Skip to content

Build(deps): Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.28.3#157

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/onsi/ginkgo/v2-2.28.2
Open

Build(deps): Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.28.3#157
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/onsi/ginkgo/v2-2.28.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 28, 2026

Copy link
Copy Markdown

Bumps github.com/onsi/ginkgo/v2 from 2.17.1 to 2.28.3.

Release notes

Sourced from github.com/onsi/ginkgo/v2's releases.

v2.28.3

2.28.3

Maintenance

Bump all dependencies

v2.28.2

2.28.2

  • Add ArtifactDir() to support Go 1.26 testing.TB interface [f3a36b6]
  • Implement shell completion [94151c8]
  • Add asan CLI option mirroring msan implementation [4d21dbb]
  • Bump uri from 1.0.3 to 1.0.4 in /docs (#1630) [c102161]
  • fix aspect ratio [9619647]
  • update logos [5779304]

v2.28.1

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v2.28.0

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

v2.27.5

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

v2.27.4

2.27.4

Fixes

... (truncated)

Changelog

Sourced from github.com/onsi/ginkgo/v2's changelog.

2.28.3

Maintenance

Bump all dependencies

2.28.2

  • Add ArtifactDir() to support Go 1.26 testing.TB interface [f3a36b6]
  • Implement shell completion [94151c8]
  • Add asan CLI option mirroring msan implementation [4d21dbb]
  • Bump uri from 1.0.3 to 1.0.4 in /docs (#1630) [c102161]
  • fix aspect ratio [9619647]
  • update logos [5779304]

2.28.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

2.28.0

Ginkgo's SemVer filter now supports filtering multiple components by SemVer version:

It("should work in a specific version range (1.0.0, 2.0.0) and third-party dependency redis in [8.0.0, ~)", SemVerConstraint(">= 3.2.0"), ComponentSemVerConstraint("redis", ">= 8.0.0") func() {
    // This test will only run when version is between 1.0.0 (exclusive) and 2.0.0 (exclusive) and redis version is >= 8.0.0
})

can be filtered in or out with an invocation like:

ginkgo --sem-ver-filter="2.1.1, redis=8.2.0"

Huge thanks to @​Icarus9913 for working on this!

2.27.5

Fixes

Don't make a new formatter for each GinkgoT(); that's just silly and uses precious memory

2.27.4

Fixes

  • CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751]

2.27.3

Fixes

report exit result in case of failure [1c9f356]

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 28, 2026
@coderabbitai

coderabbitai Bot commented Apr 28, 2026

Copy link
Copy Markdown

Summary by CodeRabbit

  • Chores
    • Updated Go toolchain to version 1.25.0
    • Refreshed project dependencies to latest stable versions for improved stability and security

Walkthrough

The Go module definition is updated to target Go 1.25.0 and refreshes multiple direct and indirect dependencies to newer versions, including testing libraries (ginkgo/v2, gomega), cryptography support (golang.org/x/crypto), and various utility modules.

Changes

Dependency Version Updates

Layer / File(s) Summary
Go Version & Testing Dependencies
go.mod (lines 3, 22–29)
Go toolchain is updated from 1.24.7 to 1.25.0. Testing libraries github.com/onsi/ginkgo/v2 and github.com/onsi/gomega are bumped to newer versions, along with golang.org/x/crypto.
Direct & Indirect Dependencies
go.mod (lines 31–34, 44, 67–72, 87–98)
Indirect dependencies including github.com/Masterminds/semver/v3, github.com/go-task/slim-sprig/v3, and multiple golang.org/x/* modules (mod, sync, term, net, sys, text, tools) are updated. Supporting libraries google.golang.org/protobuf, github.com/google/go-cmp, github.com/google/pprof, and github.com/go-logr/logr are also refreshed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title directly and specifically refers to the main change: bumping ginkgo/v2 from 2.17.1 to 2.28.3, which aligns with the changeset.
Description check ✅ Passed The description provides detailed release notes, changelog entries, and commits for the ginkgo/v2 dependency upgrade, which is directly related to the changeset.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/go_modules/github.com/onsi/ginkgo/v2-2.28.2

Warning

Review ran into problems

🔥 Problems

Git: Failed to clone repository. Please run the @coderabbitai full review command to re-trigger a full review. If the issue persists, set path_filters to include or exclude specific files.


Comment @coderabbitai help to get the list of available commands and usage tips.

Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.17.1 to 2.28.3.
- [Release notes](https://github.com/onsi/ginkgo/releases)
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md)
- [Commits](onsi/ginkgo@v2.17.1...v2.28.3)

---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
  dependency-version: 2.28.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Build(deps): Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.28.2 Build(deps): Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.28.3 May 11, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/onsi/ginkgo/v2-2.28.2 branch from 22c595b to 230cac0 Compare May 11, 2026 11:03

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@go.mod`:
- Line 3: The go.mod module directive currently reads "go 1.25.0" but CI
workflows still pin "go-version: '1.24.7'"; either update all CI workflow
go-version entries to "1.25.0" so CI matches the go.mod directive, or revert the
go.mod directive back to "1.24.7" and regenerate the module lock files (go.sum)
to keep versions consistent; look for the "go 1.25.0" token in go.mod and the
"go-version: '1.24.7'" tokens in your workflow YMLs to make the corresponding
changes.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Enterprise

Run ID: 569a5418-6c70-41f3-967e-62480457d4dc

📥 Commits

Reviewing files that changed from the base of the PR and between c27eab4 and 230cac0.

⛔ Files ignored due to path filters (1)
  • go.sum is excluded by !**/*.sum
📒 Files selected for processing (1)
  • go.mod

Comment thread go.mod
module github.com/openshift-online/ocm-common

go 1.24.7
go 1.25.0

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "== go directive(s) =="
rg -n --hidden -S '^go [0-9]+\.[0-9]+(\.[0-9]+)?$' -g 'go.mod' -g 'go.work' || true

echo
echo "== CI/tooling Go version references =="
rg -n --hidden -S 'go-version:|GO_VERSION|golang:[0-9]+\.[0-9]+' \
  -g '**/.github/workflows/*.yml' \
  -g '**/.github/workflows/*.yaml' \
  -g 'Dockerfile*' \
  -g '.tool-versions' || true

echo
echo "Expected: all discovered version pins align with the go.mod baseline (or are intentionally documented mismatches)."

Repository: openshift-online/ocm-common

Length of output: 490


Update CI workflows to match go.mod directive, or revert the Go version bump

Line 3 sets the module go directive to 1.25.0, but CI workflows still pin go-version: '1.24.7' in .github/workflows/publish-release.yml and .github/workflows/check-pull-request.yml. This mismatch means CI won't validate builds against the declared minimum Go version. Either update all workflow references to 1.25.0, or revert the go.mod directive to 1.24.7 and regenerate the lock file.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 3, The go.mod module directive currently reads "go 1.25.0"
but CI workflows still pin "go-version: '1.24.7'"; either update all CI workflow
go-version entries to "1.25.0" so CI matches the go.mod directive, or revert the
go.mod directive back to "1.24.7" and regenerate the module lock files (go.sum)
to keep versions consistent; look for the "go 1.25.0" token in go.mod and the
"go-version: '1.24.7'" tokens in your workflow YMLs to make the corresponding
changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants