bump libocr to a new version with critical ocr3.1 fix

[prashantkumar1982]

This was already bumped in CRE release branch here: #20985

[github-actions]

I see you updated files related to core. Please run pnpm changeset in the root directory to add a changeset as well as in the text include at least one of the following tags:

• #added For any new functionality added.
• #breaking_change For any functionality that requires manual action for the node to boot.
• #bugfix For bug fixes.
• #changed For any change to the existing functionality.
• #db_update For any feature that introduces updates to database schema.
• #deprecation_notice For any upcoming deprecation functionality.
• #internal For changesets that need to be excluded from the final changelog.
• #nops For any feature that is NOP facing and needs to be in the official Release Notes for the release.
• #removed For any functionality/config that is removed.
• #updated For any functionality that is updated.
• #wip For any change that is not ready yet and external communication about it should be held off till it is feature complete.

[Copilot]

Pull request overview

Bumps github.com/smartcontractkit/libocr across multiple Go modules to a newer pseudo-version containing a critical OCR3.1 fix needed for Vault nodes.

Changes:

• Update github.com/smartcontractkit/libocr from v0.0.0-20251212213002-0a5e2f907dda to v0.0.0-20260130195252-6e18e2a30acc in the root and several submodule go.mod files.
• Refresh corresponding go.sum entries in each affected module.

Reviewed changes

Copilot reviewed 7 out of 14 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
go.mod	Bumps libocr dependency in the main module.
go.sum	Updates libocr checksums for the main module.
core/scripts/go.mod	Bumps libocr dependency for the core/scripts module.
core/scripts/go.sum	Updates libocr checksums for the core/scripts module.
deployment/go.mod	Bumps libocr dependency for the deployment module.
deployment/go.sum	Updates libocr checksums for the deployment module.
integration-tests/go.mod	Bumps libocr dependency for the integration-tests module.
integration-tests/go.sum	Updates libocr checksums for the integration-tests module.
integration-tests/load/go.mod	Bumps indirect libocr dependency for the load tests module.
integration-tests/load/go.sum	Updates libocr checksums for the load tests module.
system-tests/lib/go.mod	Bumps libocr dependency for the system-tests/lib module.
system-tests/lib/go.sum	Updates libocr checksums for the system-tests/lib module.
system-tests/tests/go.mod	Bumps libocr dependency for the system-tests/tests module.
system-tests/tests/go.sum	Updates libocr checksums for the system-tests/tests module.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This PR bumps libocr in several modules, but the separately-versioned example module core/scripts/cre/environment/examples/workflows/v1/proof-of-reserve/web-trigger-based still pins the old libocr pseudo-version in its own go.mod/go.sum. If someone builds/tests that module directly (or if CI coverage changes), it won’t pick up the critical OCR3.1 fix. Consider bumping libocr there as well (and regenerating that module’s go.sum) to keep all in-repo modules consistent.

[cl-sonarqube-production]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

[trunk-io]

     

View Full Report ↗︎ ⋅ Docs