diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index f8f20dccd..8f4eff96e 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -14,7 +14,7 @@ permissions: env: # run static analysis only with the latest Go version - LATEST_GO_VERSION: "1.25" + LATEST_GO_VERSION: "1.26" jobs: check: diff --git a/.github/workflows/echo.yml b/.github/workflows/echo.yml index 5a4dff781..b92c70c1b 100644 --- a/.github/workflows/echo.yml +++ b/.github/workflows/echo.yml @@ -14,7 +14,7 @@ permissions: env: # run coverage and benchmarks only with the latest Go version - LATEST_GO_VERSION: "1.25" + LATEST_GO_VERSION: "1.26" jobs: test: @@ -25,7 +25,7 @@ jobs: # Echo tests with last four major releases (unless there are pressing vulnerabilities) # As we depend on `golang.org/x/` libraries which only support the last 2 Go releases, we could have situations when # we derive from the last four major releases promise. - go: ["1.25"] + go: ["1.25", "1.26"] name: ${{ matrix.os }} @ Go ${{ matrix.go }} runs-on: ${{ matrix.os }} steps: diff --git a/SECURITY.md b/SECURITY.md index 156634aea..efb618697 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -2,15 +2,14 @@ ## Supported Versions -Use this section to tell people about which versions of your project are -currently being supported with security updates. - -| Version | Supported | -| ------- | ------------------ | -| 5.x.x | :white_check_mark: | -| > 4.15.x | :white_check_mark: | -| < 4.0 | :x: | +| Version | Supported | +|-----------|-------------------------------------| +| 5.x.x | :white_check_mark: | +| >= 4.15.x | :white_check_mark: until 2026.12.31 | +| < 4.15 | :x: | ## Reporting a Vulnerability -At the moment look for maintainers email(s) in commits and email them. +https://github.com/labstack/echo/security/advisories/new + +or look for maintainers email(s) in commits and email them.