From 0eeb3748bcdc2a6c2c1ed5762e2eb3361bf92b9f Mon Sep 17 00:00:00 2001
From: Vibhav Bobade <vibhav.bobde@gmail.com>
Date: Tue, 7 Apr 2026 11:49:40 +0530
Subject: [PATCH] fix: bump Go to 1.25.8 to fix CVE-2025-61728, CVE-2025-61726,
 CVE-2025-61729

- CVE-2025-61728: Excessive CPU consumption in archive/zip
- CVE-2025-61726: Memory exhaustion in net/url
- CVE-2025-61729: Resource exhaustion in crypto/x509

Part of https://github.com/tektoncd/cli/issues/2716

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index a5a942b845..5a7feb1a3d 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/tektoncd/cli
 
-go 1.22.8
+go 1.25.8
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.7