Skip to content

[9.4](backport #51950) mod: replace gopkg.in/natefinch/lumberjack.v2 with elastic fork#51956

Open
mergify[bot] wants to merge 2 commits into
9.4from
mergify/bp/9.4/pr-51950
Open

[9.4](backport #51950) mod: replace gopkg.in/natefinch/lumberjack.v2 with elastic fork#51956
mergify[bot] wants to merge 2 commits into
9.4from
mergify/bp/9.4/pr-51950

Conversation

@mergify

@mergify mergify Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

Proposed commit message

See title.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation
  • I have made corresponding change to the default configuration files
  • I have added tests that prove my fix is effective or that my feature works. Where relevant, I have used the stresstest.sh script to run them under stress conditions and race detector to verify their stability.
  • I have added an entry in ./changelog/fragments using the changelog tool.

Disruptive User Impact

How to test this PR locally

Related issues

Use cases

Screenshots

Logs


This is an automatic backport of pull request #51950 done by [Mergify](https://mergify.com).

(cherry picked from commit 3de2668)

# Conflicts:
#	go.mod
#	go.sum
@mergify mergify Bot added the backport label Jul 15, 2026
@mergify mergify Bot requested a review from a team as a code owner July 15, 2026 07:41
@mergify mergify Bot added the conflicts There is a conflict in the backported pull request label Jul 15, 2026
@mergify mergify Bot requested a review from a team as a code owner July 15, 2026 07:41
@mergify mergify Bot added backport conflicts There is a conflict in the backported pull request labels Jul 15, 2026
@mergify mergify Bot assigned efd6 Jul 15, 2026
@mergify

mergify Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor Author

Cherry-pick of 3de2668 has failed:

On branch mergify/bp/9.4/pr-51950
Your branch is up to date with 'origin/9.4'.

You are currently cherry-picking commit 3de266859.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   NOTICE.txt
	new file:   changelog/fragments/1784080439-49092-lumberjack.yaml
	modified:   x-pack/filebeat/input/cel/config.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/azuread/fetcher/graph/graph.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/azuread/fetcher/graph/graph_test.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/jamf/conf.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/jamf/conf_test.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/jamf/jamf_test.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/okta/conf.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/okta/conf_test.go
	modified:   x-pack/filebeat/input/entityanalytics/provider/okta/okta_test.go
	modified:   x-pack/filebeat/input/http_endpoint/config.go
	modified:   x-pack/filebeat/input/http_endpoint/config_test.go
	modified:   x-pack/filebeat/input/http_endpoint/handler_test.go
	modified:   x-pack/filebeat/input/httpjson/config_request.go

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   go.mod
	both modified:   go.sum

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@botelastic botelastic Bot added the needs_team Indicates that the issue/PR needs a Team:* label label Jul 15, 2026
@github-actions

Copy link
Copy Markdown
Contributor

🤖 GitHub comments

Just comment with:

  • run docs-build : Re-trigger the docs validation. (use unformatted text in the comment!)
  • /test : Run the Buildkite pipeline.

@github-actions github-actions Bot added Filebeat Filebeat Team:Security-Service Integrations Security Service Integrations Team labels Jul 15, 2026
@infra-vault-gh-plugin-prod

Copy link
Copy Markdown

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

@botelastic botelastic Bot removed the needs_team Indicates that the issue/PR needs a Team:* label label Jul 15, 2026
@efd6 efd6 enabled auto-merge (squash) July 15, 2026 07:48
@github-actions

Copy link
Copy Markdown
Contributor

TL;DR

The golangci-lint step fails on all three platform jobs because the backport contains 23 lint findings across the changed Filebeat files. Resolve the reported findings, then rerun the workflow; the PR is also currently blocked by the reported cherry-pick conflicts.

Remediation

  • Fix the errcheck, forbidigo, gosec, noctx, staticcheck, testifylint, unused, and QF1001 findings reported below, or update the code to use the repository-approved test logger/request/error-handling patterns.
  • Resolve the go.mod and go.sum cherry-pick conflicts noted by Mergify, push the corrected backport, and rerun golangci-lint.
Investigation details

Root Cause

The golangci-lint step reports 23 issues in the backported changes. The same findings occur on macOS, Windows, and Ubuntu, so this is not platform-specific.

Evidence

  • Workflow: https://github.com/elastic/beats/actions/runs/29398456375
  • Jobs/step: lint (macos-latest), lint (windows-latest), and lint (ubuntu-latest) / golangci-lint
  • Key log excerpt: x-pack/filebeat/input/http_endpoint/handler_test.go:660:14: Error return value is not checked (errcheck); x-pack/filebeat/input/entityanalytics/provider/azuread/fetcher/graph/graph_test.go:437:51: use of logp.L forbidden (forbidigo); x-pack/filebeat/input/entityanalytics/provider/okta/okta_test.go:160:18: G705: XSS via taint analysis (gosec); x-pack/filebeat/input/http_endpoint/config.go:110:25: QF1001: could apply De Morgan's law (staticcheck); x-pack/filebeat/input/entityanalytics/provider/okta/conf.go:346:6: func populateJSONFromFile is unused (unused); final summary: 23 issues.

Validation

  • Not run locally; diagnosis is based on the failed workflow logs.

Follow-up

  • No prior PR Actions Detective report was present on this PR, so there is no earlier diagnosis to compare.

What is this? | From workflow: PR Actions Detective

Give us feedback! React with 🚀 if perfect, 👍 if helpful, 👎 if not.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backport conflicts There is a conflict in the backported pull request Filebeat Filebeat Team:Security-Service Integrations Security Service Integrations Team

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant