Skip to content

Conversation

zeripath
Copy link
Contributor

@zeripath zeripath commented Sep 1, 2022

There are a lot of go dependencies that appear old and we should update them.

The following packages have been updated:

  • codeberg.org/gusted/mcaptcha
  • github.com/markbates/goth
  • github.com/buildkite/terminal-to-html
  • github.com/caddyserver/certmagic
  • github.com/denisenkom/go-mssqldb
  • github.com/duo-labs/webauthn
  • github.com/editorconfig/editorconfig-core-go/v2
  • github.com/felixge/fgprof
  • github.com/gliderlabs/ssh
  • github.com/go-ap/activitypub
  • github.com/go-git/go-git/v5
  • github.com/go-ldap/ldap/v3
  • github.com/go-swagger/go-swagger
  • github.com/go-testfixtures/testfixtures/v3
  • github.com/golang-jwt/jwt/v4
  • github.com/klauspost/compress
  • github.com/lib/pq
  • gitea.com/lunny/dingtalk_webhook - instead of github.com
  • github.com/mattn/go-sqlite3
  • github/matn/go-isatty
  • github.com/minio/minio-go/v7
  • github.com/niklasfasching/go-org
  • github.com/prometheus/client_golang
  • github.com/stretchr/testify
  • github.com/unrolled/render
  • github.com/xanzy/go-gitlab
  • gopkg.in/ini.v1

The following have not been updated in this PR:

  • github.com/blevesearch/bleve/v2 - There is an incompatibility and this
    should be looked at in another PR
  • github.com/google/go-github/v45 - We should change API to
    github.com/google/go-github/v47
  • github.com/gorilla/feeds - there are unreleased commits on master
    since 1.1.1 was released in 2019. We should consider if these would be
    helpful to have.
  • github.com/hashicorp/go-version - We have had trouble with this
    package before @6543 I wonder if you would be able to tell me if 1.6.0
    is reasonable?
  • github.com/hashicorp/golang-lru - There are several unreleased commits
    since the last release in 2020.
  • github.com/syndtr/goleveldb - There are several unreleased commits since last tag.
  • xorm.io/builder
  • xorm.io/xorm

Signed-off-by: Andrew Thornton art27@cantab.net

There are a lot of go dependencies that appear old and we should update them. The following packages have been updated: * codeberg.org/gusted/mcaptcha * github.com/markbates/goth * github.com/buildkite/terminal-to-html * github.com/caddyserver/certmagic * github.com/denisenkom/go-mssqldb * github.com/duo-labs/webauthn * github.com/editorconfig/editorconfig-core-go/v2 * github.com/felixge/fgprof * github.com/gliderlabs/ssh * github.com/go-ap/activitypub * github.com/go-git/go-git/v5 * github.com/go-ldap/ldap/v3 * github.com/go-swagger/go-swagger * github.com/go-testfixtures/testfixtures/v3 * github.com/golang-jwt/jwt/v4 * github.com/klauspost/compress * github.com/lib/pq * gitea.com/lunny/dingtalk_webhook - instead of github.com * github.com/mattn/go-sqlite3 * github/matn/go-isatty * github.com/minio/minio-go/v7 * github.com/niklasfasching/go-org * github.com/prometheus/client_golang * github.com/stretchr/testify * github.com/unrolled/render * github.com/xanzy/go-gitlab * gopkg.in/ini.v1 The following have not been updated in this PR: * github.com/blevesearch/bleve/v2 - There is an incompatibility and this should be looked at in another PR * github.com/google/go-github/v45 - We should change API to github.com/google/go-github/v47 * github.com/gorilla/feeds - there are unreleased commits on master since 1.1.1 was released in 2019. We should consider if these would be helpful to have. * github.com/hashicorp/go-version - We have had trouble with this package before @6543 I wonder if you would be able to tell me if 1.6.0 is reasonable? * github.com/hashicorp/golang-lru - There are several unreleased commits since the last release in 2020. * github.com/syndtr/goleveldb - There are several unreleased commits since last tag. * xorm.io/builder * xorm.io/xorm Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath added this to the 1.18.0 milestone Sep 1, 2022
@GiteaBot GiteaBot added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Sep 1, 2022
@6543
Copy link
Member

6543 commented Sep 1, 2022

github.com/hashicorp/go-version - We have had trouble with this
package before @6543 I wonder if you would be able to tell me if 1.6.0
is reasonable?

well we had an issue with upstream package which hashicorp would not going to solve ... so that's why I maintain a fork

@6543
Copy link
Member

6543 commented Sep 1, 2022

I would point directly to the fork instead of a redirect but that dessision was nod jet made

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Sep 1, 2022
@6543 6543 merged commit 38a4961 into go-gitea:main Sep 1, 2022
@zeripath zeripath deleted the update-go-dependencies branch September 2, 2022 06:42
zjjhot added a commit to zjjhot/gitea that referenced this pull request Sep 2, 2022
* upstream/main: Include go.mod in gomod-check and rename to tidy-check (go-gitea#21025) [skip ci] Updated translations via Crowdin Update a few go dependencies (go-gitea#21022) [skip ci] Updated translations via Crowdin Fix missed sort bug (go-gitea#20996) Fix typo (go-gitea#21004) Make sure fmt catches all templates (go-gitea#20979) Remove black labels and CSS cleanup (go-gitea#21003)
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore.

4 participants