fix(deps): update golang.org/x/exp digest to c48552f#172
fix(deps): update golang.org/x/exp digest to c48552f#172red-hat-konflux[bot] wants to merge 1 commit into
Conversation
ℹ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
59e5aad to
57aedad
Compare
20548b2 to
57aedad
Compare
57aedad to
7a1f4ed
Compare
7a1f4ed to
8d1d03d
Compare
8d1d03d to
1182193
Compare
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
28c779b to
1182193
Compare
1182193 to
d4fe56e
Compare
d4fe56e to
d4cf75c
Compare
33dc139 to
d4cf75c
Compare
9b816e5 to
d4cf75c
Compare
d4cf75c to
40ad7e5
Compare
40ad7e5 to
cbbd296
Compare
cbbd296 to
d57d195
Compare
d57d195 to
0164536
Compare
0164536 to
458096c
Compare
ℹ️ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
|
🤖 Finished Review · ✅ Success · Started 9:50 PM UTC · Completed 9:59 PM UTC |
ReviewFindingsHigh
Previous runReviewFindingsCritical
Medium
Low
Labels: PR modifies go.mod and go.sum for dependency updates. |
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
|
🤖 Finished Review · ✅ Success · Started 10:48 AM UTC · Completed 10:56 AM UTC |
| module github.com/konflux-ci/qe-tools | ||
|
|
||
| go 1.23.0 | ||
| go 1.25.0 |
There was a problem hiding this comment.
[high] API contract violation
The go directive is bumped from 1.23.0 to 1.25.0. Multiple CI workflows specify incompatible Go versions: slack-message.yml uses Go 1.22, lint.yml uses Go 1.23, pre-commit.yml uses Go 1.23, and test.yml uses Go 1.23.x. Modules with a go 1.25 directive require Go 1.25+ to build, so this will cause immediate CI failures.
Suggested fix: Either keep the go directive at 1.23.0 if the dependency updates do not require Go 1.25, or update all CI workflow files to use Go >= 1.25.
| golang.org/x/tools v0.30.0 | ||
| golang.org/x/tools v0.46.0 | ||
| google.golang.org/api v0.164.0 | ||
| honnef.co/go/tools v0.4.7 |
There was a problem hiding this comment.
[high] API contract violation
honnef.co/go/tools v0.4.7 (staticcheck) is a direct dependency with tight internal coupling to golang.org/x/tools via go/analysis. Bumping golang.org/x/tools from v0.30.0 to v0.46.0 (16 minor versions) risks binary incompatibility. Go MVS will select v0.46.0, which may break staticcheck compilation. The pinned golang.org/x/exp/typeparams at its old version adds further mismatch risk.
Suggested fix: Either bump honnef.co/go/tools to a version compatible with golang.org/x/tools v0.46.0 (e.g., v0.6.x+), or verify the full build and linter suite passes with go build ./... before merging.
This PR contains the following updates:
9212866→c48552fWarning
Some dependencies could not be looked up. Check the warning logs for more information.
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.