Set Go support policy to latest-2 #220
Conversation
nope that was a mistake. I'll fix that, sorry for the distraction! |
|
added macos+arm64: I don't think we have any CGO in main, but may be handy for dev/test deps. Lemme know if we should remove it! |
|
I'll raise a separate PR first for lint as seems we can't pass it anymore |
codefromthecrypt
force-pushed
the
go-support
branch
from
f30fa75
to
63bd55e
Compare
|
ok I removed the fuzz so this does only one thing: formalizes the current-2 version policy from the github action config. This should pass once #221 is merged |
Signed-off-by: Adrian Cole <adrian@tetrate.io>
codefromthecrypt
force-pushed
the
go-support
branch
from
63bd55e
to
ca35a2e
Compare
|
we need to bump the floor at least to Go 1.19 in order to fix the CVEs. Would like an approve here as this seems a no brainer, and if not, we should say what the version policy should be (latest-3?) #222 |
|
TL;DR; let's solidify status quo of our tests to latest-2 or document why not. latest-* isn't a policy, we should have a policy as most maintainers are dormant. This allows people who do maintain things frequently like @anuraaga, @reta and I proceed without others and without judgemental mistakes. If I see no feedback to contrary in a few days, I'll merge as I can't block on things like version bumps as they don't deserve to tie any of our time up in nagging. We need to block our volunteers the least as possible on mechanical work. |
|
thanks for the look @anuraaga @basvanbeek and @reta! I'll rebase the other PR so that we can kill that CVE. If someone later complains it should be latest-3 we can revisit. |
Before updating deps, we should revisit the go support policy I think. That way the next release is coherent across the board. This is the same templating as wazero, which had to deal with some projects that lagged behind Go.