security: update Go version to 1.24.4 to fix CVE-2025-22874

- Updated go.mod to require Go 1.24.4 (minimum version)
- Updated GitHub workflows to use Go 1.24.4 instead of ^1.20
- Dockerfiles already using Go 1.24.4 (no changes needed)
- Fixes vulnerability CVE-2025-22874 in Go versions < 1.23.10, 1.24.4
This commit is contained in:
Chen Xiong 2025-06-24 10:33:26 +08:00
parent 40808838ba
commit 91c9af7583
3 changed files with 3 additions and 5 deletions

View File

@ -13,7 +13,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: '^1.20' go-version: '1.24.4'
id: go id: go
- name: Check out code into the Go module directory - name: Check out code into the Go module directory

View File

@ -12,7 +12,7 @@ jobs:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- uses: actions/setup-go@v5 - uses: actions/setup-go@v5
with: with:
go-version: '^1.20' go-version: '1.24.4'
check-latest: true check-latest: true
- name: Compile man page markup - name: Compile man page markup
id: gen-man-page-md id: gen-man-page-md

4
go.mod
View File

@ -30,6 +30,4 @@ require (
golang.org/x/sys v0.33.0 // indirect golang.org/x/sys v0.33.0 // indirect
) )
go 1.24 go 1.24.4
toolchain go1.24.1