chore(deps): bump the production-dependencies group with 2 updates

[dependabot]

Bumps the production-dependencies group with 2 updates: ash and ash_postgres.

Updates ash from 3.6.2 to 3.7.6

Release notes

Sourced from ash's releases.

v3.7.3

Bug Fixes:

• don't re-cast atomic updates when adding validations by @​zachdaniel

• ensure calculation contexts include changes from before_transaction hooks by @​zachdaniel

Improvements:

• Simplify forbidden_due_to_strict_policy check (#2400) by @​maennchen

v3.7.1

Bug Fixes:

• normalize bulk index metadata before returning by @​zachdaniel

• reuse type constraints when matching relationship records (#2391) by Hannes Wüthrich

v3.7.0

Features:

• Refactor SAT Solver into crux (#2375) by @​maennchen

Improvements:

• Add combination_acc callback to DataLayer behaviour by @​zachdaniel

Changelog

Sourced from ash's changelog.

v3.7.6 (2025-10-19)

Bug Fixes:

• ensure attribute used in atomic update is casted fully by @​zachdaniel

v3.7.5 (2025-10-19)

Bug Fixes:

• revert changes to bulk action index context/metadata keys

v3.7.4 (2025-10-19)

Bug Fixes:

• ensure that a filter vs forbidden response is correctly deteermined by [@​zachdaniel]

(not a security issue, only affects the response type)

v3.7.3 (2025-10-19)

Bug Fixes:

• don't re-cast atomic updates when adding validations by @​zachdaniel

• ensure calculation contexts include changes from before_transaction hooks by @​zachdaniel

Improvements:

• Simplify forbidden_due_to_strict_policy check (#2400) by @​maennchen

v3.7.2 (2025-10-18)

Bug Fixes:

• update crux for proper eager check evaluation by @​zachdaniel

... (truncated)

Commits

• 381068e chore: release version v3.7.6
• 82b2b11 fix: ensure attribute used in atomic update is casted fully
• 52881ea chore: release version v3.7.5
• 3cbee0d test: revive tests for nested bulk action conflict issues
• 21c09a4 Revert "fix: improve nested bulk action notification handling (#2353)"
• 86fb3a3 Revert "fix: extended context collision prevention to all bulk operation type...
• 463a92a chore: format
• 9cbadaa chore: release version v3.7.4
• 93fbc97 test: reproduce incorrect response type (forbidden vs filter)
• 96d22a4 Revert "improvement: Simplify forbidden_due_to_strict_policy check (#2400)"
• Additional commits viewable in compare view

Updates ash_postgres from 2.6.22 to 2.6.24

Release notes

Sourced from ash_postgres's releases.

v2.6.24

Bug Fixes:

• handle results that can't be mapped to the changeset in bulk_create (#638) by Barnabas Jovanovics

• handle results that can't be mapped to the changeset in bulk_create by Barnabas Jovanovics

Improvements:

• remove unused bulk operation metadata function & update ash by Zach Daniel

v2.6.23

Improvements:

• implement combination_acc/1 by Zach Daniel

Changelog

Sourced from ash_postgres's changelog.

v2.6.24 (2025-10-30)

Bug Fixes:

• handle results that can't be mapped to the changeset in bulk_create (#638) by Barnabas Jovanovics

• handle results that can't be mapped to the changeset in bulk_create by Barnabas Jovanovics

Improvements:

• remove unused bulk operation metadata function & update ash by Zach Daniel

v2.6.23 (2025-10-15)

Improvements:

• implement combination_acc/1 by Zach Daniel

Commits

• defb1db chore: release version v2.6.24
• 7b67d31 chore: update spark
• 913f936 chore: fix tests & don't do normal rollbacks with --tenant option
• 89ca1fe chore: update mix.lock
• 1023ded improvement: remove unused bulk operation metadata function & update ash
• 449ae3f test: typed struct arrays with storage_type :jsonb & {:array, map} (#640)
• b2216c4 test: add tests for ash_sql fix for exists paths in calculations
• 39475a7 * feat: support building error payloads using immutable functions (#639)
• f9bd171 fix: handle results that can't be mapped to the changeset in bulk_create (#638)
• d54f93c chore: release version v2.6.23
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[Torkan]

@dependabot rebase