REL-1220503: Updating Go version to fix vulns

[stevenhedrick]

Updating to the latest Go 1.25.x release to resolve multiple vulnerabilities.

Should fix:

Vulnerability	Published Date	Fix Version
CVE-2025-58188	New as of 11/5	Fixed in 1.25.2
CVE-2025-58187	New as of 10/29	Fixed in 1.25.3
CVE-2025-61725	New as of 10/29	Fixed in 1.25.2
CVE-2025-61723	New as of 10/29	Fixed in 1.25.2

These vulnerabilities are blocking promotion of images using scuttle.

[Copilot]

Pull Request Overview

This PR updates the Go version from 1.25.1 to 1.25.4 to address multiple security vulnerabilities (CVE-2025-58188, CVE-2025-58187, CVE-2025-61725, CVE-2025-61723) that are blocking image promotion.

Key Changes:

• Updated Go version to 1.25.4 across all configuration files
• Changes apply to build environment, CI/CD workflows, and module definition

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated no comments.

File	Description
go.mod	Updated Go version directive to 1.25.4
Dockerfile	Updated base image to golang:1.25.4-bookworm
.github/workflows/release.yaml	Updated setup-go action to use Go 1.25.4
.github/workflows/relativity-ci.yml	Updated setup-go action to use Go 1.25.4

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.