Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
b765231175
constellation/dev-docs/workflows/bump-go-version.md
Adrian Stobbe b765231175
deps: bump Go to 1.21.4 (#2569) 
Co-authored-by: Malte Poll <1780588+malt3@users.noreply.github.com>
2023-11-09 20:17:14 +01:00

861 B
Raw Blame History

Bump Go version

govulncheck from the bazel check target will fail if our code is vulnerable, which is often the case when a patch version was released with security fixes.

Steps

  1. Replace "1.xx.x" with the new version (see example)

  2. Update the nix hash

    Once updated run bazel run //:tidy and you will see a failure such as:

        > error: hash mismatch in fixed-output derivation '/nix/store/r85bdj6vrim7m5vlybdmzgca7d0kcb4n-go1.21.4.src.tar.gz.drv':
  >          specified: sha256-GG8rb4yLcE5paCGwmrIEGlwe4T3LwxVqE63PdZMe5Ig=
  >             got:    sha256-R7Jqg9K2WjwcG8rOJztpvuSaentRaKdgTe09JqN714c=

    Simple replace the hash with the got value.

  3. Ask @katexochen to build the thing and push it into his cache.