From f1e9f1a8e6cfe504f025bfb25395b4e05e943639 Mon Sep 17 00:00:00 2001 From: Denis Afonso Date: Fri, 10 Jul 2026 13:14:02 +0000 Subject: [PATCH] fix: bump Go version from 1.26.4 to 1.26.5 Go 1.26.5 (released 2026-07-07) includes security fixes to the crypto/tls and os packages, addressing CVE-2026-39822 and CVE-2026-42505 flagged by IronBank scans. Ref: ENT-128 --- go.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 5c4579713ca..e023a7464c6 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/coder/coder/v2 -go 1.26.4 +go 1.26.5 // Required until a v3 of chroma is created to lazily initialize all XML files. // None of our dependencies seem to use the registries anyways, so this