Skip to content

Update golang and deps #3753

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Dec 2, 2025
Merged

Update golang and deps #3753

merged 3 commits into from
Dec 2, 2025
+84 −47

Conversation

@dims
Copy link
Collaborator

@dims dims commented Dec 2, 2025

  • Update Go toolchain from go1.24.0 to go1.25.5 to fix crypto/x509 vulnerability
  • Update github.com/opencontainers/runc v1.3.0 → v1.3.3
  • Update github.com/docker/docker v28.2.2 → v28.3.3
  • Update GitHub Actions workflows to use Go 1.25

Security Vulnerabilities Fixed

ID Package Severity
https://pkg.go.dev/vuln/GO-2025-4155 crypto/x509 Excessive resource consumption in host certificate validation
https://pkg.go.dev/vuln/GO-2025-4098 github.com/opencontainers/runc Container escape and DDoS via arbitrary write gadgets
https://pkg.go.dev/vuln/GO-2025-3830 github.com/docker/docker Firewalld reload exposes container ports to remote hosts

@google-cla
Copy link

google-cla bot commented Dec 2, 2025

Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

View this failed invocation of the CLA check for more information.

For the most up to date status, view the checks section at the bottom of the pull request.

@dims
fix: update dependencies to address security vulnerabilities
59c6ea1 
- Update toolchain from go1.24.0 to go1.25.5 (GO-2025-4155: crypto/x509)
- Update github.com/opencontainers/runc v1.3.0 to v1.3.3 (GO-2025-4098)
- Update github.com/docker/docker v28.2.2 to v28.3.3 (GO-2025-3830)

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
@dims dims force-pushed the update-golang-and-deps branch from 30cd84e to 690a44c Compare December 2, 2025 20:50
@dims
ci: update Go version to 1.25 in GitHub Actions workflows
6ffcad0 
Update Go version from 1.24 to 1.25 across all build configurations:
- GitHub Actions workflows (test.yml, release-binaries.yml)
- Dockerfiles (deploy/Dockerfile, deploy/canary/Dockerfile)
- Build scripts (integration-in-docker.sh, unit-in-container.sh)
- Makefile docker-build target
- cmd/go.mod toolchain directive

Also update golangci-lint from v1.64.5 to v2.6.2 for Go 1.25 compatibility,
and migrate .golangci.yml to v2 format with appropriate exclusions for
pre-existing code style issues.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
@dims dims force-pushed the update-golang-and-deps branch from 690a44c to 6ffcad0 Compare December 2, 2025 21:16
@dims
fix: handle nil Health state in docker container handler
fc7d267 
Container.State.Health can be nil when no health check is configured.
Check for nil before accessing .Status to prevent panic.

Fixes nil pointer dereference in newDockerContainerHandler when
inspecting containers without health checks.

Signed-off-by: Davanum Srinivas <davanum@gmail.com>
@dims dims merged commit 4b231e6 into google:master Dec 2, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dims