mirror of
https://github.com/alibaba/open-code-review.git
synced 2026-07-09 17:28:58 +00:00
ci: bump Go image to 1.26.5 to fix GO-2026-5856 govulncheck failure (#330)
govulncheck flags GO-2026-5856 (Encrypted Client Hello privacy leak in crypto/tls), present in the Go standard library through go1.26.4 and fixed in go1.26.5. The CI and release workflows pin the golang:1.26.4 container image, so govulncheck fails with exit code 3 on every run. Bump both workflow images to golang:1.26.5.
This commit is contained in:
parent
e2d75b732a
commit
e6e5da0930
2 changed files with 2 additions and 2 deletions
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
|
|
@ -14,7 +14,7 @@ jobs:
|
|||
runs-on: self-hosted
|
||||
timeout-minutes: 15
|
||||
container:
|
||||
image: golang:1.26.4
|
||||
image: golang:1.26.5
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
|
||||
|
|
|
|||
2
.github/workflows/release.yml
vendored
2
.github/workflows/release.yml
vendored
|
|
@ -11,7 +11,7 @@ jobs:
|
|||
build:
|
||||
runs-on: self-hosted
|
||||
container:
|
||||
image: golang:1.26.4
|
||||
image: golang:1.26.5
|
||||
strategy:
|
||||
matrix:
|
||||
include:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue