chore(deps): update module github.com/cenkalti/backoff/v4 to v7#584
chore(deps): update module github.com/cenkalti/backoff/v4 to v7#584red-hat-konflux[bot] wants to merge 1 commit into
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: red-hat-konflux[bot] The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
WalkthroughThis change updates the indirect Go module dependency for ChangesDependency Update
Estimated code review effort: 1 (Trivial) | ~2 minutes Related issues: None identified from the provided information. Related PRs: None identified from the provided information. Suggested labels: dependencies Suggested reviewers: None identified from the provided information. Poem
🚥 Pre-merge checks | ✅ 15✅ Passed checks (15 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@go.mod`:
- Line 47: The dependency bump in go.mod for github.com/cenkalti/backoff/v7 is
not reflected in go.sum, so update the checksum file to include the v7.0.0
entries. Run go mod tidy or the equivalent dependency refresh so the hashes
match the new version pin and keep the module files in sync.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Repository YAML (base), Central YAML (inherited)
Review profile: CHILL
Plan: Enterprise
Run ID: 11921c3c-3441-46ef-939b-2be1e4a72927
📒 Files selected for processing (1)
go.mod
| github.com/aws/smithy-go v1.27.2 // indirect | ||
| github.com/beorn7/perks v1.0.1 // indirect | ||
| github.com/cenkalti/backoff/v4 v4.3.0 // indirect | ||
| github.com/cenkalti/backoff/v7 v7.0.0 // indirect |
There was a problem hiding this comment.
🔒 Security & Privacy | 🟡 Minor | ⚡ Quick win
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
set -euo pipefail
printf 'go.mod:\n'
sed -n '1,120p' go.mod
printf '\n--- go.sum matches for backoff ---\n'
rg -n 'github.com/cenkalti/backoff' go.sum || true
printf '\n--- module metadata (if available) ---\n'
go list -m -json github.com/cenkalti/backoff/v7@v7.0.0 2>/dev/null | sed -n '1,80p' || trueRepository: openshift/configure-alertmanager-operator
Length of output: 6630
🏁 Script executed:
#!/bin/bash
set -euo pipefail
echo '--- go.mod ---'
sed -n '40,55p' go.mod
echo
echo '--- backoff entries in go.sum ---'
rg -n 'github.com/cenkalti/backoff' go.sum || true
echo
echo '--- top-level module line ---'
grep -n 'github.com/cenkalti/backoff' go.mod || trueRepository: openshift/configure-alertmanager-operator
Length of output: 1663
Add the go.sum entries for github.com/cenkalti/backoff/v7. go.mod now pins v7.0.0, but go.sum still only has the v4/v5 hashes. Run go mod tidy or equivalent so the checksum file matches this dependency bump.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
In `@go.mod` at line 47, The dependency bump in go.mod for
github.com/cenkalti/backoff/v7 is not reflected in go.sum, so update the
checksum file to include the v7.0.0 entries. Run go mod tidy or the equivalent
dependency refresh so the hashes match the new version pin and keep the module
files in sync.
8f84384 to
1c21f6e
Compare
1c21f6e to
cfe6507
Compare
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
cfe6507 to
3cb0ec1
Compare
|
@red-hat-konflux[bot]: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
This PR contains the following updates:
v4.3.0→v7.0.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
cenkalti/backoff (github.com/cenkalti/backoff/v4)
v7.0.0Compare Source
v6.0.1Compare Source
v6.0.0Compare Source
v5.0.3Compare Source
v5.0.2Compare Source
v5.0.1Compare Source
v5.0.0Compare Source
Configuration
📅 Schedule: (in timezone UTC)
* 2-4 * * 1-5)🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
To execute skipped test pipelines write comment
/ok-to-test.Documentation
Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.