constellation/dev-docs/workflows/bump-go-version.md

# Bump Go version

`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

## Steps

Replace "1.xx.x" with the new version in [WORKSPACE.bazel](/WORKSPACE.bazel):

```starlark
load("@io_bazel_rules_go//go:deps.bzl", "go_download_sdk", "go_register_toolchains", "go_rules_dependencies")

go_download_sdk(
    name = "go_sdk",
    patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],
    version = "1.xx.x", <--- Replace this one
              ~~~~~~~~
)

```
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 14:17:14 -05:00			`# Bump Go version`
deps: update to Go 1.22.3 (#3069) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-05-08 05:34:31 -04:00
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 14:17:14 -05:00			`govulncheck` from the bazel `check` target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

			`## Steps`

bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 05:52:22 -05:00			`Replace "1.xx.x" with the new version in [WORKSPACE.bazel](/WORKSPACE.bazel):`
deps: bump Go to 1.21.4 (#2569) Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com> 2023-11-09 14:17:14 -05:00
bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 05:52:22 -05:00			```starlark
deps: update to Go 1.22.3 (#3069) * Update renovate syntax * Update to Go 1.22.3 --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems> 2024-05-08 05:34:31 -04:00			`load("@io_bazel_rules_go//go:deps.bzl", "go_download_sdk", "go_register_toolchains", "go_rules_dependencies")`

			`go_download_sdk(`
			`name = "go_sdk",`
			`patches = ["//3rdparty/bazel/org_golang:go_tls_max_handshake_size.patch"],`
			`version = "1.xx.x", <--- Replace this one`
			`~~~~~~~~`
			`)`

bazel: use prebuilt Go toolchain (go.dev/dl) (#2796) We had to switch to a Go toolchain from nixpkgs, since prebuilt Go toolchain versions were not usable on NixOS. Since Go 1.21, the prebuilt Go toolchain is statically linked and works out of the box. Reference: https://github.com/golang/go/issues/57007 2024-01-05 05:52:22 -05:00			```