Skip to content

GODRIVER-3692 Bump govulncheck to 1.25.3 #2236

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 12, 2025
Merged

GODRIVER-3692 Bump govulncheck to 1.25.3 #2236

merged 3 commits into from
Nov 12, 2025

Conversation

@prestonvasquez
Copy link
Member

@prestonvasquez prestonvasquez commented Nov 12, 2025

GODRIVER-3692

Summary

Bump govulncheck to 1.25.3 to resolve GO-2025 4006 to 4015 in CI.

@prestonvasquez prestonvasquez requested a review from a team as a code owner November 12, 2025 17:37
Copilot AI reviewed Nov 12, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the govulncheck Go version from 1.25.1 to 1.25.3 to address security vulnerabilities GO-2025-4006 through GO-2025-4015 identified in CI.

Key Changes:

  • Updated GO_VERSION variable in the vulnerability checking script to use Go 1.25.3

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@prestonvasquez prestonvasquez changed the title Bump govulncheck to 1.25.3 GODRIVER-3692 Bump govulncheck to 1.25.3 Nov 12, 2025
@mongodb-drivers-pr-bot
Copy link
Contributor

mongodb-drivers-pr-bot bot commented Nov 12, 2025
edited
Loading

🧪 Performance Results

Commit SHA: 78d28f2

The following benchmark tests for version 69150f7d88033a000713e0eb had statistically significant changes (i.e., |z-score| > 1.96):

Benchmark Measurement % Change Patch Value Stable Region H-Score Z-Score
BenchmarkMultiInsertSmallDocument total_mem_allocs 21.4280 2752252.0000 Avg: 2266571.5561
Med: 2237412.0000
Stdev: 117619.2742		 0.8787 4.1293
BenchmarkMultiInsertSmallDocument total_bytes_allocated 15.0770 513633920.0000 Avg: 446339277.2429
Med: 445060240.0000
Stdev: 14526268.0811		 0.8861 4.6326
BenchmarkMultiInsertSmallDocument total_time_seconds 11.8381 1.1863 Avg: 1.0607
Med: 1.0466
Stdev: 0.0459		 0.8229 2.7348
BenchmarkMultiInsertSmallDocument ns_per_op -6.5102 6035.0000 Avg: 6455.2500
Med: 6392.0000
Stdev: 172.4175		 0.7771 -2.4374
BenchmarkMultiInsertSmallDocument allocated_bytes_per_op -5.7831 2612.0000 Avg: 2772.3277
Med: 2792.0000
Stdev: 65.9738		 0.7889 -2.4302
BenchmarkBSONDeepDocumentEncoding total_time_seconds -2.8179 1.1614 Avg: 1.1951
Med: 1.1947
Stdev: 0.0075		 0.8785 -4.5095
BenchmarkBSONFullDocumentEncoding total_mem_allocs 2.3363 1572787.0000 Avg: 1536881.0000
Med: 1534643.0000
Stdev: 18314.7949		 0.7208 1.9605
BenchmarkBSONFullDocumentEncoding total_bytes_allocated 2.3215 272050184.0000 Avg: 265877837.3333
Med: 265526176.0000
Stdev: 3138318.2487		 0.7216 1.9668
BenchmarkSingleRunCommand allocated_bytes_per_op -0.1613 12177.0000 Avg: 12196.6724
Med: 12196.5000
Stdev: 5.6612		 0.8497 -3.4750

For a comprehensive view of all microbenchmark results for this PR's commit, please check out the Evergreen perf task for this patch.

@mongodb-drivers-pr-bot
Copy link
Contributor

mongodb-drivers-pr-bot bot commented Nov 12, 2025

API Change Report

No changes found!

@prestonvasquez prestonvasquez added enhancement ci/cd documentation Pull requests that update documentation or examples and removed enhancement labels Nov 12, 2025
matthewdale
matthewdale approved these changes Nov 12, 2025
View reviewed changes
Copy link
Collaborator

@matthewdale matthewdale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! 👍

@matthewdale matthewdale mentioned this pull request Nov 12, 2025
Merged
@prestonvasquez prestonvasquez enabled auto-merge (squash) November 12, 2025 23:07
@prestonvasquez prestonvasquez merged commit db01901 into mongodb:master Nov 12, 2025
11 of 14 checks passed
@prestonvasquez prestonvasquez deleted the ci/bump-govulncheck-1.25.3 branch November 12, 2025 23:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@matthewdale matthewdale matthewdale approved these changes

@qingyang-hu qingyang-hu Awaiting requested review from qingyang-hu qingyang-hu is a code owner automatically assigned from mongodb/dbx-go

Assignees

No one assigned

Labels

ci/cd documentation Pull requests that update documentation or examples

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@prestonvasquez @matthewdale