Skip to content

chore: bump go versions#182

Merged
varonix0 merged 1 commit into
mainfrom
daniel/bump-go-version-2
Apr 13, 2026
Merged

chore: bump go versions#182
varonix0 merged 1 commit into
mainfrom
daniel/bump-go-version-2

Conversation

@varonix0
Copy link
Copy Markdown
Member

@varonix0 varonix0 commented Apr 13, 2026

Description 📣

Bumped go patch version.

Type ✨

  • Bug fix
  • New feature
  • Improvement
  • Breaking change
  • Documentation

@varonix0 varonix0 self-assigned this Apr 13, 2026
@varonix0 varonix0 requested a review from x032205 April 13, 2026 19:36
@varonix0 varonix0 merged commit ef00ea3 into main Apr 13, 2026
7 checks passed
claude[bot]
claude Bot reviewed Apr 13, 2026
View reviewed changes
Copy link
Copy Markdown

@claude claude Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM — straightforward Go patch version bump (1.25.9) across workflow files and go.mod files.

Extended reasoning...

Overview

This PR updates the Go version from 1.25.8 to 1.25.9 in five locations: two go.mod files (go.mod and e2e/go.mod) and three CI workflow YAML files. All changes are mechanical substitutions of the go-version string parameter with no logic modifications.

Security Risks

None. A Go patch version bump carries no security risk to the codebase itself. The change is purely a runtime/toolchain version pin.

Level of Scrutiny

Minimal scrutiny is appropriate. This is a maintenance chore with no ambiguity: every change is a single-line string substitution updating a patch version number. There are no behavioral, API, or logic changes involved.

Other Factors

The only finding from the bug-hunting system is a pre-existing inconsistency in actions/setup-go versions (@V3 in the release workflow, @v4 in the unit tests workflow, @v6 in the e2e workflow). This was not introduced by this PR and has only cosmetic/minor caching implications. It does not affect correctness. No outstanding reviewer comments exist, and this is the first review on the PR.

Comment thread .github/workflows/release_build_infisical_cli.yml
@@ -101,7 +101,7 @@ jobs:
- run: echo "Ref name ${{github.ref_name}}"
- uses: actions/setup-go@v3
Copy link
Copy Markdown

@claude claude Bot Apr 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🟣 The three workflow files use inconsistent versions of actions/setup-go: release_build_infisical_cli.yml uses @v3, run-cli-tests.yml uses @v4, and run-cli-e2e-tests.yml uses @v6. This is a pre-existing inconsistency not introduced by this PR, but since all three files were touched to bump the Go version, it would have been a good opportunity to standardize on @v6 everywhere.

Extended reasoning...

What the bug is and how it manifests

The three CI workflow files use three different major versions of the actions/setup-go action: release_build_infisical_cli.yml uses @v3 (in two separate job steps), run-cli-tests.yml uses @v4, and run-cli-e2e-tests.yml uses @v6 (in three separate job steps). Different major versions of actions/setup-go have different default behaviors around module caching, toolchain selection, and feature support. While all versions can install a specified Go version, the caching strategy and other behaviors differ.

The specific code path that triggers it

In release_build_infisical_cli.yml lines 102 and 184, actions/setup-go@v3 is used. In run-cli-tests.yml line 35, actions/setup-go@v4 is used. In run-cli-e2e-tests.yml lines 16, 51, and 77, actions/setup-go@v6 is used. The PR changed only the go-version parameter (1.25.8 → 1.25.9) in all five locations without updating the action version references.

Why existing code doesn't prevent it

This inconsistency pre-dates this PR and was already present in the repository. The PR author bumped the Go patch version across all three workflow files but did not take the opportunity to also standardize the actions/setup-go version. There are no automated checks in the repository to enforce consistent action versions across workflow files.

What the impact would be

The practical impact is minor: all three action versions correctly install the specified Go version. However, @v3 and @v4 have older caching mechanisms compared to @v6. The release build workflow uses @v3 with explicit cache: true and cache-dependency-path parameters — in @v6 these are enabled by default. Inconsistent behavior across CI environments can make debugging cache-related issues harder and may result in unnecessary cache misses or hits depending on the action version.

How to fix it

Update all five uses: actions/setup-go@vX references to uses: actions/setup-go@v6 for consistency. Since @v6 enables caching by default, the explicit cache: true and cache-dependency-path: go.sum parameters in release_build_infisical_cli.yml can be retained or left to defaults.

Step-by-step proof

  1. Open .github/workflows/release_build_infisical_cli.yml — line 102 shows uses: actions/setup-go@v3, and line 184 shows another uses: actions/setup-go@v3.
  2. Open .github/workflows/run-cli-tests.yml — line 35 shows uses: actions/setup-go@v4.
  3. Open .github/workflows/run-cli-e2e-tests.yml — lines 16, 51, and 77 each show uses: actions/setup-go@v6.
  4. The PR diff shows only go-version changes (1.25.8 → 1.25.9) at these lines, confirming the action version mismatch was pre-existing and unmodified by this PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@claude claude[bot] claude[bot] left review comments

@x032205 x032205 x032205 approved these changes

Assignees

@varonix0 varonix0

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@varonix0 @x032205