Skip to content

chore(deps): update module github.com/cenkalti/backoff/v4 to v7#584

Open
red-hat-konflux[bot] wants to merge 1 commit into
masterfrom
konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x
Open

chore(deps): update module github.com/cenkalti/backoff/v4 to v7#584
red-hat-konflux[bot] wants to merge 1 commit into
masterfrom
konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x

Conversation

@red-hat-konflux

@red-hat-konflux red-hat-konflux Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
github.com/cenkalti/backoff/v4 v4.3.0v7.0.0 age confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

cenkalti/backoff (github.com/cenkalti/backoff/v4)

v7.0.0

Compare Source

v6.0.1

Compare Source

v6.0.0

Compare Source

v5.0.3

Compare Source

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source


Configuration

📅 Schedule: (in timezone UTC)

  • Branch creation
    • Between 02:00 AM and 04:59 AM, Monday through Friday (* 2-4 * * 1-5)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

Summary by CodeRabbit

  • Chores
    • Updated an internal dependency to a newer version.
    • No visible product features or user-facing behavior changes.

@red-hat-konflux red-hat-konflux Bot added area/dependency Issues or PRs related to dependency changes major-update manual-review-required ok-to-test Indicates a non-member PR verified by an org member that is safe to test. labels Jul 6, 2026
@openshift-ci openshift-ci Bot requested review from bmeng and zmird-r July 6, 2026 04:16
@coderabbitai

coderabbitai Bot commented Jul 6, 2026

Copy link
Copy Markdown

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 83817162-0b71-4b4b-bbaf-cdb784ab2469

📥 Commits

Reviewing files that changed from the base of the PR and between cfe6507 and 6a14def.

📒 Files selected for processing (1)
  • go.mod
🚧 Files skipped from review as they are similar to previous changes (1)
  • go.mod

Walkthrough

This change updates the indirect Go module dependency from github.com/cenkalti/backoff/v4 v4.3.0 to github.com/cenkalti/backoff/v7 v7.0.0 in go.mod.

Changes

Dependency update

Layer / File(s) Summary
Update backoff module version
go.mod
The indirect backoff dependency is changed from v4.3.0 to v7.0.0.

Estimated code review effort: 1 (Trivial) | ~2 minutes

Suggested reviewers: bmeng, zmird-r

🚥 Pre-merge checks | ✅ 15
✅ Passed checks (15 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the dependency upgrade from backoff v4 to v7.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed Only go.mod changed; no test files or Ginkgo titles were modified, so there are no unstable test names to flag.
Test Structure And Quality ✅ Passed PR diff only updates go.mod for backoff/v7; no Ginkgo test files or test logic changed, so the test-quality check is not applicable.
Microshift Test Compatibility ✅ Passed Only go.mod changed; no new Ginkgo e2e tests or MicroShift-relevant APIs/features were added.
Single Node Openshift (Sno) Test Compatibility ✅ Passed Only go.mod changed; no new Ginkgo e2e tests or cluster-topology assumptions were introduced, so SNO compatibility is not applicable.
Topology-Aware Scheduling Compatibility ✅ Passed Only go.mod changed; no deployment manifests, operator code, or controllers were modified, so no topology-aware scheduling risk was introduced.
Ote Binary Stdout Contract ✅ Passed PASS: PR only changes go.mod to bump an indirect dependency; no main/init/suite stdout writes were added or altered.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed Only go.mod changed; no new or modified Ginkgo e2e tests were added, so the IPv4/disconnected-network check is not applicable.
No-Weak-Crypto ✅ Passed PR only updates an indirect Go dependency in go.mod; no weak-crypto code or secret-comparison logic was added or changed.
Container-Privileges ✅ Passed The PR only changes go.mod; no container/K8s manifests were modified and no privilege-related settings are present in the diff.
No-Sensitive-Data-In-Logs ✅ Passed Only go.mod changed to bump backoff; no logging code or sensitive-data exposure was added.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@go.mod`:
- Line 47: The dependency bump in go.mod for github.com/cenkalti/backoff/v7 is
not reflected in go.sum, so update the checksum file to include the v7.0.0
entries. Run go mod tidy or the equivalent dependency refresh so the hashes
match the new version pin and keep the module files in sync.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository YAML (base), Central YAML (inherited)

Review profile: CHILL

Plan: Enterprise

Run ID: 11921c3c-3441-46ef-939b-2be1e4a72927

📥 Commits

Reviewing files that changed from the base of the PR and between 95b8d9a and 8f84384.

📒 Files selected for processing (1)
  • go.mod

Comment thread go.mod
github.com/aws/smithy-go v1.27.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cenkalti/backoff/v7 v7.0.0 // indirect

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔒 Security & Privacy | 🟡 Minor | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

printf 'go.mod:\n'
sed -n '1,120p' go.mod

printf '\n--- go.sum matches for backoff ---\n'
rg -n 'github.com/cenkalti/backoff' go.sum || true

printf '\n--- module metadata (if available) ---\n'
go list -m -json github.com/cenkalti/backoff/v7@v7.0.0 2>/dev/null | sed -n '1,80p' || true

Repository: openshift/configure-alertmanager-operator

Length of output: 6630


🏁 Script executed:

#!/bin/bash
set -euo pipefail
echo '--- go.mod ---'
sed -n '40,55p' go.mod
echo
echo '--- backoff entries in go.sum ---'
rg -n 'github.com/cenkalti/backoff' go.sum || true
echo
echo '--- top-level module line ---'
grep -n 'github.com/cenkalti/backoff' go.mod || true

Repository: openshift/configure-alertmanager-operator

Length of output: 1663


Add the go.sum entries for github.com/cenkalti/backoff/v7. go.mod now pins v7.0.0, but go.sum still only has the v4/v5 hashes. Run go mod tidy or equivalent so the checksum file matches this dependency bump.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 47, The dependency bump in go.mod for
github.com/cenkalti/backoff/v7 is not reflected in go.sum, so update the
checksum file to include the v7.0.0 entries. Run go mod tidy or the equivalent
dependency refresh so the hashes match the new version pin and keep the module
files in sync.

@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 6, 2026
@red-hat-konflux red-hat-konflux Bot deleted the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch July 6, 2026 08:09
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from 8f84384 to 1c21f6e Compare July 7, 2026 04:18
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 7, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 8, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from 1c21f6e to cfe6507 Compare July 8, 2026 04:11
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 10, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 10, 2026
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 13, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 13, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from cfe6507 to 3cb0ec1 Compare July 13, 2026 04:17
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed Jul 14, 2026
@red-hat-konflux red-hat-konflux Bot closed this Jul 14, 2026
Signed-off-by: red-hat-konflux <126015336+red-hat-konflux[bot]@users.noreply.github.com>
@red-hat-konflux red-hat-konflux Bot changed the title chore(deps): update module github.com/cenkalti/backoff/v4 to v7 - autoclosed chore(deps): update module github.com/cenkalti/backoff/v4 to v7 Jul 15, 2026
@red-hat-konflux red-hat-konflux Bot reopened this Jul 15, 2026
@red-hat-konflux red-hat-konflux Bot force-pushed the konflux/mintmaker/master/github.com-cenkalti-backoff-v4-7.x branch 2 times, most recently from 3cb0ec1 to 6a14def Compare July 15, 2026 04:13
@openshift-ci

openshift-ci Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign xiaoyu74 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

1 similar comment
@openshift-ci

openshift-ci Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: red-hat-konflux[bot]
Once this PR has been reviewed and has the lgtm label, please assign xiaoyu74 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci

openshift-ci Bot commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

@red-hat-konflux[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/lint 3cb0ec1 link true /test lint
ci/prow/images 6a14def link true /test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/dependency Issues or PRs related to dependency changes major-update manual-review-required ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants