Skip to content

[DEVPLAT-5441] Bump Go dependencies #157

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Neurostep merged 12 commits into from
Dec 11, 2025
Merged

[DEVPLAT-5441] Bump Go dependencies #157

Neurostep merged 12 commits into from
Dec 11, 2025

Conversation

@Neurostep
Copy link
Contributor

@Neurostep Neurostep commented Dec 11, 2025
edited
Loading

Description

In this PR we are bumping versions to the latest minor for all Go packages. Additionally, the patch version of the Go also bumped to the 1.25.5 to include latest security patches.

Checklist

  • Prefixed the PR title with the JIRA ticket code
  • Performed simple, atomic commits with good commit messages
  • Verified that the commit history is linear and commits are squashed as necessary
  • Thoroughly tested the changes in development and/or staging
  • Updated the README.md as necessary

Related links

Note

Upgrade Go toolchain to 1.25.5 and refresh major libs (AWS SDK v2, Redis, gRPC, Protobuf, GORM, OTel, etc.).

  • Toolchain
    • Bump Go version to 1.25.5 in Dockerfile and go.mod.
  • Dependencies (direct)
    • Update core libs in go.mod: aws-sdk-go-v2 (+ services), redis/go-redis/v9, spf13/viper, statsig-io/go-sdk, twmb/franz-go (+ pkg/kmsg), google.golang.org/grpc, google.golang.org/protobuf, gorm.io/gorm.
  • Dependencies (indirect/transitive)
    • Refresh related AWS submodules, OTel (otel, metric, sdk, trace, auto/sdk), compression (klauspost/compress), config libs (afero, cast, pflag), and other supporting packages.
  • Housekeeping
    • Regenerate go.sum to reflect version bumps.

Written by Cursor Bugbot for commit 7f4576a. This will update automatically on new commits. Configure here.

@Neurostep Neurostep requested a review from a team as a code owner December 11, 2025 08:38
@Neurostep Neurostep requested a review from athtran December 11, 2025 08:38
terranisu
terranisu approved these changes Dec 11, 2025
View reviewed changes
Copy link
Member

@terranisu terranisu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 📈

@Neurostep Neurostep merged commit f7766e8 into main Dec 11, 2025
9 checks passed
@Neurostep Neurostep deleted the maksimt/DEVPLAT-5441/bump-deps branch December 11, 2025 10:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@terranisu terranisu terranisu approved these changes

@athtran athtran Awaiting requested review from athtran athtran is a code owner automatically assigned from scribd/service-foundations

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Neurostep @terranisu