Skip to content

[release-12.2.1] Go: Update to 1.25.2 + golangci-lint v2.5.0 + golang.org/x/net v0.45.0 #112156

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 8, 2025
Merged

[release-12.2.1] Go: Update to 1.25.2 + golangci-lint v2.5.0 + golang.org/x/net v0.45.0 #112156

merged 4 commits into from
Oct 8, 2025

Conversation

@macabu
Copy link
Contributor

@macabu macabu commented Oct 8, 2025

Bumping Go to 1.25.2 addresses:

Bumping golangci-lint to match the supported Go version 1.25.x

Bumping golang.org/x/net addresses:

  • CVE-2025-58190
  • CVE-2025-47911

@macabu macabu requested review from a team, fcjack, matryer and svennergr as code owners October 8, 2025 10:50
@macabu macabu requested review from IevaVasiljeva, academo, briangann, charandas, mihai-turdean, oshirohugo and spinillos and removed request for a team October 8, 2025 10:50
@macabu macabu requested review from ashharrison90, axelavargas, harisrozajac, mdvictor, nmarrs and samsch and removed request for a team October 8, 2025 10:50
@github-actions

This comment has been minimized.

Sign in to view
@github-actions github-actions bot added the type/docs Flags the technical writing team for documentation support; auto adds to org-wide docs project label Oct 8, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Oct 8, 2025

😢 zizmor failed with exit code 14.

Expand for full output 
error[cache-poisoning]: runtime artifacts potentially vulnerable to a cache poisoning attack
  --> ./.github/workflows/storybook-a11y.yml:42:7
   |
 2 | / on:
 3 | |   pull_request:
 4 | |   push:
 5 | |     branches:
 6 | |       - main
 7 | |       - release-*.*.*
   | |_____________________- generally used when publishing artifacts generated at runtime
...
42 |       - uses: actions/setup-node@v4
   |         ^^^^^^^^^^^^^^^^^^^^^^^^^^^ cache enabled by default here
   |
   = note: audit confidence → Low

303 findings (76 ignored, 226 suppressed): 0 informational, 0 low, 0 medium, 1 high

@github-actions
Copy link
Contributor

github-actions bot commented Oct 8, 2025
edited
Loading

💻 Deploy preview deleted.

@macabu macabu merged commit d690b06 into release-12.2.1 Oct 8, 2025
162 of 166 checks passed
@macabu macabu deleted the backport-9858-to-release-12.2.1 branch October 8, 2025 13:00
@grafana-delivery-bot
Copy link
Contributor

grafana-delivery-bot bot commented Oct 8, 2025
edited
Loading

🚀 Your submission is now being built and packaged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Proximyst Proximyst Proximyst approved these changes

@fcjack fcjack Awaiting requested review from fcjack fcjack is a code owner

@matryer matryer Awaiting requested review from matryer matryer is a code owner

@svennergr svennergr Awaiting requested review from svennergr svennergr is a code owner

@academo academo Awaiting requested review from academo academo is a code owner automatically assigned from grafana/plugins-platform-backend

@oshirohugo oshirohugo Awaiting requested review from oshirohugo oshirohugo is a code owner automatically assigned from grafana/plugins-platform-backend

@briangann briangann Awaiting requested review from briangann briangann is a code owner automatically assigned from grafana/plugins-platform-backend

@charandas charandas Awaiting requested review from charandas charandas is a code owner automatically assigned from grafana/grafana-app-platform-squad

@spinillos spinillos Awaiting requested review from spinillos spinillos is a code owner automatically assigned from grafana/grafana-app-platform-squad

@mihai-turdean mihai-turdean Awaiting requested review from mihai-turdean mihai-turdean is a code owner automatically assigned from grafana/access-squad

@IevaVasiljeva IevaVasiljeva Awaiting requested review from IevaVasiljeva IevaVasiljeva is a code owner automatically assigned from grafana/access-squad

@axelavargas axelavargas Awaiting requested review from axelavargas axelavargas is a code owner automatically assigned from grafana/sharing-squad

@nmarrs nmarrs Awaiting requested review from nmarrs nmarrs is a code owner automatically assigned from grafana/sharing-squad

@samsch samsch Awaiting requested review from samsch samsch is a code owner automatically assigned from grafana/grafana-frontend-platform

@ashharrison90 ashharrison90 Awaiting requested review from ashharrison90 ashharrison90 is a code owner automatically assigned from grafana/grafana-frontend-platform

@mdvictor mdvictor Awaiting requested review from mdvictor mdvictor is a code owner automatically assigned from grafana/dashboards-squad

@harisrozajac harisrozajac Awaiting requested review from harisrozajac harisrozajac is a code owner automatically assigned from grafana/dashboards-squad

Assignees

No one assigned

Labels

add to changelog area/backend type/build-packaging type/docs Flags the technical writing team for documentation support; auto adds to org-wide docs project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@macabu @Proximyst