Merge branch 'main' into bump-1.2.7

Author: togashidm

.github/workflows/post-merge.yml

@@ -21,6 +21,7 @@ jobs:
       contents: read
       security-events: write
       id-token: write
+      actions: read
     uses: open-edge-platform/orch-ci/.github/workflows/post-merge.yml@24a3a495be45af021486e265cf09a17ac3798405  # 2026.0.13
     with:
       cache_go: true

internal/auth/auth_fuzz_test.go

@@ -4,6 +4,7 @@
 package auth
 
 import (
+	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"strings"
@@ -134,7 +135,10 @@ func FuzzHTTPMethods(f *testing.F) {
 		}
 
 		// Create request with fuzzy method and path
-		req := httptest.NewRequest(method, path, nil)
+		req, err := http.NewRequest(method, path, nil)
+		if err != nil {
+			return
+		}
 		req.Header.Set(agent.TunnelIdHeader, "test-tunnel")
 
 		// Test that request handling doesn't panic

internal/middleware/middleware_fuzz_test.go

@@ -5,6 +5,7 @@ package middleware
 
 import (
 	"fmt"
+	"net/http"
 	"net/http/httptest"
 	"net/url"
 	"strings"
@@ -182,7 +183,10 @@ func FuzzHTTPRequestMethods(f *testing.F) {
 			return
 		}
 
-		req := httptest.NewRequest(method, path, nil)
+		req, err := http.NewRequest(method, path, nil)
+		if err != nil {
+			return
+		}
 		if contentType != "" {
 			req.Header.Set("Content-Type", contentType)
 		}