Skip to content

ci: bump pinned Go to 1.25.12 (GO-2026-5856)#82

Merged
ErenAri merged 1 commit into
mainfrom
ci/go-1.25.12
Jul 15, 2026
Merged

ci: bump pinned Go to 1.25.12 (GO-2026-5856)#82
ErenAri merged 1 commit into
mainfrom
ci/go-1.25.12

Conversation

@ErenAri

@ErenAri ErenAri commented Jul 15, 2026

Copy link
Copy Markdown
Contributor

govulncheck fails every PR since GO-2026-5856 (Encrypted Client Hello privacy leak in crypto/tls) was published: it affects go1.25.11 (our pinned toolchain) and is fixed in go1.25.12. Reachable via the API server / cloud registry / freshness fetcher call paths, so the finding is real, not noise.

Bumps GO_VERSION/go-version in all six workflows that pin it (ci, codeql, release-artifacts, stability-gate, kernel-freshness, profile-catalog-maintenance).

Unblocks #81.

🤖 Generated with Claude Code

govulncheck now fails every PR: GO-2026-5856 (Encrypted Client Hello
privacy leak in crypto/tls) is present in go1.25.11 and fixed in
go1.25.12. Bump the pinned toolchain across all workflows.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings July 15, 2026 14:15

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

@ErenAri
ErenAri merged commit 01ad49e into main Jul 15, 2026
7 checks passed
@ErenAri
ErenAri deleted the ci/go-1.25.12 branch July 15, 2026 14:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants