chore(BRIDGE-320): bumping go to 1.24.0; removing silenced vulns; updating CI components

ElectroNafta · ElectroNafta · commit e58f006804cf · 2025-03-06T15:44:32.000+01:00
diff --git a/.github/actions/govulncheck.sh b/.github/actions/govulncheck.sh
@@ -8,10 +8,6 @@ main(){
 
     jq -r '.finding | select( (.osv != null) and (.trace[0].function != null) ) | .osv ' < vulns.json > vulns_osv_ids.txt
 
-    ignore GO-2025-3373 "BRIDGE-315 stdlib crypto/x509"
-    ignore GO-2025-3420 "BRIDGE-315 stdlib net/http"
-    ignore GO-2025-3447 "BRIDGE-315 stdlib crypto/internal/nistec"
-
     has_vulns
 
     echo
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -9,15 +9,15 @@ jobs:
       - name: Get sources
         uses: actions/checkout@v4
       
-      - name: Set up Go 1.23.3
+      - name: Set up Go 1.24.0
         uses: actions/setup-go@v5
         with:
-          go-version: '1.23.3'
+          go-version: '1.24.0'
 
       - name: Run golangci-lint
         uses: golangci/golangci-lint-action@v6
         with:
-          version: v1.62.0
+          version: v1.64.6
           args: --timeout=180s
           skip-cache: true
 
@@ -30,6 +30,6 @@ jobs:
       - name: Run govulncheck
         uses: ./.github/actions/govulncheck
         with:
-          go-version-input: 1.23.3
+          go-version-input: 1.24
           go-package: ./...
           
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/ProtonMail/go-proton-api
 
-go 1.23
+go 1.24
 
 require (
 	github.com/Masterminds/semver/v3 v3.2.0
