[Dependencies] Bump Go to 1.25.5 #9036

TomerShor · 2025-12-10T10:04:39Z

📝 Description

Bump Go to 1.25.5 to address vulnerability fixes:

Vulnerability #1: GO-2025-4175
Vulnerability #2: GO-2025-4155

Additionally, bump other go packages:

golang.org/x/sync v0.19.0
google.golang.org/protobuf v1.36.10
k8s.io/api v0.34.3
k8s.io/apimachinery v0.34.3
k8s.io/client-go v0.34.3

✅ Checklist

I updated the documentation (if applicable)
I have tested the changes in this PR
I confirmed whether my changes are covered by system tests
- If yes, I ran all relevant system tests and ensured they passed before submitting this PR
- I updated existing system tests and/or added new ones if needed to cover my changes
If I introduced a deprecation:
- I followed the Deprecation Guidelines
- I updated the relevant Jira ticket for documentation

🧪 Testing

🔗 References

Ticket link:
Design docs links:
External links:

🚨 Breaking Changes?

Yes (explain below)
No

🔍️ Additional Notes

[Dependencies] Bump Go to 1.25.5

40a4879

TomerShor requested a review from a team as a code owner December 10, 2025 10:04

github-actions bot added the area/server label Dec 10, 2025

liranbg approved these changes Dec 10, 2025

View reviewed changes

liranbg merged commit 431dd2e into mlrun:development Dec 10, 2025
16 checks passed

TomerShor deleted the go-bump branch December 10, 2025 13:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Dependencies] Bump Go to 1.25.5 #9036

[Dependencies] Bump Go to 1.25.5 #9036

TomerShor commented Dec 10, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

[Dependencies] Bump Go to 1.25.5 #9036

[Dependencies] Bump Go to 1.25.5 #9036

Conversation

TomerShor commented Dec 10, 2025

📝 Description

✅ Checklist

🧪 Testing

🔗 References

🚨 Breaking Changes?

🔍️ Additional Notes

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants