build: bump Go to 1.26.3#2230
Conversation
|
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
There was a problem hiding this comment.
Claude Code Review
This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.
Tip: disable this comment in your organization's Code Review settings.
Code reviewNo issues found. Checked for bugs and CLAUDE.md compliance. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #2230 +/- ##
========================================
Coverage 52.36% 52.36%
========================================
Files 885 885
Lines 155904 155904
========================================
Hits 81643 81643
- Misses 69020 69029 +9
+ Partials 5241 5232 -9 see 18 files with indirect coverage changes 🚀 New features to boost your workflow:
|
3 participants
Summary
Bump the repository Go toolchain pins from 1.26.2 to 1.26.3 to address the
govulncheckfailures seen on PR #2220.Also bumps
golang.org/x/netto v0.53.0, which is the fixed version reported bygovulncheckfor GO-2026-4918, along with the relatedgolang.org/x/*module floors selected bygo get/go mod tidy.Validation
GOTOOLCHAIN=go1.26.3 make vulncheckGOTOOLCHAIN=go1.26.3 go test ./node ./p2p/... ./consensus/bor/heimdall(cd cmd/keeper && GOTOOLCHAIN=go1.26.3 go test ./...)git diff --checkNote:
GOTOOLCHAIN=go1.26.3 go test ./cmd/devp2p/internal/ethtest -count=1still panics inminer.(*worker).newWorkLoop; the same command reproduces on cleanorigin/develop, so it is not introduced by this PR.