deps(indexer): bump the minor-and-patch group across 1 directory with 2 updates

[dependabot]

Bumps the minor-and-patch group with 2 updates in the /packages/indexer directory: drizzle-orm and @electric-sql/pglite.

Updates drizzle-orm from 0.45.1 to 0.45.2

Release notes

Sourced from drizzle-orm's releases.

0.45.2

• Fixed sql.identifier(), sql.as() escaping issues. Previously all the values passed to this functions were not properly escaped causing a possible SQL Injection (CWE-89) vulnerability

Thanks to @​EthanKim88, @​0x90sh and @​wgoodall01 for reaching out to us with a reproduction and suggested fix

Commits

• 273c780 + 0.45.2 (#5534)
• 4aa6ecf Kit updates (#5490)
• e8e6edf feat(drizzle-kit): support d1 via binding (#5302)
• See full diff in compare view

Updates @electric-sql/pglite from 0.3.16 to 0.4.2

Release notes

Sourced from @​electric-sql/pglite's releases.

@​electric-sql/pglite-sync@​0.4.2

Patch Changes

• Updated dependencies [3dfa40f]
  • @​electric-sql/pglite@​0.3.16

@​electric-sql/pglite@​0.4.2

Patch Changes

• 41632c4: Allow passing initdb.wasm asset for bundlers that need it.

@​electric-sql/pglite@​0.4.1

Patch Changes

• 37fb39e: clear timers on exit; remove pglite-socket dependency on pglite-postgis

@​electric-sql/pglite-sync@​0.4.0

Minor Changes

• 408500c: Allow passing in onError to 'syncShapesToTables'

Patch Changes

• Updated dependencies [8785034]
• Updated dependencies [90cfee8]
  • @​electric-sql/pglite@​0.3.14

@​electric-sql/pglite-sync@​0.3.17

Patch Changes

• Updated dependencies [ad3d0d8]
  • @​electric-sql/pglite@​0.3.13

Changelog

Sourced from @​electric-sql/pglite's changelog.

0.4.2

Patch Changes

• 41632c4: Allow passing initdb.wasm asset for bundlers that need it.

0.4.1

Patch Changes

• 37fb39e: clear timers on exit; remove pglite-socket dependency on pglite-postgis

0.4.0

Minor Changes

• d848955: New simplified PGlite with separate initdb. New included extension: pg_textsearch (experimental). New package for postgis (experimental) as extension. Breaking changes: 'postgres' is the default database instead of 'template1'.

Commits

• c44cd08 Version Packages (#938)
• 41632c4 Tdrz/#936 (#937)
• e78333d Version Packages (#927)
• 37fb39e Clear timers on exit (done in postgres-pglite repo); more REPL changes; (#923)
• 2997678 Fix typo in CHANGELOG.md, default database 'postgres' (#924)
• f61a508 chore: publish new package versions (#917)
• d848955 New PGlite (#896)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, indexer. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
horizon-starknet.production	Ignored		Mar 30, 2026 1:30am
horizon-starknet.sepolia	Ignored		Mar 30, 2026 1:30am

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Free

Run ID: 0b28e295-12a1-4a8e-a389-291f879f090b

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}