Skip to content

Update google.golang.org/genproto digest to 925bb5d#211

Open
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
mainfrom
konflux/mintmaker/main/google.golang.org-genproto-digest
Open

Update google.golang.org/genproto digest to 925bb5d#211
red-hat-konflux-kflux-prd-rh02[bot] wants to merge 1 commit into
mainfrom
konflux/mintmaker/main/google.golang.org-genproto-digest

Conversation

@red-hat-konflux-kflux-prd-rh02

@red-hat-konflux-kflux-prd-rh02 red-hat-konflux-kflux-prd-rh02 Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
google.golang.org/genproto indirect digest 4cfbd41925bb5d

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "on monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

To execute skipped test pipelines write comment /ok-to-test.


Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

Signed-off-by: red-hat-konflux-kflux-prd-rh02 <190377777+red-hat-konflux-kflux-prd-rh02[bot]@users.noreply.github.com>
@red-hat-konflux-kflux-prd-rh02

Copy link
Copy Markdown
Contributor Author

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum
Command failed: go get -t ./...
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20260622175928-b703f567277d
go: downloading golang.org/x/text v0.38.0
go: downloading google.golang.org/genproto v0.0.0-20260630182238-925bb5da69e7
go: downloading golang.org/x/sys v0.46.0
go: downloading cloud.google.com/go/pubsub/v2 v2.5.1
go: downloading google.golang.org/grpc v1.81.1
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20260622175928-b703f567277d
go: downloading github.com/googleapis/gax-go/v2 v2.21.0
go: downloading golang.org/x/sync v0.21.0
go: downloading google.golang.org/api v0.274.0
go: downloading golang.org/x/net v0.56.0
go: downloading golang.org/x/oauth2 v0.36.0
go: downloading cloud.google.com/go/iam v1.11.0
go: downloading cloud.google.com/go/auth v0.18.2
go: downloading golang.org/x/time v0.15.0
go: downloading github.com/googleapis/enterprise-certificate-proxy v0.3.14
go: downloading golang.org/x/crypto v0.53.0
go: github.com/openshift-hyperfleet/hyperfleet-sentinel/internal/client imports
	github.com/openshift-hyperfleet/hyperfleet-sentinel/pkg/api/openapi: cannot find module providing package github.com/openshift-hyperfleet/hyperfleet-sentinel/pkg/api/openapi

@openshift-ci openshift-ci Bot requested review from kuudori and sherine-k July 6, 2026 00:03
@openshift-ci

openshift-ci Bot commented Jul 6, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign pnguyen44 for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci

openshift-ci Bot commented Jul 6, 2026

Copy link
Copy Markdown

Hi @red-hat-konflux-kflux-prd-rh02[bot]. Thanks for your PR.

I'm waiting for a openshift-hyperfleet member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@coderabbitai

coderabbitai Bot commented Jul 6, 2026

Copy link
Copy Markdown
📝 Walkthrough

Walkthrough

go.mod pins a newer pseudo-version of the indirect dependency google.golang.org/genproto, changing from v0.0.0-20260209200024-4cfbd4190f57 to v0.0.0-20260630182238-925bb5da69e7. No other files are modified.

Estimated code review effort: 1 (Trivial) | ~5 minutes

Security note: genproto pinned to an unpinned-by-hash pseudo-version bump spanning ~4 months of upstream commits (20260209→20260630). No CVE cited in the diff for this update — verify provenance via go.sum hash and module checksum database (sum.golang.org) before merge. Unreviewed transitive proto-generated code changes are a supply chain risk vector (CWE-1104: Use of Unmaintained Third Party Components applies if pinned version lags; here concern is opposite — unverified forward jump). Confirm go.sum hash entries updated alongside go.mod to prevent dependency confusion/tampering (CWE-829: Inclusion of Functionality from Untrusted Control Sphere).

Suggested labels: dependencies, go

Suggested reviewers: platform-security-team

🚥 Pre-merge checks | ✅ 11
✅ Passed checks (11 passed)
Check name Status Explanation
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Sec-02: Secrets In Log Output ✅ Passed PASS: no non-test/non-example Go log statements include token/password/credential/secret; PR only changes go.mod. CWE-532 not triggered.
No Hardcoded Secrets ✅ Passed PASS: The only change is a genproto version bump in go.mod; no secret literals, base64 blobs, or credential-bearing URLs are present (CWE-798/CWE-259).
No Weak Cryptography ✅ Passed Only go.mod changed; no weak-crypto primitives, custom crypto, or secret comparisons appear in the diff.
No Injection Vectors ✅ Passed Only go.mod changed; no SQL/exec/template/yaml code was added or modified, so no CWE-89/78/79/502 injection vector is present.
No Privileged Containers ✅ Passed Only go.mod changed; no K8s/OpenShift manifests, Helm templates, or Dockerfiles in the diff, so no privileged-container/CWE-269/CWE-285 issue to flag.
No Pii Or Sensitive Data In Logs ✅ Passed Only go.mod changed; no logging statements or data-exposure code paths were modified, so CWE-532/359 risk is absent.
Title check ✅ Passed Matches the only change: a digest update for google.golang.org/genproto.
Description check ✅ Passed Description aligns with the dependency digest update and Renovate metadata.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch konflux/mintmaker/main/google.golang.org-genproto-digest
✨ Simplify code
  • Create PR with simplified code
  • Commit simplified code in branch konflux/mintmaker/main/google.golang.org-genproto-digest

Comment @coderabbitai help to get the list of available commands.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants