(fix) grpc and go versions have been updated to 1.79.3 and to 1.24 #489
Conversation
There was a problem hiding this comment.
Code Review
This pull request updates the Go runtime environment and various dependencies for the core-api service. Specifically, it upgrades the Go version from 1.23 to 1.24 in both the Dockerfiles and the go.mod file, updates the Go toolchain to 1.24.3, and bumps several key dependencies including gRPC, Protobuf, and various golang.org/x packages to their latest versions. There are no review comments, and I have no feedback to provide.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
Problem
There is a vulnerability
(CVE-2026-33186)issue in core layer withgrpc version 1.72.1. This is caught bychoreo Container (Trivy) Vulnerability Scanand the container log is reported below. As the solution thegrpcandgoversion need to updated to versions1.79.3and1.24respectively.