Bumped grpc version#80
Conversation
ezilber-akamai
requested review from
psnoch-akamai and
yec-akamai
and removed request for
a team
There was a problem hiding this comment.
Pull request overview
Updates Go module dependencies with a focus on moving to a newer google.golang.org/grpc, along with several related dependency bumps.
Changes:
- Upgraded
google.golang.org/grpc(and relatedgoogle.golang.org/*modules). - Bumped several direct dependencies (
logrus,testify,x/oauth2) and multiplegolang.org/x/*indirects. - Removed the
replace google.golang.org/grpc => ...pin.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| github.com/sirupsen/logrus v1.9.3 | ||
| github.com/stretchr/testify v1.11.1 | ||
| golang.org/x/oauth2 v0.34.0 |
There was a problem hiding this comment.
The PR title/description says this only bumps grpc, but go.mod also upgrades several other direct dependencies (e.g., logrus, testify, x/oauth2) and many indirect golang.org/x/* modules. Please either (a) narrow the change to only the grpc-related updates, or (b) update the PR title/description to reflect that this is a broader dependency refresh.
| golang.org/x/text v0.32.0 // indirect | ||
| golang.org/x/time v0.11.0 // indirect | ||
| google.golang.org/genproto/googleapis/rpc v0.0.0-20251202230838-ff82c1b0f217 // indirect | ||
| google.golang.org/grpc v1.79.3 // indirect |
There was a problem hiding this comment.
If the goal of this PR is to bump grpc specifically, it’s more stable to require google.golang.org/grpc directly (non-// indirect) rather than relying on a transitive constraint, since go mod tidy or upstream dependency changes can move an indirect version unexpectedly. Consider adding it to the main require block and letting tidy manage the rest.
📝 Description
Bumped the version of the
grpcdependency and other affected upstream dependencies