all: upd go

2024-10-05 14:27:52 +03:00 · 2024-07-03 13:17:30 +03:00 · 2024-07-03 13:17:30 +03:00 · 2b28fa107b
commit 2b28fa107b
parent fcdebfa4d4
9 changed files with 28 additions and 20 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -1,7 +1,7 @@
 'name': 'build'

 'env':
-  'GO_VERSION': '1.22.4'
+  'GO_VERSION': '1.22.5'
  'NODE_VERSION': '16'

 'on':
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -1,7 +1,7 @@
 'name': 'lint'

 'env':
-  'GO_VERSION': '1.22.4'
+  'GO_VERSION': '1.22.5'

 'on':
  'push':
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -26,6 +26,10 @@ See also the [v0.107.52 GitHub milestone][ms-v0.107.52].

 NOTE: Add new changes BELOW THIS COMMENT.
 -->
+### Security
+
+- Go version has been updated to prevent the possibility of exploiting the Go
+  vulnerabilities fixed in [Go 1.22.5][go-1.22.5].

 ### Added

@ -68,6 +72,7 @@ NOTE: Add new changes BELOW THIS COMMENT.
 [#7076]: https://github.com/AdguardTeam/AdGuardHome/issues/7076
 [#7079]: https://github.com/AdguardTeam/AdGuardHome/issues/7079

+[go-1.22.5]: https://groups.google.com/g/golang-announce/c/gyb7aM1C9H4
 [install-script]: https://github.com/AdguardTeam/AdGuardHome/?tab=readme-ov-file#automated-install-linux-and-mac

 <!--
--- a/2
+++ b/2
@ -27,7 +27,7 @@ DIST_DIR = dist
 GOAMD64 = v1
 GOPROXY = https://goproxy.cn|https://proxy.golang.org|direct
 GOSUMDB = sum.golang.google.cn
-GOTOOLCHAIN = go1.22.4
+GOTOOLCHAIN = go1.22.5
 GPG_KEY = devteam@adguard.com
 GPG_KEY_PASSPHRASE = not-a-real-password
 NPM = npm
--- a/bamboo-specs/release.yaml
+++ b/bamboo-specs/release.yaml
@ -7,8 +7,8 @@
 # Make sure to sync any changes with the branch overrides below.
 'variables':
    'channel': 'edge'
-    'dockerFrontend': '${bamboo.adguardRegistryBasePath}/home-js-builder:2.0'
-    'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.4--1'
+    'dockerFrontend': 'adguard/home-js-builder:2.0'
+    'dockerGo': 'adguard/go-builder:1.22.5--1'

 'stages':
  - 'Build frontend':
@ -266,7 +266,7 @@
        'variables':
            'channel': 'beta'
            'dockerFrontend': '${bamboo.adguardRegistryBasePath}/home-js-builder:2.0'
-            'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.4--1'
+            'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.5--1'
    # release-vX.Y.Z branches are the branches from which the actual final
    # release is built.
  - '^release-v[0-9]+\.[0-9]+\.[0-9]+':
@ -282,4 +282,4 @@
        'variables':
            'channel': 'release'
            'dockerFrontend': '${bamboo.adguardRegistryBasePath}/home-js-builder:2.0'
-            'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.4--1'
+            'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.5--1'
--- a/bamboo-specs/test.yaml
+++ b/bamboo-specs/test.yaml
@ -5,8 +5,8 @@
    'key': 'AHBRTSPECS'
    'name': 'AdGuard Home - Build and run tests'
 'variables':
-    'dockerFrontend': '${bamboo.adguardRegistryBasePath}/home-js-builder:2.0'
-    'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.4--1'
+    'dockerFrontend': 'adguard/home-js-builder:2.0'
+    'dockerGo': 'adguard/go-builder:1.22.5--1'
    'channel': 'development'

 'stages':
@ -195,5 +195,5 @@
        # may need to build a few of these.
        'variables':
            'dockerFrontend': '${bamboo.adguardRegistryBasePath}/home-js-builder:2.0'
-            'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.4--1'
+            'dockerGo': '${bamboo.adguardRegistryBasePath}/go-builder:1.22.5--1'
            'channel': 'candidate'
--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module github.com/AdguardTeam/AdGuardHome

-go 1.22.4
+go 1.22.5

 require (
 	github.com/AdguardTeam/dnsproxy v0.71.2
--- a/internal/tools/go.mod
+++ b/internal/tools/go.mod
@ -4,14 +4,14 @@ go 1.22.4

 require (
 	github.com/fzipp/gocyclo v0.6.0
-	github.com/golangci/misspell v0.5.1
+	github.com/golangci/misspell v0.6.0
 	github.com/gordonklaus/ineffassign v0.1.0
 	github.com/kisielk/errcheck v1.7.0
 	github.com/kyoh86/looppointer v0.2.1
 	github.com/securego/gosec/v2 v2.20.0
 	github.com/uudashr/gocognit v1.1.2
 	golang.org/x/tools v0.22.0
-	golang.org/x/vuln v1.1.1
+	golang.org/x/vuln v1.1.2
 	honnef.co/go/tools v0.4.7
 	mvdan.cc/gofumpt v0.6.0
 	mvdan.cc/unparam v0.0.0-20240528143540-8a5130ca722f
@ -26,9 +26,10 @@ require (
 	github.com/kyoh86/nolint v0.0.1 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect
-	golang.org/x/exp/typeparams v0.0.0-20240604190554-fc45aab8b7f8 // indirect
+	golang.org/x/exp/typeparams v0.0.0-20240613232115-7f521ea00fb8 // indirect
 	golang.org/x/mod v0.18.0 // indirect
 	golang.org/x/sync v0.7.0 // indirect
 	golang.org/x/sys v0.21.0 // indirect
+	golang.org/x/telemetry v0.0.0-20240701175443-4e29c7872ac1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/internal/tools/go.sum
+++ b/internal/tools/go.sum
@ -12,8 +12,8 @@ github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
 github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/golangci/misspell v0.5.1 h1:/SjR1clj5uDjNLwYzCahHwIOPmQgoH04AyQIiWGbhCM=
-github.com/golangci/misspell v0.5.1/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo=
+github.com/golangci/misspell v0.6.0 h1:JCle2HUTNWirNlDIAUO44hUsKhOFqGPoC4LZxlaSXDs=
+github.com/golangci/misspell v0.6.0/go.mod h1:keMNyY6R9isGaSAu+4Q8NMBwMPkh15Gtc8UCVoDtAWo=
 github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786 h1:rcv+Ippz6RAtvaGgKxc+8FQIpxHgsF+HBzPyYL2cyVU=
 github.com/google/go-cmdtest v0.4.1-0.20220921163831-55ab3332a786/go.mod h1:apVn/GCasLZUVpAJ6oWAuyP7Ne7CEsQbTnc0plM3m+o=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
@ -63,8 +63,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/exp v0.0.0-20230321023759-10a507213a29 h1:ooxPy7fPvB4kwsA2h+iBNHkAbp/4JxTSwCmvdjEYmug=
 golang.org/x/exp v0.0.0-20230321023759-10a507213a29/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc=
-golang.org/x/exp/typeparams v0.0.0-20240604190554-fc45aab8b7f8 h1:WKP3FgLqWfVutBnw/dr+LNg4fzjyTQP5o+ELTIyoBrs=
-golang.org/x/exp/typeparams v0.0.0-20240604190554-fc45aab8b7f8/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
+golang.org/x/exp/typeparams v0.0.0-20240613232115-7f521ea00fb8 h1:+ZJmEdDFzH5H0CnzOrwgbH3elHctfTecW9X0k2tkn5M=
+golang.org/x/exp/typeparams v0.0.0-20240613232115-7f521ea00fb8/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
@ -95,6 +95,8 @@ golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220702020025-31831981b65f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
 golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/telemetry v0.0.0-20240701175443-4e29c7872ac1 h1:jveUVYFLPlIma1aZBg9rrUN+Dqk4e6QbVSGiZGwA/2Y=
+golang.org/x/telemetry v0.0.0-20240701175443-4e29c7872ac1/go.mod h1:n38mvGdgc4dA684EC4NwQwoPKSw4jyKw8/DgZHDA1Dk=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@ -109,8 +111,8 @@ golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4=
 golang.org/x/tools v0.22.0 h1:gqSGLZqv+AI9lIQzniJ0nZDRG5GBPsSi+DRNHWNz6yA=
 golang.org/x/tools v0.22.0/go.mod h1:aCwcsjqvq7Yqt6TNyX7QMU2enbQ/Gt0bo6krSeEri+c=
-golang.org/x/vuln v1.1.1 h1:4nYQg4OSr7uYQMtjuuYqLAEVuTjY4k/CPMYqvv5OPcI=
-golang.org/x/vuln v1.1.1/go.mod h1:hNgE+SKMSp2wHVUpW0Ow2ejgKpNJePdML+4YjxrVxik=
+golang.org/x/vuln v1.1.2 h1:UkLxe+kAMcrNBpGrFbU0Mc5l7cX97P2nhy21wx5+Qbk=
+golang.org/x/vuln v1.1.2/go.mod h1:2o3fRKD8Uz9AraAL3lwd/grWBv+t+SeJnPcqBUJrY24=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=