Description
In #1038. the Go major version was bumped to 1.22 AND the Go minor version was also specified. Quoting this comment from @ash2k:
The issue with specifying the patch version that is not 0 is that now all modules that import this module will have to use this or a newer version. There may be reasons people don't or cannot use the more recent patch version. FWIW I think a library shouldn't have an opinion on the patch version used.
An example of this - we use https://github.com/golang-fips/go/ to provide FIPS-compatible builds. Not all Go versions may be available there e.g. right now there is no 1.23.2. Go 1.22.7 was released 2024-09-05 but FIPS version was tagged 2024-09-27. If grpc-go released a CVE fix in the window of those 22 days, we wouldn't have been able to upgrade.
TL;DR this doesn't benefit grpc-go in any way but might hurt your users.
Due to user feedback, gRPC Go decided to drop the Go minor version in grpc/grpc-go#7831. However using the latest version of go-control-plane is re-introducing the minor version constraint: grpc/grpc-go#7974
Looking at #1038, it doesn't appear necessary to specify the minor version. I’d like to request that the minor version constraint be dropped.