build: fix multiple CVEs by upgrading to go1.26.4

- CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader - CVE-2026-42507: net/textproto: arbitrary input are included in errors without any escaping - CVE-2026-27145: crypto/x509: split candidate hostname only once
2026-06-29 18:35:06 -04:00 · 2026-06-03 12:40:28 +01:00
parent fc4349dc16
commit 2a7b0d0d3b
1 changed files with 8 additions and 8 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -37,7 +37,7 @@ jobs:
        include:
          - job_name: linux
            os: ubuntu-latest
-            go: '~1.26.3'
+            go: '~1.26.4'
            gotags: cmount
            build_flags: '-include "^linux/"'
            check: true
@@ -48,14 +48,14 @@ jobs:

          - job_name: linux_386
            os: ubuntu-latest
-            go: '~1.26.3'
+            go: '~1.26.4'
            goarch: 386
            gotags: cmount
            quicktest: true

          - job_name: mac_amd64
            os: macos-latest
-            go: '~1.26.3'
+            go: '~1.26.4'
            gotags: 'cmount'
            build_flags: '-include "^darwin/amd64" -cgo'
            quicktest: true
@@ -64,14 +64,14 @@ jobs:

          - job_name: mac_arm64
            os: macos-latest
-            go: '~1.26.3'
+            go: '~1.26.4'
            gotags: 'cmount'
            build_flags: '-include "^darwin/arm64" -cgo -macos-arch arm64 -cgo-cflags=-I/usr/local/include -cgo-ldflags=-L/usr/local/lib'
            deploy: true

          - job_name: windows
            os: windows-latest
-            go: '~1.26.3'
+            go: '~1.26.4'
            gotags: cmount
            cgo: '0'
            build_flags: '-include "^windows/"'
@@ -81,7 +81,7 @@ jobs:

          - job_name: other_os
            os: ubuntu-latest
-            go: '~1.26.3'
+            go: '~1.26.4'
            build_flags: '-exclude "^(windows/|darwin/|linux/)"'
            compile_all: true
            deploy: true
@@ -278,7 +278,7 @@ jobs:
        id: setup-go
        uses: actions/setup-go@v6
        with:
-          go-version: '~1.26.3'
+          go-version: '~1.26.4'
          check-latest: true
          cache: false
          
@@ -393,7 +393,7 @@ jobs:
        id: setup-go
        uses: actions/setup-go@v6
        with:
-          go-version: '~1.26.3'
+          go-version: '~1.26.4'
          # Caching is handled explicitly below to share the module cache
          # with the other jobs - see the build job for the rationale.
          cache: false