Skip to content

chore: bump 1st-party dependencies revision in go.mod#145

Merged
BLumia merged 1 commit intolinuxdeepin:masterfrom
BLumia:gomod
Aug 14, 2025
Merged

chore: bump 1st-party dependencies revision in go.mod#145
BLumia merged 1 commit intolinuxdeepin:masterfrom
BLumia:gomod

Conversation

@BLumia
Copy link
Member

@BLumia BLumia commented Aug 12, 2025
edited
Loading

Related:

Summary by Sourcery

Update go.mod to bump first-party linuxdeepin modules and refresh indirect dependencies while pruning obsolete packages

Enhancements:

  • Bump first-party linuxdeepin/go-dbus-factory, go-gir, and go-lib modules to their latest revisions
  • Upgrade indirect dependencies golang.org/x/image to v0.10.0 and golang.org/x/sys to v0.5.0
  • Add google/go-cmp v0.5.9 as an indirect dependency

Chores:

  • Remove unused modules including jinzhu/gorm, mattn/go-sqlite3, rickb777/date, jinzhu/inflection, and rickb777/plural

@BLumia BLumia requested a review from fly602 August 12, 2025 13:02
@sourcery-ai
Copy link

sourcery-ai bot commented Aug 12, 2025

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR updates several first-party and indirect Go module dependencies to their latest revisions, removes deprecated dependencies, and refreshes the module checksum file to reflect these changes.

Entity relationship diagram for updated Go module dependencies

erDiagram
    GO_MODULE ||--o{ DEPENDENCY : includes
    DEPENDENCY {
        string name
        string version
        string type
    }
    GO_MODULE {
        string module_name
    }

    GO_MODULE ||--o{ REMOVED_DEPENDENCY : removed
    REMOVED_DEPENDENCY {
        string name
        string version
    }
    GO_MODULE ||--o{ ADDED_DEPENDENCY : added
    ADDED_DEPENDENCY {
        string name
        string version
    }
Loading

File-Level Changes

Change Details Files
Bump and reorganize first-party dependencies
  • Updated go-dbus-factory, go-gir, and go-lib to new pseudo-version revisions in the primary require block
  • Removed older go-dbus-factory, go-gir, and go-lib entries from the secondary require section
  • Removed deprecated gorm, go-sqlite3, and date dependencies
 go.mod
Update indirect dependencies
  • Bumped golang.org/x/image to v0.10.0
  • Bumped golang.org/x/sys to v0.5.0
  • Added github.com/google/go-cmp v0.5.9
 go.mod
Refresh module checksum file
  • Regenerated go.sum to align with updated go.mod dependencies
 go.sum
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@deepin-ci-robot
Copy link

deepin-ci-robot commented Aug 12, 2025

deepin pr auto review

代码审查意见:

  1. 依赖项更新:

    • github.com/jinzhu/gorm 更新为 github.com/linuxdeepin/go-dbus-factory 可能会影响代码中依赖 gorm 的部分。需要确认是否有相应的代码迁移和测试。
    • github.com/mattn/go-sqlite3 更新为 github.com/linuxdeepin/go-lib 可能会影响代码中依赖 sqlite3 的部分。需要确认是否有相应的代码迁移和测试。
    • github.com/rickb777/dategithub.com/rickb777/plural 移除,如果这些包在代码中不再使用,则可以直接移除。

  2. 间接依赖项更新:

    • github.com/linuxdeepin/go-dbus-factorygithub.com/linuxdeepin/go-gir 的版本更新为最新版本,需要确认这些更新是否与项目中的其他依赖项兼容。
    • golang.org/x/image 的版本更新为 v0.10.0,需要确认这个更新是否与项目中的其他依赖项兼容。
    • golang.org/x/sys 的版本更新为 v0.5.0,需要确认这个更新是否与项目中的其他依赖项兼容。

  3. 代码质量:

    • 检查是否有任何代码迁移或重构需要完成,以适应依赖项的更新。
    • 确保所有更新后的依赖项都有相应的单元测试和集成测试,以验证代码的稳定性和兼容性。

  4. 代码性能:

    • 需要评估依赖项更新对项目性能的影响,特别是 github.com/linuxdeepin/go-dbus-factorygithub.com/linuxdeepin/go-lib,因为这些包可能涉及到系统调用或网络通信。
    • 如果有性能瓶颈,考虑是否有优化空间,比如使用更高效的算法或数据结构。

  5. 代码安全:

    • 确保所有依赖项都是安全的,特别是那些涉及到网络通信或系统调用的依赖项。
    • 检查是否有任何已知的安全漏洞,特别是那些与依赖项更新相关的漏洞。

  6. 文档和注释:

    • 更新项目文档,以反映依赖项的更新。
    • 确保代码中的注释和文档与代码的实际实现保持一致,以避免误导。

总体来说,这些依赖项的更新可能会对项目的代码结构和性能产生影响,因此需要仔细评估和测试以确保兼容性和稳定性。

sourcery-ai[bot]
sourcery-ai bot reviewed Aug 12, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @BLumia - I've reviewed your changes - here's some feedback:

  • Verify compatibility of existing code with the updated linuxdeepin/go-lib, go-gir, and go-dbus-factory versions to catch any API changes.
  • Ensure that bumping golang.org/x/image to v0.10.0 and golang.org/x/sys to v0.5.0 hasn't introduced any subtle changes in image processing or system call behavior.
  • Consider splitting the addition of google/go-cmp into a separate commit or PR to keep version bumps and new dependencies clearly separated for review.
Prompt for AI Agents 
Please address the comments from this code review:
## Overall Comments
- Verify compatibility of existing code with the updated linuxdeepin/go-lib, go-gir, and go-dbus-factory versions to catch any API changes.
- Ensure that bumping golang.org/x/image to v0.10.0 and golang.org/x/sys to v0.5.0 hasn't introduced any subtle changes in image processing or system call behavior.
- Consider splitting the addition of google/go-cmp into a separate commit or PR to keep version bumps and new dependencies clearly separated for review.
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@BLumia BLumia mentioned this pull request Aug 12, 2025
Closed
@deepin-ci-robot
Copy link

deepin-ci-robot commented Aug 14, 2025

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: BLumia, fly602

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@BLumia BLumia merged commit 4551e6d into linuxdeepin:master Aug 14, 2025
16 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

@fly602 fly602 fly602 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@BLumia @deepin-ci-robot @fly602