From b7cc788b86545c5fb778bda8db328d3ab7ea7c3b Mon Sep 17 00:00:00 2001
From: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Date: Fri, 17 Apr 2026 04:10:29 +0000
Subject: [PATCH] fix(security): remediate CVE vulnerabilities

- Update Go version to 1.25.9 (fixes CVE-2026-27140, CVE-2026-32283,
  CVE-2026-32280, CVE-2026-32281, CVE-2026-32289, CVE-2026-32282,
  CVE-2026-32288)

Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
---
 .github/workflows/ci.yml | 2 +-
 go.mod                   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 33c0d77..f037b53 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,7 +14,7 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.25.8'
+  GO_VERSION: '1.25.9'
   GOLANGCI_VERSION: 'v2.11.4'
   DOCKER_BUILDX_VERSION: 'v0.24.0'
 
diff --git a/go.mod b/go.mod
index 4ff8f3d..95d0315 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/upbound/function-openai
 
-go 1.25.8
+go 1.25.9
 
 require (
 	github.com/alecthomas/kong v1.4.0