diff --git a/.github/skills/examples/gorm-scanner-ci-workflow.yml b/.github/skills/examples/gorm-scanner-ci-workflow.yml index d5045d725..6cb6dcf1e 100644 --- a/.github/skills/examples/gorm-scanner-ci-workflow.yml +++ b/.github/skills/examples/gorm-scanner-ci-workflow.yml @@ -25,7 +25,7 @@ jobs: - name: Setup Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: - go-version: "1.26.3" + go-version: "1.26.4" - name: Run GORM Security Scanner id: gorm-scan diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index b8d2e558c..a72655945 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -12,7 +12,7 @@ concurrency: cancel-in-progress: true env: - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' GOTOOLCHAIN: auto # Minimal permissions at workflow level; write permissions granted at job level for push only diff --git a/.github/workflows/codecov-upload.yml b/.github/workflows/codecov-upload.yml index 31867f947..c39eddad7 100644 --- a/.github/workflows/codecov-upload.yml +++ b/.github/workflows/codecov-upload.yml @@ -23,7 +23,7 @@ concurrency: cancel-in-progress: true env: - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' NODE_VERSION: '24.12.0' GOTOOLCHAIN: auto diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f6abfe4dd..8f67cd265 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,7 +15,7 @@ concurrency: env: GOTOOLCHAIN: auto - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' permissions: contents: read diff --git a/.github/workflows/e2e-tests-split.yml b/.github/workflows/e2e-tests-split.yml index 77bd96d3d..e550153ea 100644 --- a/.github/workflows/e2e-tests-split.yml +++ b/.github/workflows/e2e-tests-split.yml @@ -83,7 +83,7 @@ on: env: NODE_VERSION: '20' - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' GOTOOLCHAIN: auto DOCKERHUB_REGISTRY: docker.io IMAGE_NAME: ${{ github.repository_owner }}/charon diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml index cc4033c5a..1e967dac7 100644 --- a/.github/workflows/nightly-build.yml +++ b/.github/workflows/nightly-build.yml @@ -15,7 +15,7 @@ on: default: "false" env: - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' NODE_VERSION: '24.12.0' GOTOOLCHAIN: auto GHCR_REGISTRY: ghcr.io diff --git a/.github/workflows/orthrus-build.yml b/.github/workflows/orthrus-build.yml index 6990efe86..20102fdce 100644 --- a/.github/workflows/orthrus-build.yml +++ b/.github/workflows/orthrus-build.yml @@ -29,7 +29,7 @@ env: GHCR_REGISTRY: ghcr.io DOCKERHUB_REGISTRY: docker.io IMAGE_NAME: wikid82/orthrus - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' permissions: contents: read diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 9fa77c5c3..a4e23ec85 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -16,7 +16,7 @@ permissions: checks: write env: - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' NODE_VERSION: '24.12.0' GOTOOLCHAIN: auto diff --git a/.github/workflows/release-goreleaser.yml b/.github/workflows/release-goreleaser.yml index b0eb7100e..941f79137 100644 --- a/.github/workflows/release-goreleaser.yml +++ b/.github/workflows/release-goreleaser.yml @@ -10,7 +10,7 @@ concurrency: cancel-in-progress: false env: - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' NODE_VERSION: '24.12.0' GOTOOLCHAIN: auto diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index e9a721caf..dc257765e 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -15,7 +15,7 @@ permissions: issues: write env: - GO_VERSION: '1.26.3' + GO_VERSION: '1.26.4' jobs: renovate: diff --git a/Dockerfile b/Dockerfile index 3ce21fb6a..dad9cd832 100644 --- a/Dockerfile +++ b/Dockerfile @@ -39,9 +39,9 @@ ARG NPM_VERSION=11.16.0 ## Try to build the requested Caddy v2.x tag (Renovate can update this ARG). ## If the requested tag isn't available, fall back to a known-good v2.11.3 build. # renovate: datasource=go depName=github.com/caddyserver/caddy/v2 -ARG CADDY_VERSION=2.11.3 +ARG CADDY_VERSION=2.11.4 # renovate: datasource=go depName=github.com/caddyserver/caddy/v2 -ARG CADDY_CANDIDATE_VERSION=2.11.3 +ARG CADDY_CANDIDATE_VERSION=2.11.4 ARG CADDY_USE_CANDIDATE=0 ARG CADDY_PATCH_SCENARIO=B # renovate: datasource=go depName=github.com/greenpau/caddy-security @@ -460,9 +460,9 @@ RUN go get github.com/expr-lang/expr@v${EXPR_LANG_VERSION} && \ go get go.opentelemetry.io/otel@v1.44.0 && \ # GHSA-xmrv-pmrh-hhx2: AWS SDK v2 event stream injection # renovate: datasource=go depName=github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream - go get github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream@v1.7.11 && \ + go get github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream@v1.7.12 && \ # renovate: datasource=go depName=github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs - go get github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs@v1.74.2 && \ + go get github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs@v1.74.4 && \ go get github.com/aws/aws-sdk-go-v2/service/kinesis@v1.43.7 && \ go get github.com/aws/aws-sdk-go-v2/service/s3@v1.102.1 && \ # CVE-2026-32952: go-ntlmssp DoS via malicious NTLM challenge response diff --git a/agent/go.mod b/agent/go.mod index d07d36cae..e5245f3b5 100644 --- a/agent/go.mod +++ b/agent/go.mod @@ -1,6 +1,6 @@ module github.com/Wikid82/charon/agent -go 1.26.3 +go 1.26.4 require ( github.com/gorilla/websocket v1.5.3 diff --git a/backend/go.mod b/backend/go.mod index fa9bfe131..0d99b555e 100644 --- a/backend/go.mod +++ b/backend/go.mod @@ -1,6 +1,6 @@ module github.com/Wikid82/charon/backend -go 1.26.3 +go 1.26.4 require ( github.com/gin-contrib/gzip v1.2.6