chore(deps): bump golang.org/x/tools from 0.32.0 to 0.48.0 in /generators/go#16997
chore(deps): bump golang.org/x/tools from 0.32.0 to 0.48.0 in /generators/go#16997dependabot[bot] wants to merge 1 commit into
Conversation
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.32.0 to 0.48.0. - [Release notes](https://github.com/golang/tools/releases) - [Commits](golang/tools@v0.32.0...v0.48.0) --- updated-dependencies: - dependency-name: golang.org/x/tools dependency-version: 0.48.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
There was a problem hiding this comment.
AI Review Summary
Dependabot bump of golang.org/x/tools (and transitively x/mod). The dependency changes look consistent, but the go directive was silently bumped from 1.23.0 to 1.25.0, which is outside the scope of a dependency bump and could break CI/build environments pinned to older toolchains.
- 🟡 1 warning(s)
| module github.com/fern-api/fern-go | ||
|
|
||
| go 1.23.0 | ||
| go 1.25.0 |
There was a problem hiding this comment.
🟡 warning
The go directive jumped from 1.23.0 to 1.25.0. This is well beyond what a dependency bump requires — x/tools v0.48.0 doesn't mandate Go 1.25. Bumping the minimum Go version can break CI runners and downstream builds pinned to older toolchains. Verify this is intentional; if x/tools only needs 1.24, set it there, otherwise keep 1.23.0.
| module github.com/fern-api/fern-go | ||
|
|
||
| go 1.23.0 | ||
| go 1.25.0 |
There was a problem hiding this comment.
🟡 Local development environment uses an older Go version than the module now requires
The module's minimum Go version is raised to 1.25.0 (go 1.25.0 at generators/go/go.mod:3) but the project's devbox environment still pins Go 1.23.8 (devbox.json:6), so local builds may fail or silently trigger an unexpected toolchain auto-download.
Impact: Developers using the recommended devbox setup encounter build errors or unintended toolchain downloads when working on the Go generator.
Devbox Go version mismatch with go.mod directive
The devbox.json:6 specifies go@1.23.8 as the pinned Go version for the development environment. The PR bumps generators/go/go.mod:3 from go 1.23.0 to go 1.25.0. Since Go 1.21+, the go directive in go.mod acts as a minimum version requirement.
With GOTOOLCHAIN=auto (the default), Go 1.23.8 would attempt to auto-download Go 1.25.0, which may work but is inconsistent with the devbox philosophy of pinning exact versions. With GOTOOLCHAIN=local, the build fails outright with go.mod requires go >= 1.25.0 (running go 1.23.8; GOTOOLCHAIN=local) — the exact error pattern previously documented in generators/go/sdk/changes/1.34.5/bump-go-toolchain-to-1.26.2.yml:7.
The CI workflow at .github/workflows/go-generator.yml:23 also runs go build ./... without actions/setup-go, relying on the runner's pre-installed Go version.
Prompt for agents
The go.mod now requires Go 1.25.0 but devbox.json still pins go@1.23.8. Either:
1. Update devbox.json to pin a Go version >= 1.25.0 (e.g., go@1.25 or go@1.26) to match the new module requirement, OR
2. Ensure the CI workflow at .github/workflows/go-generator.yml uses actions/setup-go with a version >= 1.25.0.
The devbox.json change is at line 6: "go@1.23.8" should be bumped to at least "go@1.25". The CI workflow at .github/workflows/go-generator.yml lines 17-23 and 25-33 should ideally add a setup-go step.
Was this helpful? React with 👍 or 👎 to provide feedback.
SDK Generation Benchmark ResultsComparing PR branch against median of 5 nightly run(s) on Full benchmark table (click to expand)
main (generator): generator-only time via --skip-scripts (includes Docker image build, container startup, IR parsing, and code generation — this is the same Docker-based flow customers use via |
Bumps golang.org/x/tools from 0.32.0 to 0.48.0.
Commits
05f9cb5go.mod: update golang.org/x dependencies745d7aegopls: add CompiledAsmFiles in cache.Package797ee67go/ssa: make Const(unsafe.Pointer, nil).IsNil() true9751125gopls/internal/test: Completion benchmarks use empty range8786a96internal/stdlib: update stdlib index for Go 1.27 Release Candidate 2425085fgopls/internal/server: modify return of parseAction30c4f87go/analysis/passes/nilness: skip magic cgo functions9e6441dgopls/internal/protocol/generate: remove manual rename overwrittendf96841gopls/internal/protocol: use Debug log level278f062gopls/internal/protocol: update to LSP 3.18Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)