Skip to content

chore: go cloud dependencies update #5183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
denis256 wants to merge 3 commits into
base: main
Choose a base branch
from
Open

chore: go cloud dependencies update #5183

denis256 wants to merge 3 commits into from

Conversation

@denis256
Copy link
Member

@denis256 denis256 commented Dec 8, 2025
edited by coderabbitai bot
Loading

Description

Updated dependencies:

  • cloud.google.com/go/storage v1.58.0
  • github.com/aws/aws-sdk-go-v2 v1.41.0
  • github.com/hashicorp/go-version v1.8.0
  • go.opentelemetry.io/otel v1.39.0
  • google.golang.org/api v0.257.0
  • golang.org/x/oauth2 v0.34.0
  • golang.org/x/sync v0.19.0
  • golang.org/x/sys v0.39.0
  • golang.org/x/term v0.38.0
  • golang.org/x/text v0.32.0
  • github.com/aws/aws-sdk-go-v2/config v1.32.4
  • github.com/aws/aws-sdk-go-v2/credentials v1.19.4
  • github.com/aws/aws-sdk-go-v2/service/dynamodb v1.53.4
  • github.com/aws/aws-sdk-go-v2/service/iam v1.53.1
  • github.com/aws/aws-sdk-go-v2/service/s3 v1.93.1
  • github.com/aws/aws-sdk-go-v2/service/sts v1.41.4

Fixes #5182.

TODOs

Read the Gruntwork contribution guidelines.

  • I authored this code entirely myself
  • I am submitting code based on open source software (e.g. MIT, MPL-2.0, Apache)]
  • I am adding or upgrading a dependency or adapted code and confirm it has a compatible open source license
  • Update the docs.
  • Run the relevant tests successfully, including pre-commit checks.
  • Include release notes. If this PR is backward incompatible, include a migration guide.

Release Notes (draft)

Added / Removed / Updated [X].

Migration Guide

Summary by CodeRabbit

  • Bug Fixes

    • Standardized error message formatting for constraints validation.

  • Chores

    • Updated dependencies to latest stable versions for improved security and performance.

✏️ Tip: You can customize this high-level summary in your review settings.

@vercel
Copy link

vercel bot commented Dec 8, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Preview Comments Updated (UTC)
terragrunt-docs Ready Ready Preview Comment Dec 8, 2025 9:37pm

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Dec 8, 2025
edited
Loading

📝 Walkthrough

Walkthrough

Error message text in test constraints is lowercased ("malformed version" and "malformed constraint"). Multiple Go module dependencies are bumped across cloud storage, AWS SDK, OpenTelemetry, Google Cloud, and related packages to newer minor/patch versions.

Changes

Cohort / File(s) Summary
Test error message updates
config/config_helpers_test.go		 Lowercase error message strings in two constraints tests from "Malformed version"/"Malformed constraint" to "malformed version"/"malformed constraint"
Go module dependency bumps
go.mod		 Broad ecosystem refresh of direct and indirect dependencies: cloud.google.com/go/storage (v1.57.2→v1.58.0), aws-sdk-go-v2 and services (v1.40.0→v1.41.0+), go.opentelemetry.io/otel ecosystem (v1.38.0→v1.39.0+), golang.org/x/\* packages (oauth2, sync, sys, term, text, tools), google.golang.org/api, protoc-gen-validate, and various AWS SDK v2 internal/service subpackages

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

  • Dependency version bumps are homogeneous changes with no code logic modifications
  • Test error message changes are trivial text updates
  • Review focuses on verifying version compatibility and absence of breaking changes rather than logic assessment

Possibly related PRs

Suggested reviewers

  • ThisGuyCodes
  • yhakbar

Pre-merge checks and finishing touches

❌ Failed checks (1 warning, 1 inconclusive)
Check name Status Explanation Resolution
Docstring Coverage ⚠️ Warning Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%. You can run @coderabbitai generate docstrings to improve docstring coverage.
Out of Scope Changes check ❓ Inconclusive The PR contains a minor change to error message text in config_helpers_test.go (lowercasing error strings) alongside dependency updates, which appears tangential to the core objectives. Clarify whether the error message lowercasing in config_helpers_test.go is required by dependency bumps or a separate change that should be split into a distinct PR.
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title 'chore: go cloud dependencies update' clearly and concisely describes the main change in the PR, which is updating Go cloud-related dependencies.
Description check ✅ Passed The PR description includes a detailed list of updated dependencies and references the linked issue #5182, meeting core requirements despite minimal elaboration on the changes.
Linked Issues check ✅ Passed The PR updates all specified cloud-related dependencies (cloud.google.com/go/storage, aws-sdk-go-v2, hashicorp/go-version, google.golang.org/api) and addresses the objectives in linked issue #5182.
✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch 5182-go-cloud-deps
📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 44e17e0 and 7db2358.

⛔ Files ignored due to path filters (1)
  • go.sum is excluded by !**/*.sum
📒 Files selected for processing (2)
  • config/config_helpers_test.go (1 hunks)
  • go.mod (8 hunks)
🧰 Additional context used
📓 Path-based instructions (1)
**/*.go

⚙️ CodeRabbit configuration file

Review the Go code for quality and correctness. Make sure that the Go code follows best practices, is performant, and is easy to understand and maintain.

Files:

  • config/config_helpers_test.go
🧠 Learnings (3)
📚 Learning: 2025-11-03T04:40:01.000Z 
Learnt from: ThisGuyCodes
Repo: gruntwork-io/terragrunt PR: 5041
File: test/fixtures/hclvalidate/valid/duplicate-attributes-in-required-providers/main.tf:2-7
Timestamp: 2025-11-03T04:40:01.000Z
Learning: In the terragrunt repository, test fixtures under test/fixtures/hclvalidate/valid/ are intentionally testing that INPUT validation succeeds even when Terraform code contains syntax errors or other issues unrelated to input validation (e.g., duplicate attributes, circular references, invalid locals). The "valid" designation means "valid for input validation purposes" not "syntactically valid Terraform/OpenTofu code".

Applied to files:

  • config/config_helpers_test.go
📚 Learning: 2025-08-19T16:05:54.723Z 
Learnt from: Resonance1584
Repo: gruntwork-io/terragrunt PR: 4683
File: go.mod:86-90
Timestamp: 2025-08-19T16:05:54.723Z
Learning: When analyzing Go module dependencies for removal, always check for both direct imports and API usage across all Go files in the repository, not just a quick search. The github.com/mattn/go-zglob library is used for filesystem walking and glob expansion in multiple Terragrunt files including util/file.go, format commands, and AWS provider patch functionality.

Applied to files:

  • go.mod
📚 Learning: 2025-02-10T13:36:19.542Z 
Learnt from: levkohimins
Repo: gruntwork-io/terragrunt PR: 3723
File: cli/commands/stack/action.go:160-160
Timestamp: 2025-02-10T13:36:19.542Z
Learning: The project uses a custom error package `github.com/gruntwork-io/terragrunt/internal/errors` which provides similar functionality to `fmt.Errorf` but includes stack traces. Prefer using this package's error functions (e.g., `errors.Errorf`, `errors.New`) over the standard library's error handling.

Applied to files:

  • go.mod
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
  • GitHub Check: base_tests / Test (macos)
  • GitHub Check: Pull Request has non-contributor approval
🔇 Additional comments (2)
go.mod (1)

103-341: Indirect dependency updates are consistent.

The indirect dependencies have been updated to maintain compatibility with the direct dependency updates. Notable updates include:

  • AWS SDK v2 internal packages updated consistently across the board
  • OpenTelemetry contrib instrumentation packages updated to v0.64.0 to match otel v1.39.0
  • Protocol buffer and gRPC related packages updated together

This comprehensive update ensures the entire dependency tree remains consistent.

config/config_helpers_test.go (1)

1402-1408: Verify go-version dependency version claim.

The error message format in the test (lowercase "malformed") is correct, but the review's claim that this is an update to go-version v1.8.0 is incorrect. The current go.mod shows github.com/hashicorp/go-version v1.6.0, not v1.8.0. Either:

  1. The version mentioned in the review is wrong, or
  2. The lines shown are not actually from a change related to a version upgrade

Please clarify the actual go-version dependency version being used and whether this change is genuinely part of a version upgrade.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@denis256 denis256 marked this pull request as ready for review December 8, 2025 21:48
@denis256 denis256 enabled auto-merge (squash) December 9, 2025 14:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@yhakbar yhakbar yhakbar approved these changes

@ThisGuyCodes ThisGuyCodes Awaiting requested review from ThisGuyCodes ThisGuyCodes is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cloud go-dependencies update

3 participants

@denis256 @yhakbar