Skip to content

chore: update Go from v1.23.7 to v1.25.5 #2303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
cstockton merged 5 commits into from
Dec 23, 2025
Merged

chore: update Go from v1.23.7 to v1.25.5 #2303

cstockton merged 5 commits into from
Dec 23, 2025

Conversation

@cstockton
Copy link
Contributor

@cstockton cstockton commented Dec 20, 2025
edited
Loading

Note: this PR depends on #2304

Update to Go v1.25.5

As part of this upgrade several changes were needed to resolve go vet failures around non-constant format strings:

  • Updating all apierrors constructors to use const fmt strings with args
  • Removing fmt.Sprintf usages that violate go vet fmt checks
  • Refactoring internal error/message helpers to accept fmt + params

In addition stricter checks in the standard library for x509 certificate creation required a change to a SAML test in internal/conf. Now I start with a valid certificate and then set the serial number to an invalid value. To do this I opted for a small refactor to PopulateFields to return the cert object instead of copying the code within the test.

Why update?

Aside from security related reasons and general best practices here are some highlights im looking forward to!

  • The flight recorder could be great for debugging performance bottlenecks. I personally am super excited for this feature, I hope the new streamable tracing API will enable a new class of interesting visual tools in the future.
  • The synctest package means no more DI for now func() time.Time :D
  • Addition of t.Context() and t.Cleanup(func()) will make lower friction as we sever ties with our testing framework. There are other neat API's like T.Attr and T.Output.
  • The new json/v2 package offers more efficient memory usage and faster API's. When I've ran profiling in the past JSON is a significant portion of our CPU time so we should see some nice gains for this.
  • The new jsontext may come in handy for implementing JWT templates depending on how we want to design it.
  • And much more!

chore: update Go from v1.23.7 to v1.25.5
b6e0530 
As part of this upgrade several changes were needed to resolve go vet
failures around non-constant format strings:

- Updating all apierrors constructors to use const fmt strings with args
- Removing fmt.Sprintf usages that violate go vet fmt checks
- Refactoring internal error/message helpers to accept fmt + params

In addition stricter checks in the standard library for x509 certificate
creation required a change to a SAML test in internal/conf. Now I start with
a valid certificate and then set the serial number to an invalid value. To do
this I opted for a small refactor to PopulateFields to return the cert object
instead of copying the code within the test.
@cstockton cstockton requested a review from a team as a code owner December 20, 2025 16:35
fix: remove exhaustive
c186f3c 
Right now exhaustive is incompatible with Go v1.25.5, after
reviewing the repo I think it would be best to remove it:

- It seems to be unmaintained, no changes in over a year
- Much of exhaustive's value has been absorbed into staticcheck
- Supporting it would add complexity to our build pipeline

With these things in mind it doesn't seem it worth keeping.
@coveralls
Copy link

coveralls commented Dec 22, 2025
edited
Loading

Pull Request Test Coverage Report for Build 20463314291

Warning: This coverage report may be inaccurate.

This pull request's base commit is no longer the HEAD commit of its target branch. This means it includes changes from outside the original pull request, including, potentially, unrelated coverage changes.

Details

  • 43 of 86 (50.0%) changed or added relevant lines in 19 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-0.002%) to 68.782%
Changes Missing Coverage Covered Lines Changed/Added Lines %
internal/api/admin.go 0 1 0.0%
internal/api/logout.go 0 1 0.0%
internal/api/oauthserver/handlers.go 1 2 50.0%
internal/api/oauthserver/service.go 0 1 0.0%
internal/api/phone.go 0 1 0.0%
internal/api/provider/provider.go 0 1 0.0%
internal/api/signup.go 0 1 0.0%
internal/api/token.go 1 2 50.0%
internal/api/web3.go 1 2 50.0%
internal/api/mfa.go 2 4 50.0%
Totals Coverage Status
Change from base Build 20463305468: -0.002%
Covered Lines: 14742
Relevant Lines: 21433
💛 - Coveralls

fadymak
fadymak approved these changes Dec 23, 2025
View reviewed changes
Copy link
Contributor

@fadymak fadymak left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙌

@cstockton cstockton merged commit 058836f into master Dec 23, 2025
6 checks passed
@cstockton cstockton deleted the cs/bump-go-1.25.5 branch December 23, 2025 14:39
hf added a commit that referenced this pull request Jan 12, 2026
@hf
Revert "chore: update Go from v1.23.7 to v1.25.5 (#2303)"
92507a2 
This reverts commit 058836f.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@fadymak fadymak fadymak approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@cstockton @coveralls @fadymak