Conversation
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub. |
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
There was a problem hiding this comment.
Pull request overview
Updates the repository’s Go toolchain target and CI workflows to run on Go 1.25, and refines Slack CI notifications to report individual job outcomes.
Changes:
- Bump module
goversion to Go 1.25.7. - Update GitHub Actions workflows (PR/push) to use Go 1.25.x and newer action versions, and bump golangci-lint configuration.
- Improve Slack notification workflow to accept separate job statuses and send richer messages with run metadata.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
go.mod |
Updates the module go directive to Go 1.25.7. |
AGENTS.md |
Adds repository guidelines for structure, testing, and CI/dev commands. |
.github/workflows/slack-notifications.yml |
Reworks Slack workflow inputs/payload to reflect staticcheck + tests separately and include run details. |
.github/workflows/push.yml |
Updates push workflow to Go 1.25.x and aligns Slack workflow invocation with new inputs. |
.github/workflows/pr.yml |
Updates PR workflow to Go 1.25.x, refreshes tooling actions, and aligns Slack workflow invocation with new inputs. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| module github.com/consensys/gnark | ||
|
|
||
| go 1.24.9 | ||
| go 1.25.6 |
There was a problem hiding this comment.
The PR title/description says this is a CI workflow update, but it also changes the module's go directive. If the go.mod bump is intended (it impacts local builds and downstream users), please reflect that in the PR description/title or split it into a separate change.
|
|
||
| ## Build, Test, and Development Commands | ||
|
|
||
| Use Go 1.24+ (CI runs on Go 1.23.x; module currently targets 1.24.9). |
There was a problem hiding this comment.
AGENTS.md states CI runs on Go 1.23.x and the module targets 1.24.9, but this PR updates go.mod to Go 1.25.7 and workflows to Go 1.25.x. Please update this line to reflect the new supported/CI Go versions (or avoid hard-coding patch versions if you expect frequent bumps).
| Use Go 1.24+ (CI runs on Go 1.23.x; module currently targets 1.24.9). | |
| Use Go 1.25+ (CI and go.mod target Go 1.25.x). |
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
update CI workflows to go 1.25
Note
Medium Risk
CI/tooling updates are low-risk but may affect build stability across runners, and the Go/toolchain + crypto dependency bumps plus prover/verification guard changes could impact proving behavior or performance if assumptions were previously relied upon.
Overview
CI/workflows: Update PR and push workflows to use Go
1.25.x, neweractions/checkout/setup-go, pinned tool versions, Go cache, and add workflow-levelconcurrency/minimalpermissions. Tightens formatting checks by addinggofmt, improvesgo generatedirty-tree detection (ignoringgo.mod/go.sum), upgradesgolangci-lintaction/version, sets push test matrix to1.25.xwithfail-fast: false, and removes Slack notification workflow wiring (and deletesslack-notifications.yml).Code/deps: Bumps module
goversion to1.25.6and updates several deps (notablygnark-crypto,x/crypto,x/sys,pprof). Adds defensive validation in PLONKdivideByZH(nil/zero/ratio domain checks) and in GKR verification to error on missing input-wire claims, tweaks tinyfield subtraction implementation, adjusts tinyfield sqrt benchmark input generation, fixes a small-rational Lagrange basis construction, and updates Eisenstein imports to the newgnark-cryptopath. Also changes SHA-2 block compression to return a new hash state array instead of mutatingcurrentHashin place.Written by Cursor Bugbot for commit 415903e. This will update automatically on new commits. Configure here.