Skip to content

[CPCAP-4585] Update third parties and dependencies #209

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
DmitriiRabenok merged 20 commits into from
Jan 22, 2026
Merged

[CPCAP-4585] Update third parties and dependencies #209

DmitriiRabenok merged 20 commits into from
Jan 22, 2026

Conversation

@pranavcracker
Copy link
Collaborator

@pranavcracker pranavcracker commented Jan 20, 2026
edited
Loading

Summary

This PR upgrades the project toolchain to Go 1.25 to address known vulnerabilities, migrates golangci-lint to v2, and updates Docker base images and dependencies to versions compatible with the new Go release.
Changes are limited to CI, tooling, Docker images, and dependencies; no application logic was modified.

Key Changes

  • Security & Toolchain

    • Upgraded Go from 1.24 → 1.25 (CI workflows and Docker images) to address vulnerabilities
    • Updated Go-based Docker images to Go 1.25.5
    • Updated Python base image to python:3.13.11-alpine

  • Linting

    • Upgraded golangci-lint-action to v7 (golangci-lint v2)
    • Added .golangci.yml (config version 2) required by golangci-lint v2
    • Disabled selected style-only Staticcheck rules and errcheck to avoid large refactors in legacy and generated code
    • Core correctness checks (typecheck, govet, etc.) remain enabled

  • Dependencies

    • Updated Go module dependencies to versions compatible with Go 1.25
    • Pinned sigs.k8s.io/controller-runtime to v0.21.0 to avoid breaking API changes

@pranavcracker pranavcracker marked this pull request as ready for review January 21, 2026 07:47
@pranavcracker pranavcracker changed the title update third-parties [CPCAP-4585] Update third-parties Jan 21, 2026
@pranavcracker pranavcracker changed the title [CPCAP-4585] Update third-parties [CPCAP-4585] Update third parties and dependencies Jan 21, 2026
@DmitriiRabenok DmitriiRabenok merged commit cdd6688 into main Jan 22, 2026
18 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Jan 22, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@theboringstuff theboringstuff theboringstuff approved these changes

@DmitriiRabenok DmitriiRabenok DmitriiRabenok approved these changes

@nikhil1697 nikhil1697 Awaiting requested review from nikhil1697

@alexarefev alexarefev Awaiting requested review from alexarefev

Assignees

@DmitriiRabenok DmitriiRabenok

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pranavcracker @theboringstuff @DmitriiRabenok