Skip to content

chore: bump deps #276

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sergelogvinov merged 1 commit into from
Jan 27, 2026
Merged

chore: bump deps #276

sergelogvinov merged 1 commit into from
Jan 27, 2026

Conversation

@sergelogvinov
Copy link
Owner

@sergelogvinov sergelogvinov commented Jan 27, 2026
edited by coderabbitai bot
Loading

Updated dependencies

Pull Request

What? (description)

Why? (reasoning)

Acceptance

Please use the following checklist:

  • you linked an issue (if applicable)
  • you included tests (if applicable)
  • you linted your code (make lint)
  • you linted your code (make unit)

See make help for a description of the available targets.

Summary by CodeRabbit

Chores

  • Updated Go toolchain to the latest version
  • Upgraded build infrastructure with the latest build tools
  • Refreshed project dependencies to latest stable releases for enhanced stability and security

✏️ Tip: You can customize this high-level summary in your review settings.

@sergelogvinov
chore: bump deps
450ddab 
Updated dependencies

Signed-off-by: Serge Logvinov <serge.logvinov@sinextra.dev>
@coderabbitai
Copy link

coderabbitai bot commented Jan 27, 2026

Walkthrough

The pull request performs routine maintenance updates across three files. The Go toolchain is bumped to version 1.25.6 in both the Dockerfile base image and the go.mod configuration. The golangci-lint GitHub Action in the CI workflow is updated from v2.6.2 to v2.8.0. Additionally, nine Go dependencies receive patch or minor version updates, including packages for Proxmox, Prometheus, and standard library modules (crypto, net, sys, term, text, exp) plus Kubernetes utilities. No code logic, exports, or API changes are present.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

  • chore: bump deps #261: Performs similar dependency and tooling version bumps affecting go.mod and Dockerfile files
  • chore: bump deps #260: Updates CI workflow action versions in build-test.yaml and performs coordinated dependency bumps in go.mod
🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'chore: bump deps' accurately describes the main change—dependency updates across Go toolchain, GitHub Actions, Docker base image, and multiple Go modules.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Jan 27, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Fix all issues with AI agents 
In @.github/workflows/build-test.yaml:
- Around line 31-35: The workflow update sets the Lint step to use golangci-lint
version v2.8.0 (see Lint step and version: v2.8.0 in
.github/workflows/build-test.yaml); run a CI/test pass locally or in a branch
with that workflow to surface any new linter failures, and if failures occur
update .golangci.yml to explicitly disable or configure the new checks
(godoc-lint's require-stdlib-doclink, gosec G116, modernize's
stringscut/unsafefuncs, unqueryvet options) or adjust rules/severity, or
temporarily pin the workflow to the prior working golangci-lint version until
the config is updated; iterate until the pipeline is green.

.github/workflows/build-test.yaml
Comment on lines 31 to 35
- name: Lint
uses: golangci/golangci-lint-action@v9
with:
version: v2.6.2
version: v2.8.0
args: --timeout=5m --config=.golangci.yml
Copy link

@coderabbitai coderabbitai bot Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

golangci-lint v2.8.0 release notes breaking changes

💡 Result:

golangci-lint v2.8.0 (released January 7, 2026) does not list any explicit “breaking changes” in its official release notes/changelog—no CLI/config removals or incompatible defaults are called out for this version. (golangci-lint.run)

The changes most likely to impact CI results (i.e., “practically breaking” due to new/changed findings) are linter updates: (golangci-lint.run)

  • New checks/rules added by bundled linters
  • New linter options that could change behavior if you configure them
    • unqueryvet: adds multiple new options (e.g., check-subqueries, sql-builders, etc.) (golangci-lint.run)
  • Output/message changes
    • prealloc: “message changes” (can affect baselines/golden files) (golangci-lint.run)

Citations:

🌐 Web query:

golangci-lint v2.8.0 Go 1.25 support compatibility

💡 Result:

  • Yes, golangci-lint v2.8.0 is compatible with Go 1.25, as long as the golangci-lint binary you run was built with Go 1.25 (or newer). golangci-lint generally supports analyzing Go code for versions ≤ the Go version used to compile golangci-lint. [2][3]
  • Go 1.25 was released August 12, 2025, and golangci-lint maintainers note that official binaries are built with Go 1.25 (so the official release artifacts should work with Go 1.25 projects). [3][4]
  • v2.8.0 itself was released 2026-01-07. [1]
  • Gotcha: if you install via a package manager (Homebrew/Nix/etc.) that rebuilds golangci-lint with an older Go toolchain, the resulting binary may not properly support Go 1.25; in that case use the official binaries or build it yourself with Go 1.25. [3]

Sources: golangci-lint v2.8.0 changelog [1], support policy FAQ [2], Go 1.25 support discussion (golangci-lint) [3], Go 1.25 release announcement [4].

🌐 Web query:

golangci-lint-action v9 golangci-lint version 2.8.0 compatibility

💡 Result:

Yes—golangci/golangci-lint-action@v9 is compatible with golangci-lint v2.8.0.

  • The action’s documented requirement for golangci-lint v2 is “>= v2.1.0” (stated for v8; v9’s change is the Node.js runtime bump to node24, not a new golangci-lint minimum), so v2.8.0 satisfies it. [1], [2]
  • golangci-lint v2.8.0 was released 2026-01-07. [3]

If you’re pinning it, use:

- uses: golangci/golangci-lint-action@v9
  with:
    version: v2.8.0

Sources: [1] [2] [3]

Review v2.8.0 for new linter checks that could fail in CI.
While v2.8.0 introduces no config-breaking changes and fully supports Go 1.25, it adds new linter rules (godoc-lint's require-stdlib-doclink, gosec's G116, modernize's stringscut/unsafefuncs, and unqueryvet options) and changes prealloc's output messages. Run a test pass with this version to ensure these new checks don't cause unexpected lint failures.

🤖 Prompt for AI Agents 
In @.github/workflows/build-test.yaml around lines 31 - 35, The workflow update
sets the Lint step to use golangci-lint version v2.8.0 (see Lint step and
version: v2.8.0 in .github/workflows/build-test.yaml); run a CI/test pass
locally or in a branch with that workflow to surface any new linter failures,
and if failures occur update .golangci.yml to explicitly disable or configure
the new checks (godoc-lint's require-stdlib-doclink, gosec G116, modernize's
stringscut/unsafefuncs, unqueryvet options) or adjust rules/severity, or
temporarily pin the workflow to the prior working golangci-lint version until
the config is updated; iterate until the pipeline is green.

@sergelogvinov sergelogvinov merged commit ffec772 into main Jan 27, 2026
4 checks passed
@sergelogvinov sergelogvinov deleted the deps branch January 27, 2026 07:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sergelogvinov