Skip to content

Commit a2cb825

Browse files
fix: bump toolchain to go1.26.4 to address stdlib security vulnerabilities (#312)
* fix: bump toolchain to go1.26.4 to address stdlib security vulnerabilities * chore: add changie for toolchain bump to go1.26.5 --------- Co-authored-by: Farjaad Rawasia <farjaad@opslevel.com>
1 parent 7108fb4 commit a2cb825

3 files changed

Lines changed: 7 additions & 4 deletions

File tree

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
kind: Security
2+
body: Bump Go toolchain from go1.26.2 to go1.26.4 (fixes GO-2026-4977, GO-2026-4986, GO-2026-4918, GO-2026-4971, GO-2026-4981, GO-2026-5037, GO-2026-5038, GO-2026-5026)
3+
time: 2026-07-07T00:00:00.000000Z

src/go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ module github.com/opslevel/opslevel-runner
22

33
go 1.26.0
44

5-
toolchain go1.26.2
5+
toolchain go1.26.4
66

77
require (
88
github.com/contribsys/faktory v1.9.4
@@ -278,7 +278,7 @@ require (
278278
golang.org/x/crypto v0.52.0 // indirect
279279
golang.org/x/exp/typeparams v0.0.0-20250210185358-939b2ce775ac // indirect
280280
golang.org/x/mod v0.35.0 // indirect
281-
golang.org/x/net v0.54.0 // indirect
281+
golang.org/x/net v0.55.0 // indirect
282282
golang.org/x/oauth2 v0.36.0 // indirect
283283
golang.org/x/sync v0.20.0 // indirect
284284
golang.org/x/sys v0.45.0 // indirect

src/go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -674,8 +674,8 @@ golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
674674
golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
675675
golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
676676
golang.org/x/net v0.16.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
677-
golang.org/x/net v0.54.0 h1:2zJIZAxAHV/OHCDTCOHAYehQzLfSXuf/5SoL/Dv6w/w=
678-
golang.org/x/net v0.54.0/go.mod h1:Sj4oj8jK6XmHpBZU/zWHw3BV3abl4Kvi+Ut7cQcY+cQ=
677+
golang.org/x/net v0.55.0 h1:bcvxaJn3e1U6InsFWt1JUq1aSjnRxLzT2rtD2KfkDF8=
678+
golang.org/x/net v0.55.0/go.mod h1:L5U2KuzuOe1lY7Z+aWVIKK6qEeJXnXV9yzGA+WCHJww=
679679
golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=
680680
golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q=
681681
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=

0 commit comments

Comments
 (0)