Skip to content

chore: merge dependabot go updates into a single PR#327

Closed
lalitadithya wants to merge 62 commits into
mainfrom
merge-dependabot-updates
Closed

chore: merge dependabot go updates into a single PR#327
lalitadithya wants to merge 62 commits into
mainfrom
merge-dependabot-updates

Conversation

@lalitadithya

@lalitadithya lalitadithya commented Nov 10, 2025

Copy link
Copy Markdown
Collaborator

Summary

merge dependabot go updates into a single PR

Type of Change

  • 🐛 Bug fix
  • ✨ New feature
  • 💥 Breaking change
  • 📚 Documentation
  • 🔧 Refactoring
  • 🔨 Build/CI

Component(s) Affected

  • Core Services
  • Documentation/CI
  • Fault Management
  • Health Monitors
  • Janitor
  • Other: ____________

Testing

  • Tests pass locally
  • Manual testing completed
  • No breaking changes (or documented)

Checklist

  • Self-review completed
  • Documentation updated (if needed)
  • Ready for review

Summary by CodeRabbit

  • Chores
    • Updated GitHub Actions release workflow to the latest version.
    • Updated multiple Go module dependencies to their latest patch versions for improved stability and security.
    • Updated Python development tool dependencies to current versions.

dependabot Bot added 30 commits October 29, 2025 13:01
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.17.4 to 1.17.6.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](mongodb/mongo-go-driver@v1.17.4...v1.17.6)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-version: 1.17.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.17.4 to 1.17.6.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](mongodb/mongo-go-driver@v1.17.4...v1.17.6)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-version: 1.17.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.17.4 to 1.17.6.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](mongodb/mongo-go-driver@v1.17.4...v1.17.6)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-version: 1.17.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/prometheus/common](https://github.com/prometheus/common) from 0.67.1 to 0.67.2.
- [Release notes](https://github.com/prometheus/common/releases)
- [Changelog](https://github.com/prometheus/common/blob/main/CHANGELOG.md)
- [Commits](prometheus/common@v0.67.1...v0.67.2)

---
updated-dependencies:
- dependency-name: github.com/prometheus/common
  dependency-version: 0.67.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.39.5 to 1.39.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.39.5...v1.39.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.39.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/aws/aws-sdk-go-v2/service/health](https://github.com/aws/aws-sdk-go-v2) from 1.34.9 to 1.34.10.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@service/ses/v1.34.9...service/sfn/v1.34.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/health
  dependency-version: 1.34.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.17.4 to 1.17.6.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](mongodb/mongo-go-driver@v1.17.4...v1.17.6)

---
updated-dependencies:
- dependency-name: go.mongodb.org/mongo-driver
  dependency-version: 1.17.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.39.5 to 1.39.6.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@v1.39.5...v1.39.6)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2
  dependency-version: 1.39.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github.com/aws/aws-sdk-go-v2/service/health](https://github.com/aws/aws-sdk-go-v2) from 1.34.9 to 1.34.10.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/changelog-template.json)
- [Commits](aws/aws-sdk-go-v2@service/ses/v1.34.9...service/sfn/v1.34.10)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/service/health
  dependency-version: 1.34.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.17.0 to 0.18.0.
- [Commits](golang/sync@v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
dependabot Bot and others added 21 commits November 10, 2025 15:49
…ithub.com/aws/aws-sdk-go-v2/service/health-1.34.10
@copy-pr-bot

copy-pr-bot Bot commented Nov 10, 2025

Copy link
Copy Markdown

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@coderabbitai

coderabbitai Bot commented Nov 10, 2025

Copy link
Copy Markdown
Contributor

Caution

Review failed

The pull request is closed.

Walkthrough

This pull request performs a coordinated dependency version update across multiple Go modules and Python projects within the codebase. The updates span golang.org/x/sync, Kubernetes controller-runtime, MongoDB driver, AWS SDK components, and the Black code formatter.

Changes

Cohort / File(s) Summary
Golang.org/x/sync library
commons/go.mod, fault-quarantine/go.mod, fault-remediation/go.mod, health-events-analyzer/go.mod, health-monitors/csp-health-monitor/go.mod, health-monitors/syslog-health-monitor/go.mod, labeler/go.mod, platform-connectors/go.mod
Bumps golang.org/x/sync from v0.17.0 to v0.18.0 across eight modules.
Kubernetes controller-runtime library
fault-quarantine/go.mod, fault-remediation/go.mod, labeler/go.mod, node-drainer/go.mod, platform-connectors/go.mod, tests/go.mod
Updates sigs.k8s.io/controller-runtime from v0.22.3 to v0.22.4 across six modules.
MongoDB driver
fault-quarantine/go.mod, node-drainer/go.mod, store-client/go.mod
Upgrades go.mongodb.org/mongo-driver from v1.17.4 to v1.17.6.
AWS SDK components
health-monitors/csp-health-monitor/go.mod
Updates AWS SDK v2 (v1.39.5 → v1.39.6), AWS health service (v1.34.9 → v1.34.10), AWS Smithy Go (v1.23.1 → v1.23.2), and related internal modules.
Black code formatter
health-monitors/gpu-health-monitor/pyproject.toml, log-collector/pyproject.toml
Bumps Black dev dependency to ^25.11.0.
GitHub Actions workflow
.github/workflows/release.yml
Updates softprops/action-gh-release from v2.4.1 to v2.4.2.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

  • The changes are primarily homogeneous version bumps repeated across multiple modules, reducing cognitive load per file
  • Main review focus should be verifying that each dependency version bump is intentional and legitimate (checking changelogs or release notes where applicable, particularly for golang.org/x/sync and controller-runtime which appear most frequently)
  • All changes are limited to manifest files with no code logic modifications

Poem

🐰 Through the dependency garden we hop and we skip,
Updating each version, no logic to flip,
Sync and controller, MongoDB too,
Black shines brighter with polish anew!
No bugs introduced, just freshness and care,
Our libraries dancing in autumn air! ✨

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch merge-dependabot-updates

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 54f8734 and d9bda0b.

⛔ Files ignored due to path filters (13)
  • commons/go.sum is excluded by !**/*.sum
  • fault-quarantine/go.sum is excluded by !**/*.sum
  • fault-remediation/go.sum is excluded by !**/*.sum
  • health-events-analyzer/go.sum is excluded by !**/*.sum
  • health-monitors/csp-health-monitor/go.sum is excluded by !**/*.sum
  • health-monitors/gpu-health-monitor/poetry.lock is excluded by !**/*.lock
  • health-monitors/syslog-health-monitor/go.sum is excluded by !**/*.sum
  • labeler/go.sum is excluded by !**/*.sum
  • log-collector/poetry.lock is excluded by !**/*.lock
  • node-drainer/go.sum is excluded by !**/*.sum
  • platform-connectors/go.sum is excluded by !**/*.sum
  • store-client/go.sum is excluded by !**/*.sum
  • tests/go.sum is excluded by !**/*.sum
📒 Files selected for processing (14)
  • .github/workflows/release.yml (1 hunks)
  • commons/go.mod (1 hunks)
  • fault-quarantine/go.mod (1 hunks)
  • fault-remediation/go.mod (1 hunks)
  • health-events-analyzer/go.mod (1 hunks)
  • health-monitors/csp-health-monitor/go.mod (2 hunks)
  • health-monitors/gpu-health-monitor/pyproject.toml (1 hunks)
  • health-monitors/syslog-health-monitor/go.mod (1 hunks)
  • labeler/go.mod (1 hunks)
  • log-collector/pyproject.toml (1 hunks)
  • node-drainer/go.mod (1 hunks)
  • platform-connectors/go.mod (1 hunks)
  • store-client/go.mod (1 hunks)
  • tests/go.mod (1 hunks)

Warning

There were issues while running some tools. Please review the errors and either fix the tool's configuration or disable the tool if it's a critical failure.

🔧 golangci-lint (2.5.0)

level=error msg="[linters_context] typechecking error: pattern ./...: directory prefix . does not contain main module or its selected dependencies"


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@github-actions

Copy link
Copy Markdown
Contributor

This pull request has been automatically locked since it has been closed for 90 days with no further activity. Please open a new pull request for related changes.

@github-actions github-actions Bot locked as resolved and limited conversation to collaborators May 26, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant