⬆️ Added bulk mode & removed default TTL (#73)

This commit contains the following changes, mostly related to the bulk mode:

- adds a bulk mode to handle change sets as a zonefile import;
- removed default TTL as it was interfering with records that had the same TTL as the zone; the zone TTL is used instead in the situations where the default TTL was used before;
- improved logs
- updated tests and documentation

Author: mconfalonieri

README.md

@@ -1,10 +1,13 @@
 # ExternalDNS - UNOFFICIAL Hetzner Webhook
 
-> [!WARNING]
-> **This software is experimental.**
+> [!IMPORTANT]
+> Support for the legacy DNS is going to be discontinued by Hetzner in May 2026.
+> The legacy provider will be pulled from this provider in version **v1.0.0**.
+> No new features will be added to the legacy DNS driver and only important
+> bugfixes will be backported.
 
 > [!NOTE]
-> The latest version is **v0.10.0**.
+> The latest version is **v0.11.0**.
 
 [ExternalDNS](https://github.com/kubernetes-sigs/external-dns) is a Kubernetes
 add-on for automatically DNS records for Kubernetes services using different
@@ -16,7 +19,7 @@ you to manage your Hetzner domains inside your kubernetes cluster.
 This webhook supports both the old DNS API and the new Cloud DNS interface.
 
 > [!TIP]
-> If you are upgrading to **0.8.x** from previous versions read the
+> If you are upgrading to **v0.11.x** from previous versions read the
 > [Upgrading from previous versions](#upgrading-from-previous-versions) section.
 
 
@@ -80,7 +83,7 @@ provider:
   webhook:
     image:
       repository: ghcr.io/mconfalonieri/external-dns-hetzner-webhook
-      tag: v0.10.0
+      tag: v0.11.0
     env:
       - name: HETZNER_API_KEY
         valueFrom:
@@ -140,7 +143,7 @@ extraArgs:
 
 sidecars:
   - name: hetzner-webhook
-    image: ghcr.io/mconfalonieri/external-dns-hetzner-webhook:v0.10.0
+    image: ghcr.io/mconfalonieri/external-dns-hetzner-webhook:v0.11.0
     ports:
       - containerPort: 8888
         name: webhook
@@ -215,8 +218,66 @@ requires an escape sequence for the slash part. By default this will be:
 
 This can be changed using the **SLASH_ESC_SEQ** environment variable.
 
+## Bulk mode
+
+The Cloud API now supports a new way of updating the records for a zone called
+**bulk mode**. This mode is activated by setting the `BULK_MODE` environment
+variable to `true`. It works by exporting the zonefile, editing it and then
+uploading the modified version. It is meant to be used in environments with a
+high number of record changes per zone and a relatively long interval between
+the updates, a combination that could cause the exhaustion of the permitted API
+calls.
+
+> [!WARNING]
+> Beware that this method of updating the records is potentially destructive
+> and subject to "race conditions" if manual edits are applied while the zone
+> is being updated. Theoretically, unsupported records won't be affected, but
+> this method is to be considered **HIGHLY EXPERIMENTAL**, and bugs are likely
+> to be found.
+
+It comes with some limitations.
+
+  1. [Hetzner labels](#hetzner-labels) are not supported, as there is no way to
+     import them in the zonefile. Record comments are unsupported as well.
+  2. All the records must be **not protected** as they will all be overwritten
+     during the import operation, **including the SOA**. This is why the bulk
+     mode should be used with care.
+  3. The SOA serial number is updated on each import, but the logic of the
+     serial number only accepts the standard 10-digits serial number and will
+     refuse to update it if the serial of the day is 99. Most configurations
+     will be OK with this limitation.
+  4. If the zones managed by this webhook are also manipuilated by other
+     software the following situation, although unlikely, could happen:
+       
+       1. the webhook downloads the zonefile for a zone
+       2. the other software manipulates some record on the same zone
+       3. the webhook uploads the zonefile, missing the changes applied by the
+          other software
+       4. since the upload rewrites the zonefile, those changes are now lost.
+  
+Please check the [Zone file import](https://docs.hetzner.cloud/reference/cloud#tag/zones/zone-file-import)
+section of the Hetzner documentation for more details.
+
 ## Upgrading from previous versions
 
+### 0.10.x to 0.11.x
+
+The configuration is compatible with previous versions; however the
+**DEFAULT_TTL** parameter was removed and this environment variable will
+therefore not affect the configuration. The default TTL will be the one defined
+in the zone.
+
+A **BULK_MODE** parameter was added. When set to `true`, the webhook will
+export and manipulate the zonefiles instead of the single recordsets. This will
+reduce the API calls when updating zones with lots of changes and a relatively
+long interval.
+
+> [!WARNING]
+> The bulk mode is experimental and comes with some limitations. Please read
+> the [Bulk mode](#bulk-mode) section before activating it.
+>
+
+
 ### 0.9.x to 0.10.x
 
 The configuration is fully compatible. There is a new configuration parameter
@@ -281,11 +342,11 @@ Hetzner DNS API.
 | --------------- | -------------------------------------- | -------------------------- |
 | HETZNER_API_KEY | Hetzner API token                      | Mandatory                  |
 | BATCH_SIZE      | Number of zones per call               | Default: `100`, max: `100` |
-| DEFAULT_TTL     | Default record TTL                     | Default: `7200`            |
 | USE_CLOUD_API   | Use the new cloud API                  | Default: `false`           |
 | SLASH_ESC_SEQ   | Escape sequence for label annotations  | Default: `--slash--`       |
 | MAX_FAIL_COUNT  | Number of failed calls before shutdown | Default: `-1` (disabled)   |
-| ZONE_CACHE_TTL | TTL for the zone cache in seconds      | Default: `0` (disabled)    |
+| ZONE_CACHE_TTL  | TTL for the zone cache in seconds      | Default: `0` (disabled)    |
+| BULK_MODE       | Enables bulk mode                      | Default: `false`           |
 
 > [!IMPORTANT]
 > Please notice that when **USE_CLOUD_API** is set to `true`, the token stored 
@@ -315,10 +376,11 @@ These variables control the sockets that this application listens to.
 
 Please notice that the following variables were **deprecated**:
 
-| Variable    | Description                      |
-| ----------- | -------------------------------- |
-| HEALTH_HOST | Metrics hostname (deprecated)    |
-| HEALTH_PORT | Metrics port (deprecated)        |
+| Variable    | Description                            |
+| ----------- | -------------------------------------- |
+| HEALTH_HOST | Metrics hostname (deprecated)          |
+| HEALTH_PORT | Metrics port (deprecated)              |
+| DEFAULT_TTL | The default TTL is taken from the zone |
 
 
 ### Domain filtering
@@ -448,6 +510,13 @@ The actions supported by the Cloud API provider are:
 - `update_rrset` (this is the method used to update labels)
 - `delete_rrset`
 
+In case `BULK_MODE` is set to true, the following actions will be used instead:
+
+- `get_zones`
+- `get_rrsets`
+- `import_zonefile`
+- `export_zonefile`
+
 The label `zone` can assume one of the zone names as its value.
 
 ## Development

README.md.gotmpl README.tmpl.mdREADME.md.gotmpl renamed to README.tmpl.md

@@ -1,7 +1,10 @@
 # ExternalDNS - UNOFFICIAL Hetzner Webhook
 
-> [!WARNING]
-> **This software is experimental.**
+> [!IMPORTANT]
+> Support for the legacy DNS is going to be discontinued by Hetzner in May 2026.
+> The legacy provider will be pulled from this provider in version **v1.0.0**.
+> No new features will be added to the legacy DNS driver and only important
+> bugfixes will be backported.
 
 > [!NOTE]
 > The latest version is **{{ .Version }}**.
@@ -16,7 +19,7 @@ you to manage your Hetzner domains inside your kubernetes cluster.
 This webhook supports both the old DNS API and the new Cloud DNS interface.
 
 > [!TIP]
-> If you are upgrading to **0.8.x** from previous versions read the
+> If you are upgrading to **v0.11.x** from previous versions read the
 > [Upgrading from previous versions](#upgrading-from-previous-versions) section.
 
 
@@ -215,8 +218,66 @@ requires an escape sequence for the slash part. By default this will be:
 
 This can be changed using the **SLASH_ESC_SEQ** environment variable.
 
+## Bulk mode
+
+The Cloud API now supports a new way of updating the records for a zone called
+**bulk mode**. This mode is activated by setting the `BULK_MODE` environment
+variable to `true`. It works by exporting the zonefile, editing it and then
+uploading the modified version. It is meant to be used in environments with a
+high number of record changes per zone and a relatively long interval between
+the updates, a combination that could cause the exhaustion of the permitted API
+calls.
+
+> [!WARNING]
+> Beware that this method of updating the records is potentially destructive
+> and subject to "race conditions" if manual edits are applied while the zone
+> is being updated. Theoretically, unsupported records won't be affected, but
+> this method is to be considered **HIGHLY EXPERIMENTAL**, and bugs are likely
+> to be found.
+
+It comes with some limitations.
+
+  1. [Hetzner labels](#hetzner-labels) are not supported, as there is no way to
+     import them in the zonefile. Record comments are unsupported as well.
+  2. All the records must be **not protected** as they will all be overwritten
+     during the import operation, **including the SOA**. This is why the bulk
+     mode should be used with care.
+  3. The SOA serial number is updated on each import, but the logic of the
+     serial number only accepts the standard 10-digits serial number and will
+     refuse to update it if the serial of the day is 99. Most configurations
+     will be OK with this limitation.
+  4. If the zones managed by this webhook are also manipuilated by other
+     software the following situation, although unlikely, could happen:
+       
+       1. the webhook downloads the zonefile for a zone
+       2. the other software manipulates some record on the same zone
+       3. the webhook uploads the zonefile, missing the changes applied by the
+          other software
+       4. since the upload rewrites the zonefile, those changes are now lost.
+  
+Please check the [Zone file import](https://docs.hetzner.cloud/reference/cloud#tag/zones/zone-file-import)
+section of the Hetzner documentation for more details.
+
 ## Upgrading from previous versions
 
+### 0.10.x to 0.11.x
+
+The configuration is compatible with previous versions; however the
+**DEFAULT_TTL** parameter was removed and this environment variable will
+therefore not affect the configuration. The default TTL will be the one defined
+in the zone.
+
+A **BULK_MODE** parameter was added. When set to `true`, the webhook will
+export and manipulate the zonefiles instead of the single recordsets. This will
+reduce the API calls when updating zones with lots of changes and a relatively
+long interval.
+
+> [!WARNING]
+> The bulk mode is experimental and comes with some limitations. Please read
+> the [Bulk mode](#bulk-mode) section before activating it.
+>
+
+
 ### 0.9.x to 0.10.x
 
 The configuration is fully compatible. There is a new configuration parameter
@@ -281,11 +342,11 @@ Hetzner DNS API.
 | --------------- | -------------------------------------- | -------------------------- |
 | HETZNER_API_KEY | Hetzner API token                      | Mandatory                  |
 | BATCH_SIZE      | Number of zones per call               | Default: `100`, max: `100` |
-| DEFAULT_TTL     | Default record TTL                     | Default: `7200`            |
 | USE_CLOUD_API   | Use the new cloud API                  | Default: `false`           |
 | SLASH_ESC_SEQ   | Escape sequence for label annotations  | Default: `--slash--`       |
 | MAX_FAIL_COUNT  | Number of failed calls before shutdown | Default: `-1` (disabled)   |
-| ZONE_CACHE_TTL | TTL for the zone cache in seconds      | Default: `0` (disabled)    |
+| ZONE_CACHE_TTL  | TTL for the zone cache in seconds      | Default: `0` (disabled)    |
+| BULK_MODE       | Enables bulk mode                      | Default: `false`           |
 
 > [!IMPORTANT]
 > Please notice that when **USE_CLOUD_API** is set to `true`, the token stored 
@@ -315,10 +376,11 @@ These variables control the sockets that this application listens to.
 
 Please notice that the following variables were **deprecated**:
 
-| Variable    | Description                      |
-| ----------- | -------------------------------- |
-| HEALTH_HOST | Metrics hostname (deprecated)    |
-| HEALTH_PORT | Metrics port (deprecated)        |
+| Variable    | Description                            |
+| ----------- | -------------------------------------- |
+| HEALTH_HOST | Metrics hostname (deprecated)          |
+| HEALTH_PORT | Metrics port (deprecated)              |
+| DEFAULT_TTL | The default TTL is taken from the zone |
 
 
 ### Domain filtering
@@ -448,6 +510,13 @@ The actions supported by the Cloud API provider are:
 - `update_rrset` (this is the method used to update labels)
 - `delete_rrset`
 
+In case `BULK_MODE` is set to true, the following actions will be used instead:
+
+- `get_zones`
+- `get_rrsets`
+- `import_zonefile`
+- `export_zonefile`
+
 The label `zone` can assume one of the zone names as its value.
 
 ## Development

go.mod

@@ -1,10 +1,11 @@
 module external-dns-hetzner-webhook
 
-go 1.25
+go 1.25.0
 
 toolchain go1.25.7
 
 require (
+	codeberg.org/miekg/dns v0.6.28
 	github.com/codingconcepts/env v0.0.0-20240618133406-5b0845441187
 	github.com/sirupsen/logrus v1.9.4
 	github.com/stretchr/testify v1.11.1
@@ -47,7 +48,8 @@ require (
 	github.com/xhit/go-str2duration/v2 v2.1.0 // indirect
 	go.yaml.in/yaml/v2 v2.4.3 // indirect
 	go.yaml.in/yaml/v3 v3.0.4 // indirect
-	golang.org/x/oauth2 v0.33.0 // indirect
+	golang.org/x/crypto v0.48.0 // indirect
+	golang.org/x/oauth2 v0.34.0 // indirect
 	golang.org/x/term v0.40.0 // indirect
 	golang.org/x/time v0.14.0 // indirect
 	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
@@ -75,12 +77,12 @@ require (
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_golang v1.23.2
 	github.com/prometheus/client_model v0.6.2 // indirect
-	github.com/prometheus/common v0.67.2 // indirect
-	github.com/prometheus/procfs v0.18.0 // indirect
+	github.com/prometheus/common v0.67.5 // indirect
+	github.com/prometheus/procfs v0.19.2 // indirect
 	golang.org/x/net v0.50.0
 	golang.org/x/sys v0.41.0 // indirect
 	golang.org/x/text v0.34.0 // indirect
-	google.golang.org/protobuf v1.36.10 // indirect
+	google.golang.org/protobuf v1.36.11 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	sigs.k8s.io/external-dns v0.20.0

go.sum

@@ -1,3 +1,5 @@
+codeberg.org/miekg/dns v0.6.28 h1:fVgRtnDXtRRnYAy/jznvCiU0HC2izwudAaCD7qq88dM=
+codeberg.org/miekg/dns v0.6.28/go.mod h1:baZDrslaQO95dQsCNN5KJDJHRkENDhNS6NuRpXJ9huA=
 github.com/alecthomas/kingpin/v2 v2.4.0 h1:f48lwail6p8zpO1bC4TxtqACaGqHYA22qkHjHpqDjYY=
 github.com/alecthomas/kingpin/v2 v2.4.0/go.mod h1:0gyi0zQnjuFk8xrkNKamJoyUo382HRL7ATRpFZCw6tE=
 github.com/alecthomas/units v0.0.0-20240927000941-0f3dac36c52b h1:mimo19zliBX/vSQ6PWWSL9lK8qwHozUj03+zLoEB8O0=
@@ -108,10 +110,10 @@ github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h
 github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg=
 github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
 github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
-github.com/prometheus/common v0.67.2 h1:PcBAckGFTIHt2+L3I33uNRTlKTplNzFctXcWhPyAEN8=
-github.com/prometheus/common v0.67.2/go.mod h1:63W3KZb1JOKgcjlIr64WW/LvFGAqKPj0atm+knVGEko=
-github.com/prometheus/procfs v0.18.0 h1:2QTA9cKdznfYJz7EDaa7IiJobHuV7E1WzeBwcrhk0ao=
-github.com/prometheus/procfs v0.18.0/go.mod h1:M0aotyiemPhBCM0z5w87kL22CxfcH05ZpYlu+b4J7mw=
+github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4=
+github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw=
+github.com/prometheus/procfs v0.19.2 h1:zUMhqEW66Ex7OXIiDkll3tl9a1ZdilUOd/F6ZXw4Vws=
+github.com/prometheus/procfs v0.19.2/go.mod h1:M0aotyiemPhBCM0z5w87kL22CxfcH05ZpYlu+b4J7mw=
 github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
 github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
@@ -144,15 +146,17 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
-go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
-go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc=
+go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
 go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
 go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
 go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
 go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
+golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -161,8 +165,8 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.50.0 h1:ucWh9eiCGyDR3vtzso0WMQinm2Dnt8cFMuQa9K33J60=
 golang.org/x/net v0.50.0/go.mod h1:UgoSli3F/pBgdJBHCTc+tp3gmrU4XswgGRgtnwWTfyM=
-golang.org/x/oauth2 v0.33.0 h1:4Q+qn+E5z8gPRJfmRy7C2gGG3T4jIprK6aSYgTXGRpo=
-golang.org/x/oauth2 v0.33.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw=
+golang.org/x/oauth2 v0.34.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -189,8 +193,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/protobuf v1.36.10 h1:AYd7cD/uASjIL6Q9LiTjz8JLcrh/88q5UObnmY3aOOE=
-google.golang.org/protobuf v1.36.10/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
+google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
+google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=

go.work

@@ -1,4 +1,4 @@
-go 1.25
+go 1.25.0
 
 toolchain go1.25.3