Skip to content

Bump github.com/kopia/kopia from 0.10.7 to 0.23.0#325

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/kopia/kopia-0.23.0
Closed

Bump github.com/kopia/kopia from 0.10.7 to 0.23.0#325
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/go_modules/github.com/kopia/kopia-0.23.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/kopia/kopia from 0.10.7 to 0.23.0.

Release notes

Sourced from github.com/kopia/kopia's releases.

v0.23.0

Command-Line Interface

  • [BREAKING CHANGE] restrict insecure unauthenticated server to loopback binds (#5354) by Jarek Kowalski
  • registration mechanism for storage providers (#5350) by Julio López
  • hash benchmarking count (#5312) by Julio López
  • leverage x/term.IsTerminal (#5308) by Julio López
  • handle potential conversion overflow when setting progress default (#5271) by Julio López

KopiaUI App

  • skip htmlui tests that are timing out (#5257) by Julio López

General Improvements

  • bigmapbench profiling (#5321) by Julio López
  • clean nits (#5313) by Julio López
  • remove support for LZ4 (#5296) by Julio López
  • retained log size double counting (#5302) by Julio López
  • make counters and size stats uint64 for consistency (#5262) by Julio López
  • address potential conversion overflows (#5266) by Julio López
  • string nits (#5265) by Julio López
  • cleanup nits (#5236) by Julio López
  • do not included concatenated entries in log (#5231) by lif
  • move SafeLongFilename to ospath (#5227) by Julio López
  • add byte units to maintenance stat summaries (#5178) by Julio López

Repository

  • sync index blob file before closing (#5292) by Julio López
  • failures when exceeding Windows MAX_PATH (#5226) by Julio López

Snapshots

  • ErrorEntry policy resolution to use child policy (#5234) by Baixiaochun
  • inaccessible entry causes parent directory to be skipped (#5217) by Julio López

Storage Providers

  • warn messages for extra storage providers (#5324) by Julio López
  • perform maximum of 2 attempt in PutBlobInPath (#5168) by Julio López
  • require.NoError (#5166) by Julio López
  • update injected error message (#5165) by Julio López
  • make tests with injected errors more robust (#5164) by Julio López
  • cleanup temporary file on put blob failure (#5157) by Julio López
  • notify after releasing the lock (#5154) by Julio López
  • sync file in FS provider to ensure data is persisted (#5150) by Julio López

... (truncated)

Commits
  • 981d5f9 build(deps-dev): update govulncheck version (#5367)
  • 1bb1901 build(deps): bump fast-uri from 3.1.0 to 3.1.2 in /app (#5366)
  • 24a5085 Update golang toolchain to 1.25.10 (#5365)
  • c26c6a1 feat(cli): restrict insecure unauthenticated server to loopback binds (#5354)
  • 17e43ef build(deps): bump github.com/klauspost/compress from 1.18.5 to 1.18.6 (#5357)
  • cf09101 build(deps): bump github.com/klauspost/reedsolomon from 1.13.3 to 1.14.0 (#5358)
  • 3c3ff47 build(deps): bump go.uber.org/zap from 1.27.1 to 1.28.0 (#5356)
  • b53c032 build(deps): bump the common-golang-dependencies group with 2 updates (#5355)
  • 4d6a84a feat(ui): upgraded htmlui to the latest version (#5353)
  • 5db9d59 build(deps-dev): bump electron (#5351)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels May 19, 2026
@coderabbitai

coderabbitai Bot commented May 19, 2026

Copy link
Copy Markdown

Note

Reviews paused

It looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the reviews.auto_review.auto_pause_after_reviewed_commits setting.

Use the following commands to manage reviews:

  • @coderabbitai resume to resume automatic reviews.
  • @coderabbitai review to trigger a single review.

Use the checkboxes below for quick actions:

  • ▶️ Resume reviews
  • 🔍 Trigger review

Walkthrough

Updates go.mod: Go directive to 1.25.8; bumps direct requires (google.golang.org/api, cloud.google.com/go/storage, golang.org/x/oauth2) and refreshes many indirect/transitive dependencies across Google Cloud, gRPC/protobuf/genproto, OpenTelemetry, and related infra libraries.

Changes

Dependency and Toolchain Update

Layer / File(s) Summary
Go toolchain and direct requires
go.mod
Go language directive changed to 1.25.8; direct requires updated (google.golang.org/api, cloud.google.com/go/storage, golang.org/x/oauth2).
Indirect dependency refresh (start)
go.mod
Start of the indirect require list refreshed with many Google Cloud, auth, monitoring, and OpenTelemetry-related indirect version updates.
Small Google infra bumps
go.mod
A small cluster of Google infra/security indirect libraries bumped (google/s2a-go, googleapis/enterprise-certificate-proxy, googleapis/gax-go/v2).
Broad transitive sweep
go.mod
Large upgrade sweep of OpenTelemetry components, Prometheus clients, go.uber.org/*, golang.org/x/*, and core RPC/serialization stacks (google.golang.org/grpc, google.golang.org/protobuf, google.golang.org/genproto/*).

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Suggested labels

area/dependency

Suggested reviewers

  • ravitri
🚥 Pre-merge checks | ✅ 10 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name Status Explanation Resolution
Title check ⚠️ Warning The title mentions a Kopia version bump, but the changeset only updates other Go module dependencies in go.mod. Rename the PR to reflect the actual dependency updates in go.mod, such as the Google API, oauth2, and storage upgrades.
Test Structure And Quality ❓ Inconclusive Check specifies Ginkgo test patterns (BeforeEach/AfterEach/It/Eventually/Consistently), but PR contains standard Go tests only—no Ginkgo imports or patterns found. Clarify if check applies to all Go tests or Ginkgo-specific tests only. If all tests, provide adapted guidelines for standard testing.T patterns.
✅ Passed checks (10 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names ✅ Passed PR uses only standard Go testing, not Ginkgo. All test names are static and descriptive with no dynamic values like timestamps, UUIDs, or pod/namespace names.
Microshift Test Compatibility ✅ Passed PR contains only go.mod dependency updates and standard Go unit tests; no new Ginkgo e2e tests (It(), Describe(), Context(), etc.) are added, so the check does not apply.
Single Node Openshift (Sno) Test Compatibility ✅ Passed PR only updates Go module dependencies; no Ginkgo e2e tests added. Existing test files use standard Go testing package, not Ginkgo. SNO compatibility check not applicable.
Topology-Aware Scheduling Compatibility ✅ Passed PR bumps kopia to v0.23.0 and introduces deployment using preferred affinity and single replica, which work on all OpenShift topologies (SNO, TNF, TNA, HyperShift).
Ote Binary Stdout Contract ✅ Passed No OTE contract violations found: zap logger correctly configured for stderr output, no direct stdout writes in main(), no klog issues, no problematic init() or suite setup functions.
Ipv6 And Disconnected Network Test Compatibility ✅ Passed No Ginkgo e2e tests were added in this PR. The PR contains only dependency updates to go.mod and build configuration files, with no test additions.
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch dependabot/go_modules/github.com/kopia/kopia-0.23.0

Comment @coderabbitai help to get the list of available commands.

@openshift-ci openshift-ci Bot requested review from devppratik and ravitri May 19, 2026 19:32
@openshift-ci openshift-ci Bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label May 19, 2026
@openshift-ci

openshift-ci Bot commented May 19, 2026

Copy link
Copy Markdown
Contributor

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@cblecker

Copy link
Copy Markdown
Member

/ok-to-test

@openshift-ci openshift-ci Bot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels May 19, 2026
@openshift-ci

openshift-ci Bot commented May 26, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from e8fe1ca to 303df92 Compare May 26, 2026 16:49
@openshift-ci openshift-ci Bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 26, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from 303df92 to e2302bb Compare May 26, 2026 20:33
@openshift-ci openshift-ci Bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 26, 2026
@openshift-ci

openshift-ci Bot commented May 26, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci openshift-ci Bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 26, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
go.mod (1)

80-80: kop ia dependency: no direct usage; likely safe to keep only if needed by build tooling

  • go.mod includes github.com/kopia/kopia v0.23.0 // indirect (line 80).
  • No packages in this repo directly import github.com/kopia/kopia, and go mod why github.com/kopia/kopia reports the main module does not need that package—so kopia breaking changes shouldn’t affect this codebase.
  • If this is just a leftover requirement, run go mod tidy to remove it.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 80, The go.mod contains an unused indirect dependency
"github.com/kopia/kopia v0.23.0" which no package imports; remove it by running
"go mod tidy" to clean unused indirect requirements (or manually remove the
"github.com/kopia/kopia v0.23.0 // indirect" entry), then verify with "go mod
why github.com/kopia/kopia" to confirm it's gone and run a build to ensure no
tooling needs it.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@go.mod`:
- Line 80: The go.mod contains an unused indirect dependency
"github.com/kopia/kopia v0.23.0" which no package imports; remove it by running
"go mod tidy" to clean unused indirect requirements (or manually remove the
"github.com/kopia/kopia v0.23.0 // indirect" entry), then verify with "go mod
why github.com/kopia/kopia" to confirm it's gone and run a build to ensure no
tooling needs it.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 6223d65e-388f-47ce-b914-e951a3203abd

📥 Commits

Reviewing files that changed from the base of the PR and between 303df92 and e2302bb.

⛔ Files ignored due to path filters (1)
  • go.sum is excluded by !**/*.sum
📒 Files selected for processing (1)
  • go.mod

@openshift-ci

openshift-ci Bot commented May 27, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci openshift-ci Bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from e2302bb to 76d9985 Compare May 27, 2026 00:41
@openshift-ci openshift-ci Bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 27, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
go.mod (1)

3-3: ⚠️ Potential issue | 🔴 Critical

Fix CI/tooling compatibility for go 1.25.8 (current build root likely only has Go 1.23).

  • Repo CI/tooling configs don’t pin Go ≥ 1.25.8; .ci-operator.yaml uses boilerplate:image-v8.3.4 as the build root.
  • OpenShift boilerplate image-v8.3.4 is based on Go 1.23.
  • A Go 1.23 toolchain may fail to load/build modules declaring go 1.25.8 (parse/refusal due to unsupported/newer go directive/version requirements).

Update the CI/build-root image (boilerplate) to one that includes Go 1.25.8+, or adjust go.mod to match what CI actually provides.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 3, CI is using an OpenShift build root
(boilerplate:image-v8.3.4) that ships Go 1.23 while go.mod currently declares
"go 1.25.8", causing toolchain mismatch; either update the CI/build-root image
reference in .ci-operator.yaml to a boilerplate that includes Go 1.25.8+ or
relax go.mod's module directive to "go 1.23" so the repo builds with the
existing CI image—locate the go directive in go.mod ("go 1.25.8") and the
boilerplate image tag in .ci-operator.yaml ("boilerplate:image-v8.3.4") and
change one of those to restore compatibility.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@go.mod`:
- Line 3: CI is using an OpenShift build root (boilerplate:image-v8.3.4) that
ships Go 1.23 while go.mod currently declares "go 1.25.8", causing toolchain
mismatch; either update the CI/build-root image reference in .ci-operator.yaml
to a boilerplate that includes Go 1.25.8+ or relax go.mod's module directive to
"go 1.23" so the repo builds with the existing CI image—locate the go directive
in go.mod ("go 1.25.8") and the boilerplate image tag in .ci-operator.yaml
("boilerplate:image-v8.3.4") and change one of those to restore compatibility.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 5920076a-d85e-4a43-97e7-6887c8997e19

📥 Commits

Reviewing files that changed from the base of the PR and between e2302bb and 76d9985.

⛔ Files ignored due to path filters (1)
  • go.sum is excluded by !**/*.sum
📒 Files selected for processing (1)
  • go.mod

@openshift-ci openshift-ci Bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 27, 2026
@openshift-ci

openshift-ci Bot commented May 27, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@dependabot @github

dependabot Bot commented on behalf of github May 27, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot can't resolve your Go dependency files. Because of this, Dependabot cannot update this pull request.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from 76d9985 to ef4f61a Compare May 27, 2026 08:45
@openshift-ci openshift-ci Bot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels May 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from ef4f61a to a73e4df Compare May 27, 2026 12:41
@openshift-ci

openshift-ci Bot commented May 27, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-ci openshift-ci Bot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels May 27, 2026
@openshift-ci

openshift-ci Bot commented May 27, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@dependabot @github

dependabot Bot commented on behalf of github May 27, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot can't resolve your Go dependency files. Because of this, Dependabot cannot update this pull request.

1 similar comment
@dependabot @github

dependabot Bot commented on behalf of github May 27, 2026

Copy link
Copy Markdown
Contributor Author

Dependabot can't resolve your Go dependency files. Because of this, Dependabot cannot update this pull request.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from a73e4df to e4b4e11 Compare May 28, 2026 00:28
@openshift-ci openshift-ci Bot added needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels May 28, 2026
@openshift-ci

openshift-ci Bot commented May 28, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from e4b4e11 to 10d6634 Compare May 28, 2026 04:40
@openshift-ci openshift-ci Bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label May 28, 2026
@cblecker

Copy link
Copy Markdown
Member

@dependabot recreate

@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from 10d6634 to 4baa528 Compare May 28, 2026 15:22
@openshift-ci openshift-ci Bot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 14, 2026
@openshift-ci

openshift-ci Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@cblecker

Copy link
Copy Markdown
Member

@dependabot recreate

@cblecker cblecker self-assigned this Jul 14, 2026
Bumps [github.com/kopia/kopia](https://github.com/kopia/kopia) from 0.10.7 to 0.23.0.
- [Release notes](https://github.com/kopia/kopia/releases)
- [Commits](kopia/kopia@v0.10.7...v0.23.0)

---
updated-dependencies:
- dependency-name: github.com/kopia/kopia
  dependency-version: 0.23.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch from 4baa528 to 73b5d1f Compare July 14, 2026 19:11
@openshift-ci openshift-ci Bot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 14, 2026
@openshift-ci

openshift-ci Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please ask for approval from cblecker. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@cblecker cblecker closed this Jul 14, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 14, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@openshift-ci

openshift-ci Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

@dependabot[bot]: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/test 73b5d1f link true /test test
ci/prow/lint 73b5d1f link true /test lint
ci/prow/images 73b5d1f link true /test images

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@dependabot dependabot Bot deleted the dependabot/go_modules/github.com/kopia/kopia-0.23.0 branch July 14, 2026 19:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code ok-to-test Indicates a non-member PR verified by an org member that is safe to test.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant