Skip to content

chore: upgrade go to 1.26.2#192

Merged
jmeridth merged 2 commits intomainfrom
chore/upgrade-go-1.26.2
Apr 9, 2026
Merged

chore: upgrade go to 1.26.2#192
jmeridth merged 2 commits intomainfrom
chore/upgrade-go-1.26.2

Conversation

@jmeridth
Copy link
Copy Markdown
Member

@jmeridth jmeridth commented Apr 9, 2026
edited
Loading

What

Upgrade Go from 1.25.1 to 1.26.2 in go.mod and bump golangci-lint from v2.4.0 to v2.11.4.

Why

go1.26.2 fixes 4 vulnerabilities in the standard library:

  • GO-2026-4947: unexpected work during chain building (crypto/x509)
  • GO-2026-4946: inefficient policy validation (crypto/x509)
  • GO-2026-4870: unauthenticated TLS 1.3 KeyUpdate DoS (crypto/tls)
  • GO-2026-4866: case-sensitive excludedSubtrees auth bypass (crypto/x509)

Notes

  • This is a two-minor-version jump (1.25 → 1.26); all tests pass
  • golangci-lint v2.4.0 was built with Go 1.25 and cannot lint Go 1.26 code, so bumped to v2.11.4

@jmeridth
chore: upgrade go to 1.26.2
32445e7 
## What

Upgrade Go from 1.25.1 to 1.26.2 in go.mod.

## Why

go1.26.2 fixes 4 vulnerabilities in the standard library:

- GO-2026-4947: unexpected work during chain building (crypto/x509)
- GO-2026-4946: inefficient policy validation (crypto/x509)
- GO-2026-4870: unauthenticated TLS 1.3 KeyUpdate DoS (crypto/tls)
- GO-2026-4866: case-sensitive excludedSubtrees auth bypass (crypto/x509)

## Notes

- This is a two-minor-version jump (1.25 → 1.26); all tests pass

Signed-off-by: jmeridth <jmeridth@gmail.com>
@jmeridth jmeridth requested a review from a team as a code owner April 9, 2026 15:01
@jmeridth
Copy link
Copy Markdown
Member Author

jmeridth commented Apr 9, 2026

We need to bump the golangci-lint version. on it.

@jmeridth
chore: bump golangci-lint to v2.11.4
b1529ea 
## What

Bump golangci-lint from v2.4.0 to v2.11.4 in the lint workflow.

## Why

golangci-lint v2.4.0 was built with Go 1.25 and cannot lint Go 1.26 code.

## Notes

- This unblocks the lint CI check after the Go 1.26.2 upgrade

Signed-off-by: jmeridth <jmeridth@gmail.com>
@jmeridth jmeridth merged commit f91d1d5 into main Apr 9, 2026
10 checks passed
@jmeridth jmeridth deleted the chore/upgrade-go-1.26.2 branch April 9, 2026 18:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eddie-knight eddie-knight eddie-knight approved these changes

Assignees

No one assigned

Labels

maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jmeridth @eddie-knight