chore(deps): update Elixir and Rust dependencies

[ocean]

Elixir:

• db_connection 2.9.0 -> 2.10.0
• ecto 3.13.5 -> 3.13.6
• jason 1.4.4 -> 1.4.5

Rust:

• rustler 0.37.3 -> 0.37.4
• libc 0.2.185 -> 0.2.186
• cc 1.2.60 -> 1.2.61
• pin-project 1.1.11 -> 1.1.12
• js-sys 0.3.95 -> 0.3.97
• (plus transitive bumps)

Also fix an OTP 27+ pattern-match warning in
test/type_loader_dumper_test.exs: matching the literal 0.0 now only matches +0.0, so bind the zero rows and assert numeric equality instead (covers both +0.0 and -0.0 regardless of sort order).

Summary by CodeRabbit

• Bug Fixes

  • PRAGMA statements now route correctly so adapter reads PRAGMA values as expected.

• Tests

  • Refined float assertions for zero/edge cases; integration tests set a stable pool size; migration tests now verify warning logs for unsupported defaults.

• Documentation

  • Added ecosystem note, clarified usage/streaming/prepared-statement behaviours, release guidance and minor formatting/typography fixes.

• Chores

  • Release version bumped and a security advisory entry added to deny list.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 026fc472-dc18-428a-9d51-4631f11fc8b8

📥 Commits

Reviewing files that changed from the base of the PR and between 2183c88 and 74a1af2.

📒 Files selected for processing (3)

• USAGE.md
• test/ecto_integration_test.exs
• test/ecto_migration_test.exs

✅ Files skipped from review due to trivial changes (2)

• test/ecto_migration_test.exs
• USAGE.md

---

Walkthrough

A test assertion was refactored to destructure ordered float query results and assert zero-valued rows via variables; additionally, RUSTSEC-2026-0104 was added to native/ecto_libsql/deny.toml's advisory ignore list with a comment.

Changes

Float Types Test Assertion

Layer / File(s)	Summary
Test Assertion Update test/type_loader_dumper_test.exs	Lines 349–351 destructure query results to assign two zero-valued rows to variables (z1, z2) and assert them individually as 0.0 rather than inline [0.0] assertions.

cargo-deny Advisory Ignore

Layer / File(s)	Summary
deny.toml advisory ignore native/ecto_libsql/deny.toml	Lines 80–90 add RUSTSEC-2026-0104 to the [advisories].ignore list with a reason comment about a reachable panic in CRL parsing and transitive dependency context.

Version and Release Metadata

Layer / File(s)	Summary
Project / Crate Version mix.exs, native/ecto_libsql/Cargo.toml	Bump Elixir project @version and native crate package.version from 0.9.0 to 0.9.1.
CHANGELOG CHANGELOG.md	Add 0.9.1 (2026-05-07) release entry covering PRAGMA routing fix, dependency and CI/tooling updates, and security acknowledgements; minor formatting tweak in 0.9.0 section.

Docs and Guides Formatting / Notes

Layer / File(s)	Summary
Docs / Guides README.md, USAGE.md, RELEASE_PROCESS.md, CLAUDE.md	Typography, punctuation, and formatting normalizations; add README NOTE about Turso/libSQL status; clarify prepared-statement, streaming, ALTER COLUMN, encryption guidance, checksum inclusion, and vector signature formatting (documentation-only edits).

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• ocean/ecto_libsql#53: Related change set that also performs package version bumps for mix.exs and native Cargo.toml.
• ocean/ecto_libsql#82: Related to PRAGMA routing and should_use_query behavior mentioned in the changelog.
• ocean/ecto_libsql#87: Also modifies native/ecto_libsql/deny.toml to add ignored RustSec advisories.

Poem

🐰 A nibble, a hop through test and toml,
z1 and z2 stand tidy and calm,
A rustsec entry tucked in with care,
Docs polished, versions bumped — all fair,
I twitch my whiskers — job done, I declare.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main objective of the pull request—updating dependencies for both Elixir and Rust. Although the changeset also includes test fixes, documentation updates, and configuration changes, the primary focus and the most significant work involves dependency updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dev

Tip

💬 Introducing Slack Agent: The best way for teams to turn conversations into code.

Slack Agent is built on CodeRabbit's deep understanding of your code, so your team can collaborate across the entire SDLC without losing context.

• Generate code and open pull requests
• Plan features and break down work
• Investigate incidents and troubleshoot customer tickets together
• Automate recurring tasks and respond to alerts with triggers
• Summarize progress and report instantly

Built for teams:

• Shared memory across your entire org—no repeating context
• Per-thread sandboxes to safely plan and execute work
• Governance built-in—scoped access, auditability, and budget controls

One agent for your entire SDLC. Right inside Slack.

👉 Get started

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

🧹 Nitpick comments (1)

test/type_loader_dumper_test.exs (1)

349-351: 💤 Low value

LGTM — OTP 27+ zero-float pattern fix is correct.

Binding z1/z2 and asserting == 0.0 is the right approach: +0.0 == -0.0 is true in Erlang/Elixir, so both representations pass, and the non-deterministic ordering between the two zeros is handled cleanly. The non-zero float literals [-2.71828] and [3.14] remaining in the pattern are fine — the OTP 27+ warning is specific to ±zero.

As an optional cosmetic improvement, zero1/zero2 (or first_zero/second_zero) would make the intent of these bindings self-evident without needing to look at the inserts:

✨ Optional rename

-      assert [[-2.71828], [z1], [z2], [3.14]] = result.rows
-      assert z1 == 0.0
-      assert z2 == 0.0
+      assert [[-2.71828], [zero1], [zero2], [3.14]] = result.rows
+      assert zero1 == 0.0
+      assert zero2 == 0.0

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@test/type_loader_dumper_test.exs` around lines 349 - 351, The test binds z1
and z2 to match ±0.0 which is correct; rename those variables to clearer names
(e.g., zero1/zero2 or first_zero/second_zero) in the pattern match and
corresponding asserts in test/type_loader_dumper_test.exs so their purpose is
self-evident—update the pattern assert ([[ -2.71828], [z1], [z2], [3.14]] =
result.rows) and the following asserts (z1 == 0.0, z2 == 0.0) to use the chosen
descriptive identifiers consistently.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@test/type_loader_dumper_test.exs`:
- Around line 349-351: The test binds z1 and z2 to match ±0.0 which is correct;
rename those variables to clearer names (e.g., zero1/zero2 or
first_zero/second_zero) in the pattern match and corresponding asserts in
test/type_loader_dumper_test.exs so their purpose is self-evident—update the
pattern assert ([[ -2.71828], [z1], [z2], [3.14]] = result.rows) and the
following asserts (z1 == 0.0, z2 == 0.0) to use the chosen descriptive
identifiers consistently.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: a786eccb-897c-4985-9b91-6548493a8a25

📥 Commits

Reviewing files that changed from the base of the PR and between b9d0647 and 7d643d5.

⛔ Files ignored due to path filters (2)

• Cargo.lock is excluded by !**/*.lock
• mix.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• test/type_loader_dumper_test.exs

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@USAGE.md`:
- Line 407: Update the `patch` row description in USAGE.md to accurately reflect
RFC 7396: replace "top-level object keys only" with a statement that the
merge-patch applies recursively to nested objects and that arrays are replaced
entirely (not merged element-by-element); keep the note about setting a key to
`null` to remove it and ensure the row for `patch` explicitly mentions recursive
object merging and whole-array replacement semantics.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 713cbd9b-16dd-4058-acd6-db061aa8a4fc

📥 Commits

Reviewing files that changed from the base of the PR and between 1c3bac7 and 2183c88.

⛔ Files ignored due to path filters (2)

• Cargo.lock is excluded by !**/*.lock
• native/ecto_libsql/fuzz/Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (9)

• CHANGELOG.md
• CLAUDE.md
• README.md
• RELEASE_PROCESS.md
• USAGE.md
• mix.exs
• native/ecto_libsql/Cargo.toml
• native/ecto_libsql/deny.toml
• native/ecto_libsql/src/utils.rs

✅ Files skipped from review due to trivial changes (6)

• native/ecto_libsql/Cargo.toml
• mix.exs
• native/ecto_libsql/src/utils.rs
• CHANGELOG.md
• CLAUDE.md
• README.md

🚧 Files skipped from review as they are similar to previous changes (1)

• native/ecto_libsql/deny.toml