build(deps): bump honnef.co/go/tools from 0.5.1 to 0.6.0

[dependabot]

Bumps honnef.co/go/tools from 0.5.1 to 0.6.0.

Release notes

Sourced from honnef.co/go/tools's releases.

Staticcheck 2025.1 (v0.6.0)

Added Go 1.24 support

This release adds support for Go 1.24.

Checks

Changed checks

The following checks have been improved:

• U1000 treats all fields in a struct as used if the struct has a field of type structs.HostLayout.
• S1009 now emits a clearer message.
• S1008 no longer recommends simplifying branches that contain comments (issue 704, issue 1488).
• S1009 now flags another redundant nil check (issue 1605).
• QF1002 now emits a valid automatic fix for switches that use initialization statements (issue 1613).

Staticcheck 2024.1.1 (v0.5.1)

This release fixes the detection of the used Go version when Go was compiled with experimental features such as rangefunc or boringcrypto (#1586).

Staticcheck 2024.1 (v0.5.0)

Backwards incompatible changes

Staticcheck 2024.1 contains the following backwards incompatible changes:

• The keyify utility has been removed. The recommended alternative is gopls.
• staticcheck -merge now exits with a non-zero status if any problems have been found.

Improved Go 1.22 support

This release updates Staticcheck’s database of deprecated standard library APIs to cover the Go 1.22 release. Furthermore, checks have been updated to correctly handle the new “for” loop variable scoping behavior as well as ranging over integers.

Added Go 1.23 support

Staticcheck 2024.1 has full support for iterators / range-over-func. Furthermore, SA1015 will skip any code targeting Go 1.23 or newer, as it is now possible to use time.Tick without leaking memory.

Improved handling of Go versions

Go 1.21 more rigorously defined the meaning of the go directive in go.mod files, as well as its interactions with //go:build go1.N build constraints. The go directive now specifies a minimum Go version for the module. Furthermore, it sets the language version that is in effect, which may change the semantics of Go code. For example, before Go 1.22, loop variables were reused across iterations, but since Go 1.22, loop variables only exist for the duration of an iteration. Modules that specify go 1.22 will use the new semantics, while modules that specify an older version will not.

Individual files can both upgrade and downgrade their language version by using //go:build go1.N directives. In a module that requires Go 1.22, a file specifying Go 1.21 will experience the old loop variable semantics, and vice versa. Because the Go module as a whole still specifies a minimum version, even files specifying an older version will have access to the standard library of the minimum version.

Staticcheck 2024.1 takes all of this into consideration when analyzing the behavior of Go code, when determining which checks are applicable, and when making suggestions. Older versions of Staticcheck were already aware of Go versions, but 2024.1 works on a more fine-grained, per-file basis, and differentiates between the pre- and post-1.21 semantics of the go directive.

The -go command line flag continues to exist. It will override any module-based version selection. This is primarily useful for Go modules that target older Go versions (because here, the go directive didn’t specify a minimum version), or when working outside of Go modules.

To prevent misinterpreting code, Staticcheck now refuses to analyze modules that require a version of Go that is newer than that with which Staticcheck was built.

Checks

New checks

... (truncated)

Commits

• 5af2e5f Version 2025.1 (v0.6.0)
• 2010dd3 website: go mod tidy
• 91a891c website: add 2025.1 release notes
• f6cedc0 Depend on Go 1.23
• bcecb30 Update dependency on golang.org/x/tools
• 06aa835 knowledge: add deprecated for Go 1.24
• 0f2f291 Include value of godebug in artifact's name
• 1179d01 Update CI to use actions/upload-artifact@v4
• e65b392 S1008: allow either branch to be documented
• de48f96 S1008: ignore instructions used in our tests
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)