[chore] follow codeql recommendation

[codeboten]

CodeQL is currently reporting "Invalid Go toolchain version: As of Go 1.21, toolchain versions must use the 1.N.P syntax.". This PR attempts to fix this.

[mx-psi]

This breaks our compatibility promise: we are dropping support for Go 1.21.x for x less than 10. There were also recently some fixes upstream (see golang/go@27ed85d) that I think should make this message go away.

[codeboten]

This breaks our compatibility promise: we are dropping support for Go 1.21.x for x less than 10. There were also recently some fixes upstream (see golang/go@27ed85d) that I think should make this message go away.

Happy to close this, however this PR does bring up a good question of whether we should support versions of go 1.21.x with known CVEs.

[mx-psi]

This breaks our compatibility promise: we are dropping support for Go 1.21.x for x less than 10. There were also recently some fixes upstream (see golang/go@27ed85d) that I think should make this message go away.

Happy to close this, however this PR does bring up a good question of whether we should support versions of go 1.21.x with known CVEs.

We should definitely encourage using the latest version. We could add a toolchain directive on the builder to force the latest version to be used.

In terms of support however, I don't think we lose much by continuing to support those versions, but we can discuss it!

[codeboten]

In terms of support however, I don't think we lose much by continuing to support those versions, but we can discuss it!

Right, I'm thinking that if we were to only support versions greater than any with known CVEs it would act as incentive to any consumers of the collector libraries to also update to newer versions. I can open a separate issue to discuss and close this PR after I do so.

[bogdandrutu]

100% we should enforce latest (hopefully no CVEs) version when we build the final binary that we release as a binary, but for libraries like artifacts we cannot enforce this.

[codeboten]

@mx-psi @bogdandrutu to appease codeql and ensure we continue to support all version 1.21, i updated the version in go.mod to 1.21.0

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.98%. Comparing base (d9dbfbc) to head (4ac0648).
Report is 9 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #10165      +/-   ##
==========================================
+ Coverage   91.90%   91.98%   +0.08%     
==========================================
  Files         361      361              
  Lines       16970    16968       -2     
==========================================
+ Hits        15596    15608      +12     
+ Misses       1032     1020      -12     
+ Partials      342      340       -2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[mx-psi]

LGTM. I'd like us to revisit 1.21 vs 1.21.0 once the patch I mentioned above in golang/go is released, but I am okay with doing this for now