Skip to content

build(go): bump to 1.26.4 #285

Merged
DariuszPorowski merged 2 commits into
mainfrom
copilot/govulncheck-update-dependencies
Jun 4, 2026
Merged

build(go): bump to 1.26.4 #285
DariuszPorowski merged 2 commits into
mainfrom
copilot/govulncheck-update-dependencies

Conversation

Copilot AI commented Jun 4, 2026

Copy link
Copy Markdown
Contributor

GoVulnCheck reported known vulnerabilities on main from the Go stdlib (GO-2026-5037, GO-2026-5038, GO-2026-5039 / CVE-2026-27145 path). This PR aligns the repository and runtime setup with the patched Go patch release.

  • Toolchain baseline update

    • Updated go.mod from go 1.26.3 to go 1.26.4 so CI/go tooling resolves to the fixed stdlib patch level.
  • Dev/runtime parity update

    • Updated .taskfiles/runtime.Taskfile.yml Go runtime pin from 1.26.3 to 1.26.4 to keep local/task-based environments consistent with module-level toolchain expectations.
  • Representative diff

    --- a/go.mod
    +++ b/go.mod
    @@
    -go 1.26.3
    +go 1.26.4
    --- a/.taskfiles/runtime.Taskfile.yml
    +++ b/.taskfiles/runtime.Taskfile.yml
    @@
    -      golang: 1.26.3
    +      golang: 1.26.4

Copilot AI linked an issue Jun 4, 2026 that may be closed by this pull request
Copilot AI changed the title [WIP] Fix vulnerabilities detected by govulncheck Bump Go toolchain to 1.26.4 to clear GoVulnCheck stdlib findings Jun 4, 2026
Copilot AI requested a review from maniSbindra June 4, 2026 17:34
@DariuszPorowski DariuszPorowski marked this pull request as ready for review June 4, 2026 17:47
@DariuszPorowski DariuszPorowski requested a review from a team as a code owner June 4, 2026 17:47
@DariuszPorowski DariuszPorowski changed the title Bump Go toolchain to 1.26.4 to clear GoVulnCheck stdlib findings build(go): bump to 1.26.4 Jun 4, 2026
@DariuszPorowski DariuszPorowski merged commit 6999052 into main Jun 4, 2026
17 of 26 checks passed
@DariuszPorowski DariuszPorowski deleted the copilot/govulncheck-update-dependencies branch June 4, 2026 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

govulncheck: vulnerabilities detected on main

3 participants