Skip to content

ci: update Go to 1.26.3 to fix govulncheck failures#269

Merged
maniSbindra merged 1 commit into
mainfrom
fix/update-go-1.26.3
May 8, 2026
Merged

ci: update Go to 1.26.3 to fix govulncheck failures#269
maniSbindra merged 1 commit into
mainfrom
fix/update-go-1.26.3

Conversation

@maniSbindra

Copy link
Copy Markdown
Contributor

Summary

Updates Go toolchain from 1.26.2 to 1.26.3 to resolve govulncheck failures in CI.

Problem

The go:lint task fails because govulncheck detects 2 known vulnerabilities in the Go 1.26.2 standard library:

  • GO-2026-4971: Panic in net.Dialer.DialContext on Windows
  • GO-2026-4918: Infinite loop in HTTP/2 transport with bad SETTINGS_MAX_FRAME_SIZE

Both are fixed in Go 1.26.3.

Changes

  • Updated go.mod directive from go 1.26.2 to go 1.26.3

Fixes #268

Update Go toolchain from 1.26.2 to 1.26.3 to resolve known standard
library vulnerabilities (GO-2026-4971, GO-2026-4918) that cause
govulncheck to fail in CI.

Fixes #268

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@maniSbindra maniSbindra requested a review from a team as a code owner May 8, 2026 05:38
@maniSbindra maniSbindra added this pull request to the merge queue May 8, 2026
Merged via the queue into main with commit 34b0c64 May 8, 2026
17 checks passed
@maniSbindra maniSbindra deleted the fix/update-go-1.26.3 branch May 8, 2026 06:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

ci: govulncheck fails due to known vulnerabilities in Go 1.26.2

1 participant