This release fixes the detection of the used Go version when Go was compiled with experimental features such as rangefunc or boringcrypto (#1586).
Staticcheck 2024.1 (v0.5.0)
Backwards incompatible changes
Staticcheck 2024.1 contains the following backwards incompatible changes:
The keyify utility has been removed. The recommended alternative is gopls.
staticcheck -merge now exits with a non-zero status if any problems have been found.
Improved Go 1.22 support
This release updates Staticcheck’s database of deprecated standard library APIs to cover the Go 1.22 release. Furthermore, checks have been updated to correctly handle the new “for” loop variable scoping behavior as well as ranging over integers.
Added Go 1.23 support
Staticcheck 2024.1 has full support for iterators / range-over-func. Furthermore, SA1015 will skip any code targeting Go 1.23 or newer, as it is now possible to use time.Tick without leaking memory.
Improved handling of Go versions
Go 1.21 more rigorously defined the meaning of the go directive in go.mod files, as well as its interactions with //go:build go1.N build constraints. The go directive now specifies a minimum Go version for the module. Furthermore, it sets the language version that is in effect, which may change the semantics of Go code. For example, before Go 1.22, loop variables were reused across iterations, but since Go 1.22, loop variables only exist for the duration of an iteration. Modules that specify go 1.22 will use the new semantics, while modules that specify an older version will not.
Individual files can both upgrade and downgrade their language version by using //go:build go1.N directives. In a module that requires Go 1.22, a file specifying Go 1.21 will experience the old loop variable semantics, and vice versa. Because the Go module as a whole still specifies a minimum version, even files specifying an older version will have access to the standard library of the minimum version.
Staticcheck 2024.1 takes all of this into consideration when analyzing the behavior of Go code, when determining which checks are applicable, and when making suggestions. Older versions of Staticcheck were already aware of Go versions, but 2024.1 works on a more fine-grained, per-file basis, and differentiates between the pre- and post-1.21 semantics of the go directive.
The -go command line flag continues to exist. It will override any module-based version selection. This is primarily useful for Go modules that target older Go versions (because here, the go directive didn’t specify a minimum version), or when working outside of Go modules.
To prevent misinterpreting code, Staticcheck now refuses to analyze modules that require a version of Go that is newer than that with which Staticcheck was built.
Checks
New checks
The following checks have been added:
SA1031 flags overlapping destination and source slices passed to certain encoding functions.
SA1032 flags calls to errors.Is where the two arguments have been swapped.
The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
- **[OWNERS](https://github.com/kubernetes-sigs/cluster-api-provider-cloudstack/blob/main/OWNERS)**
Approvers can indicate their approval by writing `/approve` in a comment
Approvers can cancel approval by writing `/approve cancel` in a comment
I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.
Once the patch is verified, the new status will be reflected by the ok-to-test label.
Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.
Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository. I understand the commands that are listed [here](https://go.k8s.io/bot-commands).
Bumps the all-go-mod-patch-and-minor group with 2 updates in the / directory: github.com/jellydator/ttlcache/v3 and github.com/onsi/ginkgo/v2. Bumps the all-go-mod-patch-and-minor group with 6 updates in the /hack/tools directory:
1.4.11.4.22.19.02.20.10.26.10.26.150.4.70.5.10.26.10.26.150.11.30.16.1Bumps the all-go-mod-patch-and-minor group with 8 updates in the /test/e2e directory:
1.4.11.4.22.19.02.20.10.26.10.26.150.26.10.26.150.26.10.26.151.4.81.4.92.5.02.9.01.4.81.4.9Updates
github.com/jellydator/ttlcache/v3from 3.2.0 to 3.2.1Release notes
Sourced from github.com/jellydator/ttlcache/v3's releases.
Commits
d22fb9eExclude expired keys in data retrieval methods1e6fd11remove size when initializing mapf4a6991use value directly when range map2371d93Fix data race in Items()66d8e52Bump golang.org/x/sync from 0.7.0 to 0.8.062c3733fix double insertion into expiration queue9ca4fc0add test for update of expired itemsd62194aadd thread safety to features list (#137)0c89a3bBump golang.org/x/sync from 0.6.0 to 0.7.05ed191fBump actions/setup-go from 3 to 5 (#129)Updates
github.com/onsi/ginkgo/v2from 2.19.0 to 2.20.1Release notes
Sourced from github.com/onsi/ginkgo/v2's releases.
Changelog
Sourced from github.com/onsi/ginkgo/v2's changelog.
Commits
4ef0afbv2.20.1d6f9640make BeSpecEvent duration matcher more forgiving265b1a0v2.20.0d303d14Add update-deps to makefile7a50221bump all dependenciesbe5ab95Add buildvcs flag224be5bv2.19.176f4e0cbump gomega63c8c30update supported platforms for race conditionsb69c00dBump rexml from 3.2.6 to 3.2.8 in /docs (#1417)Updates
github.com/onsi/gomegafrom 1.33.1 to 1.34.1Release notes
Sourced from github.com/onsi/gomega's releases.
Changelog
Sourced from github.com/onsi/gomega's changelog.
Commits
fa057b8v1.34.15e71dcdUse slices from exp/slices to keep golang 1.20 compat32e5498v1.34.0cb3fa6arun go mod tidy and wonder why go get doesnt just run it for me in the first ...8af2ecebump ginkgo878940cfix incorrect handling of nil slices in HaveExactElements (fixes #771)f5bec80clean up bipartitegraph testsebadb67issue_765 - fixed bug in Hopcroft-Karp algorithm123a071Fix typo in docsc549e0dAdd RoundTripper method to ghttp.ServerUpdates
golang.org/x/textfrom 0.15.0 to 0.17.0Commits
b2bec85go.mod: update golang.org/x dependenciesae0cf96LICENSE: update per Google Legal9c2f3a2cmd/gotext: fix segfault in extract & rewrite commands59e1219message: optimize lookupAndFormat function for better performancea20a3e2x/text: update x/tools for go/ssa range-over-func fixUpdates
github.com/go-logr/logrfrom 1.4.1 to 1.4.2Release notes
Sourced from github.com/go-logr/logr's releases.
Commits
1205f42Merge pull request #295 from go-logr/dependabot/github_actions/actions/checko...ccedcbdMerge pull request #294 from go-logr/dependabot/github_actions/github/codeql-...bead577build(deps): bump actions/checkout from 4.1.5 to 4.1.6a492d95build(deps): bump github/codeql-action from 3.25.4 to 3.25.519ad07cbuild(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.31c97a21build(deps): bump actions/checkout from 4.1.4 to 4.1.5f70c5b5build(deps): bump github/codeql-action from 3.25.3 to 3.25.44ade8d3build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.188d98bdMerge pull request #289 from go-logr/dependabot/github_actions/golangci/golan...432cd86Merge pull request #288 from go-logr/dependabot/github_actions/actions/setup-...Updates
github.com/onsi/ginkgo/v2from 2.19.0 to 2.20.1Release notes
Sourced from github.com/onsi/ginkgo/v2's releases.
Changelog
Sourced from github.com/onsi/ginkgo/v2's changelog.
Commits
4ef0afbv2.20.1d6f9640make BeSpecEvent duration matcher more forgiving265b1a0v2.20.0d303d14Add update-deps to makefile7a50221bump all dependenciesbe5ab95Add buildvcs flag224be5bv2.19.176f4e0cbump gomega63c8c30update supported platforms for race conditionsb69c00dBump rexml from 3.2.6 to 3.2.8 in /docs (#1417)Updates
golang.org/x/textfrom 0.15.0 to 0.17.0Commits
b2bec85go.mod: update golang.org/x dependenciesae0cf96LICENSE: update per Google Legal9c2f3a2cmd/gotext: fix segfault in extract & rewrite commands59e1219message: optimize lookupAndFormat function for better performancea20a3e2x/text: update x/tools for go/ssa range-over-func fixUpdates
k8s.io/apifrom 0.26.1 to 0.26.15Commits
f34b283Update dependencies to v0.26.15 tag4143d6bMerge pull request #123767 from liggitt/proto-1.260ac2976[CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...989015cMerge pull request #121547dims/automated-cherry-pick-of-#121364b177161bump golang.org/grpc to v1.56.3fd69e66Merge pull request #121126 from MadhavJivrajani/bump-x-net-12608b9677.: bump golang.org/x/net to v0.17.044c5cc8Merge pull request #120210mimowo/automated-cherry-pick-of-#120204c0b0923Mark Job onPodConditions as optional in pod failure policy191d751Merge pull request #119871liggitt/automated-cherry-pick-of-#119835Updates
k8s.io/apimachineryfrom 0.26.1 to 0.26.15Commits
48b9387Merge pull request #123767 from liggitt/proto-1.2608105fc[CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...6b469b3Merge pull request #121547dims/automated-cherry-pick-of-#12136419e0eefbump golang.org/grpc to v1.56.34eaec80Merge pull request #121200enj/automated-cherry-pick-of-#121196cd1cacdPrevent rapid reset http2 DOS on API server71fc595Merge pull request #121126 from MadhavJivrajani/bump-x-net-1263135ed8.: bump golang.org/x/net to v0.17.0dd46389Merge pull request #119261HirazawaUi/automated-cherry-pick-of-#11922981488b4Fix the converts an empty string to nil.Updates
honnef.co/go/toolsfrom 0.4.7 to 0.5.1Release notes
Sourced from honnef.co/go/tools's releases.
... (truncated)
Commits
56172d4Version 2024.1.1 (v0.5.1)c972610website: add 2024.1.1 release notes6052711go/loader: handle experimental features in version detection516152danalysis/lint/testutil: unset GO111MODULE in testd6ea187Version 2024.1f2c1fdawebsite: finalize 2024.1 release notesdcae6e2lintcmd: file names are optional in error positions2cef146lintcmd: panic with the right message when we can't parse a position0636bcago/ir: actually build blank functions34db56dVersion 2024.1rc1 (v0.5.0-rc.1)Updates
k8s.io/code-generatorfrom 0.26.1 to 0.26.15Commits
d0d5d3aMerge pull request #123767 from liggitt/proto-1.26878d4dd[CVE-2024-24786] Bump github.com/golang/protobuf v1.5.4, google.golang.org/pr...c45891cMerge pull request #121547dims/automated-cherry-pick-of-#121364c8fec61bump golang.org/grpc to v1.56.387375c6Merge pull request #121126 from MadhavJivrajani/bump-x-net-126cc4d3de.: bump golang.org/x/net to v0.17.0b770688Merge pull request #118168neolit123/automated-cherry-pick-of-#118150395ef9ecall ./hack/update-vendor.sh3d1270eMerge pull request #118555 from puerco/bump-1.26-go-1.19.1038348bbupdate-vendor: update vendored go.sumsUpdates
sigs.k8s.io/controller-toolsfrom 0.11.3 to 0.16.1Release notes
Sourced from sigs.k8s.io/controller-tools's releases.
... (truncated)
Commits
897f14bMerge pull request #1035 from sbueringer/pr-fix-default-issue2f6801dRemove hard-coded Protocol schema7ef21aaAdd test for protocol2e0181aBump testdata to k8s.io/* v1.315a195b7Merge pull request #1033 from kubernetes-sigs/promote-envtest-v1.31.04d672f2Promote envtest release for Kubernetes v1.31.0057cd0cMerge pull request #1032 from sbueringer/pr-envtest-v1.31.08d6682eMerge pull request #1031 from sbueringer/pr-bump-1.31.0bd1fb4fRelease envtest v1.31.0bce4f2dBump k8s.io/* deps to v1.31.0Updates
k8s.io/klog/v2from 2.80.1 to 2.130.1Release notes
Sourced from k8s.io/klog/v2's releases.
... (truncated)
Commits
75663bbMerge pull request #408 from pohly/klog-flush-sync-fixThe following labels could not be found:
dependabot.[APPROVALNOTIFIER] This PR is NOT APPROVED
This pull-request has been approved by: dependabot[bot] Once this PR has been reviewed and has the lgtm label, please assign dims for approval. For more information see the Kubernetes Code Review Process.
The full list of commands accepted by this bot can be found here.
Hi @dependabot[bot]. Thanks for your PR.
I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with
/ok-to-teston its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.Once the patch is verified, the new status will be reflected by the
ok-to-testlabel.I understand the commands that are listed here.
❌ Deploy Preview for kubernetes-sigs-cluster-api-cloudstack failed. Why did it fail? →
@dependabot[bot]: The following tests failed, say
/retestto rerun all failed tests or/retest-requiredto rerun all mandatory failed tests:/test capi-provider-cloudstack-presubmit-build/test capi-provider-cloudstack-presubmit-unit-test/test capi-provider-cloudstack-presubmit-e2e-smoke-testFull PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.
Superseded by #400.