-
Notifications
You must be signed in to change notification settings - Fork 526
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
go-version: ">=1.20"
with check-latest: true
does not resolve to 1.20.5
#384
Comments
go-version: ">=1.20"
with check-latest: true
does not resolve to 1.20.5go-version: ">=1.20"
with check-latest: true
does not resolve to 1.20.5
It may be because versions-manifest.json was not updated for the release, even though the releases on that repo include a number of go1.20.5 releases. Is this not automated correctly? |
Likely depends on actions/go-versions#75. |
I confirm having the same issue. And indeed, with govulncheck in the pipeline too, it means that we will always have the CI failing PRs when new security release version of Go is made, until the manifest is updated. I was expecting though that |
Working now that actions/go-versions#75 is merged:
For the future, I suggest |
@silverwind @dmitry-shibanov Using "1.20.x" still pulls 1.20.4 or am I doing something wrong? 🤔 |
Try adding |
@silverwind I can't, I'm using an official action from Golang 😂 https://github.com/golang/govulncheck-action Their action.yaml does the setup-go |
I probably need to find a different action then, since they are only mirroring those to Github. This whole setup of having versions in 1 place and actions in another is a single point of failure. I haven't been able to run any Golang CI job since yesterday |
go1.20.5 was released on 2023-06-06, but this action does not find it, even with
check-latest
enabled. This is problematic for us because we have govulncheck in the pipeline and all builds fail because of vulnerabilities in go1.20.4.Run output:
The text was updated successfully, but these errors were encountered: