fix(deps): update module github.com/pocketbase/pocketbase to v0.31.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/pocketbase/pocketbase	v0.30.2 -> v0.31.0

---

Release Notes

pocketbase/pocketbase (github.com/pocketbase/pocketbase)

v0.31.0

Compare Source

• Visualize presentable multiple relation fields (#​7260).

• Support Ed25519 in the optional OIDC id_token signature validation (#​7252; thanks @​shynome).

• Added ApiScenario.DisableTestAppCleanup optional field to skip the auto test app cleanup and leave it up to the developers to do the cleanup manually (#​7267).

• Added FileDownloadRequestEvent.ThumbError field that is populated in case of a thumb generation failure (e.g. unsupported format, timing out, etc.), allowing developers to reject the thumb fallback and/or supply their own custom thumb generation (#​7268).

• ⚠️ Disallow client-side filtering and sorting of relations where the collection of the last targeted relation field has superusers-only List/Search API rule to further minimize the risk of eventual side-channel attack.
  This should be a non-breaking change for most users, but if you want the old behavior, please open a new Q&A discussion with details about your use case to evaluate making it configurable.
  Note also that as mentioned in the "Security and performance" section of #​4417 and #​5863, the easiest and recommended solution to protect security sensitive fields (tokens, codes, passwords, etc.) is to mark them as "Hidden" (aka. make them non-API filterable).

• Regenerated JSVM types and updated npm and Go deps.

v0.30.4

Compare Source

• Fixed json field CSS regression introduced with the overflow workaround in v0.30.3 (#​7259).

v0.30.3

Compare Source

• Fixed legacy identitity field priority check when a username is a valid email address (#​7256).

• Workaround autocomplete overflow issue with Firefox 144 (#​7223).

• Updated modernc.org/sqlite to 1.39.1 (SQLite 3.50.4).

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 9 additional dependencies were updated

Details:

Package	Change
github.com/ncruces/go-strftime	v0.1.9 -> v1.0.0
golang.org/x/crypto	v0.42.0 -> v0.43.0
golang.org/x/exp	v0.0.0-20250911091902-df9299821621 -> v0.0.0-20251017212417-90e834f514db
golang.org/x/image	v0.31.0 -> v0.32.0
golang.org/x/net	v0.44.0 -> v0.46.0
golang.org/x/oauth2	v0.31.0 -> v0.32.0
golang.org/x/sys	v0.36.0 -> v0.37.0
modernc.org/libc	v1.66.3 -> v1.66.10
modernc.org/sqlite	v1.39.0 -> v1.39.1