From 5c2588962dfa875a996ece22265be88236af2726 Mon Sep 17 00:00:00 2001 From: Alex Godoroja Date: Thu, 9 Jul 2026 16:24:54 -0700 Subject: [PATCH] go.mod: bump Go 1.25.11 -> 1.25.12 (fix govulncheck GO-2026-5856) govulncheck fails repo-wide (and on main/nightly) on GO-2026-5856, a crypto/tls vulnerability in the Go standard library, reached from telemetry/client.go, daemon.go and pilotctl/main.go. It is fixed in crypto/tls@go1.25.12 (the current latest 1.25.x). All workflows resolve their toolchain from go.mod (go-version-file: go.mod), so bumping the `go` directive clears the finding everywhere. No code changes. Co-Authored-By: Claude Opus 4.8 (1M context) --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 09d02b11..3e3a1bc7 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/pilot-protocol/pilotprotocol -go 1.25.11 +go 1.25.12 require ( github.com/coder/websocket v1.8.15