You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, Go 1.20 is already EOL, so it gets no security update at all.
So Flatcar should have Go 1.21. At the same time, the default Go version should be updated to 1.21, and then Go 1.19 can be dropped from the Flatcar SDK.
On the other hand, as upstream projects Docker 24.0.x and containerd 1.7.x are still with Go 1.20, those exceptions should still stay with 1.20.
The thing is, ebuilds of the projects, being synced with Gentoo, do not rely on coreos-go-*.eclass any more. As a result, there is no simple way to specifically pin Go version for each case.
Thanks, the runc PR looks close to land, and since Docker 25 doesn't block on the runc release we can already start updating Docker to have everything in place once the runc release is ready.
I think we can also build runc with 1.21 and let kola check if we have any issues (The readme says runc only supports Linux. It must be built with Go version 1.19 or higher. - but there is an open issue about breakage with 1.22, I hope that 1.21 would work, though).
Current situation
By default Flatcar uses Go 1.20 for all packages.
However, Go 1.20 is already EOL, so it gets no security update at all.
So Flatcar should have Go 1.21. At the same time, the default Go version should be updated to 1.21, and then Go 1.19 can be dropped from the Flatcar SDK.
On the other hand, as upstream projects Docker 24.0.x and containerd 1.7.x are still with Go 1.20, those exceptions should still stay with 1.20.
The thing is, ebuilds of the projects, being synced with Gentoo, do not rely on
coreos-go-*.eclass
any more. As a result, there is no simple way to specifically pin Go version for each case.Status of the current blockers:
blocks #1387
The text was updated successfully, but these errors were encountered: