go.mod dependency cleanup#2085
Merged
moolen merged 2 commits intoexternal-secrets:mainfrom Mar 6, 2023
sgmitchell:main
Merged
Conversation
PR #1525 accidentally assumed that k8s.io/client-go followed semvar and update the lib to the latest 1.x release. Unfortunately, that project doesn't follow semvar on major versions so this actually _downgraded_ the package to one ~15 months earlier. This was subsequently fixed with replace statements but the go mod file is easier to reason about if we correct this Signed-off-by: Steve Mitchell <steve@sgmitchell.net>
PR #1990 attempted to bump the version of some dependencies but missed the versions being set in the replace statements. This caused some of the deps to not actually get updated (as can be seen by the contents of the go.sum file). It turns out most of these replace statements are for libraries that aren't currently being imported, so I cleaned up the whole block. The resulting changes can be seen in the go.sum file Signed-off-by: Steve Mitchell <steve@sgmitchell.net>
Contributor
There was a problem hiding this comment.
Greetings!
Thank you for contributing to this project!
If this is your first time contributing, please make
sure to read the Developer and Contributing Process guides.
Please also mind and follow our Code of Conduct.
Useful commands:
make fmt: Formats the codemake check-diff: Ensures the branch is cleanmake reviewable: Ensures a PR is ready for review
|
Kudos, SonarCloud Quality Gate passed!
|
moolen
approved these changes
Mar 6, 2023
Member
moolen
left a comment
There was a problem hiding this comment.
Thanks, LGTM!
Weird that the CI pipeline doesn't trigger 🤨. Anyways, gonna merge this and fix forward if needed 👍
sebagomez
pushed a commit
that referenced
this pull request
Mar 8, 2023
* deps: remove awkward k8s.io/client-go version PR #1525 accidentally assumed that k8s.io/client-go followed semvar and update the lib to the latest 1.x release. Unfortunately, that project doesn't follow semvar on major versions so this actually _downgraded_ the package to one ~15 months earlier. This was subsequently fixed with replace statements but the go mod file is easier to reason about if we correct this Signed-off-by: Steve Mitchell <steve@sgmitchell.net> * deps: remove unncessary replace statements PR #1990 attempted to bump the version of some dependencies but missed the versions being set in the replace statements. This caused some of the deps to not actually get updated (as can be seen by the contents of the go.sum file). It turns out most of these replace statements are for libraries that aren't currently being imported, so I cleaned up the whole block. The resulting changes can be seen in the go.sum file Signed-off-by: Steve Mitchell <steve@sgmitchell.net> --------- Signed-off-by: Steve Mitchell <steve@sgmitchell.net>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem Statement
While working with this repo, I noticed the
go.modfile had some confusing import directives. This PR tries to remove that confusion.Related Issue
None
Proposed Changes
From the commits:
#1525 accidentally assumed that k8s.io/client-go followed semvar and update the lib to the latest 1.x release. Unfortunately, that project doesn't follow semvar on major versions so this actually downgraded the package from v0.24.2 to v1.5.2 that was released ~15 months earlier. This was subsequently fixed with replace statements but the go mod file is easier to reason about if we correct this.
#1990 attempted to bump the version of some dependencies but missed the versions being set in the replace statements. This caused some of the deps to not actually get updated (as can be seen by the contents of the go.sum file). It turns out most of these replace statements are for libraries that aren't currently being imported, so I cleaned up the whole block.
Checklist
git commit --signoffmake testmake reviewablemake docsfailed with an error most likely related my my local env. All other make dependencies of thereviewabletarget passed when ran individually. I don't think this should have any impact on the pr's correctness