Skip to content

chore(deps): update module github.com/cenkalti/backoff/v4 to v7#584

Open
red-hat-konflux[bot] wants to merge 1 commit into
masterfrom
konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x
Open

chore(deps): update module github.com/cenkalti/backoff/v4 to v7#584
red-hat-konflux[bot] wants to merge 1 commit into
masterfrom
konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x

Conversation

@red-hat-konflux

@red-hat-konflux red-hat-konflux Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
github.com/cenkalti/backoff/v4 v4.3.0v7.0.0 age confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

cenkalti/backoff (github.com/cenkalti/backoff/v4)

v7.0.0

Compare Source

v6.0.1

Compare Source

v6.0.0

Compare Source

v5.0.3

Compare Source

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source


Configuration

📅 Schedule: (in timezone UTC)

  • Branch creation
    • Between 02:00 AM and 04:59 AM, Monday through Friday (* 2-4 * * 1-5)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

@red-hat-konflux red-hat-konflux Bot added area/dependency Issues or PRs related to dependency changes major-update manual-review-required ok-to-test Indicates a non-member PR verified by an org member that is safe to test. labels Jul 6, 2026
@openshift-ci openshift-ci Bot requested review from bmeng and zmird-r July 6, 2026 04:16
@openshift-ci

openshift-ci Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign ravitri for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@coderabbitai

coderabbitai Bot commented Jul 6, 2026

Copy link
Copy Markdown

Walkthrough

This change updates the indirect Go module dependency for github.com/cenkalti/backoff from v4.3.0 to v7.0.0 in go.mod.

Changes

Dependency Update

Layer / File(s) Summary
Update backoff dependency version
go.mod
Indirect dependency github.com/cenkalti/backoff is updated from /v4 v4.3.0 to /v7 v7.0.0.

Estimated code review effort: 1 (Trivial) | ~2 minutes

Related issues: None identified from the provided information.

Related PRs: None identified from the provided information.

Suggested labels: dependencies

Suggested reviewers: None identified from the provided information.

Poem

One module line, a version shift,
from four to seven, subtle lift.
Small change set, quiet and neat,
a tiny dependency update complete.

🚥 Pre-merge checks | ✅ 15
✅ Passed checks (15 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed Only go.mod changed; no test files or Ginkgo titles were modified, so there are no dynamic test names to review.
Test Structure And Quality ✅ Passed Only go.mod changed; no Ginkgo tests or assertion patterns were modified, so this check is not applicable.
Microshift Test Compatibility ✅ Passed HEAD only changes go.mod; no new or modified Ginkgo e2e tests are present to audit for MicroShift compatibility.
Single Node Openshift (Sno) Test Compatibility ✅ Passed Only go.mod changed; no new Ginkgo e2e tests were added, so SNO compatibility is not applicable.
Topology-Aware Scheduling Compatibility ✅ Passed Only go.mod changed to bump an indirect dependency; no manifests, controllers, or scheduling/topology-related code were modified.
Ote Binary Stdout Contract ✅ Passed PR only updates go.mod; no stdout-emitting process-level code was added or changed, and backoff isn’t used in entrypoints or suite setup.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed Only go.mod changed; no new Ginkgo e2e tests or network code were added, so the IPv6/disconnected-network check is not applicable.
No-Weak-Crypto ✅ Passed The PR only changes go.mod to bump backoff; no weak-crypto algorithms, custom crypto, or secret comparisons were added.
Container-Privileges ✅ Passed Only go.mod changed in this PR; no container/K8s manifests were modified, so no privilege settings were introduced.
No-Sensitive-Data-In-Logs ✅ Passed Only go.mod changed for a dependency bump; no logging code or sensitive data exposure was introduced.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately reflects the dependency upgrade from backoff/v4 to v7 in go.mod.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@go.mod`:
- Line 47: The dependency bump in go.mod for github.com/cenkalti/backoff/v7 is
not reflected in go.sum, so update the checksum file to include the v7.0.0
entries. Run go mod tidy or the equivalent dependency refresh so the hashes
match the new version pin and keep the module files in sync.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 11921c3c-3441-46ef-939b-2be1e4a72927

📥 Commits

Reviewing files that changed from the base of the PR and between 95b8d9a and 8f84384.

📒 Files selected for processing (1)
  • go.mod

Comment thread go.mod
github.com/aws/smithy-go v1.27.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cenkalti/backoff/v7 v7.0.0 // indirect

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf 'go.mod:\n'
sed -n '1,120p' go.mod

printf '\n--- go.sum matches for backoff ---\n'
rg -n 'github.com/cenkalti/backoff' go.sum || true

printf '\n--- module metadata (if available) ---\n'
go list -m -json github.com/cenkalti/backoff/v7@v7.0.0 2>/dev/null | sed -n '1,80p' || true

Repository: openshift/configure-alertmanager-operator

Length of output: 6630


🏁 Script executed:

#!/bin/bash
set -euo pipefail
echo '--- go.mod ---'
sed -n '40,55p' go.mod
echo
echo '--- backoff entries in go.sum ---'
rg -n 'github.com/cenkalti/backoff' go.sum || true
echo
echo '--- top-level module line ---'
grep -n 'github.com/cenkalti/backoff' go.mod || true

Repository: openshift/configure-alertmanager-operator

Length of output: 1663


Add the go.sum entries for github.com/cenkalti/backoff/v7. go.mod now pins v7.0.0, but go.sum still only has the v4/v5 hashes. Run go mod tidy or equivalent so the checksum file matches this dependency bump.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 47, The dependency bump in go.mod for
github.com/cenkalti/backoff/v7 is not reflected in go.sum, so update the
checksum file to include the v7.0.0 entries. Run go mod tidy or the equivalent
dependency refresh so the hashes match the new version pin and keep the module
files in sync.

@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot deleted the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch July 6, 2026 08:09
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from 8f84384 to 1c21f6e Compare July 7, 2026 04:18
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from 1c21f6e to cfe6507 Compare July 8, 2026 04:11
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 10, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 10, 2026
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 13, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 13, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from cfe6507 to 3cb0ec1 Compare July 13, 2026 04:17
@openshift-ci

openshift-ci Bot commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

@red-hat-konflux[bot]: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/validate 3cb0ec1 link true /test validate

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/dependency Issues or PRs related to dependency changes major-update manual-review-required ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants