Bump the other-go-modules group with 5 updates

[dependabot]

Bumps the other-go-modules group with 5 updates:

Package	From	To
github.com/containernetworking/plugins	1.8.0	1.9.1
github.com/onsi/gomega	1.38.2	1.40.0
github.com/go-co-op/gocron/v2	2.16.6	2.21.1
github.com/fsnotify/fsnotify	1.9.0	1.10.1
golang.org/x/time	0.14.0	0.15.0

Updates github.com/containernetworking/plugins from 1.8.0 to 1.9.1

Release notes

Sourced from github.com/containernetworking/plugins's releases.

v1.9.1

This is a patch release with dependency updates and some minor fixes.

Minor fixes

• bandwidth: handle nil bandwidth in CHECK by @​squeed in containernetworking/plugins#1222
• vrf: fix route filtering to preserve IPAM-configured routes by @​mlguerrero12 in containernetworking/plugins#1227
• CVE-2025-52881: Bump selinux to 1.13.0 by @​sbiradar10 in containernetworking/plugins#1231
• bridge: include attempted IP address in AddrAdd error message by @​Amulyam24 in containernetworking/plugins#1225

New Contributors

• @​sbiradar10 made their first contribution in containernetworking/plugins#1231
• @​Amulyam24 made their first contribution in containernetworking/plugins#1225

Full Changelog: containernetworking/plugins@v1.9.0...v1.9.1

CNI plugins v1.9.0

What's Changed

This release fixes CVE-2025-67499, a bug in the nftables backend for the portmap plugin that can cause traffic to be unexpectedly intercepted.

Bugs

• portmap: ensure nftables backend only intercept local traffic by @​champtar in containernetworking/plugins#1210.

Other changes

• Fix file exists errro in dummy cni by @​liuyuan10 in containernetworking/plugins#1205
• Ignore settling with down state since it would never settle by @​bn222 in containernetworking/plugins#1207

Full Changelog: containernetworking/plugins@v1.8.0...v1.9.0

Commits

• adc3e6b bridge: include attempted IP address in AddrAdd error message
• 4161e44 build(deps): bump golangci/golangci-lint-action from 8 to 9
• dada84a CVE-2025-52881: Bump selinux to 1.13.0
• dfb1f9a fix(test): use shorter veth peer name
• ccc8314 vrf: fix route filtering to preserve IPAM-configured routes
• 8c4a6b3 bandwidth: handle nil bandwidth in CHECK
• 9b3772e portmap: ensure nftables backend only intercept local traffic
• 8ee59c6 portmap: fix CHECK for nftables backend
• 372953d Ignore settling with down state since it will never settle
• 85daca7 Fix file exists errro in dummy cni
• See full diff in compare view

Updates github.com/onsi/gomega from 1.38.2 to 1.40.0

Release notes

Sourced from github.com/onsi/gomega's releases.

v1.40.0

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

v1.39.1

1.39.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

v1.39.0

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

v1.38.3

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Changelog

Sourced from github.com/onsi/gomega's changelog.

1.40.0

We're adopting a new release strategy to minimize dependency bloat in projects that consume Gomega. It is a limitation of the go mod toolchain that test subdependencies of your project's direct dependencies get pulled in as indirect dependencies. In the case of Gomega, this ends up pulling in all of Ginkgo into your go.mod even if you are only using Gomega (Gomega uses Ginkgo for its own tests).

Going forward, releases will strip out all tests, tidy up the go.mod and then push this stripped down version to a new master-lite branch. These stripped-down versions will receive the vx.y.z git tag and will be picked up by the go toolchain.

Please open an issue if this new release process causes unexpected changes for your projects.

1.39.1

Update all dependencies. This auto-updated the required version of Go to 1.24, consistent with the fact that Go 1.23 has been out of support for almost six months.

1.39.0

Features

Add MatchErrorStrictly which only passes if errors.Is(actual, expected) returns true. MatchError, by contrast, will fallback to string comparison.

1.38.3

Fixes

make string formatitng more consistent for users who use format.Object directly

Commits

• 87ee9d3 v1.40.0
• ea66027 v1.40.0 (full)
• e3fd789 update docs to reflect new versioning strategy
• 7d4ee30 first push to master-lite
• e4a82d1 Bump github/codeql-action from 3 to 4 (#875)
• af62723 Bump rexml from 3.4.0 to 3.4.2 in /docs (#870)
• e164221 Bump github.com/onsi/ginkgo/v2 from 2.28.0 to 2.28.1 (#895)
• 334a282 Bump faraday from 2.12.2 to 2.14.1 in /docs (#896)
• 1a25a36 v1.39.1
• 406faee bump all deps
• Additional commits viewable in compare view

Updates github.com/go-co-op/gocron/v2 from 2.16.6 to 2.21.1

Release notes

Sourced from github.com/go-co-op/gocron/v2's releases.

v2.21.1

What's Changed

• fix: remove jobs and respect stopTime in NextRuns when WithStopDateTi… by @​jcheyer in go-co-op/gocron#922

New Contributors

• @​jcheyer made their first contribution in go-co-op/gocron#922

Full Changelog: go-co-op/gocron@v2.21.0...v2.21.1

v2.21.0

What's Changed

• feat: add WithDSTPolicy option for DST spring-forward handling by @​Copilot in go-co-op/gocron#917
• feat: add IsRunning() and LastRunCompletedAt() to Job interface by @​Copilot in go-co-op/gocron#918
• feat: Expose job schedule information via Schedule() method on Job interface by @​Copilot in go-co-op/gocron#919

Test Suite

• test: enhancements to testing speed and reliablity by @​JohnRoesler in go-co-op/gocron#920

Full Changelog: go-co-op/gocron@v2.20.0...v2.21.0

v2.20.0

What's Changed

• feat: add ShutdownWithContext and StopJobsWithContext by @​huynhanx03 in go-co-op/gocron#913

Performance improvements

• perf: replace string allocation with bytes.Compare in Jobs() UUID sort by @​huynhanx03 in go-co-op/gocron#914

Fixes

• Fix CronJob duplicate execution during DST fall-back by @​Copilot in go-co-op/gocron#912

Docs

• docs: clarify NextRun/NextRuns require scheduler to be started by @​Copilot in go-co-op/gocron#910

New Contributors

• @​huynhanx03 made their first contribution in go-co-op/gocron#913

Full Changelog: go-co-op/gocron@v2.19.1...v2.20.0

v2.19.1

What's Changed

• [fix] race condition in NextRun() when multiple jobs complete simultaneously by @​barkhayot in go-co-op/gocron#907
• Fix broken monitors link in README by @​Copilot in go-co-op/gocron#908

New Contributors

• @​barkhayot made their first contribution in go-co-op/gocron#907

Full Changelog: go-co-op/gocron@v2.19.0...v2.19.1

v2.19.0

... (truncated)

Commits

• 8e553c0 fix: remove jobs and respect stopTime in NextRuns when WithStopDateTime is se...
• 54f6bd8 test: enhancements to testing speed and reliablity (#920)
• 9b8a3f7 Expose job schedule information via Schedule() method on Job interface (#...
• 2e69a26 feat: add IsRunning() and LastRunCompletedAt() to Job interface (#918)
• 1e25a3b feat: add WithDSTPolicy option for DST spring-forward handling (#917)
• 89567e9 perf: replace string allocation with bytes.Compare in Jobs() UUID sort (#914)
• a6875f0 Fix CronJob duplicate execution during DST fall-back (#912)
• c304de1 feat: add ShutdownWithContext and StopJobsWithContext (#913)
• 5b307f5 docs: clarify NextRun/NextRuns require scheduler to be started (#910)
• 102b2b2 Change GitHub Sponsors username in FUNDING.yml
• Additional commits viewable in compare view

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits

• 76b01a6 Release 1.10.1
• fec150b Update changelog
• 162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
• 224257f inotify: don't remove sibling watches sharing a path prefix (#754)
• e0c956c windows: document directory Write events and stabilize tests (#745)
• 8d01d7b Release 1.10.0
• 602284e Update changelog
• 7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
• dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
• eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
• Additional commits viewable in compare view

Updates golang.org/x/time from 0.14.0 to 0.15.0

Commits

• 812b343 all: upgrade go directive to at least 1.25.0 [generated]
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated Go language version to 1.25.0
  • Upgraded project dependencies to their latest compatible versions, including updates to networking, testing, and synchronization utilities

[coderabbitai]

Walkthrough

Go module version directive updated from 1.24.2 to 1.25.0. Direct dependencies upgraded: containernetworking/plugins to v1.9.1, onsi/gomega to v1.40.0, gocron/v2 to v2.21.1. Indirect dependencies refreshed across golang.org/x packages and fsnotify for compatibility with the new toolchain.

Changes

Dependency Upgrades

Layer / File(s)	Summary
Go Version Directive go.mod	Go module version updated from 1.24.2 to 1.25.0.
Direct Dependencies go.mod	Upgraded containernetworking/plugins (v1.8.0→v1.9.1), onsi/gomega (v1.38.2→v1.40.0), gocron/v2 (v2.16.6→v2.21.1).
Indirect Dependencies go.mod	Refreshed golang.org/x/\* packages (sync, mod, net, sys, term, text, time, tools) and fsnotify (v1.9.0→v1.10.1).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~5 minutes

🚥 Pre-merge checks | ✅ 12

✅ Passed checks (12 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: a dependency update group bump affecting multiple Go modules.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Stable And Deterministic Test Names	✅ Passed	PR only modifies go.mod, go.sum, and vendor dependencies. No test files were added or modified. The test name stability check doesn't apply to dependency-only changes.
Test Structure And Quality	✅ Passed	This PR contains only dependency updates (go.mod/go.sum and vendor files). No test code files were modified, making the Ginkgo test quality check inapplicable to this PR.
Microshift Test Compatibility	✅ Passed	This PR only updates go.mod with dependency version bumps and does not add any new Ginkgo e2e tests. The custom check for MicroShift test compatibility is not applicable when no new tests are added.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	PR updates go.mod dependencies. Custom check applies to new Ginkgo tests being added. Existing test files here are part of initial repo import, not new tests. Check is not applicable.
Topology-Aware Scheduling Compatibility	✅ Passed	Whereabouts CNI plugin manifests added with appropriate broad tolerations for essential infrastructure. No problematic scheduling constraints. Helm values allow topology-specific customization.
Ote Binary Stdout Contract	✅ Passed	PR only updates dependencies in go.mod with no code changes. No source files were modified that could introduce OTE Binary Stdout Contract violations.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	Tests include IPv6 dual-stack support with proper IP parsing via Go net package. No external connectivity or IPv4-only assumptions detected.
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/other-go-modules-36155c58a0

---

_{Comment @coderabbitai help to get the list of available commands.}

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dependabot[bot]
Once this PR has been reviewed and has the lgtm label, please assign dougbtv for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@go.mod`:
- Line 3: Update the Dockerfiles to match go.mod's go directive: change the base
image in Dockerfile and Dockerfile.arm64 from golang:1.24 to golang:1.25 and
rebuild images; additionally add a "toolchain go1.25.x" directive to go.mod
(alongside the existing "go 1.25.0") to lock the minor/patch toolchain and
prevent patch-version drift across build environments. Ensure you update both
Dockerfiles (base image tags) and commit the go.mod change so the build
environment and module file are consistent.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 5722e5e0-6f2c-45c0-84a4-4d14fce91085

📥 Commits

Reviewing files that changed from the base of the PR and between d691040 and 29f90b3.

⛔ Files ignored due to path filters (142)

• go.sum is excluded by !**/*.sum
• vendor/github.com/fsnotify/fsnotify/.cirrus.yml is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/CONTRIBUTING.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_fen.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_inotify.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_kqueue.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/backend_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/fsnotify.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_darwin.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_dragonfly.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_freebsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_kqueue.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_netbsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/debug_openbsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/freebsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/unix.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/unix2.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/fsnotify/fsnotify/internal/windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/README.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/errors.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/executor.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/job.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/migration_v1_to_v2.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/scheduler.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/go-co-op/gocron/v2/scheduler_monitor.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/CHANGELOG.md is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/format/format.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/gomega_dsl.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/matchers.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/matchers/have_key_matcher.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/matchers/have_key_with_value_matcher.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/matchers/match_error_strictly_matcher.go is excluded by !**/vendor/**, !vendor/**
• vendor/github.com/onsi/gomega/matchers/support/goraph/edge/edge.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/mod/module/module.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/mod/semver/semver.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/html/escape.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/html/parse.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/html/render.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config_go125.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config_go126.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/config_pre_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/frame.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/gotrack.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/http2.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/server.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/timer.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/transport.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/writesched.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/writesched_priority_rfc7540.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/writesched_priority_rfc9218.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/http2/writesched_roundrobin.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/net/internal/httpcommon/request.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sync/errgroup/errgroup.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/plan9/pwd_go15_plan9.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/plan9/pwd_plan9.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/affinity_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/fdset.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/ifreq_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/mkall.sh is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/mkerrors.sh is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_netbsd.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/syscall_solaris.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_386.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_arm.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_mips.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zsyscall_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/ztypes_linux.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/windows/syscall_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/windows/types_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/sys/windows/zsyscall_windows.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/term/terminal.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/japanese/eucjp.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/japanese/iso2022jp.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/japanese/shiftjis.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/korean/euckr.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/simplifiedchinese/gbk.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/simplifiedchinese/hzgb2312.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/traditionalchinese/big5.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/encoding/unicode/unicode.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/text/unicode/bidi/core.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/astutil/imports.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/edge/edge.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/inspector/cursor.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/inspector/inspector.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/inspector/iter.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/inspector/typeof.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/ast/inspector/walk.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/packages/golist.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/packages/packages.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/packages/visit.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/types/objectpath/objectpath.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/types/typeutil/callee.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/go/types/typeutil/map.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/imports/forward.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/event/core/event.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/event/core/export.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/event/label/label.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/gcimporter/bimport.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/gcimporter/iexport.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/gcimporter/iimport.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/imports/fix.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/imports/sortimports.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/modindex/lookup.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/modindex/symbols.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/stdlib/deps.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/stdlib/import.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/stdlib/manifest.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/stdlib/stdlib.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typeparams/normalize.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/classify_call.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/element.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/fx.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/isnamed.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/qualifier.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/types.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/varkind.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/varkind_go124.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/typesinternal/zerovalue.go is excluded by !**/vendor/**, !vendor/**
• vendor/golang.org/x/tools/internal/versions/features.go is excluded by !**/vendor/**, !vendor/**
• vendor/modules.txt is excluded by !**/vendor/**, !vendor/**

📒 Files selected for processing (1)

• go.mod

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Verify Go version usage across CI/workflows and container definitions.

set -euo pipefail

echo "== go.mod/go.work directives =="
rg -nP '^\s*(go|toolchain)\s+' go.mod go.work 2>/dev/null || true

echo
echo "== Workflow/setup-go and explicit Go versions =="
rg -nP '(actions/setup-go|go-version|GO_VERSION|golang:1\.)' \
  --iglob '**/*.yml' --iglob '**/*.yaml' --iglob '**/Dockerfile*' --iglob '**/*.mk' --iglob '**/*.sh'

echo
echo "== Dockerfiles with Go base images =="
rg -nP '^\s*FROM\s+golang:([0-9]+\.[0-9]+(\.[0-9]+)?)' --iglob '**/Dockerfile*'

Repository: openshift/whereabouts-cni

Length of output: 341

---

Update Dockerfiles to use Go 1.25.x to match go.mod requirement

The go directive in go.mod (line 3) requires Go 1.25.0, but both Dockerfile and Dockerfile.arm64 still use golang:1.24 as the base image. This will fail builds. Update both Dockerfiles to golang:1.25 to match the minimum version specified in go.mod. Consider also adding toolchain go1.25.x to go.mod to prevent patch-version drift across build environments.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@go.mod` at line 3, Update the Dockerfiles to match go.mod's go directive:
change the base image in Dockerfile and Dockerfile.arm64 from golang:1.24 to
golang:1.25 and rebuild images; additionally add a "toolchain go1.25.x"
directive to go.mod (alongside the existing "go 1.25.0") to lock the minor/patch
toolchain and prevent patch-version drift across build environments. Ensure you
update both Dockerfiles (base image tags) and commit the go.mod change so the
build environment and module file are consistent.