chore: upgrade to Go 1.25.1

[gocanto]

Summary

• upgrade Go toolchain to v1.25.1
• update Docker and CI configurations to use Go 1.25.1

Testing

• go test ./pkg/middleware -run TestAttachContext -count=1

---

https://chatgpt.com/codex/tasks/task_e_68bfaeaf8d5083338ea3eec85658b3ea

Summary by CodeRabbit

• Chores
  • Upgraded Go runtime to 1.25.1 for improved performance and compatibility.
  • Updated core dependencies to latest versions, addressing security and stability.
  • Pinned container base images to digests to ensure reproducible builds.
• Tests
  • CI updated to run exclusively on Go 1.25.1 for consistent validation across pipelines.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Caution

Review failed

The pull request is closed.

Walkthrough

Go toolchain upgraded to 1.25.1 across CI, Docker, and go.mod. CI matrices updated to drop 1.24.x. Docker images switched to pinned digests for golang:1.25.1-alpine and alpine:3.22. go.mod updated for Go version and several dependencies.

Changes

Cohort / File(s)	Summary of changes
CI workflows (Go version matrix) .github/workflows/gofmt.yml, .github/workflows/tests.yml	Updated Go version to 1.25.1; removed 1.24.x from matrices. No other workflow steps changed.
Docker image pinning and base upgrades docker/dockerfile-api, docker-compose.yml	Updated base images to Go 1.25.1 and pinned digests: golang:1.25.1-alpine and alpine:3.22 with SHA256. No other build/service config changes.
Go toolchain and deps go.mod	Bumped Go to 1.25.1; updated dependencies: sentry-go, x/crypto, x/term, x/text, gorm, and indirect x/net, x/sync, x/sys.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• chore: update dependencies #74 — Similar go.mod dependency bumps, including sentry-go and gorm updates.
• Version #60 — Overlapping module version updates across golang.org/x packages and sentry-go.

Poem

I nudge the gears from old to new,
Go hops ahead—1.25.1 in view.
Images pinned, digest true,
Modules trimmed with tidy glue.
Thump-thump goes my review drum,
Reproducible builds—here I come! 🐇✨

Tip

👮 Agentic pre-merge checks are now available in preview!

Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.

• Built-in checks – Quickly apply ready-made checks to enforce title conventions, require pull request descriptions that follow templates, validate linked issues for compliance, and more.
• Custom agentic checks – Define your own rules using CodeRabbit’s advanced agentic capabilities to enforce organization-specific policies and workflows. For example, you can instruct CodeRabbit’s agent to verify that API documentation is updated whenever API schema files are modified in a PR. Note: Upto 5 custom checks are currently allowed during the preview period. Pricing for this feature will be announced in a few weeks.

Example:

reviews:
  pre_merge_checks:
    custom_checks:
		  - name: "Undocumented Breaking Changes"
			  mode: "warning"
			  instructions: |
				  Flag potential breaking changes that are not documented:
				  1. Identify changes to public APIs/exports, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints (including removed/renamed items and changes to types, required params, return values, defaults, or behavior).
				  2. Ignore purely internal/private changes (e.g., code not exported from package entry points or marked internal).
				  3. Verify documentation exists: a "Breaking Change" section in the PR description and updates to CHANGELOG.md.

Please share your feedback with us on this Discord post.

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4c8aec1 and 97d5a6c.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (5)

• .github/workflows/gofmt.yml (1 hunks)
• .github/workflows/tests.yml (1 hunks)
• docker-compose.yml (1 hunks)
• docker/dockerfile-api (2 hunks)
• go.mod (2 hunks)

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch codex/update-codebase-to-go-1.25.1

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[gemini-code-assist]

Summary of Changes

Hello @gocanto, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request focuses on a routine maintenance task: upgrading the Go version used throughout the project. This ensures that the application benefits from the latest performance improvements, security patches, and language features provided by Go 1.25.1, maintaining compatibility and leveraging modern development practices across the build and runtime environments.

Highlights

• Go Version Upgrade: The project's Go toolchain has been upgraded from version 1.24.5 to 1.25.1.
• Docker Configuration Updates: Docker configurations, including docker-compose.yml and docker/dockerfile-api, have been updated to utilize the new Go 1.25.1 image.
• Go Module File Update: The go.mod file has been updated to reflect the new Go version requirement of 1.25.1.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in issue comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request correctly upgrades the Go toolchain to version 1.25.1. The changes in go.mod, docker-compose.yml, and the Dockerfile are consistent and achieve the stated goal. My review includes a couple of suggestions to further improve the security and reproducibility of your Docker builds by pinning the base images to their immutable SHA256 digests.