Update github-actions#5036
Conversation
|
|
Corpora Test ResultsNo detector regex or keyword changes in this PR. Bench skipped. |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 80df5aa. Configure here.
| with: | ||
| # NOTE: Version and args must match scripts/lint.sh | ||
| version: v2.11.4 | ||
| version: v2.12.2 |
There was a problem hiding this comment.
Lint version mismatch between CI and local script
Medium Severity
The golangci-lint version in lint.yml was bumped to v2.12.2 but scripts/lint.sh still has GOLANGCI_LINT_VERSION="v2.11.4". The comment on line 25 explicitly states "Version and args must match scripts/lint.sh". This causes CI and local linting to use different versions, potentially producing different results and confusing developers.
Reviewed by Cursor Bugbot for commit 80df5aa. Configure here.
1 participant
This PR contains the following updates:
de0fac2→df4cb1cacca2b1→e7f100c7211b7c→8aad20d1.25→1.26v2.11.4→v2.12.2v3.9.2→v3.10.1Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
actions/go-versions (go)
v1.26.4: 1.26.4Compare Source
Go 1.26.4
v1.26.3: 1.26.3Compare Source
Go 1.26.3
v1.26.2: 1.26.2Compare Source
Go 1.26.2
v1.26.1: 1.26.1Compare Source
Go 1.26.1
v1.26.0: 1.26.0Compare Source
Go 1.26.0
golangci/golangci-lint (golangci/golangci-lint)
v2.12.2Compare Source
Released on 2026-05-06
gomodguard_v2: fix blocked configurationgomodguard_v2: from 2.1.0 to 2.1.3iface: from 1.4.1 to 1.4.2v2.12.1Compare Source
Released on 2026-05-01
gomodguard_v2: fix panic with migration suggestioninstall.shscript (if you are still using an URL based on the branchmaster, please update to usehttps://golangci-lint.run/install.sh)v2.12.0Compare Source
Released on 2026-05-01
clickhouselintlinter https://github.com/ClickHouse/clickhouse-go-linterdupl: fromf665c8dtoc99c5cf(extended detection)funcorder: from 0.5.0 to 0.6.0 (new option:function)goconst: add an option to ignore strings from testsgoconst: from 1.8.2 to 1.10.0 (extended detection)gomodguard_v2: from 1.4.1 to 2.1.0 (major version with new configuration)gosec: from619ce21to 2.26.1 (new checks:G124,G708,G709,G710)govet: addinlineanalyzermakezero: from 2.1.0 to 2.2.1 (support slice type aliases)paralleltest: exposecheckcleanupoptionsloglint: from 0.11.1 to 0.12.0 (new options:allowed-keys,custom-funcs)wsl_v5: from 5.6.0 to 5.8.0 (new option:cuddle-max-statements; new checks:after-decl,after-defer,after-expr,after-go,cuddle-group)forbidigo: from 2.3.0 to 2.3.1godot: from 1.5.4 to 1.5.6govet-modernize: from 0.43.0 to 0.44.0ireturn: from 0.4.0 to 0.4.1rowserrcheck: from 1.1.1 toc5f79b8customcommandsigstore/cosign-installer (sigstore/cosign-installer)
v3.10.1Compare Source
What's Changed?
Note: cosign-installer v3.x cannot be used to install Cosign v3.x. You must upgrade to cosign-installer v4 in order to use Cosign v3.
Note: This is planned to be the final release of Cosign v2, though we will cut new releases for any critical security or bug fixes. We recommend transitioning to Cosign v3.
v3.10.0Compare Source
What's Changed
Full Changelog: sigstore/cosign-installer@v3.9.2...v3.10.0
Configuration
📅 Schedule: (in timezone UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.