Build(deps): Bump golang.org/x/term from 0.39.0 to 0.42.0

[dependabot]

Bumps golang.org/x/term from 0.39.0 to 0.42.0.

Commits

• 52b71d3 go.mod: update golang.org/x dependencies
• 9d2dc07 go.mod: update golang.org/x dependencies
• d954e03 all: upgrade go directive to at least 1.25.0 [generated]
• 3aff304 go.mod: update golang.org/x dependencies
• See full diff in compare view

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 94d31186-265f-4a41-872b-a3a32029987b

📥 Commits

Reviewing files that changed from the base of the PR and between d44d603 and dfbbe26.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

✅ Files skipped from review due to trivial changes (1)

• go.mod

---

Walkthrough

Go toolchain directive updated from go 1.24.13 to go 1.25.0. Direct dependency golang.org/x/term bumped from v0.39.0 to v0.42.0. Indirect dependency golang.org/x/sys bumped from v0.40.0 to v0.43.0 in go.mod.

Changes

Cohort / File(s)	Summary
Go Module Dependencies go.mod	Toolchain version changed to go 1.25.0; golang.org/x/term updated to v0.42.0; indirect golang.org/x/sys updated to v0.43.0.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The PR title accurately reflects the main change: bumping golang.org/x/term dependency, though it omits the Go toolchain upgrade and golang.org/x/sys bump.
Description check	✅ Passed	The description is directly related to the changeset, providing specific version information and commit details for the golang.org/x/term bump.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/golang.org/x/term-0.42.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign rcampos2029 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift-online member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[krishvoor]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@go.mod`:
- Line 3: go.mod now declares "go 1.25.0" but the CI workflows still pin older
Go versions; update every workflow step that sets the setup-go input key
"go-version" (e.g., where actions/setup-go@... is used) to "1.25.0" so the
workflows match the module minimum; search for occurrences of go-version: 1.22
and 1.23 and replace them with go-version: 1.25.0 to keep CI and go.mod
consistent.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: c5e96d16-9982-44cd-81c7-1f84bbd4c91a

📥 Commits

Reviewing files that changed from the base of the PR and between 557f489 and d44d603.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Read-only verification of Go version pins across repo config/docs.
set -euo pipefail

echo "== Files that may pin Go versions =="
fd -HI '(^|/)(go\.mod|go\.work|\.tool-versions|Dockerfile|dockerfile|Makefile|.*\.yml|.*\.yaml|README.*)$'

echo
echo "== Mentions of Go versions / setup-go =="
rg -n --iglob '*.yml' --iglob '*.yaml' --iglob 'Dockerfile*' --iglob 'Makefile*' --iglob 'README*' \
  'setup-go|go-version|golang:|GO_VERSION|go[[:space:]]+[0-9]+\.[0-9]+'

echo
echo "== go.mod directive =="
rg -n '^go[[:space:]]+'

Repository: openshift-online/ocm-cli

Length of output: 665

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "=== GitHub Workflows (setup-go usage) ==="
for f in .github/workflows/*.yaml .github/workflows/*.yml; do
  [ -f "$f" ] && echo "File: $f" && grep -A 2 -B 2 'setup-go\|go-version' "$f" || true
done

echo
echo "=== Dockerfile Go base image ==="
[ -f docker/Dockerfile ] && cat -n docker/Dockerfile | grep -i 'from.*golang\|from.*go:' || echo "No golang/go base image found"

echo
echo "=== Makefile Go version checks ==="
[ -f Makefile ] && (grep -n 'go[[:space:]]*[0-9]\|GO_VERSION\|GOLANG' Makefile || echo "No explicit Go version in Makefile") || true

echo
echo "=== go.mod current directive ==="
head -5 go.mod | grep -n '^go'

echo
echo "=== Tekton configs Go version refs ==="
for f in .tekton/*.yaml; do
  [ -f "$f" ] && grep -n 'go[[:space:]]*[0-9]\|setup-go\|golang' "$f" || true
done

Repository: openshift-online/ocm-cli

Length of output: 922

---

Update GitHub workflows to use Go 1.25.0 to match go.mod.

The go.mod bump to 1.25.0 creates a mismatch with CI workflows: .github/workflows/check-pull-request.yaml pins Go 1.22 and 1.23, while .github/workflows/publish-release.yaml uses 1.23. These will fail when running against the new 1.25.0 minimum. Update both workflows to use go-version: 1.25.0.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@go.mod` at line 3, go.mod now declares "go 1.25.0" but the CI workflows still
pin older Go versions; update every workflow step that sets the setup-go input
key "go-version" (e.g., where actions/setup-go@... is used) to "1.25.0" so the
workflows match the module minimum; search for occurrences of go-version: 1.22
and 1.23 and replace them with go-version: 1.25.0 to keep CI and go.mod
consistent.