-
-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 #6043
chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 #6043
Conversation
@@ -1,6 +1,8 @@ | |||
module github.com/caddyserver/caddy/v2 | |||
|
|||
go 1.20 | |||
go 1.21 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think we're ready to bump our minimum version yet. Is this necessary?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
quic-go dropped support Go 1.20 a bit earlier than usual this team. See release notes for justification.
So yes, updating to v0.41.0 will unfortunately force you move away from Go 1.20.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay. It might take us a little while to merge this. I think our next release v2.8.0 is still a little ways away (partly cause we have a lot of pending PRs to review and merge, partly because Matt is busy being a parent). So I think by the time we'll be ready, 1.22 will be out.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think our next release v2.8.0 is still a little ways away
A smaller patch release with #5982 would still be good though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Go 1.22 is slated for just a couple/few weeks. I'm willing to bet v2.8 won't be ready before then. Should we just merge this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mholt sure, we'll need to also update CI config (and repo config) to test 1.21 + 1.22
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The justification for dropping Go 1.20 support is really good: no more crypto/tls fork.
One other thing to consider is that v0.42 will have an improved API for a security feature. quic-go/quic-go#3549 (comment) -- we could also just wait until that gets released and kill 2 birds with 1 stone. Either way is fine with me.
10d9cfa
to
f7c2973
Compare
f7c2973
to
b8b48e1
Compare
e, err := key.ECDH() | ||
if err != nil { | ||
return nil, err | ||
} | ||
return e.Bytes(), nil |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
elliptic.Marshal
is deprecated. I'm not sure if this change is correct, wouldn't mind a second pair of eyes. But I think this is the intended use of the new API?
Alright, minimum Go bumped, & CI updated to 1.21 + 1.22-rc.2 for now. Some code changes to match. @mholt just need to remove the Go 1.20 CI requirement then I think we can merge. |
@francislavoie Updated repo requirements. Go 1.21 and 1.22 now required. Thanks! |
Tons of changes in the v0.41.0 release. Most relevant for caddy is probably quic-go/quic-go#4181, which should fix #5951 on HTTP/3.
quic-go/quic-go#4230 might also be useful. I see that you use
ConnContext
on HTTP/1.1 and HTTP/2 (haven't looked at it in detail though), you can now do that on HTTP/3 as well.