chore(ci): remove Go patch version from go.mod #4303
Conversation
|
@julio-lopez do you see any reasons we should not do it? |
jkowalski
changed the title
|
@kaovilai looks like it's not compiling. |
|
Will address. Thanks. |
kaovilai
force-pushed
the
patch-1
branch
2 times, most recently
from
cde3754 to
9453235
Compare
works now. |
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #4303 +/- ##
==========================================
+ Coverage 75.86% 76.00% +0.13%
==========================================
Files 470 508 +38
Lines 37301 38963 +1662
==========================================
+ Hits 28299 29612 +1313
- Misses 7071 7382 +311
- Partials 1931 1969 +38 ☔ View full report in Codecov by Sentry. |
.github/workflows/lint.yml
Outdated
| go-version-file: 'go.mod' | ||
| # go-version-file do not account for latest compatible go https://github.com/actions/setup-go/issues/481 | ||
| # which will break https://github.com/kopia/kopia/issues/4292 requirement if used | ||
| # leave below commented for vuln check to ignore vulns fixed in latest go | ||
| # go-version-file: 'go.mod' | ||
| go-version-input: '1.22' |
There was a problem hiding this comment.
This fixes the vulncheck that previously failed
https://github.com/kaovilai/kopia/actions/runs/12337854810/job/34432101853?pr=2
See following issues for usability enhancements:
See inline comment. |
kaovilai
force-pushed
the
patch-1
branch
3 times, most recently
from
82a10bd to
6c808a9
Compare
| @@ -1,6 +1,6 @@ | |||
| module github.com/kopia/kopia | |||
|
|
|||
| go 1.22.7 | |||
| go 1.22 | |||
There was a problem hiding this comment.
https://github.com/kaovilai/kopia/actions/runs/12367614994/job/34516203180?pr=2
Vuln check is passing and resolving to 1.22.10
| @@ -59,7 +59,7 @@ require ( | |||
| go.uber.org/zap v1.27.0 | |||
| golang.org/x/crypto v0.30.0 | |||
| golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 | |||
| golang.org/x/mod v0.22.0 | |||
| golang.org/x/mod v0.20.1-0.20240815161730-b1d336cfca97 // this version is equivalent to 0.22.0 except it excludes a commit that enforces go directive patch version be used https://github.com/golang/mod/commit/3afcd4e90a74c23515a9543f1e8fb68f05ecc8e0 We would want to remove this when 0.23.0 is released | |||
There was a problem hiding this comment.
on Go versions 1.21.0 up to 1.21.10,
the toolchain upgrade logic will try to download the release "1.22",
which doesn't exist.
The patch difference with 0.22.0 do not applies beneficially to this repo which is already building on 1.22+ go binaries.
There was a problem hiding this comment.
I would expect by 1.23.0 go if golang/mod upgrades to it that they would drop 1.22.0 to 1.23 instead of 1.23.0
There was a problem hiding this comment.
long term it might not make sense to use this module, it's only used for the semver package at the moment.
This module states in its readme
packages for writing tools that work directly with Go module mechanics
There was a problem hiding this comment.
I've been told the alternative to excluding this is to set toolchain directive to 1.22.10 which should not affect imported modules.
go directive can remain at 1.22.0.
Fixes #4292