Attempt to revive CI

.github/workflows/boilerplate.yaml

@@ -27,7 +27,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v4
 
-      - uses: chainguard-dev/actions/boilerplate@5e21cb47971231c078a677dfe89a348371cb880c # main
+      - uses: chainguard-dev/actions/boilerplate@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
         with:
           extension: ${{ matrix.extension }}
           language: ${{ matrix.language }}

.github/workflows/build.yaml

@@ -12,7 +12,7 @@ jobs:
 
     strategy:
       matrix:
-        go-version: [1.19, 1.20]
+        go-version: [1.22, 1.23]
 
     steps:
       - uses: actions/checkout@v4

.github/workflows/bump-deps.yaml

@@ -21,7 +21,7 @@ jobs:
     - uses: actions/checkout@v4
     - uses: actions/setup-go@v5
       with:
-        go-version: 1.19
+        go-version: 1.22
         check-latest: true
 
     - run: ./hack/bump-deps.sh

.github/workflows/donotsubmit.yaml

@@ -12,4 +12,4 @@ jobs:
 
     steps:
     - uses: actions/checkout@v4
-    - uses: chainguard-dev/actions/donotsubmit@5e21cb47971231c078a677dfe89a348371cb880c # main
+    - uses: chainguard-dev/actions/donotsubmit@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main

.github/workflows/e2e.yaml

@@ -19,7 +19,7 @@ jobs:
     - uses: actions/checkout@v4
     - uses: actions/setup-go@v5
       with:
-        go-version: 1.19
+        go-version: 1.22
         check-latest: true
 
     - name: crane append to an image, set the entrypoint, run it locally, roundtrip it

.github/workflows/ecr-auth.yaml

@@ -21,7 +21,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version: 1.22
           check-latest: true
 
       - name: Install krane
@@ -61,7 +61,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version: 1.22
           check-latest: true
 
       - name: Install crane

.github/workflows/ghcr-auth.yaml

@@ -17,7 +17,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version: 1.22
           check-latest: true
 
       - name: Install krane

.github/workflows/presubmit.yaml

@@ -29,6 +29,6 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version: 1.22
           check-latest: true
       - run: ./hack/presubmit.sh

.github/workflows/release.yml

@@ -15,7 +15,7 @@ jobs:
         run: git fetch --prune --unshallow
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.21
+          go-version: 1.22
           check-latest: true
       - uses: goreleaser/[email protected]
         id: run-goreleaser

.github/workflows/style.yaml

@@ -12,10 +12,10 @@ jobs:
     steps:
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version: 1.22
           check-latest: true
       - uses: actions/checkout@v4
-      - uses: chainguard-dev/actions/goimports@5e21cb47971231c078a677dfe89a348371cb880c # main
+      - uses: chainguard-dev/actions/goimports@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
 
   lint:
     name: Lint
@@ -25,7 +25,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version: 1.22
           check-latest: true
 
       - uses: golangci/[email protected]
@@ -40,10 +40,10 @@ jobs:
           locale: "US"
           exclude: ./vendor/*
 
-      - uses: chainguard-dev/actions/trailing-space@5e21cb47971231c078a677dfe89a348371cb880c # main
+      - uses: chainguard-dev/actions/trailing-space@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
         if: ${{ always() }}
 
-      - uses: chainguard-dev/actions/eof-newline@5e21cb47971231c078a677dfe89a348371cb880c # main
+      - uses: chainguard-dev/actions/eof-newline@04b3d27d680c065e8aaaa71edabf37da0ad4ac3d # main
         if: ${{ always() }}
 
       - uses: get-woke/woke-action-reviewdog@v0

.github/workflows/test.yaml

@@ -11,7 +11,7 @@ jobs:
   test:
     strategy:
       matrix:
-        go-version: [1.19, '1.20']
+        go-version: [1.22, 1.23]
 
     name: Unit Tests
     runs-on: ubuntu-latest

go.mod

@@ -1,21 +1,23 @@
 module github.com/google/go-containerregistry
 
-go 1.18
+go 1.22.0
+
+toolchain go1.23.0
 
 require (
 	github.com/containerd/stargz-snapshotter/estargz v0.14.3
 	github.com/docker/cli v27.1.1+incompatible
 	github.com/docker/distribution v2.8.2+incompatible
 	github.com/docker/docker v24.0.0+incompatible
-	github.com/google/go-cmp v0.5.9
+	github.com/google/go-cmp v0.6.0
 	github.com/klauspost/compress v1.16.5
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.1.0-rc3
 	github.com/spf13/cobra v1.7.0
 	golang.org/x/oauth2 v0.8.0
-	golang.org/x/sync v0.2.0
-	golang.org/x/tools v0.9.1
+	golang.org/x/sync v0.8.0
+	golang.org/x/tools v0.26.0
 )
 
 require (
@@ -36,9 +38,9 @@ require (
 	github.com/sirupsen/logrus v1.9.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/vbatts/tar-split v0.11.3 // indirect
-	golang.org/x/mod v0.10.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/mod v0.21.0 // indirect
+	golang.org/x/net v0.30.0 // indirect
+	golang.org/x/sys v0.26.0 // indirect
 	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect

hack/presubmit.sh

@@ -26,7 +26,7 @@ export PATH="${PATH}:${TMP_DIR}/bin"
 export GOPATH="${TMP_DIR}"
 pushd ${TMP_DIR}
 trap popd EXIT
-go install honnef.co/go/tools/cmd/staticcheck@v0.3.3
+go install honnef.co/go/tools/cmd/staticcheck@v0.5.1
 popd
 
 pushd ${PROJECT_ROOT}