deps(dependabot): bump github.com/nats-io/nats-server/v2 from 2.10.18 to 2.10.20

[dependabot]

Bumps github.com/nats-io/nats-server/v2 from 2.10.18 to 2.10.20.

Release notes

Sourced from github.com/nats-io/nats-server/v2's releases.

Release v2.10.20

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

Go Version

• 1.22.6

Fixed

JetStream

• Fix regression in KV CAS operations on R=1 replicas introduced in v2.10.19 (#5841) Thanks to @​cbrewster for the report!

Complete Changes

nats-io/nats-server@v2.10.19...v2.10.20

Release v2.10.19

Changelog

Refer to the 2.10 Upgrade Guide for backwards compatibility notes with 2.9.x.

Go Version

• 1.22.6

Dependencies

• golang.org/x/crypto v0.26.0 (#5782)
• golang.org/x/sys v0.24.0 (#5782)
• golang.org/x/time v0.6.0 (#5751)

Improved

General

• Reduced allocations in various code paths that check for subscription interest (#5736, #5744)
• Subscription matching for gateways and reply tracking has been optimized (#5735)
• Client outbound queues now limit the number of flushed vectors to ensure that very large outbound buffers don’t unfairly compete with write deadlines (#5750)
• In client and leafnode results cache, populate new entry after pruning (#5760)
• Use newly-available generic sorting functions (#5757)
• Set a HTTP read timeout on profiling, monitoring and OCSP HTTP servers (#5790)
• Improve behavior of rate-limited warning logs (#5793)
• Use dedicated queues for the handling of statsz and profilez system events (#5816)

Clustering

• Reduce the chances of implicit routes being duplicated (#5602)

JetStream

• Optimize LoadNextMsg for wildcard consumers that are consuming over a large subject space (#5710)
• When sync/sync_interval is set to always, metadata files for streams and consumers are now written using O_SYNC to guarantee flushes to disk (#5729)
• Walking an entire subject tree is now faster and allocates less (#5734)
• Try to snapshot stream state when a change in the clustered last failed sequence is detected (#5812)

... (truncated)

Commits

• 7140387 Release v2.10.20 (#5849)
• f30b168 Release v2.10.20
• a24fe36 Cherry picks for v2.10.20 (#5843)
• 2b625ce Pin third-party workflows in GitHub Actions
• aa9711c Windows: Search for DLLs in system paths only
• 3ffe823 Fix difference in KV CAS operations for R1 vs R3 (#5841)
• e7c88e8 Release v2.10.19 (#5835)
• afa6c97 Release v2.10.19
• fd01c02 Adjust test to have < 64k subjects to test skip logic.
• 5d3effe Bump to 2.10.19-RC.6
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)