Skip to content

chore(deps): upgrade qor5/x to moby-migrated commit, drop docker/docker#1076

Open
dorothyyzh wants to merge 2 commits into
mainfrom
fix/use-gormx-muststarttestsuite-2026-05-13
Open

chore(deps): upgrade qor5/x to moby-migrated commit, drop docker/docker#1076
dorothyyzh wants to merge 2 commits into
mainfrom
fix/use-gormx-muststarttestsuite-2026-05-13

Conversation

@dorothyyzh
Copy link
Copy Markdown
Contributor

@dorothyyzh dorothyyzh commented May 13, 2026

Summary

  • Upgrade github.com/qor5/x/v3 to commit ce22ad0a (moby-migrated), which replaces docker/docker with moby/moby/api
  • Upgrade testcontainers-go to v0.42.0 and testcontainers-go/modules/redis to v0.42.0
  • Drop github.com/theplant/testenv from go.mod
  • Migrate all 15 test files from testenv.New().DBEnable(true).SetUp() to gormx.MustStartTestSuite(ctx)

CVEs Resolved

Verification

  • docker/docker removed from go.mod; replaced by moby/moby/api v1.54.1 and moby/moby/client v0.4.0
  • go build ./... passes (excluding media/* which requires system libvips/pkg-config)
  • go vet clean on all migrated packages

🤖 Generated with Claude Code

@claude
chore(deps): upgrade qor5/x to moby-migrated commit, drop docker/docker
7da9a08 
Upgrade qor5/x to ce22ad0a and testcontainers-go to v0.42.0.
Resolves CVE-2026-33997 and CVE-2026-34040.

Migrate all 15 test files from theplant/testenv to gormx.MustStartTestSuite.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@deepsource-io
Copy link
Copy Markdown

deepsource-io Bot commented May 13, 2026
edited
Loading

DeepSource Code Review

We reviewed changes in 61df933...79768e3 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade   Security  

Reliability  

Complexity  

Hygiene  

Code Review Summary

Analyzer Status Updated (UTC) Details
Go May 13, 2026 1:10p.m. Review ↗

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

@claude
fix(test): add gorm:"-" to Page.Widgets to fix gorm v1.31.1 strict fi…
79768e3 
…eld validation

gorm v1.31.1 (pulled in via qor5/x upgrade) rejects slice fields without a
valid foreign key or Valuer/Scanner interface. Widgets is handled via
AddTypeHanders so it should be excluded from GORM's schema parsing.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@iBakuman iBakuman iBakuman approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dorothyyzh @iBakuman