Skip to content

chore(deps): update golang#48

Open
scality-renovate[bot] wants to merge 1 commit into
mainfrom
renovate/golang
Open

chore(deps): update golang#48
scality-renovate[bot] wants to merge 1 commit into
mainfrom
renovate/golang

Conversation

@scality-renovate

@scality-renovate scality-renovate Bot commented Jun 29, 2026

Copy link
Copy Markdown

This PR contains the following updates:

Package Type Update Change
golang stage digest 792443bf96cc55
mcr.microsoft.com/devcontainers/go final digest 232b16d638cb8e

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "before 9am on monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

@scality-renovate scality-renovate Bot requested a review from a team as a code owner June 29, 2026 04:06
@scality-renovate scality-renovate Bot added dependencies Pull requests that update a dependency file digest docker go Pull requests that update go code labels Jun 29, 2026
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown

Dependency Bump Evaluation

Packages:

  • golang (build stage): digest 792443b -> f96cc55 (same golang:1.26 tag)
  • mcr.microsoft.com/devcontainers/go (devcontainer): digest 232b16d -> 638cb8e (same 1.26-trixie tag)

Bump type: Docker digest rotation (no semver change)

Changes:

  • Picks up the latest rebuild of both Go Docker images, which typically includes OS-level security patches and minor updates to the base layer
  • Go toolchain version remains 1.26 -- no compiler or stdlib changes

Breaking changes: None -- same Go version, same tags, only the underlying OS packages are refreshed

Security concerns: None -- digest rotations are the standard mechanism for receiving OS-level security patches in pinned Docker images. This is a positive security update.

Impact on codebase: No impact. The Dockerfile uses a multi-stage build: the golang:1.26 builder compiles a statically linked binary (CGO_ENABLED=0), which is then copied to a distroless/static:nonroot runtime image. OS-layer changes in the builder do not affect the final artifact. The devcontainer change only affects the development environment.

CI status: lint passed, test passed, build in progress

Recommendation: SAFE TO MERGE (once CI passes)

-- Claude Code

@scality-renovate scality-renovate Bot changed the title chore(deps): update golang:1.26 docker digest to 32c0e6e chore(deps): update golang:1.26 docker digest to f96cc55 Jun 30, 2026
@scality-renovate scality-renovate Bot changed the title chore(deps): update golang:1.26 docker digest to f96cc55 chore(deps): update golang Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file digest docker go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants