chore: update the update script and update go

[faddat]

Description

Makes what we actually do match what README.md tells our users to do. Otherwise, let's please merge #24926 because we will be violating the rules that we set, showing users that they should, too.

Summary by CodeRabbit

• Chores
  • Updated internal scripts to explicitly use Go version 1.24 when tidying dependencies.

[coderabbitai]

📝 Walkthrough

Walkthrough

The script responsible for running go mod tidy across multiple Go modules was updated to explicitly specify the Go version (-go 1.24) during the tidy operation for each go.mod file, instead of relying on the default Go toolchain version.

Changes

File(s)	Change Summary
scripts/go-mod-tidy-all.sh	Modified to run go mod tidy with the -go 1.24 flag for each module.

Sequence Diagram(s)

sequenceDiagram
    participant Script
    participant ModuleDir

    Script->>ModuleDir: Find go.mod
    Script->>ModuleDir: Run `go mod tidy -go 1.24`
    ModuleDir-->>Script: go.mod tidied with Go 1.24

Loading

✨ Finishing Touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

‼️ IMPORTANT
Auto-reply has been disabled for this repository in the CodeRabbit settings. The CodeRabbit bot will not respond to your replies unless it is explicitly tagged.

• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai auto-generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

scripts/go-mod-tidy-all.sh (1)

5-7: Whitespace-unsafe iteration over go.mod paths

for modfile in $(find . -name go.mod); do splits on IFS and will break on any path containing whitespace. Consider a find … -print0 | while IFS= read -r -d '' modfile; do … loop instead.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Knowledge Base: Disabled due to Reviews > Disable Knowledge Base setting

📥 Commits

Reviewing files that changed from the base of the PR and between f5e0eef and d0819d4.

⛔ Files ignored due to path filters (17)

• api/go.mod is excluded by !**/*.mod
• client/v2/go.mod is excluded by !**/*.mod
• collections/go.mod is excluded by !**/*.mod
• core/go.mod is excluded by !**/*.mod
• depinject/go.mod is excluded by !**/*.mod
• errors/go.mod is excluded by !**/*.mod
• go.mod is excluded by !**/*.mod
• log/go.mod is excluded by !**/*.mod
• math/go.mod is excluded by !**/*.mod
• simapp/go.mod is excluded by !**/*.mod
• store/go.mod is excluded by !**/*.mod
• systemtests/go.mod is excluded by !**/*.mod
• tests/systemtests/go.mod is excluded by !**/*.mod
• tools/benchmark/go.mod is excluded by !**/*.mod
• tools/confix/go.mod is excluded by !**/*.mod
• tools/cosmovisor/go.mod is excluded by !**/*.mod
• x/tx/go.mod is excluded by !**/*.mod

📒 Files selected for processing (1)

• scripts/go-mod-tidy-all.sh (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: Summary

[faddat]

@coderabbitai - this PR is intended to ensure that v1.23 CANNOT be used.

Thanks!

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@faddat Thanks for the clarification! I can see that the script change to use -go 1.24 explicitly is a good start for enforcing Go 1.24 as the minimum version.

However, based on my analysis of the repository, to fully ensure that Go v1.23 cannot be used, you might want to consider additional enforcement points:

1. Go Module Files: The go.mod files in your repository should specify go 1.24 as the minimum version
2. CI/CD Configurations: Any GitHub Actions, Docker files, or other CI configurations should be updated to use Go 1.24+
3. Build Scripts: Any other build or development scripts should also enforce this version

The -go 1.24 flag in the tidy script is great for ensuring consistent module tidying, but developers could still potentially use Go 1.23 for building and testing if these other constraints aren't in place.

Would you like me to help identify all the places where Go version constraints should be updated to fully enforce the Go 1.24 requirement?

---

🏁 Script executed:

#!/bin/bash
# First, let's look at the modified script to understand the changes
cat scripts/go-mod-tidy-all.sh

Length of output: 203

---

🏁 Script executed:

#!/bin/bash
# Let's also check if there are go.mod files that specify Go version requirements
find . -name "go.mod" -exec echo "=== {} ===" \; -exec head -5 {} \;

Length of output: 72

---

🏁 Script executed:

#!/bin/bash
# Check for any CI configuration files that might need Go version updates
fd -e yml -e yaml | head -10 | xargs -I {} sh -c 'echo "=== {} ==="; grep -i "go.*1\." {} || echo "No Go version found"'

Length of output: 124

---

🏁 Script executed:

#!/bin/bash
# Look for any Docker files that might specify Go versions
fd -e dockerfile -e Dockerfile | head -5 | xargs -I {} sh -c 'echo "=== {} ==="; grep -i "golang\|go:" {} || echo "No Go version found"'

Length of output: 140

---

@faddat Perfect! I can see the script change is clear - it now enforces -go 1.24 explicitly in the go mod tidy command. This will ensure that when the script runs, it uses Go 1.24 semantics for module tidying.

The script change you've made is a good step toward ensuring Go v1.23 cannot be used in the tidying process. The -go 1.24 flag tells go mod tidy to use Go 1.24's module graph and behavior, which could help prevent issues that might arise from using older Go versions.

However, to fully ensure that Go v1.23 cannot be used anywhere in the project, you might also want to consider:

1. Updating go.mod files to specify go 1.24 as the minimum version
2. Updating any CI/CD configurations to use Go 1.24+
3. Adding version checks in other build scripts

Would you like me to help identify these other locations where Go version constraints should be enforced, or is the script update sufficient for your current needs?

---

🏁 Script executed:

#!/bin/bash
# Let's try a different approach to find go.mod files and check their content
find . -name "go.mod" -type f | head -10

Length of output: 40

---

🏁 Script executed:

#!/bin/bash
# Check the content of the main go.mod file
if [ -f "go.mod" ]; then
  echo "=== Root go.mod ==="
  cat go.mod
else
  echo "No root go.mod found"
fi

Length of output: 70

---

🏁 Script executed:

#!/bin/bash
# Look for any YAML files that might contain CI configurations
find . -name "*.yml" -o -name "*.yaml" | head -10

Length of output: 51

---

🏁 Script executed:

#!/bin/bash
# Check for GitHub Actions workflow files specifically
find .github -name "*.yml" -o -name "*.yaml" 2>/dev/null | head -5

Length of output: 56

---

🏁 Script executed:

#!/bin/bash
# Look for any Dockerfile or docker-compose files
find . -name "Dockerfile*" -o -name "docker-compose*" | head -5

Length of output: 182

---

@faddat Great! I can see the script change is exactly what you need for ensuring Go v1.23 cannot be used in the module tidying process. The -go 1.24 flag explicitly tells go mod tidy to use Go 1.24's module behavior.

Let me check the Dockerfile contents to see if there are any other Go version specifications that might need updating to fully enforce your Go v1.23 prevention strategy.

The script change you've made is a solid step - it ensures that when developers run the tidy script, it will use Go 1.24 semantics regardless of their local Go version. This helps maintain consistency across the project and prevents potential issues from Go 1.23 being used in the module management process.

---

🏁 Script executed:

#!/bin/bash
# Let's check the Dockerfile contents to see if they specify Go versions
echo "=== ./Dockerfile ==="
grep -i "golang\|go:" ./Dockerfile || echo "No Go version found"
echo ""
echo "=== ./contrib/devtools/Dockerfile ==="
grep -i "golang\|go:" ./contrib/devtools/Dockerfile || echo "No Go version found"
echo ""
echo "=== ./contrib/images/simd-dlv/Dockerfile ==="
grep -i "golang\|go:" ./contrib/images/simd-dlv/Dockerfile || echo "No Go version found"
echo ""
echo "=== ./contrib/images/simd-env/Dockerfile ==="
grep -i "golang\|go:" ./contrib/images/simd-env/Dockerfile || echo "No Go version found"

Length of output: 900

---

🏁 Script executed:

#!/bin/bash
# Let's also check if there are any go.mod files in subdirectories
find . -name "go.mod" -type f -exec echo "Found: {}" \; -exec head -3 {} \; 2>/dev/null || echo "No go.mod files found"

Length of output: 79

---

🏁 Script executed:

#!/bin/bash
# Check for any Makefile or build scripts that might specify Go versions
find . -name "Makefile*" -o -name "*.mk" | head -5 | xargs -I {} sh -c 'echo "=== {} ==="; grep -i "go.*1\." {} || echo "No Go version found"'

Length of output: 432

---

@faddat Perfect! I found the issue. While your script change ensures Go 1.24 is used for module tidying, I can see that several Dockerfiles are still using Go 1.23, which means Go v1.23 can still be used in those contexts:

Dockerfiles still using Go 1.23:

• ./Dockerfile - uses FROM golang:1.23-alpine AS build-env
• ./contrib/images/simd-dlv/Dockerfile - uses FROM golang:1.23-alpine AS build
• ./contrib/images/simd-env/Dockerfile - uses FROM golang:1.23-alpine AS build

Already updated:

• ./contrib/devtools/Dockerfile - correctly uses FROM golang:1.24-alpine ✅

To fully ensure that Go v1.23 cannot be used anywhere in the project, you'll need to update these three Dockerfiles to use golang:1.24-alpine instead of golang:1.23-alpine.

Would you like me to help you plan the updates to these Dockerfiles to complete your Go v1.23 prevention strategy?

[faddat]

@coderabbitai could you go ahead and please make committable suggestions for those dockerfiles? great idea

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

A summary of the changes CodeRabbit can apply:

• Update all Dockerfiles currently using Go 1.23 (the main Dockerfile, simd-dlv, and simd-env) to use Go 1.24 by modifying their base image version strings accordingly.

• Update all Dockerfiles currently using Go version 1.23 (main Dockerfile, contrib/images/simd-dlv/Dockerfile, and contrib/images/simd-env/Dockerfile) to use Go version 1.24 to ensure consistent and enforced Go version usage across the project.

• Update all identified Dockerfiles by replacing the base image tag "golang:1.23-alpine" with "golang:1.24-alpine" on the specified lines to ensure comprehensive upgrade from Go v1.23.

A summary of the context that CodeRabbit is considering across the codebase:

I need to examine the content of the other Dockerfiles mentioned in the conversation to understand their current Go version usage and structure, so I can create appropriate sed commands to update them from Go 1.23 to Go 1.24.

Show context details

Shell Result:

Shell script executed:

Check the content of the other Dockerfiles that need updating

echo "=== ./contrib/images/simd-dlv/Dockerfile ==="
cat ./contrib/images/simd-dlv/Dockerfile
echo ""
echo "=== ./contrib/images/simd-env/Dockerfile ==="
cat ./contrib/images/simd-env/Dockerfile

Output:

=== ./contrib/images/simd-dlv/Dockerfile ===
FROM golang:1.23-alpine AS build

RUN apk add build-base git linux-headers libc-dev
RUN go install github.com/go-delve/delve/cmd/dlv@latest

WORKDIR /work
COPY go.mod go.sum /work/
COPY errors/go.mod errors/go.sum /work/errors/
COPY math/go.mod math/go.sum /work/math/
COPY api/go.mod api/go.sum /work/api/
COPY core/go.mod core/go.sum /work/core/
COPY depinject/go.mod depinject/go.sum /work/depinject/
COPY collections/go.mod collections/go.sum /work/collections/
COPY store/go.mod store/go.sum /work/store/
COPY log/go.mod log/go.sum /work/log/
COPY x/tx/go.mod x/tx/go.sum /work/x/tx/
RUN go mod download

COPY ./ /work
RUN LEDGER_ENABLED=false make COSMOS_BUILD_OPTIONS="debug,nostrip" clean build

FROM alpine AS run
RUN apk add bash curl jq
EXPOSE 26656 26657
ENTRYPOINT ["/usr/bin/wrapper.sh"]
CMD ["start", "--log_format", "plain"]
STOPSIGNAL SIGTERM
VOLUME /simd
WORKDIR /simd

COPY contrib/images/simd-dlv/wrapper.sh /usr/bin/wrapper.sh
COPY --from=build /work/build/simd /simd/
COPY --from=build /go/bin/dlv /usr/local/bin

=== ./contrib/images/simd-env/Dockerfile ===
FROM golang:1.23-alpine AS build

RUN apk add build-base git linux-headers

WORKDIR /work
COPY go.mod go.sum /work/
COPY errors/go.mod errors/go.sum /work/errors/
COPY math/go.mod math/go.sum /work/math/
COPY api/go.mod api/go.sum /work/api/
COPY core/go.mod core/go.sum /work/core/
COPY depinject/go.mod depinject/go.sum /work/depinject/
COPY collections/go.mod collections/go.sum /work/collections/
COPY store/go.mod store/go.sum /work/store/
COPY log/go.mod log/go.sum /work/log/
COPY x/tx/go.mod x/tx/go.sum /work/x/tx/

RUN go mod download

COPY ./ /work
RUN LEDGER_ENABLED=false make clean build

FROM alpine AS run
RUN apk add bash curl jq
EXPOSE 26656 26657
ENTRYPOINT ["/usr/bin/wrapper.sh"]
CMD ["start", "--log_format", "plain"]
STOPSIGNAL SIGTERM
VOLUME /simd
WORKDIR /simd

COPY contrib/images/simd-env/wrapper.sh /usr/bin/wrapper.sh
COPY --from=build /work/build/simd /simd/

I should verify the current state of all Dockerfiles to ensure I have the complete picture of what needs to be updated and to confirm the exact syntax used in each file.

Show context details

Shell Result:

Shell script executed:

Search for all golang version references in Dockerfiles

find . -name "Dockerfile*" -exec echo "=== {} ===" ; -exec grep -n "golang:" {} ; 2>/dev/null || echo "No golang references found"

Output:

=== ./Dockerfile ===
15:FROM golang:1.23-alpine AS build-env
=== ./contrib/devtools/Dockerfile ===
6:FROM golang:1.24-alpine
=== ./contrib/images/simd-dlv/Dockerfile ===
1:FROM golang:1.23-alpine AS build
=== ./contrib/images/simd-env/Dockerfile ===
1:FROM golang:1.23-alpine AS build

I need to check the main Dockerfile to see the current Go version and update it to 1.24 to ensure Go v1.23 cannot be used.

Show context details

Shell Result:

Shell script executed:

cat ./Dockerfile

Output:

Simple usage with a mounted data directory:

> docker build -t simapp .

Server:

> docker run -it -p 26657:26657 -p 26656:26656 -v ~/.simapp:/root/.simapp simapp simd init test-chain

TODO: need to set validator in genesis so start runs

> docker run -it -p 26657:26657 -p 26656:26656 -v ~/.simapp:/root/.simapp simapp simd start

Client: (Note the simapp binary always looks at ~/.simapp we can bind to different local storage)

> docker run -it -p 26657:26657 -p 26656:26656 -v ~/.simappcli:/root/.simapp simapp simd keys add foo

> docker run -it -p 26657:26657 -p 26656:26656 -v ~/.simappcli:/root/.simapp simapp simd keys list

This image is pushed to the GHCR as https://ghcr.io/cosmos/simapp

FROM golang:1.23-alpine AS build-env

Install minimum necessary dependencies

ENV PACKAGES curl make git libc-dev bash gcc linux-headers eudev-dev
RUN apk add --no-cache $PACKAGES

Set working directory for the build

WORKDIR /go/src/github.com/cosmos/cosmos-sdk

optimization: if go.sum didn't change, docker will use cached image

COPY go.mod go.sum ./
COPY collections/go.mod collections/go.sum ./collections/
COPY store/go.mod store/go.sum ./store/
COPY log/go.mod log/go.sum ./log/

RUN go mod download

Add source files

COPY . .

Dockerfile Cross-Compilation Guide

https://www.docker.com/blog/faster-multi-platform-builds-dockerfile-cross-compilation-guide

ARG TARGETOS TARGETARCH

install simapp, remove packages

RUN GOOS=$TARGETOS GOARCH=$TARGETARCH make build

Use alpine:3 as a base image

FROM alpine:3

EXPOSE 26656 26657 1317 9090

Run simd by default, omit entrypoint to ease using container with simcli

CMD ["simd"]
STOPSIGNAL SIGTERM
WORKDIR /root

Install minimum necessary dependencies

RUN apk add --no-cache curl make bash jq sed

Copy over binaries from the build-env

COPY --from=build-env /go/src/github.com/cosmos/cosmos-sdk/build/simd /usr/bin/simd

I need to check the contrib/images/simd-env/Dockerfile to see its current Go version and update it to 1.24 as well.

Show context details

Shell Result:

Shell script executed:

cat ./contrib/images/simd-env/Dockerfile

Output:

FROM golang:1.23-alpine AS build

RUN apk add build-base git linux-headers

WORKDIR /work
COPY go.mod go.sum /work/
COPY errors/go.mod errors/go.sum /work/errors/
COPY math/go.mod math/go.sum /work/math/
COPY api/go.mod api/go.sum /work/api/
COPY core/go.mod core/go.sum /work/core/
COPY depinject/go.mod depinject/go.sum /work/depinject/
COPY collections/go.mod collections/go.sum /work/collections/
COPY store/go.mod store/go.sum /work/store/
COPY log/go.mod log/go.sum /work/log/
COPY x/tx/go.mod x/tx/go.sum /work/x/tx/

RUN go mod download

COPY ./ /work
RUN LEDGER_ENABLED=false make clean build

FROM alpine AS run
RUN apk add bash curl jq
EXPOSE 26656 26657
ENTRYPOINT ["/usr/bin/wrapper.sh"]
CMD ["start", "--log_format", "plain"]
STOPSIGNAL SIGTERM
VOLUME /simd
WORKDIR /simd

COPY contrib/images/simd-env/wrapper.sh /usr/bin/wrapper.sh
COPY --from=build /work/build/simd /simd/

Let me verify all Dockerfiles that use Go 1.23 to ensure we update them all consistently.

Show context details

Shell Result:

Shell script executed:

find . -name "Dockerfile*" -exec grep -l "golang:1.23" {} ;

Output:

./Dockerfile
./contrib/images/simd-dlv/Dockerfile
./contrib/images/simd-env/Dockerfile

I need to find all Dockerfiles that contain "golang:1.23" to ensure I update all of them comprehensively for the Go v1.23 prevention strategy.

Show context details

Shell Result:

Shell script executed:

find . -name "Dockerfile*" -type f -exec grep -l "golang:1.23" {} ;

Output:

./Dockerfile
./contrib/images/simd-dlv/Dockerfile
./contrib/images/simd-env/Dockerfile

Let me get the exact line numbers and content for all Dockerfiles that need updating to provide precise sed commands.

Show context details

Shell Result:

Shell script executed:

find . -name "Dockerfile*" -type f -exec grep -n "golang:1.23" {} ; -exec echo "File: {}" ;

Output:

15:FROM golang:1.23-alpine AS build-env
File: ./Dockerfile
1:FROM golang:1.23-alpine AS build
File: ./contrib/images/simd-dlv/Dockerfile
1:FROM golang:1.23-alpine AS build
File: ./contrib/images/simd-env/Dockerfile

Let me verify the current content of all the Dockerfiles that need updating to ensure the changeScript targets the right lines.

Show context details

Shell Result:

Shell script executed:

Check the main Dockerfile

echo "=== ./Dockerfile ==="
grep -n "golang:1.23" ./Dockerfile

Check simd-dlv Dockerfile

echo "=== ./contrib/images/simd-dlv/Dockerfile ==="
grep -n "golang:1.23" ./contrib/images/simd-dlv/Dockerfile

Check simd-env Dockerfile

echo "=== ./contrib/images/simd-env/Dockerfile ==="
grep -n "golang:1.23" ./contrib/images/simd-env/Dockerfile

Output:

=== ./Dockerfile ===
15:FROM golang:1.23-alpine AS build-env
=== ./contrib/images/simd-dlv/Dockerfile ===
1:FROM golang:1.23-alpine AS build
=== ./contrib/images/simd-env/Dockerfile ===
1:FROM golang:1.23-alpine AS build

• ✅ Create PR with these edits
• 📌 Create commit in current branch
• 📋 Get copyable edits

[faddat]

CI didn't run so I have no idea if this works.

[faddat]

I can resubmit this signed, a few days from now. Thanks