-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
upgrade goreleaser to support go 1.22 #2200
Conversation
WalkthroughThe recent updates involve deprecating the Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #2200 +/- ##
===================================================
+ Coverage 48.36171% 49.21625% +0.85454%
===================================================
Files 362 370 +8
Lines 26430 27241 +811
Branches 83 83
===================================================
+ Hits 12782 13407 +625
- Misses 12322 12446 +124
- Partials 1326 1388 +62
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 2
Configuration used: .coderabbit.yaml
Files selected for processing (2)
- core/README.md (1 hunks)
- docker/goreleaser/Dockerfile (2 hunks)
Additional comments: 2
docker/goreleaser/Dockerfile (2)
- 1-7: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [3-9]
The update to
goreleaser
version1.24.0-pro
and its associated SHA checksum are correctly implemented. This ensures the integrity of the downloaded binary, aligning with security best practices.
- 15-16: The update to
Golang
version1.22.0
and its associated SHA checksum are correctly implemented, ensuring the integrity of the downloaded binary. This is a crucial step for maintaining a secure build environment.
@@ -20,7 +20,7 @@ root | |||
├── <a href="./merkle">merkle</a>: Provides a go based merkle tree implementation. | |||
├── <a href="./metrics">metrics</a>: Provides a set of utilities for working with metrics/otel tracing. | |||
├── <a href="./mocktesting">mocktesting</a>: Provides a mocked tester for use with `testing.TB` | |||
├── <a href="./observer">observer</a>: Provides an interface for adding/removing listeners. | |||
├── <a href="./observer"><s>observer</s></a>(deprecated): Provides an interface for adding/removing listeners. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The deprecation of the observer
module is clearly marked. However, it would be beneficial for users if additional information were provided regarding the reason for deprecation and any recommended alternatives or migration paths.
docker/goreleaser/Dockerfile
Outdated
FROM --platform=linux/amd64 debian:11 | ||
|
||
ARG VERSION_ARG=1.20.0-pro | ||
ARG SHA_ARG=d2d76cf4b212f67cb9995c8539167a1c6d771859aad20ed242bfab640b6d396f | ||
ARG VERSION_ARG=1.24.0-pro | ||
ARG SHA_ARG=4723a3063febbbdafd345e9c877f095dfc9c8a467b0eefe1987354aa1860970f | ||
ARG FILE_ARG=goreleaser-pro_Linux_x86_64.tar.gz | ||
ARG DOWNLOAD_ARG=https://github.com/goreleaser/goreleaser-pro/releases/download/v${VERSION_ARG}/${FILE_ARG} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [33-33]
The TODO comment indicates that SHA checksum verification for the yq
binary download is missing. Implementing this verification is crucial for ensuring the security of the build process by preventing tampering or compromise.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Review Status
Actionable comments generated: 0
Configuration used: .coderabbit.yaml
Files selected for processing (1)
- docker/goreleaser/Dockerfile (2 hunks)
Files skipped from review as they are similar to previous changes (1)
- docker/goreleaser/Dockerfile
upgrade [goreleaser] to support go 1.22 (#2200)
Description
Upgrades goreleaser, required by quic-go
Summary by CodeRabbit
observer
module as deprecated in the README.goreleaser
andGolang
in the Dockerfile for improved build process and compatibility.