netbirdio
[relay] Update GO version and QUIC version
- Go 1.25.3
- QUIC 0.55.0
Describe your changes
Issue ticket number and link
Stack
Checklist
- [ ] Is it a bug fix
- [ ] Is a typo/documentation fix
- [x] Is a feature enhancement
- [ ] It is a refactor
- [ ] Created tests that fail without the change (if possible)
By submitting this pull request, you confirm that you have read and agree to the terms of the Contributor License Agreement.
Documentation
Select exactly one:
- [ ] I added/updated documentation for this change
- [x] Documentation is not needed for this change (explain why)
Docs PR URL (required if "docs added" is checked)
Paste the PR link from https://github.com/netbirdio/docs here:
https://github.com/netbirdio/docs/pull/__
Summary by CodeRabbit
- Chores
- Upgraded Go to 1.25/toolchain and refreshed many dependencies (networking, telemetry, protobuf, gRPC, quic, etc.).
- Style
- Modernized build-constraint syntax, streamlined linter config, added localized lint suppressions and minor code cleanups.
- Tests
- Updated tests and benchmarks to use modern build tags and small refactors; no behavioral test changes.
- Docs
- Minor user-visible message capitalization and wording tweaks.
✏️ Tip: You can customize this high-level summary in your review settings.
[!WARNING]
Rate limit exceeded
@pappz has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 13 minutes and 49 seconds before requesting another review.
⌛ How to resolve this issue?
After the wait time has elapsed, a review can be triggered using the
@coderabbitai reviewcommand as a PR comment. Alternatively, push new commits to this PR.We recommend that you space out your commits to avoid hitting the rate limit.
🚦 How do rate limits work?
CodeRabbit enforces hourly rate limits for each developer per organization.
Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.
Please see our FAQ for further information.
📥 Commits
Reviewing files that changed from the base of the PR and between 5548fb9a29425105d00a2198e50f121eac62692d and d2c8f959e731d0b233cb8b1e7294a01c3d0018e0.
📒 Files selected for processing (1)
client/firewall/iptables/acl_linux.go(1 hunks)
Walkthrough
Updates Go toolchain to 1.25 (toolchain go1.25.3), refreshes many dependencies, adjusts CI workflows and golangci-lint settings, modernizes build-tag syntax across files, introduces targeted lint suppressions and small refactors (if→switch, var→short), and changes QUIC connection field/constructor types.
Changes
| Cohort / File(s) | Summary |
|---|---|
Workflows & CI \.github/workflows/golang-test-freebsd.yml, \.github/workflows/golang-test-linux.yml, \.github/workflows/golangci-lint.yml, \.github/workflows/wasm-build-validation.yml |
Bump FreeBSD Go tarball to go1.25.3, Linux Docker image to golang:1.25-alpine, pin golangci-lint action commit, adjust cache options, and add WASM env vars. |
Go modules / deps go.mod |
Move module Go version to 1.25, add toolchain go1.25.3, and upgrade many direct and transitive dependencies (gRPC, protobuf/quic-go, OpenTelemetry surfaces, etc.). |
GolangCI-Lint config .golangci.yaml |
Replace previous config with versioned schema (version: "2"), centralized enabled linters, per-linter settings, and new exclusions layout. |
| Build-tag modernization multiple files client/cmd/pprof.go, client/iface/device/device_ios.go, client/internal/iface.go, client/internal/routemanager/iface/iface.go, client/server/panic_windows.go, client/system/info_*.go, management/server/testutil/store*.go, relay/cmd/pprof.go, management/server/http/testing/benchmarks/*_test.go, shared/management/client/rest/*_test.go, util/syslog_nonwindows.go |
Remove legacy // +build lines, keep modern //go:build constraints across many platform/benchmark/integration test files. |
QUIC connection type changes relay/server/listener/quic/conn.go, shared/relay/client/dialer/quic/conn.go |
Change Conn.session from quic.Connection to *quic.Conn and update NewConn parameter signatures accordingly. |
WebSocket wrapper call-site relay/server/listener/ws/conn.go |
Use promoted CloseNow() method (c.CloseNow() instead of c.Conn.CloseNow()). |
Lint suppressions client/cmd/*.go, client/ios/NetBirdSDK/login.go, management/server/account.go, management/internals/shared/grpc/loginfilter_test.go |
Add //nolint directives at specific error returns or lines to silence linters. |
| If/Else → switch refactors several tests & internals client/firewall/nftables/manager_linux_test.go, client/firewall/uspfilter/nat_test.go, client/internal/debug/debug_linux.go, client/internal/routemanager/systemops/systemops_generic.go, management/server/store/sql_store_get_account_test.go, client/ssh/server/jwt_test.go |
Replace conditional chains with switch statements for dispatch by set name, verdict, protocol, prefix, posture-check ID, and token type. |
| Variable declaration/style updates assorted files client/firewall/*, management/cmd/management.go, management/server/idp/*.go, signal/cmd/run.go, client/cmd/testutil_test.go |
Replace explicit typed var x T = ... with short/type-inferred forms or switch to var x bool where clearer; remove a redundant error check. |
Tests: package/type alignment management/server/store/sql_store_test.go |
Replace route2 test types with nbroute equivalents (Route, NetID, IPv4Network) in test fixtures and embedded structs. |
| Small messaging / formatting changes assorted files shared/management/client/rest/client.go, client/ui/client_ui.go, management/server/posture_checks.go, management/server/http/handlers/policies/posture_checks_handler_test.go |
Lowercase/adjust several error message strings and alter some fmt/status.Errorf format verbs (%s → %v) for error wrapping/formatting. |
DB dialect detection change management/server/migration/migration.go |
Use db.Name() instead of db.Dialector.Name() to detect dialect when creating indexes. |
Minor clarifications / comments client/firewall/uspfilter/localip.go, client/firewall/uspfilter/localip_test.go, client/firewall/iptables/manager_linux_test.go |
Add explanatory comment for bitmap loop and simplify blank-identifier assignments / type inference in tests. |
| Build-tag-only cleanup in many tests numerous *_test.go under shared/management/client/rest/* and other test dirs |
Remove legacy // +build lines, keeping //go:build constraints only. |
Estimated code review effort
🎯 3 (Moderate) | ⏱️ ~20–30 minutes
- Pay extra attention to:
go.modupgrades — run full build/tests with Go 1.25.- QUIC type/signature changes — verify all call sites and consumers of
NewConn/Conn align. .golangci.yamlrestructuring — confirm linter selection and exclusions produce intended results.- Widespread removal of legacy
// +buildlines — confirm platform-specific files still compile as intended.
Possibly related PRs
- netbirdio/netbird#4828 — also updates the Go toolchain and CI workflows; overlaps with
go.modand workflow edits.
Suggested reviewers
- mlsmaycon
- crn4
Poem
🐇 I hopped through code, gave build tags a tweak,
Went from old to new, now the toolchain's unique.
Switches for ifs, lint whispers now still,
QUIC sessions trimmed to a pointer's small thrill.
Hooray — carrots for tests, and a warm little squeak.
Pre-merge checks and finishing touches
❌ Failed checks (3 warnings)
| Check name | Status | Explanation | Resolution |
|---|---|---|---|
| Title check | ⚠️ Warning | Title mentions updating GO and QUIC versions but changeset includes extensive refactoring (build tags, switch statements, lint directives) beyond relay version updates. | Revise title to reflect the comprehensive scope: '[relay] Update GO version, QUIC version, and modernize codebase' or split into separate focused PRs. |
| Description check | ⚠️ Warning | Description only lists version bumps (Go 1.25.3, QUIC 0.55.0) but omits the extensive refactoring changes (build tags, lint directives, switch statements, type changes) throughout the codebase. | Add comprehensive 'Describe your changes' section detailing build-tag modernization, refactoring patterns (if-to-switch), lint directives, and API changes beyond version bumps. |
| Docstring Coverage | ⚠️ Warning | Docstring coverage is 21.43% which is insufficient. The required threshold is 80.00%. | You can run @coderabbitai generate docstrings to improve docstring coverage. |
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.
Comment @coderabbitai help to get the list of available commands and usage tips.
![coderabbitai[bot] avatar](https://avatars.githubusercontent.com/in/347564?v=4 "Published by a pub.dev verified publisher"){kind=small}
Quality Gate passed
Issues
0 New issues
6 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarQube Cloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}