Skip to content

Upgrade for Go 1.25 compatibility, and upgrade crypto dependency for CVE#47

Merged
ryanrolds merged 2 commits intoryanrolds:mainfrom
LeMikaelF:go-1.25
Mar 18, 2026
Merged

Upgrade for Go 1.25 compatibility, and upgrade crypto dependency for CVE#47
ryanrolds merged 2 commits intoryanrolds:mainfrom
LeMikaelF:go-1.25

Conversation

@LeMikaelF
Copy link
Copy Markdown
Contributor

@LeMikaelF LeMikaelF commented Jan 8, 2026

There was an incompatibility with Go 1.25:

go test ./...                                                 
# golang.org/x/tools/internal/tokeninternal
vendor/golang.org/x/tools/internal/tokeninternal/tokeninternal.go:64:9: invalid array length -delta * delta (constant -256 of type int64)

And golang.org/x/crypto v0.35.0 was affected by 3 CVEs:

LeMikaelF and others added 2 commits January 8, 2026 17:21
@LeMikaelF @claude
Update golang.org/x/tools to v0.40.0 for Go 1.25 compatibility
9314893 
- Upgrade golang.org/x/tools from v0.21.1 to v0.40.0
- Upgrade golang.org/x/mod from v0.17.0 to v0.31.0
- Upgrade golang.org/x/sync from v0.11.0 to v0.19.0
- Bump minimum Go version to 1.24.0

Fixes build failure with Go 1.25 due to invalid array length
in tokeninternal/tokeninternal.go.

Co-Authored-By: Claude Opus 4.5 <[email protected]>
@LeMikaelF
upgrade crypto dependency
1da86b1
@ryanrolds ryanrolds merged commit 37b4d48 into ryanrolds:main Mar 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ryanrolds ryanrolds ryanrolds approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@LeMikaelF @ryanrolds