Skip to content

chore(deps): update go4.org digest to a507140#163

Open
red-hat-konflux[bot] wants to merge 1 commit into
mainfrom
konflux/mintmaker/main/go4.org-digest
Open

chore(deps): update go4.org digest to a507140#163
red-hat-konflux[bot] wants to merge 1 commit into
mainfrom
konflux/mintmaker/main/go4.org-digest

Conversation

@red-hat-konflux

@red-hat-konflux red-hat-konflux Bot commented Jun 22, 2025

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
go4.org indirect digest d4a0794a507140

Warning

Some dependencies could not be looked up. Check the warning logs for more information.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from 611a7aa to d664ef9 Compare January 11, 2026 21:09
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to 2148625 chore(deps): update go4.org digest to 65dcd4d Jan 11, 2026
@red-hat-konflux

red-hat-konflux Bot commented Jan 11, 2026

Copy link
Copy Markdown
Contributor Author

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 28 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.21 -> 1.24.0
cloud.google.com/go/storage v1.38.0 -> v1.56.0
golang.org/x/tools v0.21.0 -> v0.39.0
google.golang.org/api v0.164.0 -> v0.259.0
cloud.google.com/go v0.112.0 -> v0.121.6
github.com/cespare/xxhash/v2 v2.2.0 -> v2.3.0
github.com/google/go-cmp v0.6.0 -> v0.7.0
github.com/google/s2a-go v0.1.7 -> v0.1.9
github.com/googleapis/enterprise-certificate-proxy v0.3.2 -> v0.3.7
github.com/googleapis/gax-go/v2 v2.12.0 -> v2.16.0
github.com/prometheus/client_model v0.3.0 -> v0.6.2
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 -> v0.61.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 -> v0.61.0
go.opentelemetry.io/otel v1.23.0 -> v1.38.0
golang.org/x/crypto v0.23.0 -> v0.46.0
golang.org/x/mod v0.17.0 -> v0.30.0
golang.org/x/net v0.25.0 -> v0.48.0
golang.org/x/oauth2 v0.17.0 -> v0.34.0
golang.org/x/sync v0.7.0 -> v0.19.0
golang.org/x/sys v0.29.0 -> v0.40.0
golang.org/x/term v0.20.0 -> v0.38.0
golang.org/x/text v0.15.0 -> v0.32.0
golang.org/x/time v0.5.0 -> v0.14.0
gomodules.xyz/jsonpatch/v2 v2.2.0 -> v2.2.0
google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 -> v0.0.0-20251222181119-0a764e51fe1b
google.golang.org/grpc v1.61.0 -> v1.78.0
google.golang.org/protobuf v1.33.0 -> v1.36.11

@snyk-io

snyk-io Bot commented Jan 11, 2026

Copy link
Copy Markdown

Snyk checks have failed. 4 issues have been found so far.

Status Scan Engine Critical High Medium Low Total (4)
Open Source Security 0 4 0 0 4 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to 65dcd4d chore(deps): update go4.org digest to a507140 Jan 13, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from d664ef9 to 96c0767 Compare January 13, 2026 01:32
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch 3 times, most recently from ab26087 to 9f71984 Compare March 3, 2026 14:12
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from 9f71984 to 2d5ec8b Compare April 2, 2026 22:28
@red-hat-konflux

red-hat-konflux Bot commented Apr 2, 2026

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 28 additional dependencies were updated
  • The go directive was updated for compatibility reasons

Details:

Package Change
go 1.23.0 -> 1.24.0
cloud.google.com/go/storage v1.38.0 -> v1.56.0
golang.org/x/tools v0.30.0 -> v0.39.0
google.golang.org/api v0.164.0 -> v0.259.0
cloud.google.com/go v0.112.0 -> v0.121.6
github.com/cespare/xxhash/v2 v2.2.0 -> v2.3.0
github.com/google/go-cmp v0.6.0 -> v0.7.0
github.com/google/s2a-go v0.1.7 -> v0.1.9
github.com/googleapis/enterprise-certificate-proxy v0.3.2 -> v0.3.7
github.com/googleapis/gax-go/v2 v2.12.0 -> v2.16.0
github.com/prometheus/client_model v0.3.0 -> v0.6.2
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.47.0 -> v0.61.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.47.0 -> v0.61.0
go.opentelemetry.io/otel v1.23.0 -> v1.38.0
golang.org/x/crypto v0.33.0 -> v0.46.0
golang.org/x/mod v0.23.0 -> v0.30.0
golang.org/x/net v0.35.0 -> v0.48.0
golang.org/x/oauth2 v0.17.0 -> v0.34.0
golang.org/x/sync v0.11.0 -> v0.19.0
golang.org/x/sys v0.30.0 -> v0.40.0
golang.org/x/term v0.29.0 -> v0.38.0
golang.org/x/text v0.22.0 -> v0.32.0
golang.org/x/time v0.5.0 -> v0.14.0
gomodules.xyz/jsonpatch/v2 v2.2.0 -> v2.2.0
google.golang.org/genproto v0.0.0-20240125205218-1f4bbc51befe -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/api v0.0.0-20240205150955-31a09d347014 -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/rpc v0.0.0-20240205150955-31a09d347014 -> v0.0.0-20251222181119-0a764e51fe1b
google.golang.org/grpc v1.61.0 -> v1.78.0
google.golang.org/protobuf v1.33.0 -> v1.36.11

@codecov-commenter

codecov-commenter commented Apr 2, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 36.96%. Comparing base (794dda6) to head (6f7cf04).

Additional details and impacted files

Impacted file tree graph

@@           Coverage Diff           @@
##             main     #163   +/-   ##
=======================================
  Coverage   36.96%   36.96%           
=======================================
  Files          23       23           
  Lines        1220     1220           
=======================================
  Hits          451      451           
  Misses        744      744           
  Partials       25       25           
Flag Coverage Δ
e2e-tests 15.16% <ø> (ø)
unit-tests 31.96% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.


Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 794dda6...6f7cf04. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 chore(deps): update go4.org digest to a507140 - autoclosed Apr 6, 2026
@red-hat-konflux red-hat-konflux Bot closed this Apr 6, 2026
@red-hat-konflux red-hat-konflux Bot deleted the konflux/mintmaker/main/go4.org-digest branch April 6, 2026 02:10
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 - autoclosed chore(deps): update go4.org digest to a507140 Apr 6, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Apr 6, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch 2 times, most recently from 2d5ec8b to 199ce67 Compare April 6, 2026 09:52
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 chore(deps): update go4.org digest to a507140 - autoclosed Apr 21, 2026
@red-hat-konflux red-hat-konflux Bot closed this Apr 21, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 - autoclosed chore(deps): update go4.org digest to a507140 Apr 21, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Apr 21, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch 2 times, most recently from 199ce67 to 406d206 Compare April 21, 2026 06:21
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 chore(deps): update go4.org digest to a507140 - autoclosed Apr 30, 2026
@red-hat-konflux red-hat-konflux Bot closed this Apr 30, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 - autoclosed chore(deps): update go4.org digest to a507140 May 1, 2026
@red-hat-konflux red-hat-konflux Bot reopened this May 1, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch 2 times, most recently from 406d206 to da75c18 Compare May 1, 2026 06:02
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 chore(deps): update go4.org digest to a507140 - autoclosed May 14, 2026
@red-hat-konflux red-hat-konflux Bot closed this May 14, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 - autoclosed chore(deps): update go4.org digest to a507140 May 14, 2026
@red-hat-konflux red-hat-konflux Bot reopened this May 14, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch 2 times, most recently from da75c18 to f1e98e0 Compare May 14, 2026 14:15
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from f1e98e0 to a9c3abf Compare June 2, 2026 15:55
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 chore(deps): update go4.org digest to a507140 - autoclosed Jun 5, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jun 5, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update go4.org digest to a507140 - autoclosed chore(deps): update go4.org digest to a507140 Jun 5, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jun 5, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from a9c3abf to eb1c9e9 Compare June 5, 2026 18:35
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from eb1c9e9 to b70cde5 Compare June 25, 2026 21:44
@fullsend-ai-review

fullsend-ai-review Bot commented Jun 25, 2026

Copy link
Copy Markdown

🤖 Finished Review · ✅ Success · Started 9:47 PM UTC · Completed 9:56 PM UTC
Commit: ec21706 · View workflow run →

@fullsend-ai-review

fullsend-ai-review Bot commented Jun 25, 2026

Copy link
Copy Markdown

Looks good to me


Labels: Mechanical dependency update PR generated by Renovate bot.

Previous run

Review

Findings

Medium

  • [api-contract] .github/workflows/test.yml:15 — CI workflows hardcode Go 1.22.x (test.yml line 15, lint.yml line 19, pre-commit.yml line 17, slack-message.yml lines 12 and 21) while go.mod is being bumped to go 1.24.0. Since Go 1.21, the default GOTOOLCHAIN=auto setting causes Go 1.22 to automatically download and use Go 1.24 when go.mod requires it. The actions/setup-go action does not override GOTOOLCHAIN, so builds will not fail — Go 1.22 will transparently fetch the Go 1.24 toolchain. The mismatch is still worth fixing for clarity and to avoid unnecessary toolchain downloads.
    Remediation: Update all workflow files to use go-version: '1.24' to avoid unnecessary toolchain auto-download and keep CI config consistent with go.mod.

  • [api-contract] Dockerfile:1 — Dockerfile uses ubi9/go-toolset:9.8 which ships Go 1.22.x. With go.mod bumped to go 1.24.0, the GOTOOLCHAIN=auto mechanism should trigger an automatic toolchain download. However, Red Hat's go-toolset images may restrict or disable Go's toolchain auto-download behavior depending on how they package Go. If GOTOOLCHAIN is set to local or the image lacks network access during build, this could cause a build failure.
    Remediation: Update the Dockerfile base image to a go-toolset tag that ships Go 1.24 or later, or verify that the current image supports GOTOOLCHAIN=auto and has network access during the build stage.

@fullsend-ai-review fullsend-ai-review Bot added the requires-manual-review Review requires human judgment label Jun 25, 2026
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/main/go4.org-digest branch from b70cde5 to 6f7cf04 Compare July 2, 2026 10:43
@fullsend-ai-review

fullsend-ai-review Bot commented Jul 2, 2026

Copy link
Copy Markdown

🤖 Finished Review · ✅ Success · Started 10:46 AM UTC · Completed 10:51 AM UTC
Commit: ec21706 · View workflow run →

@fullsend-ai-review fullsend-ai-review Bot added ready-for-merge All reviewers approved — ready to merge dependencies and removed requires-manual-review Review requires human judgment labels Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies ready-for-merge All reviewers approved — ready to merge < 1 min

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant