chore(deps): update module github.com/googleapis/enterprise-certificate-proxy to v0.3.17#180
Conversation
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
44f1ec8 to
a5b769f
Compare
ℹ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
a5b769f to
b7e7ae4
Compare
b7e7ae4 to
93fc238
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #180 +/- ##
=======================================
Coverage 36.96% 36.96%
=======================================
Files 23 23
Lines 1220 1220
=======================================
Hits 451 451
Misses 744 744
Partials 25 25
Flags with carried forward coverage won't be shown. Click here to find out more. Continue to review full report in Codecov by Harness.
🚀 New features to boost your workflow:
|
ℹ️ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
93fc238 to
70b7126
Compare
70b7126 to
ea32e7f
Compare
137c622 to
570dc4d
Compare
2e3f8ed to
7a250a2
Compare
eb3ab78 to
4cfc54f
Compare
4cfc54f to
ea15409
Compare
ea15409 to
414597e
Compare
|
🤖 Finished Review · ✅ Success · Started 9:51 PM UTC · Completed 10:03 PM UTC |
ReviewFindingsCritical
Low
Previous runReviewFindingsCritical
Medium
Low
Labels: Dependency-only PR updating Go modules. Previous run (2)ReviewFindingsHigh
Medium
Low
Previous run (3)ReviewFindingsCritical
High
Medium
Low
Labels: Dependency update PR modifying go.mod/go.sum. |
|
🤖 Finished Review · ✅ Success · Started 9:27 PM UTC · Completed 9:36 PM UTC |
|
🤖 Finished Retro · ✅ Success · Started 6:11 PM UTC · Completed 6:16 PM UTC |
Retro: PR #180 — Automated dependency update (enterprise-certificate-proxy)What happened: PR #180 was an automated Renovate/MintMaker dependency update that bumped The review agent ran twice (on force pushes from 2026-06-25 and 2026-06-26), correctly identifying the Go version mismatch with CI (1.25.0 vs 1.22.x) as a critical/high issue, plus scope creep and new transitive dependencies. Both reviews submitted Review quality: Good. The review agent correctly identified the most important problem — the Go version bump would break CI — and appropriately flagged scope creep. The severity was sensibly downgraded between reviews when Go went from 1.25.8 to 1.25.0. Token cost concern: Two full review runs (~14 min and ~12 min) plus a retro run were spent on a bot PR that was never going to be merged and had no human engagement. This represents avoidable token spend. No new proposals. All improvement opportunities identified are already covered by existing open issues in
Prioritizing #1371 (skip review for bot-authored PRs) and #2461 (skip retro for autoclosed bot PRs) would have the highest impact — they would have prevented all agent token spend on this PR entirely. |
|
🤖 Finished Review · ✅ Success · Started 1:29 AM UTC · Completed 1:39 AM UTC |
…te-proxy to v0.3.17 Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
|
🤖 Finished Review · ✅ Success · Started 10:49 AM UTC · Completed 10:57 AM UTC |
| module github.com/konflux-ci/qe-tools | ||
|
|
||
| go 1.23.0 | ||
| go 1.25.0 |
There was a problem hiding this comment.
[critical] api-contract
The go directive is bumped from 1.23.0 to 1.25.0, but CI workflows are pinned to Go 1.23.x. In .github/workflows/test.yml, the test matrix uses go-version: [1.23.x] (line 15) and the e2e job uses go-version: 1.23 (line 53). In .github/workflows/lint.yml, linting uses go-version: 1.23 (line 19). The Dockerfile uses ubi9/go-toolset:9.8 which ships a Go version well below 1.25. While Go 1.21+ supports GOTOOLCHAIN=auto for automatic toolchain downloads, this behavior is not guaranteed in all environments. The mismatch will cause build failures unless GOTOOLCHAIN=auto is explicitly set or all CI/container references are updated.
Suggested fix: Either (a) update all CI workflow files and the Dockerfile base image to use Go >= 1.25, or (b) keep the go directive at 1.23.0 and only bump the dependencies that are compatible with Go 1.23.
This PR contains the following updates:
v0.3.2→v0.3.17Warning
Some dependencies could not be looked up. Check the warning logs for more information.
Release Notes
googleapis/enterprise-certificate-proxy (github.com/googleapis/enterprise-certificate-proxy)
v0.3.17Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.16...v0.3.17
v0.3.16Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.15...v0.3.16
v0.3.15Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.14...v0.3.15
v0.3.14Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.13...v0.3.14
v0.3.13Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.12...v0.3.13
v0.3.12Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.11...v0.3.12
v0.3.11Compare Source
What's Changed
New Contributors
Full Changelog: googleapis/enterprise-certificate-proxy@0.3.10...v0.3.11
v0.3.9Compare Source
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.8...v0.3.9
v0.3.8Compare Source
What's Changed
New Contributors
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.7...v0.3.8
v0.3.7Compare Source
This release creates ECP Http Proxy
What's Changed
New Contributors
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.6...v0.3.7
v0.3.6Compare Source
New Feature Update!
This update includes support for keychain type selection on MacOS. The universal cert config now supports a new field "keychain_type" with the following possible values: "login", "system", or "all". If this field is missing or empty, we will assume "all", which is the current behavior. For devices with custom keychains, such as test keychains, the value "all" should be used to include the custom keychains in the search space.
Example config snippet:
{
"cert_configs": {
"macos_keychain": {
"issuer": "Google Endpoint Verification",
"keychain_type": "system"
},
...
}
The "darwin-specific" client has also been updated with a new API "NewSecureKeyWithOptions" that can be used to specify the keychain type.
Change Log
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.5...v0.3.6
v0.3.5Compare Source
This release bumps Golang version to 1.23 and crypto to 0.35.0 to be compliant with CVE scanner.
What's Changed
New Contributors
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.4...v0.3.5
v0.3.4: Post-GA ReleaseCompare Source
This is strictly a version bump release to fix github mirrors issue associated with v0.3.3 (due incorrectly tagged commit id). No code changes between v0.3.3 and v0.3.4.
What's Changed
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.3...v0.3.4
v0.3.3: Post-GA ReleaseCompare Source
What's Changed
New Contributors
Full Changelog: googleapis/enterprise-certificate-proxy@v0.3.2...v0.3.3
Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.