Skip to content

CLI-3803: update golang to resolve known security issues#3256

Open
janjwerner-confluent wants to merge 1 commit intomainfrom
update_golang_feb_2026
Open

CLI-3803: update golang to resolve known security issues#3256
janjwerner-confluent wants to merge 1 commit intomainfrom
update_golang_feb_2026

Conversation

@janjwerner-confluent
Copy link
Member

@janjwerner-confluent janjwerner-confluent commented Feb 6, 2026

Release Notes

Update GoLang version to 1.25.7

Checklist

  • I have successfully built and used a custom CLI binary, without linter issues from this PR.
  • I have clearly specified in the What section below whether this PR applies to Confluent Cloud, Confluent Platform, or both.
  • I have verified this PR in Confluent Cloud pre-prod or production environment, if applicable.
  • I have verified this PR in Confluent Platform on-premises environment, if applicable.
  • I have attached manual CLI verification results or screenshots in the Test & Review section below.
  • I have added appropriate CLI integration or unit tests for any new or updated commands and functionality.
  • I confirm that this PR introduces no breaking changes or backward compatibility issues.
  • I have indicated the potential customer impact if something goes wrong in the Blast Radius section below.
  • I have put checkmarks below confirming that the feature associated with this PR is enabled in:
    • Confluent Cloud prod
    • Confluent Cloud stag
    • Confluent Platform
    • Check this box if the feature is enabled for certain organizations only

What

Blast Radius

References

Test & Review

@janjwerner-confluent janjwerner-confluent requested a review from a team as a code owner February 6, 2026 14:56
Copilot AI review requested due to automatic review settings February 6, 2026 14:56
@confluent-cla-assistant
Copy link

confluent-cla-assistant bot commented Feb 6, 2026

🎉 All Contributor License Agreements have been signed. Ready to merge.
Please push an empty commit if you would like to re-run the checks to verify CLA status for all contributors.

Copilot AI reviewed Feb 6, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the Go language version from 1.25.5 to 1.25.7 to address known security vulnerabilities in the previous version.

Changes:

  • Updated Go version specification across configuration files
  • Modified version declarations in service configuration, Go module definition, and version control file

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
service.yml Updated lang_version from 1.25.5 to 1.25.7
go.mod Updated go directive from 1.25.5 to 1.25.7
.go-version Updated version file from 1.25.5 to 1.25.7

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@sonarqube-confluent
Copy link

sonarqube-confluent bot commented Feb 6, 2026

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

sgagniere
sgagniere approved these changes Feb 6, 2026
View reviewed changes
Copy link
Member

@sgagniere sgagniere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just checked that we have a corresponding 1.25.7 release in https://github.com/golang-fips/go/releases, so we're good to merge this.

Approved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@sgagniere sgagniere sgagniere approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@janjwerner-confluent @sgagniere