Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): Upgrade various dependencies #34

Merged
merged 1 commit into from
Oct 4, 2024
Merged

build(deps): Upgrade various dependencies #34

merged 1 commit into from
Oct 4, 2024

Conversation

hanssto
Copy link

@hanssto hanssto commented Oct 2, 2024
edited
Loading

We have a critical security update on Docker auth, which is an
indirect dependency of the test code (seemingly via oras). See #13.

This is the culmination of different attempts at upgrading without
having to make substantial changes to the sloth source code.

Some notes:

  • Upgrading go-helm-template (also made by slok) in test ultimately
    requires at least Go 1.22.
  • The GH actions uses the root go.mod Go version, so these need
    to be synced.
  • The next version of reloader, also made by slok, requires
    1.23, so both root and test needs to be on 1.23.
  • Updated the dev and prod Dockerfiles to match the go version.
  • Upgraded most dependencies to get as far as possible.
  • Keeping Prometheus-related deps as certain newer versions
    don't work with the code. There might be further version jumps
    we can do here.

This results in errors on lint which are addressed in #35.

@hanssto hanssto force-pushed the hanst/upgrade-various-deps branch 2 times, most recently from 75d2b39 to 7381cac Compare October 2, 2024 14:21
@hanssto
build(deps): Upgrade various dependencies
776c994 
We have a critical security update on Docker auth, which is an
indirect dependency of the test code (seemingly via oras).

This is the culmination of different attempts at upgrading without
having to make substantial changes to the sloth source code.

Some notes:
* Upgrading go-helm-template (also made by slok) in test ultimately
  requires at least Go 1.22.
* The GH actions uses the root go.mod Go version, so these need
  to be synced.
* The next version of reloader, also made by slok, requires
  1.23, so both root and test needs to be on 1.23.
* Updated the dev and prod Dockerfiles to match the go version.
* Upgraded most dependencies to get as far as possible.
* Keeping Prometheus-related deps as certain newer versions
  don't work with the code. There might be further version jumps
  we can do here.

This results in errors on lint which are addressed in #35.
@hanssto hanssto force-pushed the hanst/upgrade-various-deps branch from e1c5f6e to 776c994 Compare October 4, 2024 10:14
@hanssto hanssto changed the title build(deps): Upgrade go-helm-template and indirect deps build(deps): Upgrade various dependencies Oct 4, 2024
@hanssto hanssto mentioned this pull request Oct 4, 2024
Merged
@hanssto hanssto merged commit df7d176 into main Oct 4, 2024
34 of 36 checks passed
@hanssto hanssto deleted the hanst/upgrade-various-deps branch October 4, 2024 10:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@hanssto