Skip to content

Commit 08348c6

Browse files
authored
chore(deps): Bump go directive to 1.25.11 (#3114)
chore(tooling): Write full Go version to go.mod directive Signed-off-by: Wassim DHIF <wassim.dhif@datadoghq.com> chore(deps): Bump go directive to 1.25.11 Signed-off-by: Wassim DHIF <wassim.dhif@datadoghq.com> Update hack/update-golang.sh Co-authored-by: Timothée Bavelier <97530782+tbavelier@users.noreply.github.com> fix: Explicit patch version in update-golang.sh Signed-off-by: Wassim DHIF <wassim.dhif@datadoghq.com> Update hack/update-golang.sh Co-authored-by: Timothée Bavelier <97530782+tbavelier@users.noreply.github.com> Co-authored-by: wassim.dhif <wassim.dhif@datadoghq.com>
1 parent 67d4b84 commit 08348c6

3 files changed

Lines changed: 20 additions & 10 deletions

File tree

go.mod

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
module github.com/DataDog/datadog-operator
22

3-
go 1.25.7
4-
5-
toolchain go1.25.11
3+
go 1.25.11
64

75
require (
86
github.com/DataDog/datadog-agent/pkg/util/scrubber v0.63.0-rc.1 // indirect

hack/update-golang.sh

Lines changed: 18 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -100,18 +100,32 @@ else
100100
echo "Warning: $actions_directory not found, skipping."
101101
fi
102102

103-
# Update go.mod files
104-
go_mod_files="$ROOT/go.mod $ROOT/test/e2e/go.mod $ROOT/api/go.mod"
103+
# Update non-api go.mod files with the full Go patch version so static SCA
104+
# scanners don't flag patch-level stdlib CVEs that are already cleared by the
105+
# toolchain directive.
106+
go_mod_files="$ROOT/go.mod $ROOT/test/e2e/go.mod"
105107
for file in $go_mod_files; do
106108
if [[ -f $file ]]; then
107109
echo "Processing $file..."
108-
go mod edit -go $new_minor_version $file
109-
go mod edit -toolchain go$GOVERSION $file
110+
go mod edit -go $GOVERSION $file
110111
else
111112
echo "Warning: $file not found, skipping."
112113
fi
113114
done
114115

116+
# api/go.mod stays at initial patch release for the minor Go version: it is a types-only CRD module imported by
117+
# external projects (Agent, EDS, dd-source autoscaling, ...). A stricter `go`
118+
# directive would force consumers off Go n-1 for no real benefit since the
119+
# module ships no runtime code that could trigger stdlib CVEs.
120+
api_go_mod="$ROOT/api/go.mod"
121+
if [[ -f $api_go_mod ]]; then
122+
echo "Processing $api_go_mod..."
123+
go mod edit -go ${new_minor_version}.0 $api_go_mod
124+
go mod edit -toolchain go$GOVERSION $api_go_mod
125+
else
126+
echo "Warning: $api_go_mod not found, skipping."
127+
fi
128+
115129
# Run go work sync
116130
echo "Running go work sync..."
117131
go work sync

test/e2e/go.mod

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
module github.com/DataDog/datadog-operator/test/e2e
22

3-
go 1.25.8
4-
5-
toolchain go1.25.11
3+
go 1.25.11
64

75
require (
86
github.com/DataDog/datadog-agent/test/e2e-framework v0.78.0-devel

0 commit comments

Comments
 (0)