Skip to content

chore: upgrade dependencies#10091

Merged
ChrisGe4 merged 1 commit into
GoogleContainerTools:mainfrom
ChrisGe4:dependency-upgrade
May 20, 2026
Merged

chore: upgrade dependencies#10091
ChrisGe4 merged 1 commit into
GoogleContainerTools:mainfrom
ChrisGe4:dependency-upgrade

Conversation

@ChrisGe4
Copy link
Copy Markdown
Contributor

@ChrisGe4 ChrisGe4 commented May 20, 2026

Upgrades dependencies after Go upgrade.

@ChrisGe4 ChrisGe4 marked this pull request as ready for review May 20, 2026 19:36
@ChrisGe4 ChrisGe4 requested a review from a team as a code owner May 20, 2026 19:36
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 20, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates several dependencies in go.mod and go.sum, refactors the go-openapi/runtime middleware for better error handling and TLS diagnostics, and improves the BindForm logic for multipart requests. My feedback highlights a potential issue in validation.go where the error collection logic might be filtering out non-validation errors; I have suggested a more robust way to aggregate these errors.

Comment thread vendor/github.com/go-openapi/runtime/middleware/validation.go
Comment on lines +77 to 88
result := v.route.Binder.bind(v.request, v.route.Params, v.route.Consumer, v.bound)
if result == nil {
return
}

for _, e := range result.Errors {
var validationErr *errors.Validation
if stderrors.As(e, &validationErr) {
v.result = append(v.result, validationErr)
}
v.result = append(v.result, result)
}
}
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot May 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The current implementation for collecting binding errors appears to drop some error types. The loop only appends errors that can be asserted as *errors.Validation, but the binder can also return other error types like *errors.ParseError. This could lead to some validation errors being silently ignored.

To ensure all errors from the binder are collected, you could append the entire slice of errors from the composite error.

Suggested change
result := v.route.Binder.bind(v.request, v.route.Params, v.route.Consumer, v.bound)
if result == nil {
return
}
for _, e := range result.Errors {
var validationErr *errors.Validation
if stderrors.As(e, &validationErr) {
v.result = append(v.result, validationErr)
}
v.result = append(v.result, result)
}
}
result := v.route.Binder.bind(v.request, v.route.Params, v.route.Consumer, v.bound)
if result == nil {
return
}
v.result = append(v.result, result.Errors...)

@ChrisGe4 ChrisGe4 merged commit a09353a into GoogleContainerTools:main May 20, 2026
11 of 12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Darien-Lin Darien-Lin Darien-Lin approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

size/M

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ChrisGe4 @Darien-Lin