Skip to content

[release-12.1.3] Go: Update to 1.25.2 + golangci-lint v2.5.0 + golang.org/x/net v0.45.0 #112159

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 8, 2025
Merged

[release-12.1.3] Go: Update to 1.25.2 + golangci-lint v2.5.0 + golang.org/x/net v0.45.0 #112159

merged 3 commits into from
Oct 8, 2025

Conversation

@macabu
Copy link
Contributor

@macabu macabu commented Oct 8, 2025

Bumping Go to 1.25.2 addresses:

Bumping golangci-lint to match the supported Go version 1.25.x

Bumping golang.org/x/net addresses:

  • CVE-2025-58190
  • CVE-2025-47911

@macabu macabu requested review from a team, fcjack, matryer and svennergr as code owners October 8, 2025 11:00
@macabu macabu requested review from IfSentient, alexanderzobnin, andresmgot, eleijonmarck, ivanortegaalba, spinillos, toddtreece and xnyo and removed request for a team October 8, 2025 11:00
@macabu macabu requested a review from grafakus October 8, 2025 11:00
@github-actions
Copy link
Contributor

github-actions bot commented Oct 8, 2025

😢 zizmor failed with exit code 14.

Expand for full output 
error[bot-conditions]: spoofable bot actor check
  --> ./.github/workflows/pr-dependabot-update-go-workspace.yml:20:13
   |
18 | /   update:
19 | |     runs-on: "ubuntu-latest"
20 | |     if: ${{ github.actor == 'dependabot[bot]' && github.event.pull_request.head.repo.full_name == github.repository }}
   | |             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ actor context may be spoofable
21 | |     continue-on-error: true
...  |
68 | |           git push origin "$BRANCH_NAME"
69 | |         fi
   | |___________- this job
   |
   = note: audit confidence → Medium
   = note: this finding has an auto-fix

253 findings (64 ignored, 188 suppressed, 1 fixable): 0 informational, 0 low, 0 medium, 1 high

@macabu macabu merged commit 1f851fb into release-12.1.3 Oct 8, 2025
112 of 115 checks passed
@macabu macabu deleted the go/update-1.25.2-release-12.1.3 branch October 8, 2025 12:02
@grafana-delivery-bot
Copy link
Contributor

grafana-delivery-bot bot commented Oct 8, 2025
edited
Loading

🚀 Your submission is now being built and packaged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Proximyst Proximyst Proximyst approved these changes

@fcjack fcjack Awaiting requested review from fcjack fcjack is a code owner

@matryer matryer Awaiting requested review from matryer matryer is a code owner

@svennergr svennergr Awaiting requested review from svennergr svennergr is a code owner

@toddtreece toddtreece Awaiting requested review from toddtreece toddtreece is a code owner automatically assigned from grafana/plugins-platform-backend

@andresmgot andresmgot Awaiting requested review from andresmgot andresmgot is a code owner automatically assigned from grafana/plugins-platform-backend

@xnyo xnyo Awaiting requested review from xnyo xnyo is a code owner automatically assigned from grafana/plugins-platform-backend

@spinillos spinillos Awaiting requested review from spinillos spinillos is a code owner automatically assigned from grafana/grafana-app-platform-squad

@IfSentient IfSentient Awaiting requested review from IfSentient IfSentient is a code owner automatically assigned from grafana/grafana-app-platform-squad

@alexanderzobnin alexanderzobnin Awaiting requested review from alexanderzobnin alexanderzobnin is a code owner automatically assigned from grafana/access-squad

@eleijonmarck eleijonmarck Awaiting requested review from eleijonmarck eleijonmarck is a code owner automatically assigned from grafana/access-squad

@ivanortegaalba ivanortegaalba Awaiting requested review from ivanortegaalba ivanortegaalba is a code owner automatically assigned from grafana/dashboards-squad

@grafakus grafakus Awaiting requested review from grafakus grafakus is a code owner automatically assigned from grafana/dashboards-squad

Assignees

No one assigned

Labels

add to changelog area/backend type/build-packaging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@macabu @Proximyst