New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[release/2.7] update to go1.16 #3472
[release/2.7] update to go1.16 #3472
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
we should also update https://github.com/distribution/distribution/blob/main/go.mod#L3 and https://github.com/distribution/distribution/blob/main/Dockerfile#L1 For the docker file, it probably needs to add |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
see the comments
This is the release/2.7 branch, so the
Ah, yes, that's a good catch; adding that. |
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
b0eafe3
to
d836b23
Compare
Updated, PTAL |
opened #3474 for the main branch |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
oh, yes, it's for v2.7 cc @milosgajdos do we want to upgrade the golang major version in a patch release? I know it's caused by the jwt security issue. |
Not to sound SemVer pedantic, but we're talking about Even though |
Yeah, older version of Go (<1.15) are no longer maintained, and may have unpatched security fixes that could affect this project. The Go language itself has a stability promise ( |
relates to #3466, as the updated github.com/golang-jwt/jwt v3.2.2 requires to 1.15 or 1.16