Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump github.com/golangci/golangci-lint from 1.60.3 to 1.61.0 in /tools/mod #18596

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 16, 2024

Bumps github.com/golangci/golangci-lint from 1.60.3 to 1.61.0.

Release notes

Sourced from github.com/golangci/golangci-lint's releases.

v1.61.0

golangci-lint is a free and open-source project built by volunteers.

If you value it, consider supporting us, the maintainers and linter authors.

We appreciate it! ❤️

For key updates, see the changelog.

Changelog

  • e9a872629d4feda79d2fff23ddc1f410faff163e build(deps): bump github.com/Abirdcfly/dupword from 0.0.14 to 0.1.1 (#4954)
  • 2813c451edd6b75098372dbb269ffed8df3a4ec6 build(deps): bump github.com/Crocmagnon/fatcontext from 0.4.0 to 0.5.2 (#4971)
  • 48251f274a1e09fae524271662a30a47f4ddb242 build(deps): bump github.com/ckaznocha/intrange from 0.1.2 to 0.2.0 (#4996)
  • 726b8153cac6c04238264b189f5b05ec059f9330 build(deps): bump github.com/daixiang0/gci from 0.13.4 to 0.13.5 (#4975)
  • 2fcfe26fdb368ae0930bac909a0573277a6d2226 build(deps): bump github.com/go-viper/mapstructure/v2 from 2.0.0 to 2.1.0 (#4910)
  • 5fa1b681e4518b09be4ebdbe635e044cf729b8a1 build(deps): bump github.com/pelletier/go-toml/v2 from 2.2.2 to 2.2.3 (#4955)
  • a6fc686d733f339619b02de65ef4c782848eaff0 build(deps): bump github.com/quasilyte/go-ruleguard to 0fe6f58b47b1 (#4949)
  • 57fa4dad326cd24b71fccd3fb9b8fc8a2788c994 build(deps): bump github.com/ryancurrah/gomodguard from 1.3.3 to 1.3.5 (#4992)
  • 6e5dc28f52b76181f5c4f5c7d37dab20e09f59d1 build(deps): bump github.com/securego/gosec/v2 from 2.20.1-0.20240826145712-bcec04e78483 to 2.21.0 (#4981)
  • dd069d5578f3fb9eb298e5d397697c368a0e85f7 build(deps): bump github.com/securego/gosec/v2 from 2.21.0 to 2.21.1 (#4982)
  • a1d6c560de1a193a0c68ffed68cd5928ef39e884 build(deps): bump github.com/securego/gosec/v2 from 2.21.1 to 2.21.2 (#4997)
  • 98b685cc0d3dcc956eb30bd7557c4c2ecf369f54 build(deps): bump github.com/securego/gosec/v2 from ab3f6c1c83a0 to bcec04e78483 (#4960)
  • bfc52476dd7b0b5111bcc17f7e2c103cfc0a15e0 build(deps): bump github.com/tetafro/godot from 1.4.16 to 1.4.17 (#4993)
  • 04c19e6f4f8b04dae083c2923457bc911303d177 build(deps): bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 in /scripts/gen_github_action_config in the all group (#4977)
  • e905c7a3e260abe5b984e532925dfa30ffe60a5b build(deps): bump peter-evans/create-pull-request from 6 to 7 in the all group (#4978)
  • 2881c7178b62e75ac33df7747c40fabc75c62e2b build(deps): bump the all group across 4 directories with 8 updates (#4979)
  • 0275389a64bd88fd37eb5f46993a8523ce4bf2f0 feat: add junit-xml-extended format (#4918)
  • a6bd868cf0c575d7a7e6d87007cd510394c30d86 feat: exclude Swagger Codegen files (#4967)
  • 54d089d1064eb700aafade61cdb00e452fdbf5da fix: improve runtime version parsing (#4961)
  • bf4a66a07d618628f6a26609404cb5c608e99ff8 gosec: disable G407 (#4983)
  • 3797ed90c38b8471c54f003ab9ac72492c1143ec nolintlint: remove empty line in unused directive replacement (#4973)
Changelog

Sourced from github.com/golangci/golangci-lint's changelog.

v1.61.0

  1. Enhancements
    • Add junit-xml-extended format
    • Exclude Swagger Codegen files by default
  2. Updated linters
    • dupword: from 0.0.14 to 0.1.1
    • fatcontext: from 0.4.0 to 0.5.2
    • gci: from 0.13.4 to 0.13.5 (new option no-lex-order)
    • go-ruleguard: from 0.4.2 to 0fe6f58b47b1 (fix panic with custom linters)
    • godot: from 1.4.16 to 1.4.17
    • gomodguard: from 1.3.3 to 1.3.5
    • gosec: disable temporarily G407
    • gosec: from ab3f6c1c83a0 to 2.21.2 (partially fix G115)
    • intrange: from 0.1.2 to 0.2.0
    • nolintlint: remove the empty line in the directive replacement
  3. Misc.
    • Improve runtime version parsing
  4. Documentation
    • Add additional info about typecheck
Commits
  • a1d6c56 build(deps): bump github.com/securego/gosec/v2 from 2.21.1 to 2.21.2 (#4997)
  • 48251f2 build(deps): bump github.com/ckaznocha/intrange from 0.1.2 to 0.2.0 (#4996)
  • bfc5247 build(deps): bump github.com/tetafro/godot from 1.4.16 to 1.4.17 (#4993)
  • 57fa4da build(deps): bump github.com/ryancurrah/gomodguard from 1.3.3 to 1.3.5 (#4992)
  • d302a30 dev: fix nancy
  • 24e6645 docs: add additionnal info about typecheck (#4985)
  • bf4a66a gosec: disable G407 (#4983)
  • dd069d5 build(deps): bump github.com/securego/gosec/v2 from 2.21.0 to 2.21.1 (#4982)
  • 2813c45 build(deps): bump github.com/Crocmagnon/fatcontext from 0.4.0 to 0.5.2 (#4971)
  • e9a8726 build(deps): bump github.com/Abirdcfly/dupword from 0.0.14 to 0.1.1 (#4954)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Sep 16, 2024
@k8s-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign serathius for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot
Copy link

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a etcd-io member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@codecov-commenter
Copy link

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 68.79%. Comparing base (7f399ee) to head (c7b3d5b).

Current head c7b3d5b differs from pull request most recent head 0dbeb79

Please upload reports for the commit 0dbeb79 to get more accurate results.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files

see 24 files with indirect coverage changes

@@           Coverage Diff           @@
##             main   #18596   +/-   ##
=======================================
  Coverage   68.78%   68.79%           
=======================================
  Files         420      420           
  Lines       35474    35474           
=======================================
+ Hits        24402    24405    +3     
+ Misses       9652     9648    -4     
- Partials     1420     1421    +1     

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7f399ee...0dbeb79. Read the comment docs.

@jmhbnz
Copy link
Member

jmhbnz commented Sep 16, 2024

/ok-to-test

@jmhbnz
Copy link
Member

jmhbnz commented Sep 16, 2024

/retest

@jmhbnz
Copy link
Member

jmhbnz commented Sep 16, 2024

@dependabot rebase

Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.60.3 to 1.61.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases)
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md)
- [Commits](golangci/golangci-lint@v1.60.3...v1.61.0)

---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/tools/mod/github.com/golangci/golangci-lint-1.61.0 branch from 0dbeb79 to 69fa7e3 Compare September 16, 2024 21:20
@k8s-ci-robot
Copy link

k8s-ci-robot commented Sep 16, 2024

@dependabot[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-etcd-verify 69fa7e3 link true /test pull-etcd-verify

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@jmhbnz
Copy link
Member

jmhbnz commented Sep 16, 2024

This pr breaks pull-etcd-verify as it introduces an inconsistent version of google.golang.org/genproto/googleapis/rpc.

[0;31mFAIL: inconsistent versions for dependency: google.golang.org/genproto/googleapis/rpc
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/api/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/client/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/etcdctl/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/etcdutl/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/pkg/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/server/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/tests/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/tools/testgrid-analysis/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240903143218-8af14fe29dc1 (indirect) from: go.etcd.io/etcd/tools/v3
�[0;31mFAIL: inconsistent dependencies 

We would need to bump it manually so we can bump the dependency everywhere.

@henrybear327
Copy link
Contributor

After

./tools/mod/go.mod:     github.com/golangci/golangci-lint v1.61.0

@henrybear327
Copy link
Contributor

This pr breaks pull-etcd-verify as it introduces an inconsistent version of google.golang.org/genproto/googleapis/rpc.

[0;31mFAIL: inconsistent versions for dependency: google.golang.org/genproto/googleapis/rpc
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/api/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/client/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/etcdctl/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/etcdutl/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/pkg/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/server/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/tests/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/tools/testgrid-analysis/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240903143218-8af14fe29dc1 (indirect) from: go.etcd.io/etcd/tools/v3
�[0;31mFAIL: inconsistent dependencies 

We would need to bump it manually so we can bump the dependency everywhere.

On it

henrybear327 added a commit to henrybear327/etcd that referenced this pull request Sep 18, 2024
Also fixed the following error by bumping google.golang.org/genproto/googleapis/rpc from v0.0.0-20240822170219-fc7c04adadcd to v0.0.0-20240903143218-8af14fe29dc1

FAIL: inconsistent versions for dependency: google.golang.org/genproto/googleapis/rpc
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/api/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/client/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/etcdctl/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/etcdutl/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/pkg/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/server/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/tests/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/tools/testgrid-analysis/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240822170219-fc7c04adadcd (indirect) from: go.etcd.io/etcd/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240903143218-8af14fe29dc1 (indirect) from: go.etcd.io/etcd/tools/v3
  - google.golang.org/genproto/googleapis/rpc@v0.0.0-20240903143218-8af14fe29dc1 (indirect) from: go.etcd.io/etcd/tools/v3
FAIL: inconsistent dependencies

Reference:
- etcd-io#18596

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
henrybear327 added a commit to henrybear327/etcd that referenced this pull request Sep 19, 2024
…1.0 and google.golang.org/genproto/googleapis/rpc from v0.0.0-20240822170219-fc7c04adadcd to v0.0.0-20240903143218-8af14fe29dc1

Also fix the inconsistent version issue.

Reference:
- etcd-io#18596

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
henrybear327 added a commit to henrybear327/etcd that referenced this pull request Sep 19, 2024
Based on the experience of performing dependency bumps, some minor
improvements are made to the script to make it conform to our current
dependency bump procedure, listed as follows:
- print out the dependency's version before and after the bump
- introduce a new argument: should force upgrade when the dependency is
purely indirect (see use case: etcd-io#18596 (comment))
- check if the dependency is fully indirect
- check if all dependencies across all go mod files have the same pinned
version respectively after bumping a dependency

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
henrybear327 added a commit to henrybear327/etcd that referenced this pull request Sep 19, 2024
…1.0 and google.golang.org/genproto/googleapis/rpc from v0.0.0-20240822170219-fc7c04adadcd to v0.0.0-20240903143218-8af14fe29dc1

Also fix the inconsistent version issue.

Reference:
- etcd-io#18596

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
henrybear327 added a commit to henrybear327/etcd that referenced this pull request Sep 22, 2024
…1.0 and google.golang.org/genproto/googleapis/rpc from v0.0.0-20240822170219-fc7c04adadcd to v0.0.0-20240903143218-8af14fe29dc1

Also fix the inconsistent version issue.

Reference:
- etcd-io#18596

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
henrybear327 added a commit to henrybear327/etcd that referenced this pull request Sep 22, 2024
Based on the experience of performing dependency bumps, some minor
improvements are made to the script to make it conform to our current
dependency bump procedure, listed as follows:
- print out the dependency's version before and after the bump
- introduce a new argument: should force upgrade when the dependency is
purely indirect (see use case: etcd-io#18596 (comment))
- check if the dependency is fully indirect
- check if all dependencies across all go mod files have the same pinned
version respectively after bumping a dependency

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 23, 2024

Looks like github.com/golangci/golangci-lint is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Sep 23, 2024
@dependabot dependabot bot deleted the dependabot/go_modules/tools/mod/github.com/golangci/golangci-lint-1.61.0 branch September 23, 2024 05:10
@k8s-ci-robot
Copy link

rebase

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

a-nych pushed a commit to a-nych/etcd that referenced this pull request Oct 16, 2024
…1.0 and google.golang.org/genproto/googleapis/rpc from v0.0.0-20240822170219-fc7c04adadcd to v0.0.0-20240903143218-8af14fe29dc1

Also fix the inconsistent version issue.

Reference:
- etcd-io#18596

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
a-nych pushed a commit to a-nych/etcd that referenced this pull request Oct 16, 2024
…1.0 and google.golang.org/genproto/googleapis/rpc from v0.0.0-20240822170219-fc7c04adadcd to v0.0.0-20240903143218-8af14fe29dc1

Also fix the inconsistent version issue.

Reference:
- etcd-io#18596

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/tooling dependencies Pull requests that update a dependency file go Pull requests that update Go code needs-rebase ok-to-test size/L
Development

Successfully merging this pull request may close these issues.

4 participants