Originally posted by Maydaer July 9, 2026
How are you running Renovate?
Self-hosted Renovate CLI
Which platform you running Renovate on?
GitHub Enterprise Server
Which version of Renovate are you using?
43.252.1
Please tell us more about your question or problem
Description
Since Renovate version 43.167.0 (which includes PR #41588), digest updates for Go modules with pseudo-versions no longer produce file changes, if the repository is unavailable in the goproxy (for example repos on github enterprise instances, private repositories, etc).
The update process detects a newer commit, but only for newDigest.
The lookup for the new commit on proxy.golang.org fails, which causes upgrade.newValue in gomod.update to be equal to the current (old) value.
However, since current value is a pseudo-version, the version starts with v0.0.0-and gomod.update goes into the new code path
if (upgrade.newValue?.startsWith('v0.0.0-')) {
added by the above PR, but since newVersion is the old version, no file changes occur.
Before the above PR, the gomod.update would have gone into the defensive fallback path. It replaces the version in the go.mod by newDigest and have go get find the corresponding pseudo version.
Reproducing the issue
Repo A has a dependency to private repo B, to which renovate has access, but goproxy does not.
Repo B should have pseudo-versioning such as
example.enterprise.com/org/my-module v0.0.0-20200101084118-1111111111111",
Merge something to main of repo B, which produces e.g. digest ffffffffff.
Renovate will be able to find the new digest ffffffffffff to determine a new version is available, but the actual renovate run to create the update PR will not open the PR due to "DEBUG: No changes necessary"
Possible fix
Ensure we get to the defensive fallback path, if newValue has not changed, by replacing
if (upgrade.newValue?.startsWith('v0.0.0-')) {
with
if (upgrade.newValue?.startsWith('v0.0.0-')) && upgrade.newValue !== upgrade.currentValue {
Logs (if relevant)
Logs
DEBUG: Fetching example.enterprise.com/org/my-module via GONOPROXY match
DEBUG: Go module: example.enterprise.com/org/my-module lookup import url https://example.enterprise.com/org/my-module.git
INFO: Found no results from datasource that look like a version
"result": {"sourceUrl": "https://example.enterprise.com/org/my-module", "releases": []}
DEBUG: Found no satisfying versions with 'loose' versioning
DEBUG: http cache: saving https://example.enterprise.com/api/v3/repos/org/my-module/commits?per_page=1
(...)
DEBUG: gomod.updateDependency: v0.0.0-20200101084118-1111111111111
DEBUG: gomod: updating pseudo-version digest
{ "depName": "example.enterprise.com/org/my-module",
"lineToChange": "\texample.enterprise.com/org/my-module v0.0.0-20200101084118-1111111111111",
"newValue": "v0.0.0-20200101084118-1111111111111" }
DEBUG: No changes necessary
DEBUG: No package files need updating
DEBUG: No updated lock files in branch
DEBUG: No changes to package files, skipping post-upgrade tasks
DEBUG: No files to commit
Discussed in #44449
Originally posted by Maydaer July 9, 2026
How are you running Renovate?
Self-hosted Renovate CLI
Which platform you running Renovate on?
GitHub Enterprise Server
Which version of Renovate are you using?
43.252.1
Please tell us more about your question or problem
Description
Since Renovate version 43.167.0 (which includes PR #41588), digest updates for Go modules with pseudo-versions no longer produce file changes, if the repository is unavailable in the goproxy (for example repos on github enterprise instances, private repositories, etc).
The update process detects a newer commit, but only for
newDigest.The lookup for the new commit on
proxy.golang.orgfails, which causesupgrade.newValueingomod.updateto be equal to the current (old) value.However, since current value is a pseudo-version, the version starts with
v0.0.0-andgomod.updategoes into the new code pathadded by the above PR, but since
newVersionis the old version, no file changes occur.Before the above PR, the
gomod.updatewould have gone into the defensive fallback path. It replaces the version in the go.mod bynewDigestand havego getfind the corresponding pseudo version.Reproducing the issue
Repo A has a dependency to private repo B, to which renovate has access, but goproxy does not.
Repo B should have pseudo-versioning such as
Merge something to main of repo B, which produces e.g. digest ffffffffff.
Renovate will be able to find the new digest ffffffffffff to determine a new version is available, but the actual renovate run to create the update PR will not open the PR due to "DEBUG: No changes necessary"
Possible fix
Ensure we get to the defensive fallback path, if newValue has not changed, by replacing
with
Logs (if relevant)
Logs