[Feature]: Update go (toolchain and in the ci for building) to at lease 1.22.4 because of CVE-2024-24790

gembaadvantage / uplift

Semantic versioning the easy way. Powered by Conventional Commits. Built for use with CI.

https://upliftci.dev

MIT License

57 stars 7 forks source link

[Feature]: Update go (toolchain and in the ci for building) to at lease 1.22.4 because of CVE-2024-24790 #434

Closed Roemer closed 2 months ago

Roemer commented 3 months ago

Describe your feature

There is a vulnerability in Go up to 1.22.3 which should be adressed. See https://pkg.go.dev/vuln/GO-2024-2887 for more details.

Your potential solution

Update go everywhere to at least 1.22.4 and publish a new version.

Any additional information?

No response

Code of Conduct

[X] I agree to follow this project's Code of Conduct

stale[bot] commented 3 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Roemer commented 2 months ago

This is still relevant.

stale[bot] commented 2 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

ga-paul-t commented 2 months ago

Bumped to Go 1.22.5. The current latest version of Go as offered by Nixpkgs