multi: update Go to 1.23.10 and update some packages #9751
Conversation
|
Important Review skippedAuto reviews are limited to specific labels. 🏷️ Labels to auto review (1)
Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
starius
changed the title
starius
force-pushed
the
bump-deps
branch
5 times, most recently
from
599d9b0 to
edfb9f6
Compare
healthcheck/go.mod
Outdated
| go 1.21 | ||
| go 1.23.0 | ||
|
|
||
| toolchain go1.24.0 |
There was a problem hiding this comment.
Can we please remove the toolchain hint? It will cause this version to be downloaded each time. It's added automatically when you're a newer version than the go directive contains. So I think we should just bump the above to go 1.23.10 and then you'd need to run go mod tidy using that version to avoid the toolchain directive to be added again.
Same with all other go.mod files affected by this commit.
There was a problem hiding this comment.
Fixed. Removed this directive everywhere!
| wget https://dl.google.com/go/go1.23.9.linux-amd64.tar.gz | ||
| sha256sum go1.23.9.linux-amd64.tar.gz | awk -F " " '{ print $1 }' | ||
| wget https://dl.google.com/go/go1.23.10.linux-amd64.tar.gz | ||
| sha256sum go1.23.10.linux-amd64.tar.gz | awk -F " " '{ print $1 }' |
There was a problem hiding this comment.
Changes in this files require the hash below to be updated as well. Both for x86-64 and ARMv6.
There was a problem hiding this comment.
Updated the hashes.
|
@ziggie1984: review reminder |
| @@ -34,7 +34,7 @@ env: | |||
|
|
|||
| # If you change this please also update GO_VERSION in Makefile (then run | |||
| # `make lint` to see where else it needs to be updated as well). | |||
| GO_VERSION: 1.23.9 | |||
| GO_VERSION: 1.23.10 | |||
There was a problem hiding this comment.
should we go to 1.24.5 straight away ?
There was a problem hiding this comment.
We normally remain backward compatible for 2 major versions. So we'd only go to 1.24 once 1.25 is out.
go.mod
Outdated
| @@ -19,8 +19,6 @@ require ( | |||
| github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f | |||
| github.com/davecgh/go-spew v1.1.1 | |||
| github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 | |||
| github.com/go-logr/logr v1.4.2 // indirect | |||
There was a problem hiding this comment.
isn't this done by go mod automatically ? or was is done automatically but I wonder why it has its own commit
There was a problem hiding this comment.
No, go mod tidy doesn't move imports between groups. Automatic changes seem to include sorting inside groups and assigning "indirect" labels where necessary.
github.com/dgrijalva/jwt-go package is not referenced in any transitive dependency anymore which allows us to remove one of the replace directives which was added as a security precaution before.
|
Rebased |
Change Description
Updated multiple packages and Go not to use outdated versions.
Steps to Test
Pull Request Checklist
Testing
Code Style and Documentation
[skip ci]in the commit message for small changes.📝 Please see our Contribution Guidelines for further guidance.