025-07-02)

Bug Fixes:

• fix :none relationship pagination strategy, and improve tests for it (#337) by Jesse Williams

... (truncated)

Commits

• ec5ab90 chore: release version v1.8.3
• ff9147f fix: Fix generated SDL stability (#355)
• f795c20 test: checks if multitenancy is respected by subscriptions (#351)
• 6abdbc4 fix: only resolve notifications for the same tenant (#353)
• f0d08da chore: release version v1.8.2
• 1274550 improvement: Add support for relay_id_translation on GraphQL subscriptions (#...
• 8fd8cc1 chore: release version v1.8.1
• ce56722 fix: apply destroy loads on initial query (#346)
• 59b975b chore(deps): bump the production-dependencies group with 2 updates (#344)
• 66a7417 Update dependabot schedule to monthly
• Additional commits viewable in compare view

Updates ash_json_api from 1.4.35 to 1.4.44

Release notes

Sourced from ash_json_api's releases.

v1.4.44

Bug Fixes:

• handle $ref type schemas by @​zachdaniel

v1.4.43

Bug Fixes:

• don't use request bodies for get requests by @​zachdaniel

v1.4.41

Improvements:

• don't make data required unnecessarily by @​zachdaniel

• support conn option in test request functions by @​zachdaniel

• use default_fields as fields example by @​zachdaniel

v1.4.40

Bug Fixes:

• recursive input types (#371) by @​barnabasJ

• include generic GET action arguments as query parameters in JSON schema (#368) by horberlan

Improvements:

• use more idiomatic error messages on schema failures by @​zachdaniel

• handle infinitely nested embeds via refs by @​zachdaniel

• make error clearer for unused route params by @​zachdaniel

... (truncated)

Changelog

Sourced from ash_json_api's changelog.

v1.4.44 (2025-09-04)

Bug Fixes:

• handle $ref type schemas by @​zachdaniel

v1.4.43 (2025-09-03)

Bug Fixes:

• don't use request bodies for get requests by @​zachdaniel

v1.4.42 (2025-08-21)

Bug Fixes:

• handle conflicting generated schema refs by @​zachdaniel

Improvements:

• provide descriptions for routes #202 (#377) by @​marinakr

• support disambiguating embedded resource input type names by @​zachdaniel

v1.4.41 (2025-08-18)

Improvements:

• don't make data required unnecessarily by @​zachdaniel

• support conn option in test request functions by @​zachdaniel

• use default_fields as fields example by @​zachdaniel

v1.4.40 (2025-08-07)

... (truncated)

Commits

• 417ad34 chore: release version v1.4.44
• 617fd2b fix: handle $ref type schemas
• 7843da7 chore: release version v1.4.43
• 4711424 fix: don't use request bodies for get requests
• 81559a0 chore(deps-dev): bump the dev-dependencies group with 3 updates (#380)
• 63cf47b chore(deps): bump the production-dependencies group with 2 updates (#379)
• 8a40264 chore: remove unnecessary tests
• 36ecb35 chore: format
• d6e5e27 test: add test for filtering lists
• c9cb89a chore(deps): bump the production-dependencies group across 1 directory with 5...
• Additional commits viewable in compare view

Updates ash_oban from 0.4.9 to 0.4.12

Release notes

Sourced from ash_oban's releases.

v0.4.11

Improvements:

• support passing action_arguments to AshOban.schedule/3 (#180) by infinitis

v0.4.10

Improvements:

• support backoff + timeout options (#176) by Roberts Guļāns

Changelog

Sourced from ash_oban's changelog.

v0.4.12 (2025-08-31)

Bug Fixes:

• ensure ash_domains is set to a value when installing by Zach Daniel

v0.4.11 (2025-08-07)

Improvements:

• support passing action_arguments to AshOban.schedule/3 (#180) by infinitis

v0.4.10 (2025-07-17)

Improvements:

• support backoff + timeout options (#176) by Roberts Guļāns

Commits

• 0a15eed chore: release version v0.4.12
• 4384398 fix: ensure ash_domains is set to a value when installing
• f53d32b docs: update cron expression in schedule example (#184)
• df83667 chore: release version v0.4.11
• 610d7e5 docs: Fix typo (#183)
• 8c6b920 improvement: support passing action_arguments to AshOban.schedule/3 (#180)
• bc16f07 chore(deps): bump ash in the production-dependencies group (#179)
• c5f4ca9 chore(deps-dev): bump igniter in the dev-dependencies group (#178)
• 69036a2 Update dependabot schedule to monthly
• 20ee17b chore: release version v0.4.10
• Additional commits viewable in compare view

Updates ash_phoenix from 2.3.7 to 2.3.16

Release notes

Sourced from ash_phoenix's releases.

v2.3.16

Improvements:

• add post_process_errors option by @​zachdaniel

v2.3.15

Bug Fixes:

• error in auto form creation for structs inside of union attributes (#411) by Rutgerdj

• update pattern match in WrappedValue Change by Rutgerdj

• Include constraints in auto form for WrappedValue by Rutgerdj

• handle regexes in error vars in inertia by @​zachdaniel

v2.3.13

Bug Fixes:

• ensure nested form errors are included (#401) by @​joangavelan

• Remove Product from Save Product button - Save button (#403) by Kenneth Kostrešević

Improvements:

• add resource name for route option for ash_phoenix.gen.html (#402) by Kenneth Kostrešević

v2.3.12

Bug Fixes:

• fix typo in usage rules (#397) by albinkc

v2.3.11

... (truncated)

Changelog

Sourced from ash_phoenix's changelog.

v2.3.16 (2025-09-01)

Improvements:

• add post_process_errors option by @​zachdaniel

v2.3.15 (2025-08-31)

Bug Fixes:

• error in auto form creation for structs inside of union attributes (#411) by Rutgerdj

• update pattern match in WrappedValue Change by Rutgerdj

• Include constraints in auto form for WrappedValue by Rutgerdj

• handle regexes in error vars in inertia by @​zachdaniel

v2.3.14 (2025-08-21)

Bug Fixes:

• ensure nested form errors are included (#401) by @​joangavelan

• Remove Product from Save Product button - Save button (#403) by Kenneth Kostrešević

Improvements:

• remove unwanted sections from AGENTS.md when installing ash_phoenix (#406) by Rodolfo Torres

• add resource name for route option for ash_phoenix.gen.html (#402) by Kenneth Kostrešević

v2.3.13 (2025-08-07)

Bug Fixes:

• ensure nested form errors are included (#401) by @​joangavelan

... (truncated)

Commits

• 879ba09 chore: release version v2.3.16
• cf224b3 chore: get build passing
• 79a8310 improvement: add post_process_errors option
• 2eac10b chore(deps): bump the production-dependencies group across 1 directory with 5...
• 7feec9b chore: release version v2.3.15
• d62ec13 chore: format
• 325d511 Fix: error in auto form creation for structs inside of union attributes (#411)
• 7320f77 fix: handle regexes in error vars in inertia
• 3864b01 docs: Update link for resource relationship management (#409)
• 4aeeaff chore: release version v2.3.14
• Additional commits viewable in compare view

Updates ash_postgres from 2.6.8 to 2.6.17

Release notes

Sourced from ash_postgres's releases.

v2.6.14

Bug Fixes:

• deduplicate identity keys by Zach Daniel

Changelog

Sourced from ash_postgres's changelog.

v2.6.17 (2025-08-31)

Bug Fixes:

• resolve a typo in pending dev migration error message (#608) by Sheharyar Naseer

v2.6.16 (2025-08-21)

Improvements:

• Unrelated aggregates (#606) by Zach Daniel

v2.6.15 (2025-08-07)

Bug Fixes:

• Use new attribute source in down migration (#604) by Anatolij Werle

• always set disable_async, and remove log level config by Zach Daniel

v2.6.14 (2025-07-29)

Bug Fixes:

• deduplicate identity keys by Zach Daniel

v2.6.13 (2025-07-27)

Bug Fixes:

• ensure tenant prefix is set only for resources with context multitenancy (#600) by Emad Shaaban

v2.6.12 (2025-07-25)

... (truncated)

Commits

• 22ab05e chore: release version v2.6.17
• ad0fd66 fix: resolve a typo in pending dev migration error message (#608)
• ed22f3e chore: rename migration file
• 3d1fe5e chore: release version v2.6.16
• d83157d chore: update ash/ash_sql
• d123679 improvement: Unrelated aggregates (#606)
• 7cd3019 test: Add distinct sort tests (#605)
• e199189 chore: release version v2.6.15
• baf4e32 fix: Use new attribute source in down migration (#604)
• 9963270 fix: always set disable_async, and remove log level config
• Additional commits viewable in compare view

Updates bandit from 1.7.0 to 1.8.0

Changelog

Sourced from bandit's changelog.

1.8.0 (18 Aug 2025)

Enhancements

• If the user has set a content-length header when calling send_chunked/3, the response is streamed via content-length delimited framing and not chunked (#510)

Commits

• d15dd87 Version bump to 1.8.0
• 441573b Bump dialyxir from 1.4.5 to 1.4.6 (#513)
• a0110ac Bump actions/checkout from 4 to 5 (#512)
• 619e536 Add support for streaming responses if content-length is set when chunking (#...
• e3f29e8 Bump req from 0.5.12 to 0.5.15 (#507)
• b812b2d Bump plug from 1.18.0 to 1.18.1 (#506)
• 112ff43 Add changelog link to package metadata (#505)
• b1ec62b Bump req from 0.5.11 to 0.5.12 (#504)
• 82ffbbf Bump req from 0.5.10 to 0.5.11 (#501)
• 98918c6 Bump mix_test_watch from 1.2.0 to 1.3.0 (#500)
• Additional commits viewable in compare view

Updates ecto_sql from 3.13.0 to 3.13.2

Changelog

Sourced from ecto_sql's changelog.

v3.13.2 (2025-06-24)

Enhancements

• [sandbox] Allow passing through opts in Ecto.Adapters.SQL.Sandbox.allow/4 calls
• [sql] Add support for ON DELETE SET DEFAULT

Bug fixes

• [postgres] Fix nested array generated time columns

v3.13.1 (2025-06-20)

Bug fixes

• [postgres] Fix nested array generated columns

Commits

• cf5080c Release v3.13.2
• b876381 Refactor generated handling in column_type
• 62603f8 Fix generated nested time array (#680)
• 701c99e Add support for ON DELETE SET DEFAULT (#677)
• 7959022 Allow passing through opts in Ecto.Adapters.SQL.Sandbox.allow/4 calls (#678)
• 22c7112 Release v3.13.1
• 35e2798 Fix nested array generated columns (#676)
• See full diff in compare view

Updates finch from 0.19.0 to 0.20.0

Changelog

Sourced from finch's changelog.

v0.20.0 (2025-07-04)

Enhancements

• Support manual pool termination #299
• Refactor HTTP1 pool state for better maintainability #308
• Add :supported_groups to list of TLS options #307
• Be more explicit about the :default pool in documentation #314
• Upgrade nimble_options to document deprecations #315

Bug Fixes

• Fix Finch.stream_while/5 on halt for both HTTP/1 and HTTP/2 #320
• Return accumulator when Finch.stream/5 and Finch.stream_while/5 fail #295
• Fix documentation reference for get_pool_status/2 #301

Other

• Upgrade CI VM to Ubuntu 24 #321
• CI housekeeping: support Elixir 1.17/Erlang OTP 27, bump Credo and deps #303
• Update GitHub CI badge URL #304

Commits

• b0cde42 Merge pull request #322 from sneako/release-0.20.0
• 24bdf93 release 0.20.0
• dd276fa Merge pull request #320 from wojtekmach/wm-http1-http2-halt
• 7e6c170 Fix Finch.stream_while/5 on halt on http1 + http2
• 56d902f Merge pull request #321 from sneako/fix-ci
• 05607f9 update deps
• c15bde0 upgrade ci vm to ubuntu 24
• 3cf1406 Merge pull request #315 from PragTob/protocol-docs
• 049d284 Merge pull request #314 from PragTob/more-explicit-about-default-pools
• f160024 Upgrade nimble_options to document deprecations
• Additional commits viewable in compare view

Updates hackney from 1.24.1 to 1.25.0

Release notes

Sourced from hackney's releases.

1.25.0 - 2025-07-24

IMPORTANT CHANGE

• change: insecure_basic_auth now defaults to true instead of false

  This restores backward compatibility with pre-1.24.0 behavior where basic auth was allowed over HTTP connections. If you need strict HTTPS-only basic auth:

  • Set globally: application:set_env(hackney, insecure_basic_auth, false)
  • Or per-request: {insecure_basic_auth, false} in options

Hex.pm : https://hex.pm/packages/hackney/1.25.0 Doc: https://hexdocs.pm/hackney/readme.html

Changelog

Sourced from hackney's changelog.

1.25.0 - 2025-07-24

** IMPORTANT CHANGE **

• change: insecure_basic_auth now defaults to true instead of false

  This restores backward compatibility with pre-1.24.0 behavior where basic auth was allowed over HTTP connections. If you need strict HTTPS-only basic auth:

  • Set globally: application:set_env(hackney, insecure_basic_auth, false)
  • Or per-request: {insecure_basic_auth, false} in options

Commits

• 8c00789 Merge pull request #778 from benoitc/insecure-basic-auth-default-true
• a1d4108 change insecure_basic_auth default to true
• e2bbdf7 bump unicode compat lib
• 3b901a6 update readme
• See full diff in compare view

Updates oban from 2.19.4 to 2.20.1

Release notes

Sourced from oban's releases.

v2.20.0

This release brings a fantastic new helper function, an optional migration to aid pruning, some stability improvements, and a bevy of documentation updates.

🦋 Update Job

This introduces the Oban.update_job/2,3 function to simplify updating existing jobs while ensuring data consistency and safety. Previously, updating jobs required manually constructing change operations or complex queries that could lead to race conditions or invalid state changes.

Only a curated subset of job fields, e.g. :args, :max_attempts, :meta, etc. may be updated and they use the same validation rules as insertion to prevent invalid data. Updates are also wrapped in a transaction with locking clauses to prevent concurrent modifications.

The function supports direct map changes:

Oban.update_job(job, %{priority: 0, tags: ["urgent"]})

It also has a convenient function-based mode for dynamic changes:

Oban.update_job(job, fn job -> 
  %{meta: Map.put(job.meta, "processed_by", current_node())} 
end)

❄️ Unique State Groups

There are now named unique state groups to replace custom state lists for unique jobs, promoting better uniqueness design and reducing configuration errors.

Previously, developers had to manually specify lists of job states for uniqueness, which was error-prone and could lead to subtle bugs when states were omitted or incorrectly combined. The new predefined groups ensure correctness and consistency across applications.

The new state groups are:

• :all - All job states
• :incomplete - Jobs that haven't finished (~w(available scheduled executing retryable)a)
• :scheduled - Only scheduled jobs ([:scheduled])
• :successful - Jobs that completed successfully (~w(available scheduled executing retryable completed)a)

These groups eliminate the risk of accidentally creating incomplete or incorrect state lists that could allow duplicate jobs to be created when they shouldn't be, or prevent valid job creation when duplicates should be allowed.

🪺 Nested Plugin Supervision

Plugins and the internal Stager are now nested within a secondary supervision tree to improve system resilience and stability.

Previously, plugins were supervised directly under the main Oban supervisor alongside core process. This meant that plugin failures could potentially impact the entire Oban system, and frequent plugin restarts could trigger cascading failures in the primary supervision tree.

The new supervisor has more lenient restart limits to allow for more plugin restart attempts before giving up. This change makes Oban more robust in production environments where plugins may experience transient failures due to database or connectivity issues.

v2.20.0 — 2025-08-13

Enhancements

... (truncated)

Changelog

Sourced from oban's changelog.

v2.20.1 — 2025-08-15

Bug Fixes

• [Worker] Handle missing fields in unique Worker validation.

  Workers that specified keys without fields would fail validation at compile time. Now default values are considered for use Oban.Worker as well as Job.new/2.

v2.20.0 — 2025-08-13

Enh...

Description has been truncated