Attempt to revive CI

Signed-off-by: Jon Johnson <jon.johnson@chainguard.dev>

.github/workflows/boilerplate.yaml

@@ -27,7 +27,7 @@ jobs:
  - name: Check out code
  uses: actions/checkout@v4
 
- - uses: chainguard-dev/actions/boilerplate@5e21cb47971231c078a677dfe89a348371cb880c # main
+ - uses: chainguard-dev/actions/boilerplate@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
  with:
  extension: ${{ matrix.extension }}
  language: ${{ matrix.language }}

.github/workflows/build.yaml

@@ -12,7 +12,7 @@ jobs:
 
  strategy:
  matrix:
- go-version: [1.19, 1.20]
+ go-version: [1.22, 1.23]
 
  steps:
  - uses: actions/checkout@v4

.github/workflows/bump-deps.yaml

@@ -21,7 +21,7 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
 
  - run: ./hack/bump-deps.sh

.github/workflows/donotsubmit.yaml

@@ -12,4 +12,4 @@ jobs:
 
  steps:
  - uses: actions/checkout@v4
- - uses: chainguard-dev/actions/donotsubmit@5e21cb47971231c078a677dfe89a348371cb880c # main
+ - uses: chainguard-dev/actions/donotsubmit@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main

.github/workflows/e2e.yaml

@@ -19,7 +19,7 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
 
  - name: crane append to an image, set the entrypoint, run it locally, roundtrip it

.github/workflows/ecr-auth.yaml

@@ -21,7 +21,7 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
 
  - name: Install krane
@@ -61,7 +61,7 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
 
  - name: Install crane

.github/workflows/ghcr-auth.yaml

@@ -17,7 +17,7 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
 
  - name: Install krane

.github/workflows/presubmit.yaml

@@ -29,6 +29,6 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
  - run: ./hack/presubmit.sh

.github/workflows/release.yml

@@ -15,7 +15,7 @@ jobs:
  run: git fetch --prune --unshallow
  - uses: actions/setup-go@v5
  with:
- go-version: 1.21
+ go-version: 1.22
  check-latest: true
  - uses: goreleaser/goreleaser-action@v4.2.0
  id: run-goreleaser

.github/workflows/style.yaml

@@ -12,10 +12,10 @@ jobs:
  steps:
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
  - uses: actions/checkout@v4
- - uses: chainguard-dev/actions/goimports@5e21cb47971231c078a677dfe89a348371cb880c # main
+ - uses: chainguard-dev/actions/goimports@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
 
  lint:
  name: Lint
@@ -25,7 +25,7 @@ jobs:
  - uses: actions/checkout@v4
  - uses: actions/setup-go@v5
  with:
- go-version: 1.19
+ go-version: 1.22
  check-latest: true
 
  - uses: golangci/golangci-lint-action@v3.4.0
@@ -40,10 +40,10 @@ jobs:
  locale: "US"
  exclude: ./vendor/*
 
- - uses: chainguard-dev/actions/trailing-space@5e21cb47971231c078a677dfe89a348371cb880c # main
+ - uses: chainguard-dev/actions/trailing-space@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
  if: ${{ always() }}
 
- - uses: chainguard-dev/actions/eof-newline@5e21cb47971231c078a677dfe89a348371cb880c # main
+ - uses: chainguard-dev/actions/eof-newline@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
  if: ${{ always() }}
 
  - uses: get-woke/woke-action-reviewdog@v0

.github/workflows/test.yaml

@@ -11,7 +11,7 @@ jobs:
  test:
  strategy:
  matrix:
- go-version: [1.19, '1.20']
+ go-version: [1.22, 1.23]
 
  name: Unit Tests
  runs-on: ubuntu-latest

go.mod

@@ -1,21 +1,23 @@
 module github.com/google/go-containerregistry
 
-go 1.18
+go 1.22.0
+
+toolchain go1.23.0
 
 require (
  github.com/containerd/stargz-snapshotter/estargz v0.14.3
  github.com/docker/cli v27.1.1+incompatible
  github.com/docker/distribution v2.8.2+incompatible
  github.com/docker/docker v24.0.0+incompatible
- github.com/google/go-cmp v0.5.9
+ github.com/google/go-cmp v0.6.0
  github.com/klauspost/compress v1.16.5
  github.com/mitchellh/go-homedir v1.1.0
  github.com/opencontainers/go-digest v1.0.0
  github.com/opencontainers/image-spec v1.1.0-rc3
  github.com/spf13/cobra v1.7.0
  golang.org/x/oauth2 v0.8.0
- golang.org/x/sync v0.2.0
- golang.org/x/tools v0.9.1
+ golang.org/x/sync v0.8.0
+ golang.org/x/tools v0.26.0
 )
 
 require (
@@ -36,9 +38,9 @@ require (
  github.com/sirupsen/logrus v1.9.1 // indirect
  github.com/spf13/pflag v1.0.5 // indirect
  github.com/vbatts/tar-split v0.11.3 // indirect
- golang.org/x/mod v0.10.0 // indirect
- golang.org/x/net v0.17.0 // indirect
- golang.org/x/sys v0.15.0 // indirect
+ golang.org/x/mod v0.21.0 // indirect
+ golang.org/x/net v0.30.0 // indirect
+ golang.org/x/sys v0.26.0 // indirect
  golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
  google.golang.org/appengine v1.6.7 // indirect
  google.golang.org/protobuf v1.30.0 // indirect

hack/presubmit.sh

@@ -26,7 +26,7 @@ export PATH="${PATH}:${TMP_DIR}/bin"
 export GOPATH="${TMP_DIR}"
 pushd ${TMP_DIR}
 trap popd EXIT
-go install honnef.co/go/tools/cmd/staticcheck@v0.3.3
+go install honnef.co/go/tools/cmd/staticcheck@v0.5.1
 popd
 
 pushd ${PROJECT_ROOT}