From c3bafacf812af60ab8caeeda352db6bbb00f032d Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 13 Feb 2026 11:15:15 +0000 Subject: [PATCH 1/6] Initial plan From f7cf24d1f930816e127ccdf15ece528ef8986fe8 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 13 Feb 2026 11:17:57 +0000 Subject: [PATCH 2/6] Add Go version update workflow Co-authored-by: mbg <278086+mbg@users.noreply.github.com> --- .github/workflows/go-version-update.yml | 176 ++++++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 .github/workflows/go-version-update.yml diff --git a/.github/workflows/go-version-update.yml b/.github/workflows/go-version-update.yml new file mode 100644 index 000000000000..74eb24e8ec35 --- /dev/null +++ b/.github/workflows/go-version-update.yml @@ -0,0 +1,176 @@ +name: Update Go version + +on: + workflow_dispatch: + schedule: + - cron: "0 3 * * 1" # Run weekly on Monday at 3 AM UTC + +permissions: + contents: write + pull-requests: write + +jobs: + update-go-version: + name: Check and update Go version + if: github.repository == 'github/codeql' + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v5 + with: + fetch-depth: 0 + + - name: Set up Git + run: | + git config user.name "github-actions[bot]" + git config user.email "41898282+github-actions[bot]@users.noreply.github.com" + + - name: Fetch latest Go version + id: fetch-version + run: | + LATEST_GO_VERSION=$(curl -s https://go.dev/dl/\?mode\=json | jq -r '.[0].version') + echo "Latest Go version from go.dev: $LATEST_GO_VERSION" + echo "version=$LATEST_GO_VERSION" >> $GITHUB_OUTPUT + + # Extract version numbers (e.g., go1.26.0 -> 1.26.0) + LATEST_VERSION_NUM=$(echo $LATEST_GO_VERSION | sed 's/^go//') + echo "version_num=$LATEST_VERSION_NUM" >> $GITHUB_OUTPUT + + # Extract major.minor version (e.g., 1.26.0 -> 1.26) + LATEST_MAJOR_MINOR=$(echo $LATEST_VERSION_NUM | grep -oP '^\d+\.\d+') + echo "major_minor=$LATEST_MAJOR_MINOR" >> $GITHUB_OUTPUT + + - name: Check current Go version + id: current-version + run: | + CURRENT_VERSION=$(grep -oP 'go_sdk.download\(version = "\K[^"]+' MODULE.bazel) + echo "Current Go version in MODULE.bazel: $CURRENT_VERSION" + echo "version=$CURRENT_VERSION" >> $GITHUB_OUTPUT + + # Extract major.minor version + CURRENT_MAJOR_MINOR=$(echo $CURRENT_VERSION | grep -oP '^\d+\.\d+') + echo "major_minor=$CURRENT_MAJOR_MINOR" >> $GITHUB_OUTPUT + + - name: Compare versions + id: compare + run: | + LATEST="${{ steps.fetch-version.outputs.version_num }}" + CURRENT="${{ steps.current-version.outputs.version }}" + + echo "Latest: $LATEST" + echo "Current: $CURRENT" + + if [ "$LATEST" = "$CURRENT" ]; then + echo "Go version is up to date" + echo "needs_update=false" >> $GITHUB_OUTPUT + else + echo "Go version needs update from $CURRENT to $LATEST" + echo "needs_update=true" >> $GITHUB_OUTPUT + fi + + - name: Update Go version in files + if: steps.compare.outputs.needs_update == 'true' + run: | + LATEST_VERSION_NUM="${{ steps.fetch-version.outputs.version_num }}" + LATEST_MAJOR_MINOR="${{ steps.fetch-version.outputs.major_minor }}" + CURRENT_VERSION="${{ steps.current-version.outputs.version }}" + CURRENT_MAJOR_MINOR="${{ steps.current-version.outputs.major_minor }}" + + echo "Updating from $CURRENT_VERSION to $LATEST_VERSION_NUM" + + # Update MODULE.bazel + sed -i "s/go_sdk.download(version = \"$CURRENT_VERSION\")/go_sdk.download(version = \"$LATEST_VERSION_NUM\")/" MODULE.bazel + + # Update go/extractor/go.mod + sed -i "s/^go $CURRENT_MAJOR_MINOR$/go $LATEST_MAJOR_MINOR/" go/extractor/go.mod + sed -i "s/^toolchain go$CURRENT_VERSION$/toolchain go$LATEST_VERSION_NUM/" go/extractor/go.mod + + # Update go/extractor/autobuilder/build-environment.go + sed -i "s/var maxGoVersion = util.NewSemVer(\"$CURRENT_MAJOR_MINOR\")/var maxGoVersion = util.NewSemVer(\"$LATEST_MAJOR_MINOR\")/" go/extractor/autobuilder/build-environment.go + + # Update go/actions/test/action.yml + sed -i "s/default: \"~$CURRENT_VERSION\"/default: \"~$LATEST_VERSION_NUM\"/" go/actions/test/action.yml + + # Show what changed + git diff + + - name: Check for changes + id: check-changes + if: steps.compare.outputs.needs_update == 'true' + run: | + if git diff --quiet; then + echo "No changes detected" + echo "has_changes=false" >> $GITHUB_OUTPUT + else + echo "Changes detected" + echo "has_changes=true" >> $GITHUB_OUTPUT + fi + + - name: Check for existing PR + if: steps.check-changes.outputs.has_changes == 'true' + id: check-pr + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + BRANCH_NAME="workflow/go-version-update" + PR_NUMBER=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[0].number // ""') + + if [ -n "$PR_NUMBER" ]; then + echo "Existing PR found: #$PR_NUMBER" + echo "pr_exists=true" >> $GITHUB_OUTPUT + echo "pr_number=$PR_NUMBER" >> $GITHUB_OUTPUT + else + echo "No existing PR found" + echo "pr_exists=false" >> $GITHUB_OUTPUT + fi + + - name: Commit and push changes + if: steps.check-changes.outputs.has_changes == 'true' + run: | + BRANCH_NAME="workflow/go-version-update" + LATEST_VERSION_NUM="${{ steps.fetch-version.outputs.version_num }}" + LATEST_MAJOR_MINOR="${{ steps.fetch-version.outputs.major_minor }}" + + # Create or switch to branch + git checkout -B "$BRANCH_NAME" + + # Stage and commit changes + git add MODULE.bazel go/extractor/go.mod go/extractor/autobuilder/build-environment.go go/actions/test/action.yml + git commit -m "Go: Update to $LATEST_MAJOR_MINOR" + + # Push changes + git push -f origin "$BRANCH_NAME" + + - name: Create or update PR + if: steps.check-changes.outputs.has_changes == 'true' + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + BRANCH_NAME="workflow/go-version-update" + LATEST_MAJOR_MINOR="${{ steps.fetch-version.outputs.major_minor }}" + CURRENT_MAJOR_MINOR="${{ steps.current-version.outputs.major_minor }}" + + PR_TITLE="Go: Update to $LATEST_MAJOR_MINOR" + PR_BODY="This PR updates Go from $CURRENT_MAJOR_MINOR to $LATEST_MAJOR_MINOR. + + Updated files: + - \`MODULE.bazel\` - go_sdk.download version + - \`go/extractor/go.mod\` - go directive and toolchain + - \`go/extractor/autobuilder/build-environment.go\` - maxGoVersion + - \`go/actions/test/action.yml\` - default go-test-version + + This PR was automatically created by the [Go version update workflow](.github/workflows/go-version-update.yml)." + + if [ "${{ steps.check-pr.outputs.pr_exists }}" = "true" ]; then + echo "Updating existing PR #${{ steps.check-pr.outputs.pr_number }}" + gh pr edit "${{ steps.check-pr.outputs.pr_number }}" --title "$PR_TITLE" --body "$PR_BODY" + else + echo "Creating new PR" + gh pr create \ + --title "$PR_TITLE" \ + --body "$PR_BODY" \ + --base main \ + --head "$BRANCH_NAME" \ + --label "Go" + fi From 437244fe902a4b38045b1605b922b3c8e3066d3b Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 13 Feb 2026 11:19:56 +0000 Subject: [PATCH 3/6] Fix portability issues in Go version update workflow Co-authored-by: mbg <278086+mbg@users.noreply.github.com> --- .github/workflows/go-version-update.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/go-version-update.yml b/.github/workflows/go-version-update.yml index 74eb24e8ec35..ffe41cb63ab3 100644 --- a/.github/workflows/go-version-update.yml +++ b/.github/workflows/go-version-update.yml @@ -38,18 +38,18 @@ jobs: echo "version_num=$LATEST_VERSION_NUM" >> $GITHUB_OUTPUT # Extract major.minor version (e.g., 1.26.0 -> 1.26) - LATEST_MAJOR_MINOR=$(echo $LATEST_VERSION_NUM | grep -oP '^\d+\.\d+') + LATEST_MAJOR_MINOR=$(echo $LATEST_VERSION_NUM | sed -n 's/^\([0-9]\+\.[0-9]\+\).*/\1/p') echo "major_minor=$LATEST_MAJOR_MINOR" >> $GITHUB_OUTPUT - name: Check current Go version id: current-version run: | - CURRENT_VERSION=$(grep -oP 'go_sdk.download\(version = "\K[^"]+' MODULE.bazel) + CURRENT_VERSION=$(sed -n 's/.*go_sdk\.download(version = \"\([^\"]*\)\".*/\1/p' MODULE.bazel) echo "Current Go version in MODULE.bazel: $CURRENT_VERSION" echo "version=$CURRENT_VERSION" >> $GITHUB_OUTPUT # Extract major.minor version - CURRENT_MAJOR_MINOR=$(echo $CURRENT_VERSION | grep -oP '^\d+\.\d+') + CURRENT_MAJOR_MINOR=$(echo $CURRENT_VERSION | sed -n 's/^\([0-9]\+\.[0-9]\+\).*/\1/p') echo "major_minor=$CURRENT_MAJOR_MINOR" >> $GITHUB_OUTPUT - name: Compare versions @@ -114,7 +114,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | BRANCH_NAME="workflow/go-version-update" - PR_NUMBER=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[0].number // ""') + PR_NUMBER=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[]? | .number') if [ -n "$PR_NUMBER" ]; then echo "Existing PR found: #$PR_NUMBER" From 1cbd423251223ec47ea02896da8f10b4bbcd9d27 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 13 Feb 2026 11:21:13 +0000 Subject: [PATCH 4/6] Improve portability and fix PR detection in Go version workflow Co-authored-by: mbg <278086+mbg@users.noreply.github.com> --- .github/workflows/go-version-update.yml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/.github/workflows/go-version-update.yml b/.github/workflows/go-version-update.yml index ffe41cb63ab3..ef55aa21ede5 100644 --- a/.github/workflows/go-version-update.yml +++ b/.github/workflows/go-version-update.yml @@ -3,7 +3,7 @@ name: Update Go version on: workflow_dispatch: schedule: - - cron: "0 3 * * 1" # Run weekly on Monday at 3 AM UTC + - cron: "0 3 * * 1" # Run weekly on Mondays at 3 AM UTC (1 = Monday) permissions: contents: write @@ -38,7 +38,7 @@ jobs: echo "version_num=$LATEST_VERSION_NUM" >> $GITHUB_OUTPUT # Extract major.minor version (e.g., 1.26.0 -> 1.26) - LATEST_MAJOR_MINOR=$(echo $LATEST_VERSION_NUM | sed -n 's/^\([0-9]\+\.[0-9]\+\).*/\1/p') + LATEST_MAJOR_MINOR=$(echo $LATEST_VERSION_NUM | sed -E 's/^([0-9]+\.[0-9]+).*/\1/') echo "major_minor=$LATEST_MAJOR_MINOR" >> $GITHUB_OUTPUT - name: Check current Go version @@ -49,7 +49,7 @@ jobs: echo "version=$CURRENT_VERSION" >> $GITHUB_OUTPUT # Extract major.minor version - CURRENT_MAJOR_MINOR=$(echo $CURRENT_VERSION | sed -n 's/^\([0-9]\+\.[0-9]\+\).*/\1/p') + CURRENT_MAJOR_MINOR=$(echo $CURRENT_VERSION | sed -E 's/^([0-9]+\.[0-9]+).*/\1/') echo "major_minor=$CURRENT_MAJOR_MINOR" >> $GITHUB_OUTPUT - name: Compare versions @@ -114,9 +114,9 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | BRANCH_NAME="workflow/go-version-update" - PR_NUMBER=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[]? | .number') + PR_NUMBER=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[0].number') - if [ -n "$PR_NUMBER" ]; then + if [ "$PR_NUMBER" != "null" ] && [ -n "$PR_NUMBER" ]; then echo "Existing PR found: #$PR_NUMBER" echo "pr_exists=true" >> $GITHUB_OUTPUT echo "pr_number=$PR_NUMBER" >> $GITHUB_OUTPUT @@ -152,7 +152,9 @@ jobs: CURRENT_MAJOR_MINOR="${{ steps.current-version.outputs.major_minor }}" PR_TITLE="Go: Update to $LATEST_MAJOR_MINOR" - PR_BODY="This PR updates Go from $CURRENT_MAJOR_MINOR to $LATEST_MAJOR_MINOR. + + PR_BODY=$(cat < Date: Fri, 13 Feb 2026 11:22:36 +0000 Subject: [PATCH 5/6] Add error handling and validation to Go version workflow Co-authored-by: mbg <278086+mbg@users.noreply.github.com> --- .github/workflows/go-version-update.yml | 40 +++++++++++++++++++++---- 1 file changed, 34 insertions(+), 6 deletions(-) diff --git a/.github/workflows/go-version-update.yml b/.github/workflows/go-version-update.yml index ef55aa21ede5..95d1599d2a2e 100644 --- a/.github/workflows/go-version-update.yml +++ b/.github/workflows/go-version-update.yml @@ -30,6 +30,12 @@ jobs: id: fetch-version run: | LATEST_GO_VERSION=$(curl -s https://go.dev/dl/\?mode\=json | jq -r '.[0].version') + + if [ -z "$LATEST_GO_VERSION" ] || [ "$LATEST_GO_VERSION" = "null" ]; then + echo "Error: Failed to fetch latest Go version from go.dev" + exit 1 + fi + echo "Latest Go version from go.dev: $LATEST_GO_VERSION" echo "version=$LATEST_GO_VERSION" >> $GITHUB_OUTPUT @@ -45,6 +51,12 @@ jobs: id: current-version run: | CURRENT_VERSION=$(sed -n 's/.*go_sdk\.download(version = \"\([^\"]*\)\".*/\1/p' MODULE.bazel) + + if [ -z "$CURRENT_VERSION" ]; then + echo "Error: Could not extract Go version from MODULE.bazel" + exit 1 + fi + echo "Current Go version in MODULE.bazel: $CURRENT_VERSION" echo "version=$CURRENT_VERSION" >> $GITHUB_OUTPUT @@ -79,18 +91,34 @@ jobs: echo "Updating from $CURRENT_VERSION to $LATEST_VERSION_NUM" + # Escape dots in version strings for use in sed patterns + CURRENT_VERSION_ESCAPED=$(echo "$CURRENT_VERSION" | sed 's/\./\\./g') + LATEST_VERSION_NUM_ESCAPED=$(echo "$LATEST_VERSION_NUM" | sed 's/\./\\./g') + CURRENT_MAJOR_MINOR_ESCAPED=$(echo "$CURRENT_MAJOR_MINOR" | sed 's/\./\\./g') + LATEST_MAJOR_MINOR_ESCAPED=$(echo "$LATEST_MAJOR_MINOR" | sed 's/\./\\./g') + # Update MODULE.bazel - sed -i "s/go_sdk.download(version = \"$CURRENT_VERSION\")/go_sdk.download(version = \"$LATEST_VERSION_NUM\")/" MODULE.bazel + if ! sed -i "s/go_sdk\.download(version = \"$CURRENT_VERSION_ESCAPED\")/go_sdk.download(version = \"$LATEST_VERSION_NUM\")/" MODULE.bazel; then + echo "Warning: Failed to update MODULE.bazel" + fi # Update go/extractor/go.mod - sed -i "s/^go $CURRENT_MAJOR_MINOR$/go $LATEST_MAJOR_MINOR/" go/extractor/go.mod - sed -i "s/^toolchain go$CURRENT_VERSION$/toolchain go$LATEST_VERSION_NUM/" go/extractor/go.mod + if ! sed -i "s/^go $CURRENT_MAJOR_MINOR_ESCAPED\$/go $LATEST_MAJOR_MINOR/" go/extractor/go.mod; then + echo "Warning: Failed to update go directive in go.mod" + fi + if ! sed -i "s/^toolchain go$CURRENT_VERSION_ESCAPED\$/toolchain go$LATEST_VERSION_NUM/" go/extractor/go.mod; then + echo "Warning: Failed to update toolchain in go.mod" + fi # Update go/extractor/autobuilder/build-environment.go - sed -i "s/var maxGoVersion = util.NewSemVer(\"$CURRENT_MAJOR_MINOR\")/var maxGoVersion = util.NewSemVer(\"$LATEST_MAJOR_MINOR\")/" go/extractor/autobuilder/build-environment.go + if ! sed -i "s/var maxGoVersion = util\.NewSemVer(\"$CURRENT_MAJOR_MINOR_ESCAPED\")/var maxGoVersion = util.NewSemVer(\"$LATEST_MAJOR_MINOR\")/" go/extractor/autobuilder/build-environment.go; then + echo "Warning: Failed to update build-environment.go" + fi # Update go/actions/test/action.yml - sed -i "s/default: \"~$CURRENT_VERSION\"/default: \"~$LATEST_VERSION_NUM\"/" go/actions/test/action.yml + if ! sed -i "s/default: \"~$CURRENT_VERSION_ESCAPED\"/default: \"~$LATEST_VERSION_NUM\"/" go/actions/test/action.yml; then + echo "Warning: Failed to update action.yml" + fi # Show what changed git diff @@ -162,7 +190,7 @@ jobs: - \`go/extractor/autobuilder/build-environment.go\` - maxGoVersion - \`go/actions/test/action.yml\` - default go-test-version - This PR was automatically created by the [Go version update workflow](.github/workflows/go-version-update.yml). + This PR was automatically created by the [Go version update workflow](https://github.com/${{ github.repository }}/blob/main/.github/workflows/go-version-update.yml). EOF ) From b6004045bdd4a826a583fb849c973887059f6e9f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 13 Feb 2026 11:23:44 +0000 Subject: [PATCH 6/6] Clean up Go version workflow - remove unnecessary escaping and checks Co-authored-by: mbg <278086+mbg@users.noreply.github.com> --- .github/workflows/go-version-update.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/.github/workflows/go-version-update.yml b/.github/workflows/go-version-update.yml index 95d1599d2a2e..3cd8f72690fc 100644 --- a/.github/workflows/go-version-update.yml +++ b/.github/workflows/go-version-update.yml @@ -29,7 +29,7 @@ jobs: - name: Fetch latest Go version id: fetch-version run: | - LATEST_GO_VERSION=$(curl -s https://go.dev/dl/\?mode\=json | jq -r '.[0].version') + LATEST_GO_VERSION=$(curl -s https://go.dev/dl/?mode=json | jq -r '.[0].version') if [ -z "$LATEST_GO_VERSION" ] || [ "$LATEST_GO_VERSION" = "null" ]; then echo "Error: Failed to fetch latest Go version from go.dev" @@ -91,11 +91,9 @@ jobs: echo "Updating from $CURRENT_VERSION to $LATEST_VERSION_NUM" - # Escape dots in version strings for use in sed patterns + # Escape dots in current version strings for use in sed patterns CURRENT_VERSION_ESCAPED=$(echo "$CURRENT_VERSION" | sed 's/\./\\./g') - LATEST_VERSION_NUM_ESCAPED=$(echo "$LATEST_VERSION_NUM" | sed 's/\./\\./g') CURRENT_MAJOR_MINOR_ESCAPED=$(echo "$CURRENT_MAJOR_MINOR" | sed 's/\./\\./g') - LATEST_MAJOR_MINOR_ESCAPED=$(echo "$LATEST_MAJOR_MINOR" | sed 's/\./\\./g') # Update MODULE.bazel if ! sed -i "s/go_sdk\.download(version = \"$CURRENT_VERSION_ESCAPED\")/go_sdk.download(version = \"$LATEST_VERSION_NUM\")/" MODULE.bazel; then @@ -144,7 +142,7 @@ jobs: BRANCH_NAME="workflow/go-version-update" PR_NUMBER=$(gh pr list --head "$BRANCH_NAME" --state open --json number --jq '.[0].number') - if [ "$PR_NUMBER" != "null" ] && [ -n "$PR_NUMBER" ]; then + if [ -n "$PR_NUMBER" ]; then echo "Existing PR found: #$PR_NUMBER" echo "pr_exists=true" >> $GITHUB_OUTPUT echo "pr_number=$PR_NUMBER" >> $GITHUB_OUTPUT