security: update Go version to 1.24.4 to fix CVE-2025-22874

- Updated go.mod to require Go 1.24.4 (minimum version)
- Updated GitHub workflows to use Go 1.24.4 instead of ^1.20
- Dockerfiles already using Go 1.24.4 (no changes needed)
- Fixes vulnerability CVE-2025-22874 in Go versions < 1.23.10, 1.24.4
This commit is contained in:
Chen Xiong 2025-06-24 10:33:26 +08:00
parent 40808838ba
commit 91c9af7583
3 changed files with 3 additions and 5 deletions

View File

@ -13,7 +13,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version: '^1.20'
go-version: '1.24.4'
id: go
- name: Check out code into the Go module directory

View File

@ -12,7 +12,7 @@ jobs:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '^1.20'
go-version: '1.24.4'
check-latest: true
- name: Compile man page markup
id: gen-man-page-md

4
go.mod
View File

@ -30,6 +30,4 @@ require (
golang.org/x/sys v0.33.0 // indirect
)
go 1.24
toolchain go1.24.1
go 1.24.4