Skip to content

Update old dependencies #2282

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 26, 2025
Merged

Update old dependencies #2282

merged 5 commits into from
Mar 26, 2025

Conversation

mtrmac
Copy link
Collaborator

@mtrmac mtrmac commented Mar 14, 2025

Bots generally update direct dependencies, and dependencies with known vulnerabilities.

For indirect dependencies which are over a year old, and either have a newer tagged release or haven’t been using a tagged release anyway, update to the latest version.

(This does nothing about dependencies with no upstream activity, or officially deprecated or even archived.)

mtrmac
mtrmac commented Mar 14, 2025
View reviewed changes
go.mod
golang.org/x/sync v0.11.0
golang.org/x/sys v0.30.0
gotest.tools v2.2.0+incompatible
gotest.tools/v3 v3.5.2
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This clearly invites a question whether the project should be depending on both github.com/stretchr/testify and gotest.tools/v3.

Solving that is not a goal of this PR (which focuses on old/unmaintained/non-updated dependencies).

@giuseppe
Copy link
Member

needs a rebase

@mtrmac
Copy link
Collaborator Author

mtrmac commented Mar 17, 2025

Rebased.

@mtrmac
Copy link
Collaborator Author

mtrmac commented Mar 26, 2025

@giuseppe PTANL.

mtrmac added 5 commits March 26, 2025 21:00
@mtrmac
Remove the remaining user of golang.org/x/exp/maps
05de8c7 
Should not change behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Update to gotest.tools/v3
dd32248 
We have been using a version over 6 years old.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Update to github.com/google/go-cmp v0.7.0
bbd478c 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Update to github.com/golang/groupcache v0.0.0-20241129210726-2c02b820…
70d17bb 
…8cf8

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
@mtrmac
Update github.com/containerd/cgroups/v3 to v3.0.5
bc9acfc 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
giuseppe
giuseppe approved these changes Mar 26, 2025
View reviewed changes
Copy link
Member

@giuseppe giuseppe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm label Mar 26, 2025
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Mar 26, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: giuseppe, mtrmac

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-merge-bot openshift-merge-bot bot merged commit e9b6c10 into containers:main Mar 26, 2025
20 checks passed
@mtrmac mtrmac deleted the old-deps branch March 26, 2025 21:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@giuseppe giuseppe giuseppe approved these changes

Assignees

@giuseppe giuseppe

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mtrmac @giuseppe @openshift-merge-robot